qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOo2ODQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgrgAAAP//Dl9aDQ==") 04:34:20 executing program 1: r0 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f00000000c0), 0x312801, &(0x7f0000000180)=ANY=[@ANYBLOB="687567a7885c5f000000082c00"]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x100010, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0) pipe(&(0x7f00000001c0)) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f00000000c0), 0x312801, &(0x7f0000000180)=ANY=[@ANYBLOB="687567a7885c5f000000082c00"]) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async) sendfile(r1, r1, &(0x7f0000000000), 0x0) (async) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x100010, r0, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0) (async) pipe(&(0x7f00000001c0)) (async) 04:34:20 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:34:20 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) sched_setscheduler(0x0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:34:20 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000280)=ANY=[@ANYBLOB="d4"], 0x14}}, 0x0) 04:34:20 executing program 3: pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000140)={&(0x7f0000000100)={[0x8]}, 0x8}) [ 2109.294020][T27713] loop4: detected capacity change from 0 to 16 [ 2109.357956][T27715] FAULT_INJECTION: forcing a failure. [ 2109.357956][T27715] name failslab, interval 1, probability 0, space 0, times 0 [ 2109.421273][T27715] CPU: 1 PID: 27715 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2109.431344][T27715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2109.437957][T27713] erofs: (device loop4): mounted with root inode @ nid 36. [ 2109.441234][T27715] Call Trace: [ 2109.441244][T27715] [ 2109.441251][T27715] dump_stack_lvl+0x151/0x1b7 [ 2109.441277][T27715] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2109.441297][T27715] dump_stack+0x15/0x17 [ 2109.468054][T27715] should_fail+0x3c0/0x510 [ 2109.472310][T27715] ? apply_wqattrs_prepare+0x62/0x1290 [ 2109.477601][T27715] __should_failslab+0x9f/0xe0 [ 2109.482200][T27715] should_failslab+0x9/0x20 [ 2109.486547][T27715] kmem_cache_alloc_trace+0x4a/0x310 [ 2109.491660][T27715] ? release_firmware_map_entry+0x193/0x193 [ 2109.497398][T27715] apply_wqattrs_prepare+0x62/0x1290 [ 2109.502512][T27715] ? __kasan_check_write+0x14/0x20 [ 2109.507460][T27715] ? mutex_lock+0xb6/0x130 [ 2109.511726][T27715] ? wait_for_completion_killable_timeout+0x10/0x10 [ 2109.518135][T27715] apply_workqueue_attrs+0x149/0x720 [ 2109.523253][T27715] ? alloc_workqueue_attrs+0xc0/0xc0 [ 2109.528372][T27715] ? alloc_workqueue+0x39b/0x11d0 [ 2109.533233][T27715] ? preempt_count_add+0x90/0x1a0 [ 2109.538093][T27715] alloc_workqueue+0xcc1/0x11d0 [ 2109.542783][T27715] ? __cond_resched+0x20/0x20 [ 2109.547297][T27715] ? irqentry_exit_cond_resched+0x2b/0x30 [ 2109.552850][T27715] ? irqentry_exit+0x30/0x40 [ 2109.557271][T27715] ? sysvec_reschedule_ipi+0x7e/0x150 [ 2109.562480][T27715] ? loop_configure+0x7f6/0x1640 [ 2109.567256][T27715] ? apply_workqueue_attrs+0x720/0x720 [ 2109.572560][T27715] ? loop_configure+0x7f6/0x1640 [ 2109.577360][T27715] loop_configure+0x8c7/0x1640 [ 2109.581929][T27715] lo_ioctl+0x8cd/0x25e0 [ 2109.586001][T27715] ? switch_mm_irqs_off+0x57f/0x860 [ 2109.591035][T27715] ? lo_release+0x200/0x200 [ 2109.595378][T27715] ? _raw_spin_unlock+0x4d/0x70 [ 2109.600063][T27715] ? finish_task_switch+0x173/0x710 [ 2109.605103][T27715] ? __schedule+0xaae/0x1010 [ 2109.609527][T27715] ? __kasan_check_write+0x14/0x20 [ 2109.614478][T27715] ? __switch_to+0x617/0x1170 [ 2109.618991][T27715] ? native_set_ldt+0x360/0x360 [ 2109.623671][T27715] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 2109.629141][T27715] ? compat_start_thread+0x20/0x20 [ 2109.634088][T27715] ? switch_mm_irqs_off+0x57f/0x860 [ 2109.639123][T27715] ? _raw_spin_unlock+0x4d/0x70 [ 2109.643807][T27715] ? finish_task_switch+0x173/0x710 [ 2109.648842][T27715] ? __schedule+0xaae/0x1010 [ 2109.653266][T27715] ? release_firmware_map_entry+0x193/0x193 [ 2109.658994][T27715] ? __kasan_check_write+0x14/0x20 [ 2109.663941][T27715] ? __switch_to+0x617/0x1170 [ 2109.668451][T27715] ? native_set_ldt+0x360/0x360 [ 2109.673173][T27715] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 2109.678610][T27715] ? compat_start_thread+0x20/0x20 [ 2109.683557][T27715] ? switch_mm_irqs_off+0x57f/0x860 [ 2109.688588][T27715] ? _raw_spin_unlock+0x4d/0x70 [ 2109.693276][T27715] ? finish_task_switch+0x173/0x710 [ 2109.698314][T27715] ? __schedule+0xaae/0x1010 [ 2109.702740][T27715] ? memcpy+0x56/0x70 [ 2109.706556][T27715] ? release_firmware_map_entry+0x193/0x193 [ 2109.712281][T27715] ? native_set_ldt+0x360/0x360 [ 2109.716967][T27715] ? __kasan_check_read+0x11/0x20 [ 2109.721830][T27715] ? preempt_schedule_irq+0xef/0x140 [ 2109.726950][T27715] ? __cond_resched+0x20/0x20 [ 2109.731462][T27715] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2109.736068][T27715] ? blkdev_bszset+0x240/0x240 [ 2109.740663][T27715] ? release_firmware_map_entry+0x193/0x193 [ 2109.746390][T27715] ? has_cap_mac_admin+0xb0/0xb0 [ 2109.751167][T27715] ? __kasan_check_read+0x11/0x20 [ 2109.756026][T27715] ? preempt_schedule_irq+0xef/0x140 [ 2109.761141][T27715] ? __cond_resched+0x20/0x20 [ 2109.765662][T27715] ? rcu_read_unlock_special+0xdb/0x4c0 [ 2109.771041][T27715] ? irqentry_exit+0x30/0x40 [ 2109.775463][T27715] ? sysvec_reschedule_ipi+0x7e/0x150 [ 2109.780762][T27715] ? irqentry_exit_cond_resched+0x2b/0x30 [ 2109.786316][T27715] ? lo_release+0x200/0x200 [ 2109.790654][T27715] blkdev_ioctl+0x2e9/0x620 [ 2109.794995][T27715] ? asm_sysvec_reschedule_ipi+0x1b/0x20 [ 2109.800463][T27715] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2109.805753][T27715] ? security_file_ioctl+0x74/0xd0 [ 2109.810704][T27715] ? __sanitizer_cov_trace_const_cmp4+0x8/0xb0 [ 2109.816695][T27715] block_ioctl+0xb0/0xf0 [ 2109.820769][T27715] ? blkdev_iopoll+0x100/0x100 [ 2109.825368][T27715] __se_sys_ioctl+0x115/0x190 [ 2109.829882][T27715] __x64_sys_ioctl+0x7b/0x90 [ 2109.834309][T27715] do_syscall_64+0x44/0xd0 [ 2109.838560][T27715] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2109.844290][T27715] RIP: 0033:0x7f2bac5faec7 [ 2109.848543][T27715] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2109.867983][T27715] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2109.876229][T27715] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2109.884039][T27715] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2109.891852][T27715] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2109.899668][T27715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2109.907473][T27715] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2109.915295][T27715] 04:34:21 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:34:21 executing program 3: socketpair(0x1d, 0x0, 0xffff, &(0x7f00000005c0)) 04:34:21 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, 0x2, 0x7, 0x301}, 0x14}}, 0x0) 04:34:21 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 28) 04:34:21 executing program 3: r0 = syz_io_uring_setup(0x3e46, &(0x7f0000000300), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000380), &(0x7f00000003c0)) mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0x10000000) [ 2110.230356][T27730] FAULT_INJECTION: forcing a failure. [ 2110.230356][T27730] name failslab, interval 1, probability 0, space 0, times 0 04:34:21 executing program 3: syz_io_uring_setup(0x4f9f, &(0x7f0000000000)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 2110.310087][T27730] CPU: 1 PID: 27730 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2110.320170][T27730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2110.330059][T27730] Call Trace: [ 2110.333183][T27730] [ 2110.335957][T27730] dump_stack_lvl+0x151/0x1b7 [ 2110.340479][T27730] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2110.345767][T27730] dump_stack+0x15/0x17 [ 2110.349757][T27730] should_fail+0x3c0/0x510 [ 2110.354011][T27730] ? apply_wqattrs_prepare+0x99/0x1290 [ 2110.359307][T27730] __should_failslab+0x9f/0xe0 [ 2110.363905][T27730] should_failslab+0x9/0x20 [ 2110.368244][T27730] kmem_cache_alloc_trace+0x4a/0x310 [ 2110.373364][T27730] ? apply_wqattrs_prepare+0x62/0x1290 [ 2110.378662][T27730] apply_wqattrs_prepare+0x99/0x1290 [ 2110.383781][T27730] ? __kasan_check_write+0x14/0x20 [ 2110.388728][T27730] ? mutex_lock+0xb6/0x130 [ 2110.392980][T27730] ? __kasan_check_read+0x11/0x20 [ 2110.397840][T27730] ? wait_for_completion_killable_timeout+0x10/0x10 [ 2110.404271][T27730] apply_workqueue_attrs+0x149/0x720 [ 2110.409382][T27730] ? sysvec_reschedule_ipi+0x7e/0x150 [ 2110.414589][T27730] ? alloc_workqueue_attrs+0xc0/0xc0 [ 2110.419714][T27730] ? preempt_count_add+0x90/0x1a0 [ 2110.424574][T27730] alloc_workqueue+0xcc1/0x11d0 [ 2110.429257][T27730] ? __cond_resched+0x20/0x20 [ 2110.433773][T27730] ? asm_sysvec_reschedule_ipi+0x1b/0x20 [ 2110.439241][T27730] ? loop_configure+0x7f6/0x1640 [ 2110.444016][T27730] ? apply_workqueue_attrs+0x720/0x720 [ 2110.449305][T27730] ? loop_set_status_from_info+0x35f/0x7a0 [ 2110.454948][T27730] ? loop_set_status_from_info+0x5fd/0x7a0 [ 2110.460589][T27730] loop_configure+0x8c7/0x1640 [ 2110.465187][T27730] ? __kasan_check_write+0x14/0x20 [ 2110.470138][T27730] ? __switch_to+0x617/0x1170 [ 2110.474650][T27730] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 2110.480122][T27730] lo_ioctl+0x8cd/0x25e0 [ 2110.484198][T27730] ? _raw_spin_unlock+0x4d/0x70 [ 2110.489686][T27730] ? lo_release+0x200/0x200 [ 2110.494003][T27730] ? __kasan_check_write+0x14/0x20 [ 2110.498958][T27730] ? __switch_to+0x617/0x1170 [ 2110.503465][T27730] ? native_set_ldt+0x360/0x360 [ 2110.508150][T27730] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 2110.513624][T27730] ? compat_start_thread+0x20/0x20 [ 2110.518567][T27730] ? switch_mm_irqs_off+0x57f/0x860 [ 2110.523603][T27730] ? __kasan_check_write+0x14/0x20 [ 2110.528544][T27730] ? __switch_to+0x617/0x1170 [ 2110.533066][T27730] ? native_set_ldt+0x360/0x360 [ 2110.537744][T27730] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 2110.543214][T27730] ? compat_start_thread+0x20/0x20 [ 2110.548159][T27730] ? switch_mm_irqs_off+0x57f/0x860 [ 2110.553198][T27730] ? _raw_spin_unlock+0x4d/0x70 [ 2110.557880][T27730] ? finish_task_switch+0x173/0x710 [ 2110.562916][T27730] ? __schedule+0xaae/0x1010 [ 2110.567343][T27730] ? release_firmware_map_entry+0x193/0x193 [ 2110.573070][T27730] ? __kasan_check_write+0x14/0x20 [ 2110.578013][T27730] ? __switch_to+0x617/0x1170 [ 2110.582531][T27730] ? __kasan_check_read+0x11/0x20 [ 2110.587387][T27730] ? preempt_schedule_irq+0xef/0x140 [ 2110.592512][T27730] ? __cond_resched+0x20/0x20 [ 2110.597023][T27730] ? irqentry_exit_cond_resched+0x2b/0x30 [ 2110.602580][T27730] ? irqentry_exit+0x30/0x40 [ 2110.607005][T27730] ? sysvec_reschedule_ipi+0x7e/0x150 [ 2110.612212][T27730] ? asm_sysvec_reschedule_ipi+0x1b/0x20 [ 2110.617681][T27730] ? avc_has_extended_perms+0x718/0x1210 [ 2110.623152][T27730] ? memcpy+0x56/0x70 [ 2110.626974][T27730] ? __kasan_check_write+0x14/0x20 [ 2110.631910][T27730] ? __switch_to+0x617/0x1170 [ 2110.636426][T27730] ? native_set_ldt+0x360/0x360 [ 2110.641110][T27730] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 2110.646580][T27730] ? compat_start_thread+0x20/0x20 [ 2110.651530][T27730] ? switch_mm_irqs_off+0x57f/0x860 [ 2110.656569][T27730] ? blkdev_common_ioctl+0x570/0x1ec0 04:34:22 executing program 2: syz_genetlink_get_family_id$SEG6(&(0x7f0000001a00), 0xffffffffffffffff) [ 2110.661770][T27730] ? blkdev_bszset+0x240/0x240 [ 2110.666369][T27730] ? __kasan_check_read+0x11/0x20 [ 2110.671231][T27730] ? preempt_schedule_irq+0xef/0x140 [ 2110.676351][T27730] ? __cond_resched+0x20/0x20 [ 2110.680859][T27730] ? has_cap_mac_admin+0xb0/0xb0 [ 2110.685638][T27730] ? irqentry_exit_cond_resched+0x2b/0x30 [ 2110.691186][T27730] ? irqentry_exit+0x30/0x40 [ 2110.695612][T27730] ? sysvec_reschedule_ipi+0x7e/0x150 [ 2110.700821][T27730] ? asm_sysvec_reschedule_ipi+0x1b/0x20 [ 2110.706288][T27730] ? blkdev_ioctl+0x82/0x620 [ 2110.710715][T27730] ? lo_release+0x200/0x200 [ 2110.715054][T27730] blkdev_ioctl+0x2e9/0x620 [ 2110.719393][T27730] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2110.724685][T27730] ? __fget_files+0x310/0x370 [ 2110.729199][T27730] block_ioctl+0xb0/0xf0 [ 2110.733284][T27730] ? blkdev_iopoll+0x100/0x100 [ 2110.737878][T27730] __se_sys_ioctl+0x115/0x190 [ 2110.742391][T27730] __x64_sys_ioctl+0x7b/0x90 [ 2110.746819][T27730] do_syscall_64+0x44/0xd0 [ 2110.751079][T27730] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2110.756803][T27730] RIP: 0033:0x7f2bac5faec7 [ 2110.761061][T27730] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2110.780493][T27730] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2110.788738][T27730] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2110.796559][T27730] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2110.804361][T27730] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2110.812172][T27730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2110.819985][T27730] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2110.827798][T27730] 04:34:25 executing program 1: r0 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f00000000c0), 0x312801, &(0x7f0000000180)=ANY=[@ANYBLOB="687567a7885c5f000000082c00"]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x100010, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0) pipe(&(0x7f00000001c0)) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f00000000c0), 0x312801, &(0x7f0000000180)=ANY=[@ANYBLOB="687567a7885c5f000000082c00"]) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async) sendfile(r1, r1, &(0x7f0000000000), 0x0) (async) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x100010, r0, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0) (async) pipe(&(0x7f00000001c0)) (async) 04:34:25 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x14}, 0x14}}, 0x0) 04:34:25 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) sched_setscheduler(0x0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:34:25 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001640)={0x14, 0x0, 0x1}, 0x14}}, 0x0) 04:34:25 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:34:25 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 29) 04:34:25 executing program 2: pselect6(0x40, &(0x7f0000000000), &(0x7f0000000040)={0x1}, 0x0, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000140)={&(0x7f0000000100)={[0x8]}, 0x8}) 04:34:25 executing program 3: socketpair(0x0, 0x63b9ea1c8960844e, 0x0, 0x0) 04:34:25 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x3, &(0x7f0000000100)=[{0x5}, {0x2}, {}]}) 04:34:25 executing program 2: r0 = openat$pidfd(0xffffff9c, &(0x7f0000000d00), 0x0, 0x0) pidfd_send_signal(r0, 0x0, &(0x7f0000000d40)={0x0, 0x0, 0xfffffffe}, 0x0) 04:34:25 executing program 3: pselect6(0x40, &(0x7f0000000000), &(0x7f0000000040)={0x1}, 0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={[0x8]}, 0x8}) 04:34:25 executing program 3: r0 = inotify_init() ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, 0x0) 04:34:26 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1e, 0x0, 0x80000000, 0x4, 0x900, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4}, 0x48) [ 2114.481897][T27781] loop4: detected capacity change from 0 to 16 [ 2114.517675][T27782] FAULT_INJECTION: forcing a failure. [ 2114.517675][T27782] name failslab, interval 1, probability 0, space 0, times 0 04:34:26 executing program 2: syz_io_uring_setup(0x3e46, &(0x7f0000000300), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000380), &(0x7f00000003c0)) [ 2114.671254][T27782] CPU: 1 PID: 27782 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2114.681331][T27782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2114.691228][T27782] Call Trace: [ 2114.694347][T27782] [ 2114.697127][T27782] dump_stack_lvl+0x151/0x1b7 [ 2114.701638][T27782] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2114.706938][T27782] dump_stack+0x15/0x17 [ 2114.710923][T27782] should_fail+0x3c0/0x510 [ 2114.715178][T27782] ? apply_wqattrs_prepare+0x127/0x1290 [ 2114.720556][T27782] __should_failslab+0x9f/0xe0 [ 2114.725161][T27782] should_failslab+0x9/0x20 [ 2114.729496][T27782] kmem_cache_alloc_trace+0x4a/0x310 [ 2114.734616][T27782] ? apply_wqattrs_prepare+0x99/0x1290 [ 2114.739987][T27782] apply_wqattrs_prepare+0x127/0x1290 [ 2114.745117][T27782] ? __kasan_check_write+0x14/0x20 [ 2114.750067][T27782] ? mutex_lock+0xb6/0x130 [ 2114.754319][T27782] ? __kasan_check_read+0x11/0x20 [ 2114.759177][T27782] ? wait_for_completion_killable_timeout+0x10/0x10 [ 2114.765604][T27782] apply_workqueue_attrs+0x149/0x720 [ 2114.770725][T27782] ? sysvec_reschedule_ipi+0x7e/0x150 [ 2114.775933][T27782] ? alloc_workqueue_attrs+0xc0/0xc0 [ 2114.781050][T27782] alloc_workqueue+0xcc1/0x11d0 [ 2114.785741][T27782] ? loop_configure+0x7f6/0x1640 [ 2114.790513][T27782] ? apply_workqueue_attrs+0x720/0x720 [ 2114.795806][T27782] ? loop_set_status_from_info+0x5fd/0x7a0 [ 2114.801448][T27782] loop_configure+0x8c7/0x1640 [ 2114.806080][T27782] ? _raw_spin_unlock+0x4d/0x70 [ 2114.810740][T27782] lo_ioctl+0x8cd/0x25e0 [ 2114.814813][T27782] ? compat_start_thread+0x20/0x20 [ 2114.819760][T27782] ? switch_mm_irqs_off+0x57f/0x860 [ 2114.824791][T27782] ? lo_release+0x200/0x200 [ 2114.829144][T27782] ? _raw_spin_unlock+0x4d/0x70 [ 2114.833818][T27782] ? finish_task_switch+0x173/0x710 [ 2114.838852][T27782] ? __schedule+0xaae/0x1010 [ 2114.843279][T27782] ? release_firmware_map_entry+0x193/0x193 [ 2114.849006][T27782] ? switch_mm_irqs_off+0x57f/0x860 [ 2114.854039][T27782] ? __kasan_check_read+0x11/0x20 [ 2114.858898][T27782] ? preempt_schedule_irq+0xef/0x140 [ 2114.864019][T27782] ? __cond_resched+0x20/0x20 [ 2114.868534][T27782] ? finish_task_switch+0x173/0x710 [ 2114.873570][T27782] ? irqentry_exit_cond_resched+0x2b/0x30 [ 2114.879124][T27782] ? irqentry_exit+0x30/0x40 [ 2114.883549][T27782] ? sysvec_reschedule_ipi+0x7e/0x150 [ 2114.888755][T27782] ? asm_sysvec_reschedule_ipi+0x1b/0x20 [ 2114.894228][T27782] ? is_bpf_text_address+0x1a2/0x1c0 [ 2114.899345][T27782] ? stack_trace_save+0x1f0/0x1f0 [ 2114.904204][T27782] ? __kernel_text_address+0x9a/0x110 [ 2114.909500][T27782] ? unwind_get_return_address+0x4c/0x90 [ 2114.914968][T27782] ? arch_stack_walk+0xf8/0x140 [ 2114.919655][T27782] ? stack_trace_save+0x12d/0x1f0 [ 2114.924513][T27782] ? stack_trace_snprint+0x100/0x100 [ 2114.929634][T27782] ? avc_has_extended_perms+0x718/0x1210 [ 2114.935103][T27782] ? memcpy+0x56/0x70 [ 2114.938924][T27782] ? avc_has_extended_perms+0xb9c/0x1210 [ 2114.944395][T27782] ? kasan_set_track+0x4c/0x70 [ 2114.948988][T27782] ? kasan_set_free_info+0x23/0x40 [ 2114.953935][T27782] ? ____kasan_slab_free+0x126/0x160 [ 2114.959055][T27782] ? __kasan_slab_free+0x11/0x20 [ 2114.963831][T27782] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2114.969213][T27782] ? kmem_cache_free+0x11a/0x2e0 [ 2114.973982][T27782] ? putname+0x10b/0x160 [ 2114.978065][T27782] ? avc_flush+0x2b0/0x2b0 [ 2114.982317][T27782] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2114.986922][T27782] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2114.992133][T27782] ? kasan_quarantine_put+0x34/0x1b0 [ 2114.997243][T27782] ? blkdev_bszset+0x240/0x240 [ 2115.001842][T27782] ? ioctl_has_perm+0x3df/0x560 [ 2115.006529][T27782] ? has_cap_mac_admin+0xb0/0xb0 [ 2115.011310][T27782] ? kmem_cache_free+0x11a/0x2e0 [ 2115.016078][T27782] ? putname+0x10b/0x160 [ 2115.020156][T27782] ? selinux_file_ioctl+0x3c9/0x530 [ 2115.025193][T27782] ? lo_release+0x200/0x200 [ 2115.029531][T27782] blkdev_ioctl+0x2e9/0x620 [ 2115.033872][T27782] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2115.039162][T27782] ? __fget_files+0x310/0x370 [ 2115.043677][T27782] block_ioctl+0xb0/0xf0 [ 2115.047754][T27782] ? blkdev_iopoll+0x100/0x100 [ 2115.052354][T27782] __se_sys_ioctl+0x115/0x190 [ 2115.056959][T27782] __x64_sys_ioctl+0x7b/0x90 [ 2115.061384][T27782] do_syscall_64+0x44/0xd0 [ 2115.065634][T27782] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2115.071363][T27782] RIP: 0033:0x7f2bac5faec7 [ 2115.075630][T27782] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2115.095058][T27782] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2115.103301][T27782] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2115.111111][T27782] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2115.118923][T27782] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2115.126733][T27782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2115.134547][T27782] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2115.142359][T27782] [ 2115.149705][T27781] erofs: (device loop4): mounted with root inode @ nid 36. 04:34:26 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:34:26 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) sync_file_range(r0, 0x0, 0x0, 0x6) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, &(0x7f0000000080)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x275a, 0x0) r3 = fsmount(r2, 0x0, 0x0) pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000200)='./file0\x00') ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r3, 0x4068aea3, &(0x7f0000000180)) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0) pipe(&(0x7f0000003d00)) 04:34:26 executing program 2: r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0x102541, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000000c0)) 04:34:26 executing program 3: socketpair(0x1a, 0x0, 0x0, &(0x7f0000000c40)) 04:34:26 executing program 0: socketpair(0x1e, 0x0, 0x2, &(0x7f0000000100)) 04:34:26 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 30) 04:34:26 executing program 0: syz_io_uring_setup(0x3767, &(0x7f0000000200)={0x0, 0x0, 0x2, 0x0, 0x24c}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000180), &(0x7f0000000280)) 04:34:26 executing program 3: pkey_mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000008, 0xffffffffffffffff) 04:34:26 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x80) 04:34:26 executing program 3: socketpair(0x1d, 0x0, 0x0, &(0x7f00000005c0)) 04:34:26 executing program 2: prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000fff000/0x1000)=nil) 04:34:26 executing program 0: getitimer(0x2, &(0x7f00000000c0)) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x1ff) getitimer(0x0, &(0x7f0000000000)) [ 2115.421623][T27816] FAULT_INJECTION: forcing a failure. [ 2115.421623][T27816] name failslab, interval 1, probability 0, space 0, times 0 [ 2115.434344][T27816] CPU: 0 PID: 27816 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2115.444397][T27816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2115.454282][T27816] Call Trace: [ 2115.457410][T27816] [ 2115.460189][T27816] dump_stack_lvl+0x151/0x1b7 [ 2115.464697][T27816] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2115.469993][T27816] dump_stack+0x15/0x17 [ 2115.473988][T27816] should_fail+0x3c0/0x510 [ 2115.478238][T27816] __should_failslab+0x9f/0xe0 [ 2115.482840][T27816] should_failslab+0x9/0x20 [ 2115.487183][T27816] kmem_cache_alloc+0x4f/0x2f0 [ 2115.491780][T27816] ? apply_wqattrs_prepare+0x7fb/0x1290 [ 2115.497164][T27816] apply_wqattrs_prepare+0x7fb/0x1290 [ 2115.502370][T27816] ? mutex_lock+0xb6/0x130 [ 2115.506616][T27816] ? vsnprintf+0x1af/0x1ce0 [ 2115.510963][T27816] apply_workqueue_attrs+0x149/0x720 [ 2115.516078][T27816] ? alloc_workqueue_attrs+0xc0/0xc0 [ 2115.521195][T27816] ? ptr_to_hashval+0x60/0x60 [ 2115.525709][T27816] ? kmem_cache_alloc_trace+0x1e3/0x310 [ 2115.531177][T27816] ? preempt_count_add+0x90/0x1a0 [ 2115.536042][T27816] alloc_workqueue+0xcc1/0x11d0 [ 2115.540724][T27816] ? __cond_resched+0x20/0x20 [ 2115.545238][T27816] ? loop_configure+0x7f6/0x1640 [ 2115.550011][T27816] ? apply_workqueue_attrs+0x720/0x720 [ 2115.555303][T27816] ? loop_set_status_from_info+0x5fd/0x7a0 [ 2115.560946][T27816] loop_configure+0x8c7/0x1640 [ 2115.565548][T27816] ? switch_mm_irqs_off+0x57f/0x860 [ 2115.570671][T27816] ? _raw_spin_lock+0xa3/0x1b0 [ 2115.575267][T27816] lo_ioctl+0x8cd/0x25e0 [ 2115.579348][T27816] ? native_set_ldt+0x360/0x360 [ 2115.584052][T27816] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 2115.589501][T27816] ? compat_start_thread+0x20/0x20 [ 2115.594449][T27816] ? lo_release+0x200/0x200 [ 2115.598787][T27816] ? switch_mm_irqs_off+0x57f/0x860 [ 2115.603824][T27816] ? _raw_spin_unlock+0x4d/0x70 [ 2115.608517][T27816] ? finish_task_switch+0x173/0x710 [ 2115.613542][T27816] ? __kasan_check_write+0x14/0x20 [ 2115.618489][T27816] ? __switch_to+0x617/0x1170 [ 2115.623000][T27816] ? native_set_ldt+0x360/0x360 [ 2115.627687][T27816] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 2115.633161][T27816] ? compat_start_thread+0x20/0x20 [ 2115.638105][T27816] ? switch_mm_irqs_off+0x57f/0x860 [ 2115.643137][T27816] ? _raw_spin_unlock+0x4d/0x70 [ 2115.647822][T27816] ? finish_task_switch+0x173/0x710 [ 2115.652858][T27816] ? __schedule+0xaae/0x1010 [ 2115.657288][T27816] ? release_firmware_map_entry+0x193/0x193 [ 2115.663015][T27816] ? __kasan_check_read+0x11/0x20 [ 2115.667873][T27816] ? preempt_schedule_irq+0xef/0x140 [ 2115.672991][T27816] ? __cond_resched+0x20/0x20 [ 2115.677505][T27816] ? __kernel_text_address+0x9a/0x110 [ 2115.682713][T27816] ? unwind_get_return_address+0x4c/0x90 [ 2115.688182][T27816] ? irqentry_exit_cond_resched+0x2b/0x30 [ 2115.693735][T27816] ? irqentry_exit+0x30/0x40 [ 2115.698184][T27816] ? sysvec_reschedule_ipi+0x7e/0x150 [ 2115.703367][T27816] ? asm_sysvec_reschedule_ipi+0x1b/0x20 [ 2115.708838][T27816] ? avc_has_extended_perms+0x145/0x1210 [ 2115.714315][T27816] ? avc_has_extended_perms+0x718/0x1210 [ 2115.719774][T27816] ? memcpy+0x56/0x70 [ 2115.723589][T27816] ? avc_has_extended_perms+0xb9c/0x1210 [ 2115.729147][T27816] ? kasan_set_track+0x4c/0x70 [ 2115.733744][T27816] ? kasan_set_free_info+0x23/0x40 [ 2115.738695][T27816] ? ____kasan_slab_free+0x126/0x160 [ 2115.743897][T27816] ? __kasan_slab_free+0x11/0x20 [ 2115.748673][T27816] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2115.754052][T27816] ? kmem_cache_free+0x11a/0x2e0 [ 2115.758835][T27816] ? putname+0x10b/0x160 [ 2115.762910][T27816] ? avc_flush+0x2b0/0x2b0 [ 2115.767161][T27816] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2115.771774][T27816] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2115.776974][T27816] ? kasan_quarantine_put+0x34/0x1b0 [ 2115.782096][T27816] ? blkdev_bszset+0x240/0x240 [ 2115.786695][T27816] ? ioctl_has_perm+0x3df/0x560 [ 2115.791375][T27816] ? has_cap_mac_admin+0xb0/0xb0 [ 2115.796148][T27816] ? switch_mm_irqs_off+0x57f/0x860 [ 2115.801184][T27816] ? selinux_file_ioctl+0x3c9/0x530 [ 2115.806218][T27816] ? lo_release+0x200/0x200 [ 2115.810555][T27816] blkdev_ioctl+0x2e9/0x620 [ 2115.814896][T27816] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2115.820187][T27816] ? __fget_files+0x310/0x370 [ 2115.824703][T27816] block_ioctl+0xb0/0xf0 [ 2115.828780][T27816] ? blkdev_iopoll+0x100/0x100 [ 2115.833380][T27816] __se_sys_ioctl+0x115/0x190 [ 2115.837895][T27816] __x64_sys_ioctl+0x7b/0x90 [ 2115.842320][T27816] do_syscall_64+0x44/0xd0 [ 2115.846574][T27816] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2115.852305][T27816] RIP: 0033:0x7f2bac5faec7 [ 2115.856564][T27816] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2115.875998][T27816] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2115.884240][T27816] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2115.892143][T27816] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2115.899948][T27816] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2115.907761][T27816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2115.915571][T27816] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2115.923389][T27816] [ 2115.935925][T27817] loop4: detected capacity change from 0 to 16 [ 2115.942969][T27817] erofs: (device loop4): mounted with root inode @ nid 36. 04:34:27 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) [ 2116.439607][T27822] loop4: detected capacity change from 0 to 16 [ 2116.447690][T27822] erofs: (device loop4): mounted with root inode @ nid 36. 04:34:31 executing program 2: r0 = syz_io_uring_setup(0x35d9, &(0x7f0000000000), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) syz_io_uring_setup(0x22fe, &(0x7f0000000100)={0x0, 0x0, 0x20, 0x0, 0x0, 0x0, r0}, &(0x7f0000fee000/0x12000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) 04:34:31 executing program 3: socket$nl_generic(0x10, 0x3, 0x10) socket$inet(0x2, 0x80000, 0xff) 04:34:31 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_RINGS_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x14, r1, 0xb0b0afedaabb871f}, 0x14}}, 0x0) 04:34:31 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 31) 04:34:31 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) sync_file_range(r0, 0x0, 0x0, 0x6) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, &(0x7f0000000080)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x275a, 0x0) r3 = fsmount(r2, 0x0, 0x0) (async) pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000200)='./file0\x00') ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r3, 0x4068aea3, &(0x7f0000000180)) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0) (async) pipe(&(0x7f0000003d00)) 04:34:31 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:34:31 executing program 3: socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, 0x0, 0x0) syz_io_uring_setup(0x3e46, &(0x7f0000000300)={0x0, 0x9aab}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000380), &(0x7f00000003c0)) 04:34:31 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x2, &(0x7f0000000080)=[{}, {0x5e}]}) 04:34:31 executing program 2: pipe2(&(0x7f0000001b40)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) dup2(r0, r1) poll(&(0x7f0000000140)=[{r1}], 0x1, 0x0) 04:34:31 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000280)="580000001500add427323b472545b45602117fffffff81000e220e227f000001925aa80013007b00098080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) 04:34:31 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, 0x2, 0x7, 0x401}, 0x14}}, 0x0) 04:34:31 executing program 0: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x1ff) 04:34:31 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000000c0)={'sit0\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, @private, @private, {[@ssrr={0x89, 0x3}]}}}}}) 04:34:31 executing program 0: openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/binder0\x00', 0x0, 0x0) [ 2120.341550][ T30] audit: type=1400 audit(1669523671.867:696): avc: denied { name_bind } for pid=27851 comm="syz-executor.2" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 04:34:31 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000280)="580000001500add427323b472545b45602117fffffff81000e220e227f000001925aa80013007b00098080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) [ 2120.408402][T27861] loop4: detected capacity change from 0 to 16 [ 2120.415297][T27861] erofs: (device loop4): mounted with root inode @ nid 36. [ 2120.484142][T27862] FAULT_INJECTION: forcing a failure. [ 2120.484142][T27862] name failslab, interval 1, probability 0, space 0, times 0 [ 2120.567305][T27862] CPU: 1 PID: 27862 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2120.577380][T27862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2120.587271][T27862] Call Trace: [ 2120.590393][T27862] [ 2120.593171][T27862] dump_stack_lvl+0x151/0x1b7 [ 2120.597684][T27862] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2120.602983][T27862] dump_stack+0x15/0x17 [ 2120.606972][T27862] should_fail+0x3c0/0x510 [ 2120.611232][T27862] ? kobject_uevent_env+0x26c/0x730 [ 2120.616263][T27862] __should_failslab+0x9f/0xe0 [ 2120.620860][T27862] should_failslab+0x9/0x20 [ 2120.625197][T27862] kmem_cache_alloc_trace+0x4a/0x310 [ 2120.630321][T27862] ? alloc_workqueue+0xfaf/0x11d0 [ 2120.635179][T27862] ? stack_trace_save+0x1f0/0x1f0 [ 2120.640039][T27862] ? dev_uevent_filter+0xb0/0xb0 [ 2120.644812][T27862] kobject_uevent_env+0x26c/0x730 [ 2120.649673][T27862] disk_force_media_change+0x199/0x290 [ 2120.654964][T27862] ? bdev_check_media_change+0x4c0/0x4c0 [ 2120.660442][T27862] ? loop_set_status_from_info+0x5fd/0x7a0 [ 2120.666092][T27862] loop_configure+0x92f/0x1640 [ 2120.670675][T27862] ? _raw_spin_unlock+0x4d/0x70 [ 2120.675367][T27862] lo_ioctl+0x8cd/0x25e0 [ 2120.679449][T27862] ? native_set_ldt+0x360/0x360 [ 2120.684132][T27862] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 2120.689599][T27862] ? compat_start_thread+0x20/0x20 [ 2120.694543][T27862] ? lo_release+0x200/0x200 [ 2120.698883][T27862] ? switch_mm_irqs_off+0x57f/0x860 [ 2120.703919][T27862] ? _raw_spin_unlock+0x4d/0x70 [ 2120.708605][T27862] ? finish_task_switch+0x173/0x710 [ 2120.713637][T27862] ? __schedule+0xaae/0x1010 [ 2120.718068][T27862] ? release_firmware_map_entry+0x193/0x193 [ 2120.723788][T27862] ? _raw_spin_lock+0xa3/0x1b0 [ 2120.728396][T27862] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2120.733600][T27862] ? switch_mm_irqs_off+0x57f/0x860 [ 2120.738631][T27862] ? __kasan_check_read+0x11/0x20 [ 2120.743507][T27862] ? preempt_schedule_irq+0xef/0x140 [ 2120.748612][T27862] ? __cond_resched+0x20/0x20 [ 2120.753124][T27862] ? find_inode_fast+0x459/0x480 [ 2120.757899][T27862] ? irqentry_exit_cond_resched+0x2b/0x30 [ 2120.763454][T27862] ? irqentry_exit+0x30/0x40 [ 2120.767883][T27862] ? is_bpf_text_address+0x1a2/0x1c0 [ 2120.773010][T27862] ? stack_trace_save+0x1f0/0x1f0 [ 2120.777862][T27862] ? __kernel_text_address+0x9a/0x110 [ 2120.783068][T27862] ? unwind_get_return_address+0x4c/0x90 [ 2120.788537][T27862] ? arch_stack_walk+0xf8/0x140 [ 2120.793226][T27862] ? stack_trace_save+0x12d/0x1f0 [ 2120.798086][T27862] ? stack_trace_snprint+0x100/0x100 [ 2120.803204][T27862] ? avc_has_extended_perms+0x718/0x1210 [ 2120.808671][T27862] ? memcpy+0x56/0x70 [ 2120.812490][T27862] ? avc_has_extended_perms+0xb9c/0x1210 [ 2120.817970][T27862] ? kasan_set_track+0x4c/0x70 [ 2120.822558][T27862] ? kasan_set_free_info+0x23/0x40 [ 2120.827506][T27862] ? ____kasan_slab_free+0x126/0x160 [ 2120.832626][T27862] ? __kasan_slab_free+0x11/0x20 [ 2120.837401][T27862] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2120.842779][T27862] ? kmem_cache_free+0x11a/0x2e0 [ 2120.847555][T27862] ? putname+0x10b/0x160 [ 2120.851634][T27862] ? avc_flush+0x2b0/0x2b0 [ 2120.855886][T27862] ? __kasan_check_write+0x14/0x20 [ 2120.860834][T27862] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2120.865439][T27862] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2120.870641][T27862] ? blkdev_bszset+0x240/0x240 [ 2120.875239][T27862] ? ioctl_has_perm+0x3df/0x560 [ 2120.879932][T27862] ? has_cap_mac_admin+0xb0/0xb0 [ 2120.884699][T27862] ? kmem_cache_free+0x11a/0x2e0 [ 2120.889473][T27862] ? __kasan_check_read+0x11/0x20 [ 2120.894334][T27862] ? preempt_schedule_irq+0xef/0x140 [ 2120.899455][T27862] ? __cond_resched+0x20/0x20 [ 2120.903967][T27862] ? selinux_file_ioctl+0x3c9/0x530 [ 2120.909002][T27862] ? lo_release+0x200/0x200 [ 2120.913339][T27862] blkdev_ioctl+0x2e9/0x620 [ 2120.917682][T27862] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2120.922983][T27862] ? security_file_ioctl+0x1d/0xd0 [ 2120.927928][T27862] block_ioctl+0xb0/0xf0 [ 2120.932010][T27862] ? blkdev_iopoll+0x100/0x100 [ 2120.936600][T27862] __se_sys_ioctl+0x115/0x190 [ 2120.941118][T27862] __x64_sys_ioctl+0x7b/0x90 [ 2120.945544][T27862] do_syscall_64+0x44/0xd0 [ 2120.949793][T27862] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2120.955523][T27862] RIP: 0033:0x7f2bac5faec7 [ 2120.959776][T27862] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2120.979212][T27862] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2120.987457][T27862] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2120.995445][T27862] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2121.003255][T27862] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2121.011066][T27862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2121.018876][T27862] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2121.026693][T27862] [ 2121.091931][T27862] loop5: detected capacity change from 0 to 16 [ 2121.138290][T27862] erofs: (device loop5): mounted with root inode @ nid 36. 04:34:32 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 32) [ 2121.483133][T27872] FAULT_INJECTION: forcing a failure. [ 2121.483133][T27872] name failslab, interval 1, probability 0, space 0, times 0 [ 2121.495696][T27872] CPU: 0 PID: 27872 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2121.505742][T27872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2121.515637][T27872] Call Trace: [ 2121.518764][T27872] [ 2121.521549][T27872] dump_stack_lvl+0x151/0x1b7 [ 2121.526056][T27872] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2121.531351][T27872] dump_stack+0x15/0x17 [ 2121.535339][T27872] should_fail+0x3c0/0x510 [ 2121.539592][T27872] ? kobject_get_path+0xb8/0x1a0 [ 2121.544363][T27872] __should_failslab+0x9f/0xe0 [ 2121.548963][T27872] should_failslab+0x9/0x20 [ 2121.553303][T27872] __kmalloc+0x6d/0x350 [ 2121.557295][T27872] ? strlen+0x51/0x80 [ 2121.561114][T27872] kobject_get_path+0xb8/0x1a0 [ 2121.565718][T27872] kobject_uevent_env+0x282/0x730 [ 2121.570575][T27872] disk_force_media_change+0x199/0x290 [ 2121.575869][T27872] ? bdev_check_media_change+0x4c0/0x4c0 [ 2121.581337][T27872] loop_configure+0x92f/0x1640 [ 2121.585953][T27872] ? switch_mm_irqs_off+0x22f/0x860 [ 2121.590972][T27872] lo_ioctl+0x8cd/0x25e0 [ 2121.595052][T27872] ? __kasan_check_write+0x14/0x20 [ 2121.599999][T27872] ? __switch_to+0x617/0x1170 [ 2121.604510][T27872] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 2121.609977][T27872] ? lo_release+0x200/0x200 [ 2121.614319][T27872] ? compat_start_thread+0x20/0x20 [ 2121.619263][T27872] ? __kasan_check_read+0x11/0x20 [ 2121.624144][T27872] ? switch_mm_irqs_off+0x22f/0x860 [ 2121.629157][T27872] ? _raw_spin_unlock+0x4d/0x70 [ 2121.633843][T27872] ? finish_task_switch+0x173/0x710 [ 2121.638987][T27872] ? __schedule+0xaae/0x1010 [ 2121.643411][T27872] ? _raw_spin_unlock+0x4d/0x70 [ 2121.648102][T27872] ? release_firmware_map_entry+0x193/0x193 [ 2121.653825][T27872] ? __schedule+0xaae/0x1010 [ 2121.658252][T27872] ? __kasan_check_read+0x11/0x20 [ 2121.663113][T27872] ? preempt_schedule_irq+0xef/0x140 [ 2121.668292][T27872] ? __cond_resched+0x20/0x20 [ 2121.672748][T27872] ? __kasan_check_write+0x14/0x20 [ 2121.677695][T27872] ? mutex_unlock+0xa2/0x110 [ 2121.682120][T27872] ? irqentry_exit_cond_resched+0x2b/0x30 [ 2121.687760][T27872] ? irqentry_exit+0x30/0x40 [ 2121.692187][T27872] ? sysvec_reschedule_ipi+0x7e/0x150 [ 2121.697394][T27872] ? asm_sysvec_reschedule_ipi+0x1b/0x20 [ 2121.702861][T27872] ? is_bpf_text_address+0x1a2/0x1c0 [ 2121.707985][T27872] ? stack_trace_save+0x1f0/0x1f0 [ 2121.712842][T27872] ? __kernel_text_address+0x9a/0x110 [ 2121.718050][T27872] ? unwind_get_return_address+0x4c/0x90 [ 2121.723521][T27872] ? arch_stack_walk+0xf8/0x140 [ 2121.728207][T27872] ? stack_trace_save+0x12d/0x1f0 [ 2121.733068][T27872] ? stack_trace_snprint+0x100/0x100 [ 2121.738184][T27872] ? avc_has_extended_perms+0x718/0x1210 [ 2121.743658][T27872] ? memcpy+0x56/0x70 [ 2121.747474][T27872] ? avc_has_extended_perms+0xb9c/0x1210 [ 2121.752938][T27872] ? kasan_set_track+0x4c/0x70 [ 2121.757538][T27872] ? kasan_set_free_info+0x23/0x40 [ 2121.762484][T27872] ? ____kasan_slab_free+0x126/0x160 [ 2121.767611][T27872] ? avc_flush+0x2b0/0x2b0 [ 2121.771859][T27872] ? __kasan_check_write+0x14/0x20 [ 2121.776811][T27872] ? __switch_to+0x617/0x1170 [ 2121.781326][T27872] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2121.786538][T27872] ? __schedule+0xaae/0x1010 [ 2121.790953][T27872] ? blkdev_bszset+0x240/0x240 [ 2121.795553][T27872] ? release_firmware_map_entry+0x193/0x193 [ 2121.801284][T27872] ? __kasan_check_read+0x11/0x20 [ 2121.806143][T27872] ? preempt_schedule_irq+0xef/0x140 [ 2121.811265][T27872] ? __kasan_check_read+0x11/0x20 [ 2121.816133][T27872] ? preempt_schedule_irq+0xef/0x140 [ 2121.821244][T27872] ? __cond_resched+0x20/0x20 [ 2121.825760][T27872] ? lo_release+0x200/0x200 [ 2121.830099][T27872] blkdev_ioctl+0x2e9/0x620 [ 2121.834437][T27872] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2121.839731][T27872] ? do_vfs_ioctl+0x121/0x2ac0 [ 2121.844347][T27872] block_ioctl+0xb0/0xf0 [ 2121.848415][T27872] ? blkdev_iopoll+0x100/0x100 [ 2121.853013][T27872] __se_sys_ioctl+0x115/0x190 [ 2121.857521][T27872] __x64_sys_ioctl+0x7b/0x90 [ 2121.861951][T27872] do_syscall_64+0x44/0xd0 [ 2121.866201][T27872] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2121.871927][T27872] RIP: 0033:0x7f2bac5faec7 [ 2121.876268][T27872] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2121.895712][T27872] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2121.903962][T27872] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2121.911765][T27872] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2121.919577][T27872] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2121.927397][T27872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2121.935205][T27872] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2121.943014][T27872] [ 2121.946221][T27872] loop5: detected capacity change from 0 to 16 [ 2121.955844][T27872] erofs: (device loop5): mounted with root inode @ nid 36. 04:34:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={0x0}}, 0x0) 04:34:36 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async, rerun: 64) r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) (rerun: 64) sync_file_range(r0, 0x0, 0x0, 0x6) (async) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, &(0x7f0000000080)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') (async) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x275a, 0x0) r3 = fsmount(r2, 0x0, 0x0) (async, rerun: 32) pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000200)='./file0\x00') (rerun: 32) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r3, 0x4068aea3, &(0x7f0000000180)) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0) pipe(&(0x7f0000003d00)) 04:34:36 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000fc0)={0x1ec4, 0x0, 0x0, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x94, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x75, 0x5, "e2448bd79eb61acaec2cf74332a1f2bdf4c7d67541d8dfa7cd307b277e383a1dbb9771843523b970eae7cc1d938cecc3289e8aa34c3ea1ba84df7d7adfd9eefcb30af81e82d416d50e1ffab0f6e1e822742ecffb068f248105b95b567a072a3c61243feafdd6fd38659d524945c9bdb4dd"}, @ETHTOOL_A_BITSET_MASK={0x15, 0x5, "d9c7feaeca0b912278cb762c332f7b11d0"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x1d08, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x1001, 0x5, "f426f64fc91bc231ddcbf6f98d8d336d63389eeaaf6c5235f6c3d644daf4fa5ab69d4ca9fa1a7ebd3f9aed6c40a507e4afa2918430125b38561df2db7950625f248e5b7dd1e6f32c450e2ac7cc877adfccebac5b0b8bcb76a6bc153d0a0992c1e7af1ee3707810ff2c82cf6f05bf62814f3a5539370461d38a9126c0dfc63bc9f38ba5713eb6577e3d733ddf051aa2606532c0b2be7f47f5bac302d54047a7a537135d6589e3dd4a93d12a20074e6e657d40426d7dd18e9673e0424fd81a89dfffa92d4b64ba950f151e29005a17396573cf30767fd36298d14e1b2b3b5f0689622e09224bdf9c4d0d52278aed6fc0bc951e991b0c6c76b3c30cb012edcb69be638f9442293ba1fec6d337e2e7cafc86c5dd4860cc6e86d9738cfd059e52b671267bc63210b28df2149590d4026077c72f846d4dbf40e27df3e1a3a785dea7b728b07587fa0430e3dfdf938926872d612de9c87ec3e8960a58769489ea297b11652969131ec8f2fade03ed753007abd5996c59797e67f6f5c7164f92335f97655db9a07b6878164b24734d825c6876884c90b6bf34eed4e770ca2209c2736258e807cd619568086f7e0b0ae2c9768a0a8479c950960c95804015da3679918025e6a0a238ae56ab29dc4a9e945cd2120ff64c65ddea86a18d45cae7e27f7b936e4f2856491f2244e0d1e9da86d467f678ca7b95c1ecbcab70c9634ee5d6db2189d2ce6def97d2afe764b5b8f25c57913409ee70301e39ef5a6e2ccbe031ef0e07c8b3750fc379700455f412b70565446b68a6429b8c1198e1da86c12882390d1574f861380fc3871f2d7b1203070208b20e72f8736b98de279db8b6451183ef22872439929a851973d54e7021171d97df490314187f71fde9beb448c7692b616273e5155493fc243690b58290383b434708ee3ed08dc4b06d68174fc7d2bfc89b17a70d88a6271a19f69b92ee903c522f439463d8ed60dfae2b944915eb5b3772b9a25c39c9a70bc2021085e0f5db12d05f3bd9d93c102a35ba020b7d5b989b059b9cbea3944204de0083aaedfd22dbf9a10fda14c96618fea3d3bf1acd7c0c2d8b27e11fa4c9063f41f384563444419ec9153beac1266923c7a605910ce63790de3639d5ebb3490479972d25f76a5582d6f829f5e22611415371204d160cefa69971c98e7a295ea6330111af9842f6a2340e146da586774b2cde8e00cf70c16c42a3b521ae0d96a5fbd59b9e0f0e09b4ffcf840500205f8d00d2530f74cd8ebd5b103624cb0d64117e4e894a28e0f290e6e032d494757a1817345c076edff26bf77d7638d5bda88f4cfba1764e0020f585df26d1703d3172908a247c180c4eb859aca881a1e05bbdb118097a1c9631d0de131cdba0c09dd3d852a3b83f8d416f8900b74251535b4fa9078567e6d121e895525bf291682975a8228c6c60607bc4016e71707dd1d69609aeb68891588691a65577772b3a4947541c2afee7b56a273e6c4dea416c4f456e653b62631ef52ddd4414245c8c418fcf607aada18bd9a4ab2c4249172606e32b2df7f4b50c84b9222f33b54a2699270a82e7e78ab9ccc870a1fdac40556ddb00e4d0ea5860a5ca5ab3d3d35b9d6805d1c7b5cc8d1e15d26875df487e7025b58212895874b839f7649dabc33564ef3e983f770b8335f66789481942981c95a8942a38640a779201def0f0e2d0b3e545470240b2f93d22a81abe71c0578ab106c100ac3c99afeb98bc6dc528f39ec91972f9e072a57df9a4b6f467afd8c5f62d885ae2dbf383d4495ec7d1440602c0c466f9ce5726ae6c388fa3da021aac811f103a111ca9b38fbe5964475fd15d80012b53c3a1e4c9ca3f33038e411f37fd4c58d9fd1fd9fa85ca6318458afa6ca2094879e396faff2391c99be7a866616a4112794e78cf7d847ab485410bb02f25aab7ea47c570c23a0fe0044fd87f5165db1b8fd81b2ccb5895deac8cbed2aa7835820675dcd08ff084009488be86a5a2e19dffedad37e2a0ebca926ac26e90b27827a260a064635fd3692d2b26ec940a2340a9ee0f4e79d82b759db6bec80f67c186222b07d5cce3d4a493119fef6758e11be3a150c003f221779ec371e1b717b1d91410200a286d46a8f292903557b04868fb440853980edf85e9c9fc2553dd0e61e56250bbe6eeccc7d500a601af910dbf07701d5746a4f218b6744a3f4c1e11aa35b72a29f86be96b01e6e8402c1a311a35cde0381599a9524fde2f01bc0ad59ffb923dac1b6a0fcb1a5b97dd55bb4b10cde0ca681be7b9e3258e791090d613649ee6aed84b4185e926f5bfdd86c62e586d73d91df653e164587c7a12c999b9f8458dbfd097f397012b96cd2b21efe69bbd68d9fbc6bccdc815b8e44bc734714217ac8e3810874b180ddb81e97574dda51f9616ade81c82029ce3764c86bc15a5279179c91a4249cd734af61336eb68a5560d83677b963e8878666d3d576c2aa9d0af2e6ed5d55a9757e742e2066c99c3626d84d9431fd1e454b5c8f425964988e007c73e4aff97279e2c6118bafb7138994a6dc74de7cdbcb8b7d159e7f5d90f00ba695a7aefbfb08a77cbd5f052df12567150da159027563129d98709468d2bfaa8735d31ba509dbaffb7f4f8e9933081d686c08165c8d69c5e62999d1a2245df250779d554775cbd27a92591b0e74e76bb906268099ae93086c61c5d87f2811c0f57a2e73687e4f3999bb21016f193f56467b9566156b047b59139cd2a385f7f5462d81f578669b0bd1f45b50946eb90907c0bbc8b3cd15a188bb10e1f2bc8ede406d8e7f8fc86527463c7b161d7a57d43bd4421af20f559311ca18c6b6d6e1b33de1257ff97d21036ed12df390929967ee7110fc19fec011955d2947e943b2403d1e8381789ff107aa25cff48d6f376f0554116767535dd5df570807c829464a01f39ab228c60ce57a638b2c810bcb0517a6d4d9c665e73fb5883eca12cf423777b79475c391ae9c15f313851af896f02fc0b6b113f3a67b6240ad1064b7992d2916caf4e2c9ed74260112babda29b5fc7d4e1ec76c2dd10867f544a35a1c05a0e488cd52759bcf19c6f3378fa1274ffc486d3c9189d6c3229a57bce5b5ec2533118223652c710bdf93e7f5193b064049bd7ec0d83aabf829cdaf1cc96ee5d13f68c74d427463c719f611773c78993bc602fd2bc85d5402cc872c606b5a1d333d135437b8b14c8c275d3e9172062bd7f42fa4cf25c7ac8bf582b547517b21d525b6f8995bd9adc88202cb467224b4d23ab0ba05bb1a25e286c7281815edfe84f0b970846043e880d4712b5ce921d8a1e7079bcfe9aa04c73c95fea5dc71e16cdfc05042a733be45b6de5ff086658e61a751bf9919408ed0b1b684c782d98f903741470b0338de66c8cfdf05433fe4c3009adf547c0be455a89c470604bbdae31f57f83ddd77f7a59ddd574823b6b18e567afa19f5a8a6c5a9a1cf3ac4bb9bcfc25a79278c2e43d67a1692414f1637c3abf393e7ec3cc9d06d793101175f1b2c47c293d33735f8d3a14f5f5f0317e5a162a1d1d0e72ba5e98e3553996abe95a89368ea33b2ac51ee9d7f974351fe50829af669b68e68f9021d602a69c9d2868039cd4efc568f7769aa3a37be8e3c0bb151317383d52d33c6533410eb723a1198d91298b301416c9a454e788af0ba6a414234da20a5559d1a9c75fd97c9573d0c7ffa5f9a66bcbb3bb54f7537af06085f53f1cf11e29434d79b8872de84c28a92339089d722185109720db6cd9e75507fe67958bd8139153c5b39505b87d7a385e3394502e0ddd93cfce14e1016c06c2c5e8ca494a43bebf2fe20caf97418d9290acfc2565210916724dad921e94d2a9ecccec68b67c795fafb84e8988cc9a9095518a3e1148b130b307ea4dcdb411417aa95e05a406506013a979303ba1f1c8586eb6f234583fbbfaf826ce23b910d91f100a57bbd89707388f53b7df83e2383931d1acfe30074d895045644a4d013cf3db88d27370187a1375956002d730e4a1a197eb5f839f44dbc65ac4d640b76d89bd73e60105643392172afe4e40deda855966c93d1f1e2c477db06709ef52f323c24c985621347b0bd6a96c6b2d1dc2e154c8a2beb8f5cb7da66cfe4023895c442ed9544f148fbd8d09a26cbba9cfa403956fdb8006ab9eaad8795397d60798b8c7e092fade5a516d1fa872b82f72c4becaece4cc76280a2d15d10515f0379817aca68db97e1e0431ea9a25cfb79de62df13dac9c3462d5ecada8a2cd8718ca9a3346c1fecf9e0bba77885a897b624346fa2d3bed2370aa3df92dfb7b96cae7200800465ccec49a5607fbc309dd661d0ec6b2831aa015fea8a1b368b932f02cf772705070bacd0e152c6066da3c0fc5a92d08bc45c2fd529f096b95918121571ecece966e19e2283820ffe160cf9b40941850af10d6145e1b8b9b501e2348f889ebf4dfbfccbf3ff25a244cf42247568008a201f14da7cf1ebf5292403be832d5f88cf60581e55afebeb51411f14d16ed7daa097865de240274925168625de3c751376a20d9e84565fab1e5f91bb6df985ec186feb69215a65463236328b56803cbbbfb1e0fc3a1b2a443b9413e995ac1104a18bf4e8ea5251d47640d24cf9c4dc37d05b03d98389981a3612037cf66fe2e9374cfdc635dd9df6899b6803e283c0143677f9be2a08c3a98c54cf9395b842c3d657755e546e803aa1a57ec8752d9eb2f690f840fb5a6f73b4c2543c3957e71a0819921eb80160f6a2e1aeb8d8a6f0732bcb2962310fc18499737935989b5c5b102feadd5dd105eff13aa81a8ba509e600c87b7dd5cdd6f337ae3f06b823a5b98e31fb70a488047be7e99f56f3b3218db257219c7bb44b42f6579812099e46de3ec8994d6b12159838b64d95ec6d45153bb1eeca9604b2d62d092474cd33d3e2a74894f062fc31651bbc54c0edaa1d4e717b83331adec5fc0de4080eb96cccc7e7aa403db31482fa293dcda8aed89aa74992d3efc1baed77a031ddcc8d321bd9f0d1c5bdc330112d54b4737d0783edeb19e432a2dd07d724210b93954fce318f60fed97a60fb66d3fbeb5749151082ab9e6d3855a1721722969d1f5c2a5540787cb9d6269ec635fa9f8c33e0e6dd8c5339f51273da5f79e59f3997d3ec4748c331fe03340510a2a03c53e027a8991b60c0dc1b3382bd51c1208f1109ea77103118abc9da6860e80d7fcade41d52f4aaac199ddcc51f64e0ae88ba99cb18684ac520e87f6c66c4a049c0e69ad83f58a30441f66bbd0ee2114ae44af019e2ef25007491333ab4ebd68d7103eb3fc6cf221dea31387ef889f76355ee1ca29ed353e6e8655002505d4ee2110a38b3c19f59b273fc996ed9fffd43c48529f1785b23a3ecfefb62fe803128e2657bb090345927cfd6f4a1322db308de56fe1768c6f065b044d53fd424d095a5496ea158b8af14141fa14958b3fa1680ed5edf527152336935622a8f2478e6368ea1821068d11d47f9359b036e06c0ca3082a50c8c6c3a037bc485077550280083c7a56ad5b7f3b2bbc2d3cc9ba2ef50ce776dfea5cf1b8353a6fa203f8f3679e578637892906c211ebc435d8d39dd0d3071799bd4952c453b795cdb1edf1ec97438142a1faaf787c70b80687f1e47815430248e0519a602ffdc38dd6dd134e565f3ba7a814f31982c6e8008242f5161716f6d6a2268152da13b810f403865fd5b4d47d4a7be7969022d0b47048ca45b923ac2982f73364c18d35a80238388a89de3e0c5d9beeec2c9a86bae2be311cb39b25eedde6edda"}, @ETHTOOL_A_BITSET_MASK={0xe5, 0x5, "a65d8b94dbe181de386732c23e5bee62625056e153719c817fae28178668df36b783c58fce5eb60a8217dd956ae7c04035784a3ce07de2993c568ac264352080200fad3db4dfa8d3d9994f289b770e149d8b49883dbc7e14a51d28a29cb5194c55fc866295fb5ff08bdce2b9268e9086fa82db7702a5c09837898a6bd2722904b4edf425118348d7c792f547978c2b836a30c98b652bad7bb076c9a8272e38583deb9b644111777c637f81df98fda25f604ab3b7da2d9ee25d2f48e990c1bff559ec25204de71a30a665ae5ffeec110971655b02f7cdf51e86e83dfe75e4d8af67"}, @ETHTOOL_A_BITSET_BITS={0x54, 0x3, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, '*1](@#$\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}]}, @ETHTOOL_A_BITSET_VALUE={0xbc1, 0x4, "cba4feb317d37a7efe79283ba8684405c4ee3a4b239b86cc8eb51233ce294889f77a9e1c896888d62553f2e8c06bd8df15322e05b6bbe9b2ba042018094a49189468fec1dd250ba0576aa9ed3f83d61c3a20ce1dd6f756f947b1eb058379d2ff9cfae697d3ddbe9c3e89a792071b866095c70cf2aa6e73113bd2c574179b50eb83558ab40655b1704a66d68d6f2fe3eefa1cb1b087f34e146a508e0a3301dd653ddc75322581f2c724fde760c9176d62ad58513d39b762509fa4a6a8d15d6c1b9209a22a19c7a768da8ba793ceb5d0f7198f3e1721607fe13c3e9bc16f8661764c8f70e22ca466b638c82c7a95be12c4aca93cea1c627da96d68242a95015dded3c0eeed2a78fec5ef1d5e58991af821592ef555946b4517007d2751532fd1243b7c72ffdbf2fa3cd610cdefc8381108ca2df2e9586ae66b7061aa7daa25a0f95f3642db436b9b9285949d7040a5c2572c32f4474a1ae189b5fc87d18fdc39f069901d557f6cf3b5e9d28dcebfa9086386977cc10fd6837f35761332fed98eb06549b50118bbf2bbe90264bbbbae287b6fee85533f6c815febfadca036975d1c4637084c14c805c590cdd010eaccff80c49d2729ea00af91a9812d304a59d82d570644765e869f7c8046095507d04a7e24046efe2c11959d866173e592449aa9a68136e0cbd49cd3acb99cbf8b866ddfb0d80cdde1db479db5980e01f3e053531f1241cecc1a270d9805467e1051bfb2ac7f9039aefdc2679cce7acb5e4b7a64b348cc5ea112e6f77d19e9767a3ff18256104b7b77a6fe28e297c3ccd071312020c66c6e7927c761bd54b223e39c16bb89c1cddef9877b8088ab6b780d739c8efc2be50b1bc599e002de37303ad4e1fddfa3dc41f10538816bfc065cf8073200de25b3062a98aca8d2285ed49dd6b8a4e2934f6cbd016dadbf091a6e0604c6bde36db063794a0dd8c995e71c230cb4973c1555de446ac14c777cd35389bccb9c7aaa35fa06a89ced1a5014344cd0ba6ef464f8eee5d298da4f46bb20f158bccdd4afb87554de81df035deee314753294c65831bdd41ae907243bc4d0c169ebaabc260a325fd3a26c9b9df8d718604200ac70507a862e6bc7b13fae18dc7d6d51bb4fa9aa0056669cf2436149812e4294f4f15fedbe21f4233619da58fddcb53e12c6f27820dd5c37f10e11588ae335ddca5db188d0f6d034cae17f4725407be97c78aff756f84d6a9de60305930694f6bcf180797760dc995e2a2f8a5f0bf81c7951a3b833eb420f9238eccf950910fd2dd00e0c7010031d0a7da509f93ecf18da256f92d75894f2415d795b14c85cf2efd7b4fb7e5ad4c2d5516677f95dfc1e28596ad54a3720ab1f054a92fd921f5233f76c44d08928d2632e82130eda811fb8aa6511aad88e81ddb40176cf19d42bbc5a03f8e1d53d6ddae0fe247b719179cccea44686d9e079d5f54bae9cc1eab048e34ff5320e644bedc8cd4231f18d9907f0e7ae0125abec0ebb94b6e926fc9256294dd5bb96f3edfe6629f38d1bd8e9152ad22bc25af4a1ddd2d966df6abb66161fa3d353677b12cf00100438de3754f00b2c7da3f803693a10609099e4f228690db15df5195fe93818b262500d6b473e884f228c5e585ab247a0aac9518d4e2dc5cc1b5e311424a65605bd40c72a31c39a3f87333771c072bca188a610fa59daa703681953d91c9eadd587ceb057591ed4e3cfc0173bd6a00c82a14cda5adbc2049a5cdb83b98ba7256242992f92fd78e7fd97dd7d32fafac20320eac77e63b30716231317854e8bf822077b95d6b8986dbd7c43eeae0702c1fd22313009ce8f22ade9b1472558f5a849d46b685d645b7edd559ecffb7f9c02fd1913eb5f82fd00dfcc819900fb33c9dc860ea5f4d0410e9ea1b33c75f74aed4a3d69c0b09e4147e7a646ab6219dca2a39bcfca15778d215103a7f6d316b0c8d828657bdfe3c54186b2ac0fc0b5a8e8293d0d0736ad7712b7b2b35bb6512d9a61349193a15f399e760e4380818e738ca09e867f8fa0151f3eecf9bb690533b8ae8fa075a5f58e7522107d046b3ca2f104c6c921fa76d1899f5a6066bd7603a1b3698e62a7134a9f4e5b309cb09900d097e1ac45f7d42d65bccd471d934cc393f4f74caa2dc0ce86f36da8e09a3c78a0cbfc5eb9e058882299ee7ca70ac6ab055337d0d888c6904d683bd717b183596939f67f2e4e3127faf7f720d1f2445d3f3a46678bbb905cc8c3aedfc6a25fae1e160bf4940b172c631189a40f1bddaf3440ab9fe3d0b12a44067f77f1aa4fd74812c5affa3a7d6ce58d6e802724370e27513f5cb97a5e5adc1684110c41c1de7d0b091af315e6d4acef88d858fbce713d9e126309998cd7c5e87249a648b4b7568def50697cb68a0bca396938215e604df27f0842e6a6bfb9f3925474ce390543bde76ed7ca9500baf2c609816da64c02829eabbb4a638383e69474c04ff68eb5040476faaae59c9ac1dab988f663e1a17a61333a94249af9811bff5c413aa2c85134bf77dbf15a0e0e26a41aa10df91929710d5913ba008c8bb24155c3a874818d21e82731a79a741c285212ed5190db0a85d1d90a1136c256d27bda5d9a69c082d476fa893377595fa02b11c19d21b23f00d372f8be1e438624a12a5da7d5d23cbb41769b691ee7c14a6e25f9ac11d56a43f6b8c8c99f1ace3fb5a57f1adf57fcbca8b91ed6dc3832b4540d8cdec3db971ff57a7512e6b3797122d8532f984dc3adb858dada9b75679cafbe9d93a10193f6b00008bdfd72b210e4cb52fe0003e8c24a1eb973c711bc9b88278a7e01de6c22624ebb90d6876d9fd5c937168f763f8fa5e169c2763b3699f02a117d90f0ea95971859e38312a9055b3b166af0823f01e0c3daa944d8e67ad6696175f35058f1aa646c6a667d1e8c2b105643fffde0f29307d0e5439fe7ec19ffcbc74a27ea1c848f3b7c46e8cf4dc503acee2228bdb6cac8ae3777f3909def0f26212e5db7cf7ea3ba58ba6bc60780c64d393dedae9ebab3cb81e1b83102cbacf008ad29090d94ca3c2bb6872398611fa952154acbea7245eaf0c39612ef10a8eadd5a199e6348634a7a9e9fe7127bf66c3bfdd9e78bb40191a276f83d1e803eb60264d8f963908909041fa2f5df8d5a0d75dcb3c743f1ea7e75a38be03238090260255143447cc57c1450de95cea7cae869fc0de7861577348f3cc61045f7d198a8532e89a3993e6e40875eae7f4039dec9d31edf3afe14cee3ee4d4b133e7d9977b7e3024843c7699a62376a3aeea4a267b8b038c7c975fa6d245943280e98b7a346819b8baedd6b546829345bac69f55a7c4e2c60162f74d71607c388d5bc668d909c89f0f15fec4831f80e8ff93149c9ea7f9276465a941566c8916b2221d44653665ebcf7cd6dcc0e6d6a72588f5465893a4bf134c571d79fd2af75ab4f713a2d1fd09cc37c5620b219698dca6e43549ddcee145dd196c2d3fd4013233c948eed3cdabafeadbfb0e5fd1ddf48dde58cd4a0943ada2cf228ece1ec640586061f4a47f7befbbab31d8f72ca95d8b724e1b8220eebfe9a9b594d8293e9db34a8ac44932cdd008b8a1b42b537321e4a0030f516dc41fc731809b6effa5e3edecc80cb6714903b07d1cc56a15e30de907b9a7b9fa54c66fd3a31ab1fd3f2627822a44525d39a158405d0f592f819f145ae46198610406d189fe18f9fc32586bee6864a67e3c4787012f8eac00d1ec3ec27560fd09e6ab4cc0830211872e5f85ba63c1a42703cdbb2c5fa928555bc7b7865d3443359f2c3c7b2b06bf659847224569f8d7357d0806f41b7bf6f207579573e9362ebd69b6472b3cd1442b7589df18f71b255ac6cb71829502d9a05c0da7176d17b9cda946eca2ea1681700e98b39e593b5ddad28041757a8af10794d83aed81c6916316903e6ab76b4a162db3ec3947efb5686564e491539f935940ee0476fa5862c1fe1de922d011480d3b770d54c6408ee796cca057838acabcf88b84c53a93492aa067ab97c745836d3963ae1f0a1ecbee42111e3128a1040ed7bbc4ae11eb12dabe9124a13419705d7efea89ed0274a22aaa7fdb58273f3d1f035e6487baa42aa1e2d84754014636d34b9b5d63de391118e2311e666b688b5361899bc35fed520a3ab1d520e953d6ad6355321cab54e0be07cf2e1b1bdaa05205ed677ed3edb9d46dfff54758bf82f8f532dfe5ce30ebdcc8fa51bbe4c522d2b08ae6ba79f044cbf2c7"}]}]}, 0x1ec4}}, 0x0) 04:34:36 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 33) 04:34:36 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000280)="580000001500add427323b472545b45602117fffffff81000e220e227f000001925aa80013007b00098080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) 04:34:36 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:34:36 executing program 0: syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, 0x0) 04:34:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000fc0)={0xec4, 0x0, 0x0, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x90, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x71, 0x5, "e2448bd79eb61acaec2cf74332a1f2bdf4c7d67541d8dfa7cd307b277e383a1dbb9771843523b970eae7cc1d938cecc3289e8aa34c3ea1ba84df7d7adfd9eefcb30af81e82d416d50e1ffab0f6e1e822742ecffb068f248105b95b567a072a3c61243feafdd6fd38659d524945"}, @ETHTOOL_A_BITSET_MASK={0x15, 0x5, "d9c7feaeca0b912278cb762c332f7b11d0"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0xd0c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0xd05, 0x5, "f426f64fc91bc231ddcbf6f98d8d336d63389eeaaf6c5235f6c3d644daf4fa5ab69d4ca9fa1a7ebd3f9aed6c40a507e4afa2918430125b38561df2db7950625f248e5b7dd1e6f32c450e2ac7cc877adfccebac5b0b8bcb76a6bc153d0a0992c1e7af1ee3707810ff2c82cf6f05bf62814f3a5539370461d38a9126c0dfc63bc9f38ba5713eb6577e3d733ddf051aa2606532c0b2be7f47f5bac302d54047a7a537135d6589e3dd4a93d12a20074e6e657d40426d7dd18e9673e0424fd81a89dfffa92d4b64ba950f151e29005a17396573cf30767fd36298d14e1b2b3b5f0689622e09224bdf9c4d0d52278aed6fc0bc951e991b0c6c76b3c30cb012edcb69be638f9442293ba1fec6d337e2e7cafc86c5dd4860cc6e86d9738cfd059e52b671267bc63210b28df2149590d4026077c72f846d4dbf40e27df3e1a3a785dea7b728b07587fa0430e3dfdf938926872d612de9c87ec3e8960a58769489ea297b11652969131ec8f2fade03ed753007abd5996c59797e67f6f5c7164f92335f97655db9a07b6878164b24734d825c6876884c90b6bf34eed4e770ca2209c2736258e807cd619568086f7e0b0ae2c9768a0a8479c950960c95804015da3679918025e6a0a238ae56ab29dc4a9e945cd2120ff64c65ddea86a18d45cae7e27f7b936e4f2856491f2244e0d1e9da86d467f678ca7b95c1ecbcab70c9634ee5d6db2189d2ce6def97d2afe764b5b8f25c57913409ee70301e39ef5a6e2ccbe031ef0e07c8b3750fc379700455f412b70565446b68a6429b8c1198e1da86c12882390d1574f861380fc3871f2d7b1203070208b20e72f8736b98de279db8b6451183ef22872439929a851973d54e7021171d97df490314187f71fde9beb448c7692b616273e5155493fc243690b58290383b434708ee3ed08dc4b06d68174fc7d2bfc89b17a70d88a6271a19f69b92ee903c522f439463d8ed60dfae2b944915eb5b3772b9a25c39c9a70bc2021085e0f5db12d05f3bd9d93c102a35ba020b7d5b989b059b9cbea3944204de0083aaedfd22dbf9a10fda14c96618fea3d3bf1acd7c0c2d8b27e11fa4c9063f41f384563444419ec9153beac1266923c7a605910ce63790de3639d5ebb3490479972d25f76a5582d6f829f5e22611415371204d160cefa69971c98e7a295ea6330111af9842f6a2340e146da586774b2cde8e00cf70c16c42a3b521ae0d96a5fbd59b9e0f0e09b4ffcf840500205f8d00d2530f74cd8ebd5b103624cb0d64117e4e894a28e0f290e6e032d494757a1817345c076edff26bf77d7638d5bda88f4cfba1764e0020f585df26d1703d3172908a247c180c4eb859aca881a1e05bbdb118097a1c9631d0de131cdba0c09dd3d852a3b83f8d416f8900b74251535b4fa9078567e6d121e895525bf291682975a8228c6c60607bc4016e71707dd1d69609aeb68891588691a65577772b3a4947541c2afee7b56a273e6c4dea416c4f456e653b62631ef52ddd4414245c8c418fcf607aada18bd9a4ab2c4249172606e32b2df7f4b50c84b9222f33b54a2699270a82e7e78ab9ccc870a1fdac40556ddb00e4d0ea5860a5ca5ab3d3d35b9d6805d1c7b5cc8d1e15d26875df487e7025b58212895874b839f7649dabc33564ef3e983f770b8335f66789481942981c95a8942a38640a779201def0f0e2d0b3e545470240b2f93d22a81abe71c0578ab106c100ac3c99afeb98bc6dc528f39ec91972f9e072a57df9a4b6f467afd8c5f62d885ae2dbf383d4495ec7d1440602c0c466f9ce5726ae6c388fa3da021aac811f103a111ca9b38fbe5964475fd15d80012b53c3a1e4c9ca3f33038e411f37fd4c58d9fd1fd9fa85ca6318458afa6ca2094879e396faff2391c99be7a866616a4112794e78cf7d847ab485410bb02f25aab7ea47c570c23a0fe0044fd87f5165db1b8fd81b2ccb5895deac8cbed2aa7835820675dcd08ff084009488be86a5a2e19dffedad37e2a0ebca926ac26e90b27827a260a064635fd3692d2b26ec940a2340a9ee0f4e79d82b759db6bec80f67c186222b07d5cce3d4a493119fef6758e11be3a150c003f221779ec371e1b717b1d91410200a286d46a8f292903557b04868fb440853980edf85e9c9fc2553dd0e61e56250bbe6eeccc7d500a601af910dbf07701d5746a4f218b6744a3f4c1e11aa35b72a29f86be96b01e6e8402c1a311a35cde0381599a9524fde2f01bc0ad59ffb923dac1b6a0fcb1a5b97dd55bb4b10cde0ca681be7b9e3258e791090d613649ee6aed84b4185e926f5bfdd86c62e586d73d91df653e164587c7a12c999b9f8458dbfd097f397012b96cd2b21efe69bbd68d9fbc6bccdc815b8e44bc734714217ac8e3810874b180ddb81e97574dda51f9616ade81c82029ce3764c86bc15a5279179c91a4249cd734af61336eb68a5560d83677b963e8878666d3d576c2aa9d0af2e6ed5d55a9757e742e2066c99c3626d84d9431fd1e454b5c8f425964988e007c73e4aff97279e2c6118bafb7138994a6dc74de7cdbcb8b7d159e7f5d90f00ba695a7aefbfb08a77cbd5f052df12567150da159027563129d98709468d2bfaa8735d31ba509dbaffb7f4f8e9933081d686c08165c8d69c5e62999d1a2245df250779d554775cbd27a92591b0e74e76bb906268099ae93086c61c5d87f2811c0f57a2e73687e4f3999bb21016f193f56467b9566156b047b59139cd2a385f7f5462d81f578669b0bd1f45b50946eb90907c0bbc8b3cd15a188bb10e1f2bc8ede406d8e7f8fc86527463c7b161d7a57d43bd4421af20f559311ca18c6b6d6e1b33de1257ff97d21036ed12df390929967ee7110fc19fec011955d2947e943b2403d1e8381789ff107aa25cff48d6f376f0554116767535dd5df570807c829464a01f39ab228c60ce57a638b2c810bcb0517a6d4d9c665e73fb5883eca12cf423777b79475c391ae9c15f313851af896f02fc0b6b113f3a67b6240ad1064b7992d2916caf4e2c9ed74260112babda29b5fc7d4e1ec76c2dd10867f544a35a1c05a0e488cd52759bcf19c6f3378fa1274ffc486d3c9189d6c3229a57bce5b5ec2533118223652c710bdf93e7f5193b064049bd7ec0d83aabf829cdaf1cc96ee5d13f68c74d427463c719f611773c78993bc602fd2bc85d5402cc872c606b5a1d333d135437b8b14c8c275d3e9172062bd7f42fa4cf25c7ac8bf582b547517b21d525b6f8995bd9adc88202cb467224b4d23ab0ba05bb1a25e286c7281815edfe84f0b970846043e880d4712b5ce921d8a1e7079bcfe9aa04c73c95fea5dc71e16cdfc05042a733be45b6de5ff086658e61a751bf9919408ed0b1b684c782d98f903741470b0338de66c8cfdf05433fe4c3009adf547c0be455a89c470604bbdae31f57f83ddd77f7a59ddd574823b6b18e567afa19f5a8a6c5a9a1cf3ac4bb9bcfc25a79278c2e43d67a1692414f1637c3abf393e7ec3cc9d06d793101175f1b2c47c293d33735f8d3a14f5f5f0317e5a162a1d1d0e72ba5e98e3553996abe95a89368ea33b2ac51ee9d7f974351fe50829af669b68e68f9021d602a69c9d2868039cd4efc568f7769aa3a37be8e3c0bb151317383d52d33c6533410eb723a1198d91298b301416c9a454e788af0ba6a414234da20a5559d1a9c75fd97c9573d0c7ffa5f9a66bcbb3bb54f7537af06085f53f1cf11e29434d79b8872de84c28a92339089d722185109720db6cd9e75507fe67958bd8139153c5b39505b87d7a385e3394502e0ddd93cfce14e1016c06c2c5e8ca494a43bebf2fe20caf97418d9290acfc2565210916724dad921e94d2a9ecccec68b67c795fafb84e8988cc9a9095518a3e1148b130b307ea4dcdb411417aa95e05a406506013a979303ba1f1c8586eb6f234583fbbfaf826ce23b910d91f100a57bbd89707388f53b7df83e2383931d1acfe30074d895045644a4d013cf3db88d27370187a1375956002d730e4a1a197eb5f839f44dbc65ac4d640b76d89bd73e60105643392172afe4e40deda855966c93d1f1e2c477db06709ef52f323c24c985621347b0bd6a96c6b2d1dc2e154c8a2beb8f5cb7da66cfe4023895c442ed9544f148fbd8d09a26cbba9cfa403956fdb8006ab9eaad8795397d60798b8c7e092fade5a516d1fa872b82f72c4becaece4cc76280a2d15d10515f0379817aca68db97e1e0431ea9a25cfb79de62df13dac9c3462d5ecada8a2cd8718ca9a3346c1fecf9e0bba77885a897b624346fa2d3bed2370aa3df92dfb7b96cae7200800465ccec49a5607fbc309dd661d0ec6b2831aa015fea8a1b368b932f02cf772705070bacd0e152c6066da3c0fc5a92d08bc45c2fd529f096b95918121571ecece966e19e2283820ffe160cf9b40941850af10d6145e1b8b9b501e2348f889ebf4dfbfccbf3ff25a244cf42247568008a201f14da7cf1ebf5292403be832d5f88cf60581e55afebeb51411f14d16ed7daa097865de240274925168625de3c751376a20d9e84565fab1e5f91bb6df985ec186feb69215a65463236328b56803cbbbfb1e0fc3a1b2a443b9413e995ac1104a18bf4e8ea5251d47640d24cf9c4dc37d05b03d98389981a3612037cf66fe2e9374cfdc635dd9df6899b6803e283c0143677f9be2a08c3a98c54cf9395b842c3d657755e54"}]}]}, 0xec4}}, 0x0) 04:34:36 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000280)="580000001500add427323b472545b45602117fffffff81000e220e227f000001925aa80013007b00098080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) 04:34:36 executing program 0: madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x69) 04:34:36 executing program 3: syz_genetlink_get_family_id$mptcp(&(0x7f0000000400), 0xffffffffffffffff) 04:34:36 executing program 2: getitimer(0x0, &(0x7f0000000f80)) getresuid(&(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)) 04:34:36 executing program 0: sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, 0x0, 0x0) syz_io_uring_setup(0x3e46, &(0x7f0000000300), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000380), &(0x7f00000003c0)) [ 2125.532589][T27907] loop4: detected capacity change from 0 to 16 [ 2125.562794][T27907] erofs: (device loop4): mounted with root inode @ nid 36. [ 2125.595694][T27906] FAULT_INJECTION: forcing a failure. [ 2125.595694][T27906] name failslab, interval 1, probability 0, space 0, times 0 [ 2125.641937][T27906] CPU: 0 PID: 27906 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2125.652020][T27906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2125.661913][T27906] Call Trace: [ 2125.665032][T27906] [ 2125.667808][T27906] dump_stack_lvl+0x151/0x1b7 [ 2125.672331][T27906] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2125.677617][T27906] ? vsnprintf+0x1c02/0x1ce0 [ 2125.682044][T27906] ? __kasan_check_read+0x11/0x20 [ 2125.686906][T27906] dump_stack+0x15/0x17 [ 2125.690897][T27906] should_fail+0x3c0/0x510 [ 2125.695150][T27906] __should_failslab+0x9f/0xe0 [ 2125.699754][T27906] should_failslab+0x9/0x20 [ 2125.704088][T27906] kmem_cache_alloc+0x4f/0x2f0 [ 2125.708692][T27906] ? __alloc_skb+0xbc/0x550 [ 2125.713026][T27906] ? sysvec_reschedule_ipi+0x7e/0x150 [ 2125.718242][T27906] __alloc_skb+0xbc/0x550 [ 2125.722404][T27906] alloc_uevent_skb+0x7f/0x230 [ 2125.727001][T27906] kobject_uevent_net_broadcast+0x321/0x5a0 [ 2125.732731][T27906] kobject_uevent_env+0x540/0x730 [ 2125.737591][T27906] disk_force_media_change+0x199/0x290 [ 2125.742899][T27906] ? bdev_check_media_change+0x4c0/0x4c0 [ 2125.748449][T27906] ? loop_configure+0x7f6/0x1640 [ 2125.753215][T27906] loop_configure+0x92f/0x1640 [ 2125.757818][T27906] lo_ioctl+0x8cd/0x25e0 [ 2125.761923][T27906] ? __kasan_check_write+0x14/0x20 [ 2125.766838][T27906] ? __switch_to+0x617/0x1170 [ 2125.771352][T27906] ? lo_release+0x200/0x200 [ 2125.776823][T27906] ? native_set_ldt+0x360/0x360 [ 2125.781505][T27906] ? compat_start_thread+0x20/0x20 [ 2125.786463][T27906] ? switch_mm_irqs_off+0x57f/0x860 [ 2125.791487][T27906] ? _raw_spin_unlock+0x4d/0x70 [ 2125.796174][T27906] ? finish_task_switch+0x173/0x710 [ 2125.801210][T27906] ? __schedule+0xaae/0x1010 [ 2125.805637][T27906] ? release_firmware_map_entry+0x193/0x193 [ 2125.811363][T27906] ? preempt_schedule+0xd9/0xe0 [ 2125.816049][T27906] ? __kasan_check_read+0x11/0x20 [ 2125.820908][T27906] ? preempt_schedule_irq+0xef/0x140 [ 2125.826032][T27906] ? __cond_resched+0x20/0x20 [ 2125.830551][T27906] ? is_bpf_text_address+0x1a2/0x1c0 [ 2125.835663][T27906] ? stack_trace_save+0x1f0/0x1f0 [ 2125.840527][T27906] ? __kernel_text_address+0x9a/0x110 [ 2125.845734][T27906] ? unwind_get_return_address+0x4c/0x90 [ 2125.851200][T27906] ? arch_stack_walk+0xf8/0x140 [ 2125.855889][T27906] ? stack_trace_save+0x12d/0x1f0 [ 2125.860748][T27906] ? stack_trace_snprint+0x100/0x100 [ 2125.865866][T27906] ? avc_has_extended_perms+0x718/0x1210 [ 2125.871338][T27906] ? memcpy+0x56/0x70 [ 2125.875155][T27906] ? avc_has_extended_perms+0xb9c/0x1210 [ 2125.880621][T27906] ? kasan_set_track+0x4c/0x70 [ 2125.885219][T27906] ? kasan_set_free_info+0x23/0x40 [ 2125.890165][T27906] ? ____kasan_slab_free+0x126/0x160 [ 2125.895286][T27906] ? __kasan_slab_free+0x11/0x20 [ 2125.900070][T27906] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2125.905444][T27906] ? kmem_cache_free+0x11a/0x2e0 [ 2125.910219][T27906] ? putname+0x10b/0x160 [ 2125.914299][T27906] ? avc_flush+0x2b0/0x2b0 [ 2125.918547][T27906] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2125.923151][T27906] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2125.928356][T27906] ? kasan_quarantine_put+0x34/0x1b0 [ 2125.933476][T27906] ? blkdev_bszset+0x240/0x240 [ 2125.938074][T27906] ? ioctl_has_perm+0x3df/0x560 [ 2125.942762][T27906] ? has_cap_mac_admin+0xb0/0xb0 [ 2125.947538][T27906] ? kmem_cache_free+0x11a/0x2e0 [ 2125.952311][T27906] ? putname+0x10b/0x160 [ 2125.956391][T27906] ? selinux_file_ioctl+0x3c9/0x530 [ 2125.961423][T27906] ? lo_release+0x200/0x200 [ 2125.965762][T27906] blkdev_ioctl+0x2e9/0x620 [ 2125.970102][T27906] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2125.975396][T27906] ? __fget_files+0x310/0x370 [ 2125.979921][T27906] block_ioctl+0xb0/0xf0 [ 2125.983988][T27906] ? blkdev_iopoll+0x100/0x100 [ 2125.988587][T27906] __se_sys_ioctl+0x115/0x190 [ 2125.993101][T27906] __x64_sys_ioctl+0x7b/0x90 [ 2125.997541][T27906] do_syscall_64+0x44/0xd0 [ 2126.001786][T27906] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2126.007510][T27906] RIP: 0033:0x7f2bac5faec7 [ 2126.011762][T27906] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2126.031210][T27906] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2126.039446][T27906] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2126.047260][T27906] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2126.055067][T27906] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2126.062885][T27906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2126.070698][T27906] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2126.078507][T27906] [ 2126.084650][T27906] loop5: detected capacity change from 0 to 16 [ 2126.100777][T27906] erofs: (device loop5): mounted with root inode @ nid 36. 04:34:41 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='hugeays,\x00']) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) 04:34:41 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x7, 0x0, 0x0) 04:34:41 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000fc0)={0x1ec4, 0x0, 0x0, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x94, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x75, 0x5, "e2448bd79eb61acaec2cf74332a1f2bdf4c7d67541d8dfa7cd307b277e383a1dbb9771843523b970eae7cc1d938cecc3289e8aa34c3ea1ba84df7d7adfd9eefcb30af81e82d416d50e1ffab0f6e1e822742ecffb068f248105b95b567a072a3c61243feafdd6fd38659d524945c9bdb4dd"}, @ETHTOOL_A_BITSET_MASK={0x16, 0x5, "d9c7feaeca0b912278cb762c332f7b11d02f"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x1d08, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x1002, 0x5, "f426f64fc91bc231ddcbf6f98d8d336d63389eeaaf6c5235f6c3d644daf4fa5ab69d4ca9fa1a7ebd3f9aed6c40a507e4afa2918430125b38561df2db7950625f248e5b7dd1e6f32c450e2ac7cc877adfccebac5b0b8bcb76a6bc153d0a0992c1e7af1ee3707810ff2c82cf6f05bf62814f3a5539370461d38a9126c0dfc63bc9f38ba5713eb6577e3d733ddf051aa2606532c0b2be7f47f5bac302d54047a7a537135d6589e3dd4a93d12a20074e6e657d40426d7dd18e9673e0424fd81a89dfffa92d4b64ba950f151e29005a17396573cf30767fd36298d14e1b2b3b5f0689622e09224bdf9c4d0d52278aed6fc0bc951e991b0c6c76b3c30cb012edcb69be638f9442293ba1fec6d337e2e7cafc86c5dd4860cc6e86d9738cfd059e52b671267bc63210b28df2149590d4026077c72f846d4dbf40e27df3e1a3a785dea7b728b07587fa0430e3dfdf938926872d612de9c87ec3e8960a58769489ea297b11652969131ec8f2fade03ed753007abd5996c59797e67f6f5c7164f92335f97655db9a07b6878164b24734d825c6876884c90b6bf34eed4e770ca2209c2736258e807cd619568086f7e0b0ae2c9768a0a8479c950960c95804015da3679918025e6a0a238ae56ab29dc4a9e945cd2120ff64c65ddea86a18d45cae7e27f7b936e4f2856491f2244e0d1e9da86d467f678ca7b95c1ecbcab70c9634ee5d6db2189d2ce6def97d2afe764b5b8f25c57913409ee70301e39ef5a6e2ccbe031ef0e07c8b3750fc379700455f412b70565446b68a6429b8c1198e1da86c12882390d1574f861380fc3871f2d7b1203070208b20e72f8736b98de279db8b6451183ef22872439929a851973d54e7021171d97df490314187f71fde9beb448c7692b616273e5155493fc243690b58290383b434708ee3ed08dc4b06d68174fc7d2bfc89b17a70d88a6271a19f69b92ee903c522f439463d8ed60dfae2b944915eb5b3772b9a25c39c9a70bc2021085e0f5db12d05f3bd9d93c102a35ba020b7d5b989b059b9cbea3944204de0083aaedfd22dbf9a10fda14c96618fea3d3bf1acd7c0c2d8b27e11fa4c9063f41f384563444419ec9153beac1266923c7a605910ce63790de3639d5ebb3490479972d25f76a5582d6f829f5e22611415371204d160cefa69971c98e7a295ea6330111af9842f6a2340e146da586774b2cde8e00cf70c16c42a3b521ae0d96a5fbd59b9e0f0e09b4ffcf840500205f8d00d2530f74cd8ebd5b103624cb0d64117e4e894a28e0f290e6e032d494757a1817345c076edff26bf77d7638d5bda88f4cfba1764e0020f585df26d1703d3172908a247c180c4eb859aca881a1e05bbdb118097a1c9631d0de131cdba0c09dd3d852a3b83f8d416f8900b74251535b4fa9078567e6d121e895525bf291682975a8228c6c60607bc4016e71707dd1d69609aeb68891588691a65577772b3a4947541c2afee7b56a273e6c4dea416c4f456e653b62631ef52ddd4414245c8c418fcf607aada18bd9a4ab2c4249172606e32b2df7f4b50c84b9222f33b54a2699270a82e7e78ab9ccc870a1fdac40556ddb00e4d0ea5860a5ca5ab3d3d35b9d6805d1c7b5cc8d1e15d26875df487e7025b58212895874b839f7649dabc33564ef3e983f770b8335f66789481942981c95a8942a38640a779201def0f0e2d0b3e545470240b2f93d22a81abe71c0578ab106c100ac3c99afeb98bc6dc528f39ec91972f9e072a57df9a4b6f467afd8c5f62d885ae2dbf383d4495ec7d1440602c0c466f9ce5726ae6c388fa3da021aac811f103a111ca9b38fbe5964475fd15d80012b53c3a1e4c9ca3f33038e411f37fd4c58d9fd1fd9fa85ca6318458afa6ca2094879e396faff2391c99be7a866616a4112794e78cf7d847ab485410bb02f25aab7ea47c570c23a0fe0044fd87f5165db1b8fd81b2ccb5895deac8cbed2aa7835820675dcd08ff084009488be86a5a2e19dffedad37e2a0ebca926ac26e90b27827a260a064635fd3692d2b26ec940a2340a9ee0f4e79d82b759db6bec80f67c186222b07d5cce3d4a493119fef6758e11be3a150c003f221779ec371e1b717b1d91410200a286d46a8f292903557b04868fb440853980edf85e9c9fc2553dd0e61e56250bbe6eeccc7d500a601af910dbf07701d5746a4f218b6744a3f4c1e11aa35b72a29f86be96b01e6e8402c1a311a35cde0381599a9524fde2f01bc0ad59ffb923dac1b6a0fcb1a5b97dd55bb4b10cde0ca681be7b9e3258e791090d613649ee6aed84b4185e926f5bfdd86c62e586d73d91df653e164587c7a12c999b9f8458dbfd097f397012b96cd2b21efe69bbd68d9fbc6bccdc815b8e44bc734714217ac8e3810874b180ddb81e97574dda51f9616ade81c82029ce3764c86bc15a5279179c91a4249cd734af61336eb68a5560d83677b963e8878666d3d576c2aa9d0af2e6ed5d55a9757e742e2066c99c3626d84d9431fd1e454b5c8f425964988e007c73e4aff97279e2c6118bafb7138994a6dc74de7cdbcb8b7d159e7f5d90f00ba695a7aefbfb08a77cbd5f052df12567150da159027563129d98709468d2bfaa8735d31ba509dbaffb7f4f8e9933081d686c08165c8d69c5e62999d1a2245df250779d554775cbd27a92591b0e74e76bb906268099ae93086c61c5d87f2811c0f57a2e73687e4f3999bb21016f193f56467b9566156b047b59139cd2a385f7f5462d81f578669b0bd1f45b50946eb90907c0bbc8b3cd15a188bb10e1f2bc8ede406d8e7f8fc86527463c7b161d7a57d43bd4421af20f559311ca18c6b6d6e1b33de1257ff97d21036ed12df390929967ee7110fc19fec011955d2947e943b2403d1e8381789ff107aa25cff48d6f376f0554116767535dd5df570807c829464a01f39ab228c60ce57a638b2c810bcb0517a6d4d9c665e73fb5883eca12cf423777b79475c391ae9c15f313851af896f02fc0b6b113f3a67b6240ad1064b7992d2916caf4e2c9ed74260112babda29b5fc7d4e1ec76c2dd10867f544a35a1c05a0e488cd52759bcf19c6f3378fa1274ffc486d3c9189d6c3229a57bce5b5ec2533118223652c710bdf93e7f5193b064049bd7ec0d83aabf829cdaf1cc96ee5d13f68c74d427463c719f611773c78993bc602fd2bc85d5402cc872c606b5a1d333d135437b8b14c8c275d3e9172062bd7f42fa4cf25c7ac8bf582b547517b21d525b6f8995bd9adc88202cb467224b4d23ab0ba05bb1a25e286c7281815edfe84f0b970846043e880d4712b5ce921d8a1e7079bcfe9aa04c73c95fea5dc71e16cdfc05042a733be45b6de5ff086658e61a751bf9919408ed0b1b684c782d98f903741470b0338de66c8cfdf05433fe4c3009adf547c0be455a89c470604bbdae31f57f83ddd77f7a59ddd574823b6b18e567afa19f5a8a6c5a9a1cf3ac4bb9bcfc25a79278c2e43d67a1692414f1637c3abf393e7ec3cc9d06d793101175f1b2c47c293d33735f8d3a14f5f5f0317e5a162a1d1d0e72ba5e98e3553996abe95a89368ea33b2ac51ee9d7f974351fe50829af669b68e68f9021d602a69c9d2868039cd4efc568f7769aa3a37be8e3c0bb151317383d52d33c6533410eb723a1198d91298b301416c9a454e788af0ba6a414234da20a5559d1a9c75fd97c9573d0c7ffa5f9a66bcbb3bb54f7537af06085f53f1cf11e29434d79b8872de84c28a92339089d722185109720db6cd9e75507fe67958bd8139153c5b39505b87d7a385e3394502e0ddd93cfce14e1016c06c2c5e8ca494a43bebf2fe20caf97418d9290acfc2565210916724dad921e94d2a9ecccec68b67c795fafb84e8988cc9a9095518a3e1148b130b307ea4dcdb411417aa95e05a406506013a979303ba1f1c8586eb6f234583fbbfaf826ce23b910d91f100a57bbd89707388f53b7df83e2383931d1acfe30074d895045644a4d013cf3db88d27370187a1375956002d730e4a1a197eb5f839f44dbc65ac4d640b76d89bd73e60105643392172afe4e40deda855966c93d1f1e2c477db06709ef52f323c24c985621347b0bd6a96c6b2d1dc2e154c8a2beb8f5cb7da66cfe4023895c442ed9544f148fbd8d09a26cbba9cfa403956fdb8006ab9eaad8795397d60798b8c7e092fade5a516d1fa872b82f72c4becaece4cc76280a2d15d10515f0379817aca68db97e1e0431ea9a25cfb79de62df13dac9c3462d5ecada8a2cd8718ca9a3346c1fecf9e0bba77885a897b624346fa2d3bed2370aa3df92dfb7b96cae7200800465ccec49a5607fbc309dd661d0ec6b2831aa015fea8a1b368b932f02cf772705070bacd0e152c6066da3c0fc5a92d08bc45c2fd529f096b95918121571ecece966e19e2283820ffe160cf9b40941850af10d6145e1b8b9b501e2348f889ebf4dfbfccbf3ff25a244cf42247568008a201f14da7cf1ebf5292403be832d5f88cf60581e55afebeb51411f14d16ed7daa097865de240274925168625de3c751376a20d9e84565fab1e5f91bb6df985ec186feb69215a65463236328b56803cbbbfb1e0fc3a1b2a443b9413e995ac1104a18bf4e8ea5251d47640d24cf9c4dc37d05b03d98389981a3612037cf66fe2e9374cfdc635dd9df6899b6803e283c0143677f9be2a08c3a98c54cf9395b842c3d657755e546e803aa1a57ec8752d9eb2f690f840fb5a6f73b4c2543c3957e71a0819921eb80160f6a2e1aeb8d8a6f0732bcb2962310fc18499737935989b5c5b102feadd5dd105eff13aa81a8ba509e600c87b7dd5cdd6f337ae3f06b823a5b98e31fb70a488047be7e99f56f3b3218db257219c7bb44b42f6579812099e46de3ec8994d6b12159838b64d95ec6d45153bb1eeca9604b2d62d092474cd33d3e2a74894f062fc31651bbc54c0edaa1d4e717b83331adec5fc0de4080eb96cccc7e7aa403db31482fa293dcda8aed89aa74992d3efc1baed77a031ddcc8d321bd9f0d1c5bdc330112d54b4737d0783edeb19e432a2dd07d724210b93954fce318f60fed97a60fb66d3fbeb5749151082ab9e6d3855a1721722969d1f5c2a5540787cb9d6269ec635fa9f8c33e0e6dd8c5339f51273da5f79e59f3997d3ec4748c331fe03340510a2a03c53e027a8991b60c0dc1b3382bd51c1208f1109ea77103118abc9da6860e80d7fcade41d52f4aaac199ddcc51f64e0ae88ba99cb18684ac520e87f6c66c4a049c0e69ad83f58a30441f66bbd0ee2114ae44af019e2ef25007491333ab4ebd68d7103eb3fc6cf221dea31387ef889f76355ee1ca29ed353e6e8655002505d4ee2110a38b3c19f59b273fc996ed9fffd43c48529f1785b23a3ecfefb62fe803128e2657bb090345927cfd6f4a1322db308de56fe1768c6f065b044d53fd424d095a5496ea158b8af14141fa14958b3fa1680ed5edf527152336935622a8f2478e6368ea1821068d11d47f9359b036e06c0ca3082a50c8c6c3a037bc485077550280083c7a56ad5b7f3b2bbc2d3cc9ba2ef50ce776dfea5cf1b8353a6fa203f8f3679e578637892906c211ebc435d8d39dd0d3071799bd4952c453b795cdb1edf1ec97438142a1faaf787c70b80687f1e47815430248e0519a602ffdc38dd6dd134e565f3ba7a814f31982c6e8008242f5161716f6d6a2268152da13b810f403865fd5b4d47d4a7be7969022d0b47048ca45b923ac2982f73364c18d35a80238388a89de3e0c5d9beeec2c9a86bae2be311cb39b25eedde6edda10"}, @ETHTOOL_A_BITSET_MASK={0xe5, 0x5, "a65d8b94dbe181de386732c23e5bee62625056e153719c817fae28178668df36b783c58fce5eb60a8217dd956ae7c04035784a3ce07de2993c568ac264352080200fad3db4dfa8d3d9994f289b770e149d8b49883dbc7e14a51d28a29cb5194c55fc866295fb5ff08bdce2b9268e9086fa82db7702a5c09837898a6bd2722904b4edf425118348d7c792f547978c2b836a30c98b652bad7bb076c9a8272e38583deb9b644111777c637f81df98fda25f604ab3b7da2d9ee25d2f48e990c1bff559ec25204de71a30a665ae5ffeec110971655b02f7cdf51e86e83dfe75e4d8af67"}, @ETHTOOL_A_BITSET_BITS={0x54, 0x3, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, '*1](@#$\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}]}, @ETHTOOL_A_BITSET_VALUE={0xbc1, 0x4, "cba4feb317d37a7efe79283ba8684405c4ee3a4b239b86cc8eb51233ce294889f77a9e1c896888d62553f2e8c06bd8df15322e05b6bbe9b2ba042018094a49189468fec1dd250ba0576aa9ed3f83d61c3a20ce1dd6f756f947b1eb058379d2ff9cfae697d3ddbe9c3e89a792071b866095c70cf2aa6e73113bd2c574179b50eb83558ab40655b1704a66d68d6f2fe3eefa1cb1b087f34e146a508e0a3301dd653ddc75322581f2c724fde760c9176d62ad58513d39b762509fa4a6a8d15d6c1b9209a22a19c7a768da8ba793ceb5d0f7198f3e1721607fe13c3e9bc16f8661764c8f70e22ca466b638c82c7a95be12c4aca93cea1c627da96d68242a95015dded3c0eeed2a78fec5ef1d5e58991af821592ef555946b4517007d2751532fd1243b7c72ffdbf2fa3cd610cdefc8381108ca2df2e9586ae66b7061aa7daa25a0f95f3642db436b9b9285949d7040a5c2572c32f4474a1ae189b5fc87d18fdc39f069901d557f6cf3b5e9d28dcebfa9086386977cc10fd6837f35761332fed98eb06549b50118bbf2bbe90264bbbbae287b6fee85533f6c815febfadca036975d1c4637084c14c805c590cdd010eaccff80c49d2729ea00af91a9812d304a59d82d570644765e869f7c8046095507d04a7e24046efe2c11959d866173e592449aa9a68136e0cbd49cd3acb99cbf8b866ddfb0d80cdde1db479db5980e01f3e053531f1241cecc1a270d9805467e1051bfb2ac7f9039aefdc2679cce7acb5e4b7a64b348cc5ea112e6f77d19e9767a3ff18256104b7b77a6fe28e297c3ccd071312020c66c6e7927c761bd54b223e39c16bb89c1cddef9877b8088ab6b780d739c8efc2be50b1bc599e002de37303ad4e1fddfa3dc41f10538816bfc065cf8073200de25b3062a98aca8d2285ed49dd6b8a4e2934f6cbd016dadbf091a6e0604c6bde36db063794a0dd8c995e71c230cb4973c1555de446ac14c777cd35389bccb9c7aaa35fa06a89ced1a5014344cd0ba6ef464f8eee5d298da4f46bb20f158bccdd4afb87554de81df035deee314753294c65831bdd41ae907243bc4d0c169ebaabc260a325fd3a26c9b9df8d718604200ac70507a862e6bc7b13fae18dc7d6d51bb4fa9aa0056669cf2436149812e4294f4f15fedbe21f4233619da58fddcb53e12c6f27820dd5c37f10e11588ae335ddca5db188d0f6d034cae17f4725407be97c78aff756f84d6a9de60305930694f6bcf180797760dc995e2a2f8a5f0bf81c7951a3b833eb420f9238eccf950910fd2dd00e0c7010031d0a7da509f93ecf18da256f92d75894f2415d795b14c85cf2efd7b4fb7e5ad4c2d5516677f95dfc1e28596ad54a3720ab1f054a92fd921f5233f76c44d08928d2632e82130eda811fb8aa6511aad88e81ddb40176cf19d42bbc5a03f8e1d53d6ddae0fe247b719179cccea44686d9e079d5f54bae9cc1eab048e34ff5320e644bedc8cd4231f18d9907f0e7ae0125abec0ebb94b6e926fc9256294dd5bb96f3edfe6629f38d1bd8e9152ad22bc25af4a1ddd2d966df6abb66161fa3d353677b12cf00100438de3754f00b2c7da3f803693a10609099e4f228690db15df5195fe93818b262500d6b473e884f228c5e585ab247a0aac9518d4e2dc5cc1b5e311424a65605bd40c72a31c39a3f87333771c072bca188a610fa59daa703681953d91c9eadd587ceb057591ed4e3cfc0173bd6a00c82a14cda5adbc2049a5cdb83b98ba7256242992f92fd78e7fd97dd7d32fafac20320eac77e63b30716231317854e8bf822077b95d6b8986dbd7c43eeae0702c1fd22313009ce8f22ade9b1472558f5a849d46b685d645b7edd559ecffb7f9c02fd1913eb5f82fd00dfcc819900fb33c9dc860ea5f4d0410e9ea1b33c75f74aed4a3d69c0b09e4147e7a646ab6219dca2a39bcfca15778d215103a7f6d316b0c8d828657bdfe3c54186b2ac0fc0b5a8e8293d0d0736ad7712b7b2b35bb6512d9a61349193a15f399e760e4380818e738ca09e867f8fa0151f3eecf9bb690533b8ae8fa075a5f58e7522107d046b3ca2f104c6c921fa76d1899f5a6066bd7603a1b3698e62a7134a9f4e5b309cb09900d097e1ac45f7d42d65bccd471d934cc393f4f74caa2dc0ce86f36da8e09a3c78a0cbfc5eb9e058882299ee7ca70ac6ab055337d0d888c6904d683bd717b183596939f67f2e4e3127faf7f720d1f2445d3f3a46678bbb905cc8c3aedfc6a25fae1e160bf4940b172c631189a40f1bddaf3440ab9fe3d0b12a44067f77f1aa4fd74812c5affa3a7d6ce58d6e802724370e27513f5cb97a5e5adc1684110c41c1de7d0b091af315e6d4acef88d858fbce713d9e126309998cd7c5e87249a648b4b7568def50697cb68a0bca396938215e604df27f0842e6a6bfb9f3925474ce390543bde76ed7ca9500baf2c609816da64c02829eabbb4a638383e69474c04ff68eb5040476faaae59c9ac1dab988f663e1a17a61333a94249af9811bff5c413aa2c85134bf77dbf15a0e0e26a41aa10df91929710d5913ba008c8bb24155c3a874818d21e82731a79a741c285212ed5190db0a85d1d90a1136c256d27bda5d9a69c082d476fa893377595fa02b11c19d21b23f00d372f8be1e438624a12a5da7d5d23cbb41769b691ee7c14a6e25f9ac11d56a43f6b8c8c99f1ace3fb5a57f1adf57fcbca8b91ed6dc3832b4540d8cdec3db971ff57a7512e6b3797122d8532f984dc3adb858dada9b75679cafbe9d93a10193f6b00008bdfd72b210e4cb52fe0003e8c24a1eb973c711bc9b88278a7e01de6c22624ebb90d6876d9fd5c937168f763f8fa5e169c2763b3699f02a117d90f0ea95971859e38312a9055b3b166af0823f01e0c3daa944d8e67ad6696175f35058f1aa646c6a667d1e8c2b105643fffde0f29307d0e5439fe7ec19ffcbc74a27ea1c848f3b7c46e8cf4dc503acee2228bdb6cac8ae3777f3909def0f26212e5db7cf7ea3ba58ba6bc60780c64d393dedae9ebab3cb81e1b83102cbacf008ad29090d94ca3c2bb6872398611fa952154acbea7245eaf0c39612ef10a8eadd5a199e6348634a7a9e9fe7127bf66c3bfdd9e78bb40191a276f83d1e803eb60264d8f963908909041fa2f5df8d5a0d75dcb3c743f1ea7e75a38be03238090260255143447cc57c1450de95cea7cae869fc0de7861577348f3cc61045f7d198a8532e89a3993e6e40875eae7f4039dec9d31edf3afe14cee3ee4d4b133e7d9977b7e3024843c7699a62376a3aeea4a267b8b038c7c975fa6d245943280e98b7a346819b8baedd6b546829345bac69f55a7c4e2c60162f74d71607c388d5bc668d909c89f0f15fec4831f80e8ff93149c9ea7f9276465a941566c8916b2221d44653665ebcf7cd6dcc0e6d6a72588f5465893a4bf134c571d79fd2af75ab4f713a2d1fd09cc37c5620b219698dca6e43549ddcee145dd196c2d3fd4013233c948eed3cdabafeadbfb0e5fd1ddf48dde58cd4a0943ada2cf228ece1ec640586061f4a47f7befbbab31d8f72ca95d8b724e1b8220eebfe9a9b594d8293e9db34a8ac44932cdd008b8a1b42b537321e4a0030f516dc41fc731809b6effa5e3edecc80cb6714903b07d1cc56a15e30de907b9a7b9fa54c66fd3a31ab1fd3f2627822a44525d39a158405d0f592f819f145ae46198610406d189fe18f9fc32586bee6864a67e3c4787012f8eac00d1ec3ec27560fd09e6ab4cc0830211872e5f85ba63c1a42703cdbb2c5fa928555bc7b7865d3443359f2c3c7b2b06bf659847224569f8d7357d0806f41b7bf6f207579573e9362ebd69b6472b3cd1442b7589df18f71b255ac6cb71829502d9a05c0da7176d17b9cda946eca2ea1681700e98b39e593b5ddad28041757a8af10794d83aed81c6916316903e6ab76b4a162db3ec3947efb5686564e491539f935940ee0476fa5862c1fe1de922d011480d3b770d54c6408ee796cca057838acabcf88b84c53a93492aa067ab97c745836d3963ae1f0a1ecbee42111e3128a1040ed7bbc4ae11eb12dabe9124a13419705d7efea89ed0274a22aaa7fdb58273f3d1f035e6487baa42aa1e2d84754014636d34b9b5d63de391118e2311e666b688b5361899bc35fed520a3ab1d520e953d6ad6355321cab54e0be07cf2e1b1bdaa05205ed677ed3edb9d46dfff54758bf82f8f532dfe5ce30ebdcc8fa51bbe4c522d2b08ae6ba79f044cbf2c7"}]}]}, 0x1ec4}}, 0x0) 04:34:41 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$l2tp(0x0, r0) 04:34:41 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:34:41 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 34) 04:34:41 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x18, 0x2, 0x7, 0x401, 0x0, 0x0, {}, [@NFACCT_FILTER={0x4}]}, 0x18}}, 0x0) 04:34:41 executing program 0: socketpair(0x29, 0x2, 0x6, &(0x7f0000000040)) 04:34:41 executing program 2: socketpair(0x22, 0x0, 0xffff, &(0x7f0000000000)) 04:34:41 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r1, 0x1}, 0x14}}, 0x0) 04:34:41 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001640)={0x14}, 0x14}}, 0x4008040) 04:34:41 executing program 3: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000140), 0x12) [ 2130.489510][T27942] loop4: detected capacity change from 0 to 16 [ 2130.521965][T27942] erofs: (device loop4): mounted with root inode @ nid 36. [ 2130.566935][T27943] FAULT_INJECTION: forcing a failure. [ 2130.566935][T27943] name failslab, interval 1, probability 0, space 0, times 0 [ 2130.612804][T27943] CPU: 0 PID: 27943 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2130.622886][T27943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2130.632777][T27943] Call Trace: [ 2130.635896][T27943] [ 2130.638678][T27943] dump_stack_lvl+0x151/0x1b7 [ 2130.643203][T27943] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2130.648485][T27943] dump_stack+0x15/0x17 [ 2130.652486][T27943] should_fail+0x3c0/0x510 [ 2130.656727][T27943] ? alloc_uevent_skb+0x7f/0x230 [ 2130.661502][T27943] __should_failslab+0x9f/0xe0 [ 2130.666101][T27943] should_failslab+0x9/0x20 [ 2130.670439][T27943] __kmalloc_track_caller+0x6c/0x350 [ 2130.675560][T27943] ? kmem_cache_alloc+0x1c1/0x2f0 [ 2130.680419][T27943] ? __alloc_skb+0xbc/0x550 [ 2130.684773][T27943] ? alloc_uevent_skb+0x7f/0x230 [ 2130.689537][T27943] __alloc_skb+0x10e/0x550 [ 2130.693794][T27943] alloc_uevent_skb+0x7f/0x230 [ 2130.698389][T27943] kobject_uevent_net_broadcast+0x321/0x5a0 [ 2130.704115][T27943] kobject_uevent_env+0x540/0x730 [ 2130.708978][T27943] disk_force_media_change+0x199/0x290 [ 2130.714277][T27943] ? bdev_check_media_change+0x4c0/0x4c0 [ 2130.719739][T27943] ? loop_set_status_from_info+0x5fd/0x7a0 [ 2130.725378][T27943] loop_configure+0x92f/0x1640 [ 2130.730020][T27943] lo_ioctl+0x8cd/0x25e0 [ 2130.734230][T27943] ? __kasan_check_write+0x14/0x20 [ 2130.739178][T27943] ? __switch_to+0x617/0x1170 [ 2130.743696][T27943] ? native_set_ldt+0x360/0x360 [ 2130.748382][T27943] ? lo_release+0x200/0x200 [ 2130.752718][T27943] ? compat_start_thread+0x20/0x20 [ 2130.758186][T27943] ? switch_mm_irqs_off+0x57f/0x860 [ 2130.763219][T27943] ? _raw_spin_unlock+0x4d/0x70 [ 2130.767906][T27943] ? finish_task_switch+0x173/0x710 [ 2130.772941][T27943] ? __schedule+0xaae/0x1010 [ 2130.777365][T27943] ? release_firmware_map_entry+0x193/0x193 [ 2130.783093][T27943] ? __schedule+0xaae/0x1010 [ 2130.787519][T27943] ? __kasan_check_read+0x11/0x20 [ 2130.792378][T27943] ? preempt_schedule_irq+0xef/0x140 [ 2130.797500][T27943] ? __cond_resched+0x20/0x20 [ 2130.802013][T27943] ? release_firmware_map_entry+0x193/0x193 [ 2130.807743][T27943] ? mutex_unlock+0xa2/0x110 [ 2130.812170][T27943] ? __mutex_lock_slowpath+0x10/0x10 [ 2130.817293][T27943] ? is_bpf_text_address+0x1a2/0x1c0 [ 2130.822425][T27943] ? stack_trace_save+0x1f0/0x1f0 [ 2130.827274][T27943] ? __kernel_text_address+0x9a/0x110 [ 2130.832478][T27943] ? unwind_get_return_address+0x4c/0x90 [ 2130.837945][T27943] ? arch_stack_walk+0xf8/0x140 [ 2130.842737][T27943] ? stack_trace_save+0x12d/0x1f0 [ 2130.847578][T27943] ? stack_trace_snprint+0x100/0x100 [ 2130.852698][T27943] ? avc_has_extended_perms+0x718/0x1210 [ 2130.858167][T27943] ? memcpy+0x56/0x70 [ 2130.861996][T27943] ? avc_has_extended_perms+0xb9c/0x1210 [ 2130.867463][T27943] ? kasan_set_track+0x4c/0x70 [ 2130.872072][T27943] ? kasan_set_free_info+0x23/0x40 [ 2130.877177][T27943] ? ____kasan_slab_free+0x126/0x160 [ 2130.882298][T27943] ? __kasan_slab_free+0x11/0x20 [ 2130.887071][T27943] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2130.892449][T27943] ? kmem_cache_free+0x11a/0x2e0 [ 2130.897221][T27943] ? putname+0x10b/0x160 [ 2130.901311][T27943] ? avc_flush+0x2b0/0x2b0 [ 2130.905556][T27943] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2130.910166][T27943] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2130.915368][T27943] ? blkdev_bszset+0x240/0x240 [ 2130.919960][T27943] ? ioctl_has_perm+0x3df/0x560 [ 2130.924650][T27943] ? has_cap_mac_admin+0xb0/0xb0 [ 2130.929423][T27943] ? switch_mm_irqs_off+0x57f/0x860 [ 2130.934458][T27943] ? selinux_file_ioctl+0x3c9/0x530 [ 2130.939491][T27943] ? lo_release+0x200/0x200 [ 2130.943830][T27943] blkdev_ioctl+0x2e9/0x620 [ 2130.948168][T27943] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2130.953463][T27943] ? __fget_files+0x310/0x370 [ 2130.957977][T27943] block_ioctl+0xb0/0xf0 [ 2130.962054][T27943] ? blkdev_iopoll+0x100/0x100 [ 2130.966664][T27943] __se_sys_ioctl+0x115/0x190 [ 2130.971169][T27943] __x64_sys_ioctl+0x7b/0x90 [ 2130.975595][T27943] do_syscall_64+0x44/0xd0 [ 2130.979858][T27943] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2130.985573][T27943] RIP: 0033:0x7f2bac5faec7 [ 2130.989836][T27943] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2131.009282][T27943] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2131.017519][T27943] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2131.025323][T27943] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2131.033136][T27943] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2131.040946][T27943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2131.048771][T27943] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2131.056697][T27943] [ 2131.066036][T27943] loop5: detected capacity change from 0 to 16 [ 2131.089174][T27943] erofs: (device loop5): mounted with root inode @ nid 36. [ 2134.572608][T27946] tmpfs: Unknown parameter 'hugeays' 04:34:46 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='hugeays,\x00']) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) 04:34:46 executing program 0: openat$pfkey(0xffffffffffffff9c, &(0x7f0000002340), 0x80000, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000002400), 0x2, 0x0) write$FUSE_CREATE_OPEN(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000006900)="e8d9") read$FUSE(0xffffffffffffffff, 0x0, 0x0) 04:34:46 executing program 2: creat(&(0x7f00000001c0)='./file0\x00', 0x0) setxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000280)=@v2={0x0, 0x0, 0x0, 0x0, 0xff8, "3c3f26a4994bf86af7b578c8d2b55368cfad299aae63cffec9ce6e7c9588cb88025a883a1b0227d108b7611d629addccc2680738477ff470d0a1ef36eafd0e82c9dfad0260687188a0c559092eb58c44280cb7c45fa1bfcd54e2145af4e7e5a87f4deadf1252133df4a1e1fe5a9d91913166f5c154d6718dc56cb7e1ba54fc58a7387ee0473d2faa6fbdb2b4f23cae639e7c4da447b0ce90e4aaf3c8535991d4150b6d8590443ad2b8349ac82f777f4eed0e7c5e65efe59a81ddfeb92bf57bbe04486404354e5ca8332d6ad11b3833a9fc1fba24c02713afe0b3b541158706b58cc3a6547cd24eb8f242f7dea40efa575af8f5ad2e540dedb4b72451e20b5e921d142463de633aeab40219917ab6eddc38140ba00576f3c40cde878596be8aeee217012fc31a12a537b7557da5f871acf545735cc67b1f6476228963329327a7c11d60c1cc55dca4d7c2a439271c236fb7e029e4041fdd7c0e56777b92fe02ba7582ec2efaad8af4b0cd7662ad0c83e8d60c0433bce4876928f0a0c4d620588ccb54c20bbc1fd995a2f01cc4c0bb9c22c698c8337bb503edc0f94f6d2ad39ac894e3249d3d7dd330ca8416ae4ccec0401e9ccf77ca28bae25f069d53fe97c06eb73c8f51d9452f6422f1b5310e6bb25456c4e88136902929cbc5229f6d5aa55f8bcd8ea873599cf9c593ea124bb8553a60d4a2d5f4c76252610d5373b6c8f1f4239acedef073af06741609626af5ffc7e734b5d569d1c7ea821762d6e8d867da33c4b990ab01ae67af6b65d9e95e023986383342c579c74478dcc8cc68b8749c391afb97d4b14b51e129cadce2eee078e5680e2a3c4094c184bf63749c7e4660aedd84c330fd8ad532861f4a31e566d1679e1d9b91c9ab54c31f4a0ceb789586425e461f35e3b59020890d025eb3ec1bf5d38c0a8bb190a936912607c1cf3d6502749b299cec3da4b319027d22b617c3d54ca7843ffd4a2813dfde0b953176408e087ce1cade65af834105f7f09028f1d5acfde4274bd3f5d0dad270860ac35a8dd4a42fbf663b98e67e7a14db1cbd44dbd971d65842e981a4b95c3e6bdc8c6b45cd5a33192f9a1a86fbd683eb3516df02a0f833ced60e31e472d03457e5b303104c38eb23c579fb17ede87d0f1b8263faede879b7bfb18e1a64ad7b60f0148ffd2d8db0151432b98670bb6ddb630fce952ec72aece19eff08057bace74081fe8d0acbec8d772a48c39d51de2a895b7e75ba7d8a3923c196b4b90cb509bbd449e968cee0b5a36fe30b189def045c248acbb5bb0d9b54482cb3aaec4096865bad395595595f6755676cdacb4e23e53ff5462c58a04979694cfa2a95947b25718d45c27aa231c9f2fbf589418c1818194d4c923b38c652478ea02406db17491df44698b8b90300e075e5ed9e932b232d8af2560820e5c354fb9136eca4e776e552270077af532c72b405bb67a80c2c1daa081445245bd411fa20234fd41aaca3ce1b92f1d279fe3a31229aa4de9f0a3a0ac7f8ce6f7c4cee45c13a8c56d8b47a0d3188965cd353b977210577f833b62a7563a0028178776793c7dae37136cd573369640db89e9be812161167e5a2e708683243df35be5561ad60267439b792648e422f4a298ce88a70021993f6140bf55a821dab935a7de8e7c0d4e506a879f95ea4c64d90bee6a529557e86cf2f77ff4015477fd199f428da27d04e67cd6a46edd2cbef889dd34e9cd31a75c679e2f6d82b625d0c6bdd1db61b40962c04ae9e5cab93b2701c7ce36817ad26648f046512c7d2a2436b94aa16070cf55f6369892ffe8e7fa40c2367071593b40f5bfe39bb9ecf85b6ad9e548593e4c6fdd9826cabb284f61003c183953b261b4065429d787a1876191d4cf30b0bf50a2be96364c8de6c288dd6b7e5d5c43b4e687396f855e6a35eef9ebdd55d317e43e2d5bf216f42bed31cb11291ee8f9e5dcfa64cac5ad36297db8eaccdcc85e745bfcb55ea18b56b2e03fa3750799b49a4835439f65e7c2ba901e93e76a5d5af95f4e6289bf2880fcdc1a88c376e587b41c169b8488e8d6cf039715de6ae2fd02a6e0fb0758d4ae1340c48c33dec7778af79f128e8bba8505629ac5f6a0356dfcf7e824d2be041fa4313b0dbc029ceb82f9b8929386a1167a04dc564a8961204eebdebeab19e685d2b01abc1fb17f1d25a1944a25ecf5b572ec91d766f6232ab283034cc8b7e7e1971b6809f9a490fd570df15f3cfb83eeebcbc624b4f23b9410133898236e41033d27a1afdc2d9f9a988354e16ee571ee68c0d502ab3770cb0e035de58e920565d53b21b1172da1898264f0ef269298488e32ff0c20cb212de72777b4a1bc7edc53411dac8ddef672ac5e5c9055fb21083dbaa50e97d11b328a07c37ce4627e712877d55a2b698aa4ca8c9aa109dff928a9145380f1ffe493bec778ec1ebb1f29a258ed55a70fdbf96b6cd561719a8d12a17f261aa719d12ebb1660b56b62beaf279e31136cf6c1de9d5e38a77a8adfded8e9d9098c381fdb4bed8148288dd315ef75f346b8efd1499d31d34eb2bc7e6e82fc4f5d49b23e8403a27838a90309b4bdfcb9c6c12427ca772a1122ba4b7e1db26dd949e55b589a502758db44f7b4bf05fd93845b367d1e0a69037ef95feb6b3763d0ec414c9e6ee09eb9fd746ede59e8a9931b832c90bc0bf3b34171488f0db1400506f9606bedf9500d27b9e1cae7b98e6f0745848d82d1fd8b919c296df63de515dcdd4e9e57155ae492ece3e1f3910b16235bf414d0190131230232dcb4501253a2affe716ee2f7d88cc80e0bd66a64258cafdaf9ca60b93c43a1cbe148a76b33ba227f5e405568122402fce14ff2d122ab2230de7b76e059f01b4325694f4632188dca51cb2ddbc0c266a31bdcbae3629c7071bfc3f7528905d11154a229869bc1b19bdce3f08e3cdaa7876a91bf5788832c0129b97b92b4f6c463881f1758b2a076f68224c26f4ef3e0be6b124efd6b955c7246eb9408b9fc61f61e2ec3e253de0dcc66cbf9d917be98dfd5be2b421fe0adc059b41074e8efda7a1441367a80fa01a647433f1f407c09692a16191949feab8a6dc2ebeabf3a234dc0b6b37fb3240981189da60a95bf0fdd3c9b1ddf94f1fa7cd926ea7a4c53785ec25ac4661db15acccf12d376e6cfb517a8b1ef81c36ad0518803d3d3e70f2f60568a1959705657d0f8e0f1d87dddf010984489b507c19928e1faaeb1f8782f33f51efaa7dfca7c3d7358733a6d3e6299c45dd114a05d72087f2c47b88cda925fdbb4f11e74649c65057e9b704e97b0f03af6fb16ec32d19d853840c5efae65349a0c00e5622fad0d3fd4dfec5810697312afbd487c2fa738c51f830b06c98eb09d33fc27f6f7cd6c5d82c91550e27a350bfda4c7290cbdef06040ddd17da6b074e68ba7aaf5992dc446d5688bd91e2e43ed23df041522e3970ce6d4031fac78786ec73f2633f5a0424bdea44b60431d80cd6b447040e5a769f12f6b9898f0eeb4863feeebbe63e98dbb9c5a467c0b256a8bb045771a0ddfb78db1686c86808341559f1e488bcdb3c4f7163d10b90f0fa4800187860b5dad563dade8d7a1a075e16d639af91e500277ff7559344e55c0127862a00db3bbe811d9c59a46d6f713f4e146034b7505bf3775214204544d89e363629169b244f863f6627c7c3e063a238e2623ec11ea22fddea9052f9f29b56749ced238094607b78a6c529dc63639edc51f5ef60f9fa0903f2fb43cd6d7c9a9d48276ec467697d2044e5421b21f3ced735843098ea989ac306923aa7cf61c5a8fdb032fddb6abc95b0001b8f71f56af3562af090b848a06e332dbc4412b922a9c5d9ef87bfa1a0efc8c6a43117fa4006c0b9082511dac14298fc1e68126ee4a973b61ecf69a6984cec3eae84324ad697ef2585518347253ea7ea5702c1c1225a2e734be3344738ff3b6c131b2edeb1b10b7fdbac6a36f36309e5643c79f743f934a5ce919c61d95e6a6191e6cd342e5bebfc37c236088da3e1034064227719e13da633af87b1d3f74b35fb3f74b52f284f9f997cf2f54877214ea5a5b4010be6b2a779f06a37842a8c9c98db193690657f44ccee0cd1e3c3fbe122684f0d27ecbd66963ce30269254bbb782e5fcd485f8e669bd350dc7efbcbc533e9dc123eb5d24c70636a782dc303dc81d91cf40bd1a9d31262aae8aa91659c582bf8f5181aa0aea72047f11dcfe13e3475d2d34666a5fdc0e7451c0f33b8ee2796ab5d064dab97d204d300e0d5407603e8c319ad4d53ee65785235eaf5a374ec40672679a8c5df76d78fccb7e3abf81c41ca59481ede10d67b4d387bf6e97022274d06db98654283ea06e0d60669b36ee33b653fb7f81361a4d0253d93140ed952a913ecd950437dd890218158ba77dba87c668c73e3222ef08ac3f1556b2c319c206f0d2f40c7f05f57c8691345aeb8bfbd1227d22052396f0081b77b701fe18e372a6e268f701ff8ac9def702d904e91e97e5b4c5cf22df698d689cb497bf0bcf6fdf38e8894f1c012e70be5238389145d7e5b1128011d8f059a56086366c68474637898bedd63b6c3165151669f78cb8f97d16a00800f911a40f500cb34fba1f27d609e8e04b23850c24c54290af9599a6a344bc1dc20ccad6dc3e7778b1dd35a98c29afd86ec30d31ecbaaf5bf046e45c229cfd3c6603f20202afb01584c3f0afcf31de8cd98961cee2834cd9da14a218d0dac416d67a5b4c8237ef2782b7142100ea37e06e2cb5b687229c1c2831b9d7fbbcc0ee5a5012fb5503933117aad69aeb0bae72f156337b3c32cb18e37607ae21008af1c646a864b2b62f8b9db32a6f11b5c87eee3c5c0e9d021ed1206beb255864a22c74246012a31c0836e046119036f88e290a1b5a87cddc50144ab65722626431e2211e4b55b5e3d23c9394d2559650db8920177c689b4d2950c41efbb04d8e7ed7bcb6088a6ea4d328907b7c8a7749ed0a6cce2a3837640bc33635b6f3acceef529e81314cfbe08195ce4d57bc9200698423f9b44cb30d7b3f9543ac7566a7c7e1fe987198da021475deb0d635decca7e7ae6b8203df01c2945de2f124163990bb9a4edb22c11d112e5244c9737cab94423624aa695ad73e50660fe9aff6d5291d38f4501366e15aebe02ea321718719b85cd24cde7a90c315f5344f6b1bd9edbcd9a52aba3baacace3a57467467a755b32f66b4b5c419526679d1697e6b9036fe993c3fb0e7ce420c664afd2af3ee69d90afd2678282fc385f1680c7957742bb01812c7999c238e132e0dbd47f55670b1e7169bd1e7ea3dbec88e66f4d2b856ff1f102098e0534f2868a791a193b5867fd74780e682707ed712ae13623f3d180fe9d65c92d5ecfccbcf06a5952c95583f6ea0afa10b4e19b92714243c6ea4817b5c145259ac3a44e8a7dd8ae3fff2949e1c6bc9d7adf06c0c0197a9534c7ed5a7e1bf109254ecb5124e7c09c72eff1adcdf1f5bffe703adc1c3ebeb6db739c9574e00fb87a7d14ff02e9bb875d9a5ae97e046253cce163d4a32c48bc5be6fc480bb4ed54f8d2ba547d8e5e41e9cfa65c7453b740c3e8784a4e2dc70174f2bbe2b2d8ab336ecb440d51e8ef36969a271a52b4ef2c6d283ea6b3d2021f8e6b4dcc3291cf97c7bbb60db2fc702f88506e71c074b8d03cc683b718a35bbdf47804836f7907a4e881775db72f3fe77aa9a37453c7b1ebd9aff246f9354cde90635e1faa4385a23028aa75f1e233f4a5bcd66222b445d2a6f25014682262807fa5d777a5ebaf66584dd"}, 0x1001, 0x0) 04:34:46 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff}) getpeername$unix(r0, &(0x7f0000003c80), &(0x7f0000003dc0)=0x103) 04:34:46 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:34:46 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 35) 04:34:46 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 04:34:46 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r3) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3800000024000705000000400900000000000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000002c0005ec00000000000000000c600000", @ANYRES32=r4], 0x24}}, 0x0) 04:34:46 executing program 2: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000002340), 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0x80585414, 0x0) 04:34:46 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, 0x0) 04:34:46 executing program 2: getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000002340), 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0x80585414, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000002400), 0x2, 0x0) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) openat$pfkey(0xffffffffffffff9c, &(0x7f0000007900), 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000007980), 0xffffffffffffffff) 04:34:46 executing program 3: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000200)=ANY=[@ANYBLOB="0000000089000020"]) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2134.811376][T27965] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2134.888547][T27977] loop4: detected capacity change from 0 to 16 [ 2134.895594][T27977] erofs: (device loop4): mounted with root inode @ nid 36. [ 2134.951987][T27978] FAULT_INJECTION: forcing a failure. [ 2134.951987][T27978] name failslab, interval 1, probability 0, space 0, times 0 [ 2135.000258][T27978] CPU: 0 PID: 27978 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2135.010333][T27978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2135.020225][T27978] Call Trace: [ 2135.023353][T27978] [ 2135.026129][T27978] dump_stack_lvl+0x151/0x1b7 [ 2135.030642][T27978] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2135.035933][T27978] ? __kasan_check_read+0x11/0x20 [ 2135.040790][T27978] ? preempt_schedule_irq+0xef/0x140 [ 2135.045912][T27978] dump_stack+0x15/0x17 [ 2135.051293][T27978] should_fail+0x3c0/0x510 [ 2135.055546][T27978] __should_failslab+0x9f/0xe0 [ 2135.060148][T27978] should_failslab+0x9/0x20 [ 2135.064482][T27978] kmem_cache_alloc+0x4f/0x2f0 [ 2135.069085][T27978] ? skb_clone+0x1df/0x3d0 [ 2135.073337][T27978] skb_clone+0x1df/0x3d0 [ 2135.077416][T27978] netlink_broadcast_filtered+0x638/0x11b0 [ 2135.083067][T27978] netlink_broadcast+0x3a/0x50 [ 2135.087660][T27978] kobject_uevent_net_broadcast+0x3b1/0x5a0 [ 2135.093384][T27978] kobject_uevent_env+0x540/0x730 [ 2135.098337][T27978] disk_force_media_change+0x199/0x290 [ 2135.103626][T27978] ? bdev_check_media_change+0x4c0/0x4c0 [ 2135.109095][T27978] ? loop_set_status_from_info+0x5fd/0x7a0 [ 2135.114739][T27978] loop_configure+0x92f/0x1640 [ 2135.119339][T27978] ? finish_task_switch+0x173/0x710 [ 2135.124382][T27978] lo_ioctl+0x8cd/0x25e0 [ 2135.128451][T27978] ? compat_start_thread+0x20/0x20 [ 2135.133397][T27978] ? lo_release+0x200/0x200 [ 2135.137736][T27978] ? preempt_schedule_irq+0xef/0x140 [ 2135.142944][T27978] ? __cond_resched+0x20/0x20 [ 2135.147457][T27978] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 2135.152928][T27978] ? update_load_avg+0x415/0x8e0 [ 2135.157698][T27978] ? __kasan_check_write+0x14/0x20 [ 2135.162643][T27978] ? __switch_to+0x617/0x1170 [ 2135.167157][T27978] ? native_set_ldt+0x360/0x360 [ 2135.171843][T27978] ? compat_start_thread+0x20/0x20 [ 2135.176791][T27978] ? switch_mm_irqs_off+0x57f/0x860 [ 2135.181826][T27978] ? _raw_spin_unlock+0x4d/0x70 [ 2135.186510][T27978] ? finish_task_switch+0x173/0x710 [ 2135.191545][T27978] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 2135.197013][T27978] ? update_load_avg+0x415/0x8e0 [ 2135.201785][T27978] ? __kasan_check_write+0x14/0x20 [ 2135.206734][T27978] ? __switch_to+0x617/0x1170 [ 2135.211249][T27978] ? native_set_ldt+0x360/0x360 [ 2135.215933][T27978] ? compat_start_thread+0x20/0x20 [ 2135.220882][T27978] ? switch_mm_irqs_off+0x57f/0x860 [ 2135.225915][T27978] ? _raw_spin_unlock+0x4d/0x70 [ 2135.230601][T27978] ? finish_task_switch+0x173/0x710 [ 2135.235633][T27978] ? __schedule+0xaae/0x1010 [ 2135.240059][T27978] ? memcpy+0x56/0x70 [ 2135.243880][T27978] ? release_firmware_map_entry+0x193/0x193 [ 2135.249606][T27978] ? kasan_set_free_info+0x23/0x40 [ 2135.254553][T27978] ? ____kasan_slab_free+0x126/0x160 [ 2135.259673][T27978] ? __kasan_slab_free+0x11/0x20 [ 2135.264449][T27978] ? kmem_cache_free+0x11a/0x2e0 [ 2135.269221][T27978] ? putname+0x10b/0x160 [ 2135.273300][T27978] ? __kasan_check_read+0x11/0x20 [ 2135.278160][T27978] ? preempt_schedule_irq+0xef/0x140 [ 2135.283280][T27978] ? __cond_resched+0x20/0x20 [ 2135.287794][T27978] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2135.292397][T27978] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2135.297602][T27978] ? blkdev_bszset+0x240/0x240 [ 2135.302202][T27978] ? ioctl_has_perm+0x3df/0x560 [ 2135.306889][T27978] ? has_cap_mac_admin+0xb0/0xb0 [ 2135.311664][T27978] ? switch_mm_irqs_off+0x57f/0x860 [ 2135.316696][T27978] ? selinux_file_ioctl+0x3c9/0x530 [ 2135.321729][T27978] ? lo_release+0x200/0x200 [ 2135.326069][T27978] blkdev_ioctl+0x2e9/0x620 [ 2135.330408][T27978] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2135.335704][T27978] ? __fget_files+0x310/0x370 [ 2135.340222][T27978] block_ioctl+0xb0/0xf0 [ 2135.344294][T27978] ? blkdev_iopoll+0x100/0x100 [ 2135.348897][T27978] __se_sys_ioctl+0x115/0x190 [ 2135.353409][T27978] __x64_sys_ioctl+0x7b/0x90 [ 2135.357835][T27978] do_syscall_64+0x44/0xd0 [ 2135.362095][T27978] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2135.367817][T27978] RIP: 0033:0x7f2bac5faec7 [ 2135.372070][T27978] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2135.391517][T27978] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2135.399756][T27978] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2135.407567][T27978] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2135.415375][T27978] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2135.423187][T27978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2135.430997][T27978] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2135.438825][T27978] [ 2135.469710][T27978] loop5: detected capacity change from 0 to 16 [ 2135.476929][T27978] erofs: (device loop5): mounted with root inode @ nid 36. 04:34:51 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='hugeays,\x00']) (async) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async, rerun: 32) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (rerun: 32) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) 04:34:51 executing program 2: syz_genetlink_get_family_id$ethtool(&(0x7f0000007980), 0xffffffffffffffff) 04:34:51 executing program 3: getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000002340), 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0x80585414, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002400), 0x2, 0x0) write$FUSE_CREATE_OPEN(r1, 0x0, 0x0) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000006900)="e8d9") openat$pfkey(0xffffffffffffff9c, &(0x7f0000007900), 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000007980), 0xffffffffffffffff) 04:34:51 executing program 0: openat$pfkey(0xffffffffffffff9c, &(0x7f0000007900), 0x0, 0x0) 04:34:51 executing program 4: sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:34:51 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 36) 04:34:51 executing program 2: openat$pfkey(0xffffffffffffff9c, &(0x7f0000002340), 0x0, 0x0) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000006900)="e8d9") 04:34:51 executing program 0: mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) mlock2(&(0x7f0000f82000/0x2000)=nil, 0x2000, 0x0) mlock2(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0) 04:34:51 executing program 3: openat$pfkey(0xffffffffffffff9c, &(0x7f0000002340), 0x0, 0x0) 04:34:51 executing program 2: openat$pfkey(0xffffffffffffff9c, &(0x7f0000002340), 0x0, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000002400), 0x2, 0x0) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) syz_genetlink_get_family_id$ethtool(&(0x7f0000007980), 0xffffffffffffffff) 04:34:51 executing program 3: openat$pfkey(0xffffffffffffff9c, &(0x7f0000002340), 0x80000, 0x0) 04:34:51 executing program 2: syz_genetlink_get_family_id$net_dm(&(0x7f0000000240), 0xffffffffffffffff) mlock2(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x1) mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) mlock2(&(0x7f0000ff2000/0xe000)=nil, 0xe000, 0x0) [ 2140.062178][T28016] loop4: detected capacity change from 0 to 16 [ 2140.062375][T28017] FAULT_INJECTION: forcing a failure. [ 2140.062375][T28017] name failslab, interval 1, probability 0, space 0, times 0 [ 2140.091044][T28016] erofs: (device loop4): mounted with root inode @ nid 36. [ 2140.124895][T28017] CPU: 0 PID: 28017 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2140.135036][T28017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2140.144861][T28017] Call Trace: [ 2140.147984][T28017] [ 2140.150763][T28017] dump_stack_lvl+0x151/0x1b7 [ 2140.155279][T28017] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2140.160574][T28017] ? avc_denied+0x1b0/0x1b0 [ 2140.164908][T28017] ? __x64_sys_ioctl+0x7b/0x90 [ 2140.169511][T28017] dump_stack+0x15/0x17 [ 2140.173506][T28017] should_fail+0x3c0/0x510 [ 2140.177754][T28017] __should_failslab+0x9f/0xe0 [ 2140.182357][T28017] should_failslab+0x9/0x20 [ 2140.186703][T28017] kmem_cache_alloc+0x4f/0x2f0 [ 2140.191295][T28017] ? __kernfs_new_node+0xdb/0x6e0 [ 2140.196156][T28017] __kernfs_new_node+0xdb/0x6e0 [ 2140.201026][T28017] ? kernfs_new_node+0x170/0x170 [ 2140.205801][T28017] ? selinux_sb_statfs+0x1b4/0x250 [ 2140.210743][T28017] ? selinux_sb_show_options+0x600/0x600 [ 2140.216211][T28017] ? ____kasan_slab_free+0x131/0x160 [ 2140.221334][T28017] ? __kasan_slab_free+0x11/0x20 [ 2140.226111][T28017] ? shmem_statfs+0x221/0x2b0 [ 2140.230620][T28017] kernfs_create_dir_ns+0x9b/0x230 [ 2140.235566][T28017] internal_create_group+0x29d/0xf60 [ 2140.240684][T28017] ? get_super+0x1ee/0x210 [ 2140.244939][T28017] ? sysfs_create_group+0x30/0x30 [ 2140.249799][T28017] ? __kasan_check_write+0x14/0x20 [ 2140.254749][T28017] sysfs_create_group+0x1f/0x30 [ 2140.259437][T28017] loop_configure+0x1077/0x1640 [ 2140.264122][T28017] lo_ioctl+0x8cd/0x25e0 [ 2140.268204][T28017] ? is_bpf_text_address+0x1a2/0x1c0 [ 2140.273321][T28017] ? lo_release+0x200/0x200 [ 2140.277658][T28017] ? stack_trace_save+0x1f0/0x1f0 [ 2140.282518][T28017] ? __kernel_text_address+0x9a/0x110 [ 2140.287727][T28017] ? unwind_get_return_address+0x4c/0x90 [ 2140.293193][T28017] ? arch_stack_walk+0xf8/0x140 [ 2140.297881][T28017] ? avc_has_perm_noaudit+0x358/0x450 [ 2140.303089][T28017] ? memcpy+0x56/0x70 [ 2140.306908][T28017] ? memset+0x35/0x40 [ 2140.310725][T28017] ? fsnotify+0x5ad/0x2240 [ 2140.314981][T28017] ? __kasan_check_write+0x14/0x20 [ 2140.319925][T28017] ? _raw_spin_lock+0xa3/0x1b0 [ 2140.324540][T28017] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2140.329732][T28017] ? avc_has_perm_noaudit+0x358/0x450 [ 2140.334939][T28017] ? _raw_spin_unlock+0x4d/0x70 [ 2140.339628][T28017] ? find_inode_fast+0x459/0x480 [ 2140.344402][T28017] ? __kasan_check_write+0x14/0x20 [ 2140.349346][T28017] ? mutex_unlock+0xa2/0x110 [ 2140.353779][T28017] ? __mutex_lock_slowpath+0x10/0x10 [ 2140.358900][T28017] ? is_bpf_text_address+0x1a2/0x1c0 [ 2140.364017][T28017] ? stack_trace_save+0x1f0/0x1f0 [ 2140.368878][T28017] ? __kernel_text_address+0x9a/0x110 [ 2140.374083][T28017] ? unwind_get_return_address+0x4c/0x90 [ 2140.379552][T28017] ? arch_stack_walk+0xf8/0x140 [ 2140.384241][T28017] ? stack_trace_save+0x12d/0x1f0 [ 2140.389097][T28017] ? stack_trace_snprint+0x100/0x100 [ 2140.394216][T28017] ? avc_has_extended_perms+0x718/0x1210 [ 2140.399684][T28017] ? memcpy+0x56/0x70 [ 2140.403505][T28017] ? avc_has_extended_perms+0xb9c/0x1210 [ 2140.408972][T28017] ? kasan_set_track+0x4c/0x70 [ 2140.413571][T28017] ? kasan_set_free_info+0x23/0x40 [ 2140.418521][T28017] ? ____kasan_slab_free+0x126/0x160 [ 2140.423638][T28017] ? __kasan_slab_free+0x11/0x20 [ 2140.428411][T28017] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2140.433792][T28017] ? kmem_cache_free+0x11a/0x2e0 [ 2140.438567][T28017] ? putname+0x10b/0x160 [ 2140.442648][T28017] ? avc_flush+0x2b0/0x2b0 [ 2140.446900][T28017] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2140.451504][T28017] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2140.456707][T28017] ? kasan_quarantine_put+0x34/0x1b0 [ 2140.461829][T28017] ? blkdev_bszset+0x240/0x240 [ 2140.466427][T28017] ? ioctl_has_perm+0x3df/0x560 [ 2140.471116][T28017] ? has_cap_mac_admin+0xb0/0xb0 [ 2140.475887][T28017] ? kmem_cache_free+0x11a/0x2e0 [ 2140.480661][T28017] ? putname+0x10b/0x160 [ 2140.484738][T28017] ? selinux_file_ioctl+0x3c9/0x530 [ 2140.489785][T28017] ? lo_release+0x200/0x200 [ 2140.494806][T28017] blkdev_ioctl+0x2e9/0x620 [ 2140.499309][T28017] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2140.504616][T28017] ? __fget_files+0x310/0x370 [ 2140.509133][T28017] block_ioctl+0xb0/0xf0 [ 2140.513207][T28017] ? blkdev_iopoll+0x100/0x100 [ 2140.517808][T28017] __se_sys_ioctl+0x115/0x190 [ 2140.522320][T28017] __x64_sys_ioctl+0x7b/0x90 [ 2140.526754][T28017] do_syscall_64+0x44/0xd0 [ 2140.531001][T28017] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2140.536731][T28017] RIP: 0033:0x7f2bac5faec7 [ 2140.540982][T28017] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2140.560424][T28017] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2140.568669][T28017] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2140.576475][T28017] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2140.584289][T28017] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2140.592098][T28017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2140.600169][T28017] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2140.607989][T28017] [ 2140.616124][T28017] loop5: detected capacity change from 0 to 16 [ 2140.623766][T28017] erofs: (device loop5): mounted with root inode @ nid 36. [ 2144.092794][T28023] tmpfs: Unknown parameter 'hugeays' 04:34:56 executing program 2: syz_clone(0x40223000, 0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f00000000c0)) 04:34:56 executing program 3: setxattr(&(0x7f00000000c0)='.\x00', 0x0, 0x0, 0x0, 0x0) 04:34:56 executing program 0: socketpair(0x1e, 0x2, 0x0, &(0x7f00000002c0)) 04:34:56 executing program 4: sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:34:56 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='huge=\t\x00\x00\x00\x00\x00\x00\x00']) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) chdir(&(0x7f0000000140)='./file0\x00') creat(&(0x7f0000000000)='./file0\x00', 0x20) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x20c92, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './file0'}}], [{@fsmagic={'fsmagic', 0x3d, 0x3}}, {@fowner_gt={'fowner>', 0xee01}}, {@euid_eq={'euid', 0x3d, 0xee01}}, {@dont_hash}, {@obj_user={'obj_user', 0x3d, 'blkio.bfq.io_service_bytes_recursive\x00'}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@audit}, {@subj_role={'subj_role', 0x3d, 'blkio.bfq.io_service_bytes_recursive\x00'}}, {@fowner_eq}]}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) 04:34:56 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 37) 04:34:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000180)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4400ae8f, &(0x7f0000000180)=ANY=[]) 04:34:56 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f00000000c0)={0x1, 0x0, [{0x80000001}]}) 04:34:56 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0) ioctl$EVIOCGKEYCODE_V2(r0, 0x40044591, 0x0) ioctl$EVIOCGNAME(r0, 0x80404506, 0x0) [ 2145.166625][T28038] tmpfs: Bad value for 'huge' 04:34:56 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0) ioctl$EVIOCGNAME(r0, 0x80104592, &(0x7f0000000000)=""/201) 04:34:56 executing program 3: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) getpeername$unix(r0, 0x0, 0x0) 04:34:56 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000600)={'ip6gre0\x00', 0x0}) 04:34:56 executing program 2: syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x441, &(0x7f00000008c0)="$eJzs3U9rXFUfB/DvTCbpX57keXjqn2o1WrXRatKkWl2I0J1I0YUu3A5NWotpKk0EWwpW8CXYF6C49RW4ETe60ZW4VdGFFIq0WQiCjNzJTDJtZ/LPxCuZzwfu5Nx77sw59x5+9849czgJ0LdGi5dKsj/Jd0mGl1Zv32F06c/izSuni6WSRuP13yqpv5/cunnldHvX9vv2FS/VZKyaVD+s5IEu5c5fuvx2fXZ25mKSq0kmFs6/MzF/6fIz587Xz86cnZmbPD554sTzz70wNbklx1lN8vK3i798Unt17tNrt+Z+f2lqb1Hf/a38zuPYKqMZvf1cdnhiqwsr2YGOdKVWYkXYkIEkRXMNNuN/OANZabzhfPVjqZUDtlWjsKtLRvPG1Rju2AvYcSqiG/pU+3ZfPP+2l3/u2wdlu3Fy6QHwVqtvZ3G5/WvNPpPRkaVnwwPbVP5okjdPvXaoWLJN/TAAAAAA/eyLk0me7tb/V809HfsV6XuT3Jfk/iQHk+a4ngeTHEryUJKH2+OJNuDO/e/u/6le39SBsS43TiYvdoztWuxo/5aRgawM7hrJYOXMudmZY0n+k2Qsg7uK9dVGaZ1/q/5Nr7zO/r9iKcpv9wW26nG9dsfv09P1hfpmj5fb3fggOVjr1v6V5ZFARdM/kuTRzRUxlOT7Xplrtz/bqfFxcqQj/nd3tH9bZfXxmRPN68FE+6pwt6+vnfisV/nav1xF/O/tev1fbv+RSud43fmNl/Hl/3/6oVfeZq//Q5U3mhUcam17r76wcHEyGaqcunv71MbrvFO1z0f7fBXtP3a4+/3/f633FCf0cJLHkjzeGrt8pHnvT55M8lSSo6uUefXsz3/2yhP/5Sraf3pD8b+xRK/x723ri/9nmx8z1tri+9/a1ttAZdcTAAAAAAAAgK1Rbc6BV6mOL6er1fHxlV//Zy/MLxw9c+HduemlufJ2t7Yfa80V2B4POtlMr7xvqrXezj+e5L9JPhrY01wfP31hdrqkYwaW7OsR/4VfB8quHbDtzNcK/Uv8Q/8S/9C/xD/0L/EP/Uv8Q/8S/9C/xD/0r1peKbsKQEma9/9u/wQU2Mk2O69fKYnBv/05e1L+UUhsd2Lij0bjX1CNMhKfr7lPbZ2zQ65+3VhrXk8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAneKvAAAA//8vO7uk") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r0, 0x0, 0x0) getdents64(r0, &(0x7f00000000c0)=""/254, 0xfe) 04:34:56 executing program 3: syz_clone(0x8001000, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) 04:34:56 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x6940, 0x0) lsetxattr$security_capability(&(0x7f0000000480)='./file1\x00', &(0x7f00000004c0), &(0x7f0000000500)=@v3, 0x18, 0x0) [ 2145.256126][T28054] FAULT_INJECTION: forcing a failure. [ 2145.256126][T28054] name failslab, interval 1, probability 0, space 0, times 0 [ 2145.270537][T28056] loop4: detected capacity change from 0 to 16 [ 2145.326942][T28054] CPU: 0 PID: 28054 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2145.328472][T28056] erofs: (device loop4): mounted with root inode @ nid 36. [ 2145.337006][T28054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2145.337022][T28054] Call Trace: [ 2145.337028][T28054] [ 2145.337035][T28054] dump_stack_lvl+0x151/0x1b7 [ 2145.364346][T28054] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2145.369639][T28054] ? __kasan_check_write+0x14/0x20 [ 2145.374585][T28054] dump_stack+0x15/0x17 [ 2145.378577][T28054] should_fail+0x3c0/0x510 [ 2145.382829][T28054] __should_failslab+0x9f/0xe0 [ 2145.387429][T28054] should_failslab+0x9/0x20 [ 2145.391768][T28054] kmem_cache_alloc+0x4f/0x2f0 [ 2145.396369][T28054] ? __kernfs_new_node+0xdb/0x6e0 [ 2145.401230][T28054] __kernfs_new_node+0xdb/0x6e0 [ 2145.405918][T28054] ? kernfs_new_node+0x170/0x170 [ 2145.410691][T28054] ? __kasan_check_write+0x14/0x20 [ 2145.415635][T28054] ? down_write+0xdd/0x140 [ 2145.419888][T28054] ? down_read_killable+0x250/0x250 [ 2145.424924][T28054] ? __kasan_check_write+0x14/0x20 [ 2145.429873][T28054] ? up_write+0x56/0x120 [ 2145.433950][T28054] kernfs_new_node+0x97/0x170 [ 2145.438464][T28054] __kernfs_create_file+0x4a/0x270 [ 2145.443411][T28054] sysfs_add_file_mode_ns+0x273/0x320 [ 2145.448617][T28054] internal_create_group+0x55e/0xf60 [ 2145.453738][T28054] ? get_super+0x1ee/0x210 [ 2145.457992][T28054] ? sysfs_create_group+0x30/0x30 [ 2145.462852][T28054] ? __kasan_check_write+0x14/0x20 [ 2145.467797][T28054] sysfs_create_group+0x1f/0x30 [ 2145.472486][T28054] loop_configure+0x1077/0x1640 [ 2145.477176][T28054] lo_ioctl+0x8cd/0x25e0 [ 2145.481251][T28054] ? is_bpf_text_address+0x1a2/0x1c0 [ 2145.486382][T28054] ? lo_release+0x200/0x200 [ 2145.490970][T28054] ? stack_trace_save+0x1f0/0x1f0 [ 2145.495832][T28054] ? __kernel_text_address+0x9a/0x110 [ 2145.501042][T28054] ? unwind_get_return_address+0x4c/0x90 [ 2145.506507][T28054] ? arch_stack_walk+0xf8/0x140 [ 2145.511192][T28054] ? avc_has_perm_noaudit+0x358/0x450 [ 2145.516400][T28054] ? memcpy+0x56/0x70 [ 2145.520219][T28054] ? memset+0x35/0x40 [ 2145.524040][T28054] ? fsnotify+0x5ad/0x2240 [ 2145.528377][T28054] ? __kasan_check_write+0x14/0x20 [ 2145.533324][T28054] ? _raw_spin_lock+0xa3/0x1b0 [ 2145.537924][T28054] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2145.543132][T28054] ? avc_has_perm_noaudit+0x358/0x450 [ 2145.548338][T28054] ? _raw_spin_unlock+0x4d/0x70 [ 2145.553023][T28054] ? find_inode_fast+0x459/0x480 [ 2145.557799][T28054] ? __kasan_check_write+0x14/0x20 [ 2145.562747][T28054] ? mutex_unlock+0xa2/0x110 [ 2145.567183][T28054] ? __mutex_lock_slowpath+0x10/0x10 [ 2145.572297][T28054] ? is_bpf_text_address+0x1a2/0x1c0 [ 2145.577416][T28054] ? stack_trace_save+0x1f0/0x1f0 [ 2145.582275][T28054] ? __kernel_text_address+0x9a/0x110 [ 2145.587484][T28054] ? unwind_get_return_address+0x4c/0x90 [ 2145.592949][T28054] ? arch_stack_walk+0xf8/0x140 [ 2145.597649][T28054] ? stack_trace_save+0x12d/0x1f0 [ 2145.602494][T28054] ? stack_trace_snprint+0x100/0x100 [ 2145.607616][T28054] ? avc_has_extended_perms+0x718/0x1210 [ 2145.613087][T28054] ? memcpy+0x56/0x70 [ 2145.616904][T28054] ? avc_has_extended_perms+0xb9c/0x1210 [ 2145.622369][T28054] ? kasan_set_track+0x4c/0x70 [ 2145.626970][T28054] ? kasan_set_free_info+0x23/0x40 [ 2145.631917][T28054] ? ____kasan_slab_free+0x126/0x160 [ 2145.637037][T28054] ? __kasan_slab_free+0x11/0x20 [ 2145.641808][T28054] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2145.647192][T28054] ? kmem_cache_free+0x11a/0x2e0 [ 2145.651964][T28054] ? putname+0x10b/0x160 [ 2145.656045][T28054] ? avc_flush+0x2b0/0x2b0 [ 2145.660298][T28054] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2145.664902][T28054] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2145.670109][T28054] ? kasan_quarantine_put+0x34/0x1b0 [ 2145.675226][T28054] ? blkdev_bszset+0x240/0x240 [ 2145.679826][T28054] ? ioctl_has_perm+0x3df/0x560 [ 2145.684515][T28054] ? has_cap_mac_admin+0xb0/0xb0 [ 2145.689287][T28054] ? kmem_cache_free+0x11a/0x2e0 [ 2145.694058][T28054] ? putname+0x10b/0x160 [ 2145.698145][T28054] ? selinux_file_ioctl+0x3c9/0x530 [ 2145.703179][T28054] ? lo_release+0x200/0x200 [ 2145.707513][T28054] blkdev_ioctl+0x2e9/0x620 [ 2145.711851][T28054] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2145.717147][T28054] ? __fget_files+0x310/0x370 [ 2145.721660][T28054] block_ioctl+0xb0/0xf0 [ 2145.725750][T28054] ? blkdev_iopoll+0x100/0x100 [ 2145.730339][T28054] __se_sys_ioctl+0x115/0x190 [ 2145.734856][T28054] __x64_sys_ioctl+0x7b/0x90 [ 2145.739276][T28054] do_syscall_64+0x44/0xd0 [ 2145.743534][T28054] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2145.749258][T28054] RIP: 0033:0x7f2bac5faec7 [ 2145.753511][T28054] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2145.775657][T28054] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2145.784061][T28054] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2145.791872][T28054] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2145.799682][T28054] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2145.807493][T28054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2145.815308][T28054] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2145.823121][T28054] [ 2145.863067][T28054] loop5: detected capacity change from 0 to 16 [ 2145.877912][T28054] erofs: (device loop5): mounted with root inode @ nid 36. 04:34:57 executing program 4: sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) [ 2146.248330][T28071] loop4: detected capacity change from 0 to 16 [ 2146.259355][T28071] erofs: (device loop4): mounted with root inode @ nid 36. 04:34:58 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='huge=\t\x00\x00\x00\x00\x00\x00\x00']) (async) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) (async, rerun: 64) chdir(&(0x7f0000000140)='./file0\x00') (rerun: 64) creat(&(0x7f0000000000)='./file0\x00', 0x20) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x20c92, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './file0'}}], [{@fsmagic={'fsmagic', 0x3d, 0x3}}, {@fowner_gt={'fowner>', 0xee01}}, {@euid_eq={'euid', 0x3d, 0xee01}}, {@dont_hash}, {@obj_user={'obj_user', 0x3d, 'blkio.bfq.io_service_bytes_recursive\x00'}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@audit}, {@subj_role={'subj_role', 0x3d, 'blkio.bfq.io_service_bytes_recursive\x00'}}, {@fowner_eq}]}) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (async, rerun: 32) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (rerun: 32) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) 04:34:58 executing program 2: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x18}}, &(0x7f0000000180)='syzkaller\x00', 0x3, 0xc4, &(0x7f00000001c0)=""/196, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:34:58 executing program 0: openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0xa8040, 0x0) 04:34:58 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001480)=ANY=[@ANYBLOB="620af8ff0cac0021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e285f53c185dc147a6eace8eac9a007acec49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080002002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdc709041f510bbce4dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602c985430cea0162ab1b0b4507c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0f8a1ae6dc64ea97c0af60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431c12fd134a996382a1a04dd286b44c22b0abe518d645ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77a0600eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f5b87b0131394e99fcf24dd484900f620034bc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870cefd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37fea7316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb4229cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cbbf66f5c51514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868a7c4294859323e7a45319f18101288d139bd3da20fed05a8fe64680b283fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf46182e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12e83c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf13fb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003bfe8095e02985f28e678f66422436f949e2a2f1f54e0e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df871cbc9bf3194fef97dcecc467ace45eeeb685c5870d05f88a077442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb0000000045a5067985ee6fa5184963f079ec946dcbaf4bf850d65c387861a0bfde3ef5c512e7dd66ff8a4523d3c90f3911ecde6ebe62c5708938b3103479f202d4fc93d9853b4c1d8f0f2e9393134303d9f1ff8882c4efd54646f6173bba44b22fb4384d642a5f6fcc77f6508c3bcf857abea24a86666e9ffb2d6c2c4863af22a7fded2a2578e1adc6e1365aec06db73f1aa69b79ff6043bbe3a2f39c598c4f098a2321f127aabd41144b9a1fd46e6d718aa366be072d38ecbc346142128e300ce79595ce172259b389a4e3f241702c8edd5f1890e402125049a8fdd4ba8d16719b0a54fa9497be92cee3a0124c1716a457b7def1578d00fd15e77741bf3689277c11ceb74ebfa897cdec94e87efc36d52235a5588ae48f8a35b6d2ba8ea7ed359836db37edac5f4379e0427b5de0000000000230ebb8de4b8b5dc926e768a624ae653178de2254009c72dd9f8badc81d4e1e15fc8a9344de2a00810c8a275d865acd1d7476c01440cf57bdf0238ac4b933bf36e873c6647a051871bf011ccd6e0ddb13a840fcc881c9d06dd603bcab1ebdaa598a8af69006de897c9500b53539edd515e25a7a2a308f44e6df464331cfe1d2cad852ef49a2dc7eb94c38ebf885790691f66ce3f7282799aa9095d29a5e1ae39e999cae28d1f071b2377795b378b0ca103c5a17be30473b9c8a8bd83e678e11cd290009304927e7b87fd400daf02aab6cdbd0ab3d64e305885e9517d3d003e5b2180156021d5ffbc33160ce505c68b1d18e9cb5a14ef924574053693d9df23314503a5fe75fde9f9097d9b5d77a9f4aa35300f97241356d4ab78d971313af11d79ce7c583b07e864380ca2161d7d99d8027ca0afc92cf8fd146730f5ee785ca5d4e6604851ddf1b363dca71bb58026e17d4876129ef7c34b09a15b4d39c590eb953343"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000800)={0xffffffff, {{0xa, 0x0, 0x0, @mcast2}}}, 0x90) 04:34:58 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 38) 04:34:58 executing program 4: prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:34:58 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x11}, 0x48) 04:34:58 executing program 0: r0 = socket$inet(0x2, 0xa, 0x3) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @broadcast}, 0x10) 04:34:58 executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000180)='syzkaller\x00', 0x3, 0xc4, &(0x7f00000001c0)=""/196, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:34:58 executing program 2: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x15, 0x3, &(0x7f0000000140)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:34:58 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x14, 0x0, 0x4}, 0x48) 04:34:58 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0) ioctl$EVIOCGKEYCODE_V2(r0, 0x8028450c, 0x0) [ 2147.342123][T28098] FAULT_INJECTION: forcing a failure. [ 2147.342123][T28098] name failslab, interval 1, probability 0, space 0, times 0 [ 2147.354573][T28098] CPU: 1 PID: 28098 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2147.364609][T28098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2147.374497][T28098] Call Trace: [ 2147.377631][T28098] [ 2147.380399][T28098] dump_stack_lvl+0x151/0x1b7 [ 2147.384917][T28098] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2147.390205][T28098] dump_stack+0x15/0x17 [ 2147.394198][T28098] should_fail+0x3c0/0x510 [ 2147.398449][T28098] __should_failslab+0x9f/0xe0 [ 2147.403122][T28098] should_failslab+0x9/0x20 [ 2147.407476][T28098] kmem_cache_alloc+0x4f/0x2f0 [ 2147.412076][T28098] ? radix_tree_node_alloc+0x194/0x3c0 [ 2147.417368][T28098] radix_tree_node_alloc+0x194/0x3c0 [ 2147.422491][T28098] ? kernfs_new_node+0x97/0x170 [ 2147.427175][T28098] ? __kernfs_create_file+0x4a/0x270 [ 2147.432295][T28098] ? sysfs_add_file_mode_ns+0x273/0x320 [ 2147.437678][T28098] ? sysfs_create_group+0x1f/0x30 [ 2147.442548][T28098] idr_get_free+0x2fb/0xb00 [ 2147.446883][T28098] idr_alloc_cyclic+0x1ef/0x5d0 [ 2147.451653][T28098] ? idr_alloc+0x2f0/0x2f0 [ 2147.455903][T28098] ? __kasan_check_write+0x14/0x20 [ 2147.460847][T28098] ? _raw_spin_lock+0xa3/0x1b0 [ 2147.465458][T28098] ? __radix_tree_preload+0x361/0x3e0 [ 2147.470653][T28098] ? kmem_cache_alloc+0x1c1/0x2f0 [ 2147.475514][T28098] __kernfs_new_node+0x124/0x6e0 [ 2147.480290][T28098] ? kernfs_new_node+0x170/0x170 [ 2147.485067][T28098] ? __kasan_check_write+0x14/0x20 [ 2147.490009][T28098] ? down_write+0xdd/0x140 [ 2147.494263][T28098] ? down_read_killable+0x250/0x250 [ 2147.499303][T28098] ? __kasan_check_write+0x14/0x20 [ 2147.505632][T28098] ? up_write+0x56/0x120 [ 2147.509710][T28098] kernfs_new_node+0x97/0x170 [ 2147.514225][T28098] __kernfs_create_file+0x4a/0x270 [ 2147.519169][T28098] sysfs_add_file_mode_ns+0x273/0x320 [ 2147.524377][T28098] internal_create_group+0x55e/0xf60 [ 2147.529500][T28098] ? get_super+0x1ee/0x210 [ 2147.533750][T28098] ? sysfs_create_group+0x30/0x30 [ 2147.538614][T28098] ? __kasan_check_write+0x14/0x20 [ 2147.543561][T28098] sysfs_create_group+0x1f/0x30 [ 2147.548244][T28098] loop_configure+0x1077/0x1640 [ 2147.552936][T28098] lo_ioctl+0x8cd/0x25e0 [ 2147.557012][T28098] ? is_bpf_text_address+0x1a2/0x1c0 [ 2147.562133][T28098] ? lo_release+0x200/0x200 [ 2147.566471][T28098] ? stack_trace_save+0x1f0/0x1f0 [ 2147.571330][T28098] ? __kernel_text_address+0x9a/0x110 [ 2147.576538][T28098] ? unwind_get_return_address+0x4c/0x90 [ 2147.582007][T28098] ? arch_stack_walk+0xf8/0x140 [ 2147.586692][T28098] ? avc_has_perm_noaudit+0x358/0x450 [ 2147.592072][T28098] ? memcpy+0x56/0x70 [ 2147.595893][T28098] ? memset+0x35/0x40 [ 2147.599714][T28098] ? fsnotify+0x5ad/0x2240 [ 2147.603965][T28098] ? __kasan_check_write+0x14/0x20 [ 2147.608911][T28098] ? _raw_spin_lock+0xa3/0x1b0 [ 2147.613516][T28098] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2147.618719][T28098] ? avc_has_perm_noaudit+0x358/0x450 [ 2147.623926][T28098] ? _raw_spin_unlock+0x4d/0x70 [ 2147.628618][T28098] ? find_inode_fast+0x459/0x480 [ 2147.633389][T28098] ? __kasan_check_write+0x14/0x20 [ 2147.638334][T28098] ? mutex_unlock+0xa2/0x110 [ 2147.642762][T28098] ? __mutex_lock_slowpath+0x10/0x10 [ 2147.647885][T28098] ? is_bpf_text_address+0x1a2/0x1c0 [ 2147.653017][T28098] ? stack_trace_save+0x1f0/0x1f0 [ 2147.657859][T28098] ? __kernel_text_address+0x9a/0x110 [ 2147.663069][T28098] ? unwind_get_return_address+0x4c/0x90 [ 2147.668539][T28098] ? arch_stack_walk+0xf8/0x140 [ 2147.673223][T28098] ? stack_trace_save+0x12d/0x1f0 [ 2147.678084][T28098] ? stack_trace_snprint+0x100/0x100 [ 2147.683205][T28098] ? avc_has_extended_perms+0x718/0x1210 [ 2147.688671][T28098] ? memcpy+0x56/0x70 [ 2147.692490][T28098] ? avc_has_extended_perms+0xb9c/0x1210 [ 2147.697957][T28098] ? kasan_set_track+0x4c/0x70 [ 2147.702559][T28098] ? kasan_set_free_info+0x23/0x40 [ 2147.707504][T28098] ? ____kasan_slab_free+0x126/0x160 [ 2147.712627][T28098] ? __kasan_slab_free+0x11/0x20 [ 2147.717398][T28098] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2147.724172][T28098] ? kmem_cache_free+0x11a/0x2e0 [ 2147.728944][T28098] ? putname+0x10b/0x160 [ 2147.733023][T28098] ? avc_flush+0x2b0/0x2b0 [ 2147.737274][T28098] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2147.741877][T28098] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2147.747081][T28098] ? kasan_quarantine_put+0x34/0x1b0 [ 2147.752201][T28098] ? blkdev_bszset+0x240/0x240 [ 2147.756802][T28098] ? ioctl_has_perm+0x3df/0x560 [ 2147.761497][T28098] ? has_cap_mac_admin+0xb0/0xb0 [ 2147.766266][T28098] ? kmem_cache_free+0x11a/0x2e0 [ 2147.771046][T28098] ? putname+0x10b/0x160 [ 2147.775113][T28098] ? selinux_file_ioctl+0x3c9/0x530 [ 2147.780148][T28098] ? lo_release+0x200/0x200 [ 2147.784494][T28098] blkdev_ioctl+0x2e9/0x620 [ 2147.788827][T28098] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2147.794121][T28098] ? __fget_files+0x310/0x370 [ 2147.798636][T28098] block_ioctl+0xb0/0xf0 [ 2147.802722][T28098] ? blkdev_iopoll+0x100/0x100 [ 2147.807312][T28098] __se_sys_ioctl+0x115/0x190 [ 2147.811861][T28098] __x64_sys_ioctl+0x7b/0x90 [ 2147.816253][T28098] do_syscall_64+0x44/0xd0 [ 2147.820625][T28098] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2147.826343][T28098] RIP: 0033:0x7f2bac5faec7 [ 2147.830596][T28098] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2147.850033][T28098] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2147.858366][T28098] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2147.866181][T28098] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2147.873997][T28098] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2147.881809][T28098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2147.889612][T28098] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2147.897426][T28098] [ 2147.900836][T28101] loop4: detected capacity change from 0 to 16 [ 2147.914981][T28101] erofs: (device loop4): mounted with root inode @ nid 36. [ 2147.946360][T28098] loop5: detected capacity change from 0 to 16 [ 2147.953524][T28098] erofs: (device loop5): mounted with root inode @ nid 36. 04:35:02 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='huge=\t\x00\x00\x00\x00\x00\x00\x00']) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) chdir(&(0x7f0000000140)='./file0\x00') creat(&(0x7f0000000000)='./file0\x00', 0x20) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x20c92, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './file0'}}], [{@fsmagic={'fsmagic', 0x3d, 0x3}}, {@fowner_gt={'fowner>', 0xee01}}, {@euid_eq={'euid', 0x3d, 0xee01}}, {@dont_hash}, {@obj_user={'obj_user', 0x3d, 'blkio.bfq.io_service_bytes_recursive\x00'}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@audit}, {@subj_role={'subj_role', 0x3d, 'blkio.bfq.io_service_bytes_recursive\x00'}}, {@fowner_eq}]}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='huge=\t\x00\x00\x00\x00\x00\x00\x00']) (async) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) creat(&(0x7f0000000000)='./file0\x00', 0x20) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x20c92, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './file0'}}], [{@fsmagic={'fsmagic', 0x3d, 0x3}}, {@fowner_gt={'fowner>', 0xee01}}, {@euid_eq={'euid', 0x3d, 0xee01}}, {@dont_hash}, {@obj_user={'obj_user', 0x3d, 'blkio.bfq.io_service_bytes_recursive\x00'}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@audit}, {@subj_role={'subj_role', 0x3d, 'blkio.bfq.io_service_bytes_recursive\x00'}}, {@fowner_eq}]}) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) (async) 04:35:02 executing program 2: syz_clone3(&(0x7f0000000240)={0x40000800, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 04:35:02 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_udp_int(r0, 0x11, 0x65, 0x0, &(0x7f0000000500)) 04:35:02 executing program 0: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x4, &(0x7f0000000140)=@framed={{}, [@generic={0x25, 0x0, 0x2}]}, &(0x7f0000000180)='syzkaller\x00', 0x3, 0xc4, &(0x7f00000001c0)=""/196, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:35:02 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 39) 04:35:02 executing program 4: prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:35:02 executing program 2: io_setup(0x7, &(0x7f0000000180)=0x0) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f00000001c0), 0x842, 0x0) io_submit(r0, 0x2, &(0x7f0000002840)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, r1, 0x0, 0xffffffcc}, 0x0]) 04:35:02 executing program 0: execveat(0xffffffffffffffff, &(0x7f0000001140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0) 04:35:02 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)) read$FUSE(r0, &(0x7f0000000680)={0x2020}, 0x2020) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r2, 0x1, &(0x7f00000004c0)={{}, {0x0, 0x3938700}}, 0x0) vmsplice(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)='x', 0x7ffff000}], 0x1, 0x0) 04:35:02 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89b1, &(0x7f00000000c0)={'syztnl2\x00', 0x0}) 04:35:02 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x14, 0x0, 0x8, 0xe48}, 0x48) [ 2151.399509][T28121] tmpfs: Bad value for 'huge' 04:35:02 executing program 0: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x4, &(0x7f0000000140)=@framed={{}, [@generic={0x48}]}, &(0x7f0000000180)='syzkaller\x00', 0x3, 0xc4, &(0x7f00000001c0)=""/196, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) [ 2151.499274][T28139] loop4: detected capacity change from 0 to 16 [ 2151.511873][T28137] FAULT_INJECTION: forcing a failure. [ 2151.511873][T28137] name failslab, interval 1, probability 0, space 0, times 0 [ 2151.526756][T28139] erofs: (device loop4): mounted with root inode @ nid 36. [ 2151.574893][T28137] CPU: 1 PID: 28137 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2151.585142][T28137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2151.595031][T28137] Call Trace: [ 2151.598153][T28137] [ 2151.600932][T28137] dump_stack_lvl+0x151/0x1b7 [ 2151.605444][T28137] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2151.610738][T28137] ? selinux_kernfs_init_security+0x1a8/0x760 [ 2151.616653][T28137] dump_stack+0x15/0x17 [ 2151.620808][T28137] should_fail+0x3c0/0x510 [ 2151.625061][T28137] __should_failslab+0x9f/0xe0 [ 2151.629662][T28137] should_failslab+0x9/0x20 [ 2151.634005][T28137] kmem_cache_alloc+0x4f/0x2f0 [ 2151.638596][T28137] ? __kernfs_new_node+0xdb/0x6e0 [ 2151.643457][T28137] __kernfs_new_node+0xdb/0x6e0 [ 2151.648162][T28137] ? down_read_killable+0x250/0x250 [ 2151.653178][T28137] ? kernfs_new_node+0x170/0x170 [ 2151.657949][T28137] ? __kasan_check_write+0x14/0x20 [ 2151.662898][T28137] ? up_write+0x56/0x120 [ 2151.666978][T28137] ? kernfs_activate+0x409/0x420 [ 2151.671750][T28137] kernfs_new_node+0x97/0x170 [ 2151.676266][T28137] __kernfs_create_file+0x4a/0x270 [ 2151.681477][T28137] sysfs_add_file_mode_ns+0x273/0x320 [ 2151.686681][T28137] internal_create_group+0x55e/0xf60 [ 2151.691802][T28137] ? get_super+0x1ee/0x210 [ 2151.696065][T28137] ? sysfs_create_group+0x30/0x30 [ 2151.700910][T28137] ? __kasan_check_write+0x14/0x20 [ 2151.705859][T28137] sysfs_create_group+0x1f/0x30 [ 2151.710545][T28137] loop_configure+0x1077/0x1640 [ 2151.715239][T28137] lo_ioctl+0x8cd/0x25e0 [ 2151.719316][T28137] ? is_bpf_text_address+0x1a2/0x1c0 [ 2151.724429][T28137] ? lo_release+0x200/0x200 [ 2151.728771][T28137] ? stack_trace_save+0x1f0/0x1f0 [ 2151.733640][T28137] ? __kernel_text_address+0x9a/0x110 [ 2151.738840][T28137] ? unwind_get_return_address+0x4c/0x90 [ 2151.744308][T28137] ? arch_stack_walk+0xf8/0x140 [ 2151.748992][T28137] ? avc_has_perm_noaudit+0x358/0x450 [ 2151.754461][T28137] ? memcpy+0x56/0x70 [ 2151.758281][T28137] ? memset+0x35/0x40 [ 2151.762099][T28137] ? fsnotify+0x5ad/0x2240 [ 2151.766354][T28137] ? __kasan_check_write+0x14/0x20 [ 2151.771298][T28137] ? _raw_spin_lock+0xa3/0x1b0 [ 2151.775900][T28137] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2151.781109][T28137] ? avc_has_perm_noaudit+0x358/0x450 [ 2151.786314][T28137] ? _raw_spin_unlock+0x4d/0x70 [ 2151.791007][T28137] ? find_inode_fast+0x459/0x480 [ 2151.795778][T28137] ? __kasan_check_write+0x14/0x20 [ 2151.800724][T28137] ? mutex_unlock+0xa2/0x110 [ 2151.805148][T28137] ? __mutex_lock_slowpath+0x10/0x10 [ 2151.810685][T28137] ? is_bpf_text_address+0x1a2/0x1c0 [ 2151.816148][T28137] ? stack_trace_save+0x1f0/0x1f0 [ 2151.821008][T28137] ? __kernel_text_address+0x9a/0x110 [ 2151.826213][T28137] ? unwind_get_return_address+0x4c/0x90 [ 2151.831685][T28137] ? arch_stack_walk+0xf8/0x140 [ 2151.836371][T28137] ? stack_trace_save+0x12d/0x1f0 [ 2151.841237][T28137] ? stack_trace_snprint+0x100/0x100 [ 2151.846352][T28137] ? avc_has_extended_perms+0x718/0x1210 [ 2151.851819][T28137] ? memcpy+0x56/0x70 [ 2151.855640][T28137] ? avc_has_extended_perms+0xb9c/0x1210 [ 2151.861106][T28137] ? kasan_set_track+0x4c/0x70 [ 2151.865703][T28137] ? kasan_set_free_info+0x23/0x40 [ 2151.870651][T28137] ? ____kasan_slab_free+0x126/0x160 [ 2151.875774][T28137] ? __kasan_slab_free+0x11/0x20 [ 2151.880544][T28137] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2151.885936][T28137] ? kmem_cache_free+0x11a/0x2e0 [ 2151.890700][T28137] ? putname+0x10b/0x160 [ 2151.894782][T28137] ? avc_flush+0x2b0/0x2b0 [ 2151.899033][T28137] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2151.903635][T28137] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2151.909280][T28137] ? kasan_quarantine_put+0x34/0x1b0 [ 2151.914398][T28137] ? blkdev_bszset+0x240/0x240 [ 2151.918994][T28137] ? ioctl_has_perm+0x3df/0x560 [ 2151.923681][T28137] ? has_cap_mac_admin+0xb0/0xb0 [ 2151.928454][T28137] ? kmem_cache_free+0x11a/0x2e0 [ 2151.933231][T28137] ? putname+0x10b/0x160 [ 2151.937307][T28137] ? selinux_file_ioctl+0x3c9/0x530 [ 2151.942353][T28137] ? lo_release+0x200/0x200 [ 2151.946679][T28137] blkdev_ioctl+0x2e9/0x620 [ 2151.951019][T28137] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2151.956314][T28137] ? __fget_files+0x310/0x370 [ 2151.960829][T28137] block_ioctl+0xb0/0xf0 [ 2151.964906][T28137] ? blkdev_iopoll+0x100/0x100 [ 2151.969508][T28137] __se_sys_ioctl+0x115/0x190 [ 2151.974017][T28137] __x64_sys_ioctl+0x7b/0x90 [ 2151.978446][T28137] do_syscall_64+0x44/0xd0 [ 2151.982697][T28137] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2151.988424][T28137] RIP: 0033:0x7f2bac5faec7 [ 2151.992678][T28137] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2152.012120][T28137] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2152.020450][T28137] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2152.028261][T28137] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2152.036071][T28137] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2152.043890][T28137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2152.051705][T28137] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2152.059509][T28137] [ 2152.071943][T28137] loop5: detected capacity change from 0 to 16 [ 2152.122926][T28137] erofs: (device loop5): mounted with root inode @ nid 36. 04:35:07 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)={0xffffffffffffffff}) write$ppp(r2, &(0x7f0000000180)="59e402ffc8187652335d9470acdc4d9c2ab2d9f6501d0c9b32c63cb66d0d855889c92947454e79164f49d171bf2cc3496503b5659cc4d8711b935d027975e67ee4deb209a3c957267296dfd43ec77ad7a5a960d31209d47e9eeb768284c08db7e42e7af18050c42bdca4c25fda5a0d3be4201b2be735aa5c128caa9cb0db70ec898206cf2ea1b657ff4461cdb2dfa06cc65f67b63cb733a5fd1786605fd1415effc698781d53694c77eb1afc7dd90bef7e090d6832fd4c39223f5b1dc3772c45bf598654c40ea1dfbb1a76099a1936290283e3916e65a867ce00865731", 0xdd) ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002) 04:35:07 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x8992, &(0x7f00000000c0)={'syztnl2\x00', 0x0}) 04:35:07 executing program 3: pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)) read$FUSE(r0, &(0x7f0000000680)={0x2020}, 0x2020) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r2, 0x1, &(0x7f00000004c0)={{}, {0x0, 0x3938700}}, 0x0) vmsplice(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)='x', 0x7ffff000}], 0x1, 0x0) 04:35:07 executing program 0: syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x209, &(0x7f0000000300)="$eJzs3E9rK1UYB+D33lu910qbLERQEA8KopuhydqFRVoQA4o2ggrC1E40JE1KJhQiYrtz6yfwA4hLd4K4cNuN30Bw102XXYgjbUr/EUFRGi55ns28cOYH5/AOw+EMzPHr3+z2OmXWycdx/9G9WHojDuP0XtTjfjyIqcN47Zdvf3vh/Q8/enu91dp4L6XN9a1GM6W0+uJPH3/5/Us/j5/+4IfVHx/GUf2T45Pm70fPHj13/OfW590ydcs0GI5TnraHw3G+3S/STrfsZSm92y/yskjdQVmMbox3+sO9vUnKBzsry3ujoixTPpikXjFJ42EajyYp/yzvDlKWZWllOfgv2t+dVlWcVFVVPTyMqqrmPSHumP4vNv1fbPq/2K5t6h5F7H69395vT6/T8fVOdKMfRaxFLf6Is2fkwrTefKu1sZbO1eOV3YOL/MF++8HNfCNqUZ+db0zz6Wb+iVi+nm9GLZ6ZnW/OzD8Zr758LZ9FLX79NIbRj504y17lv2qk9OY7rVv5p87vAwAAAACAx1GWLs08v8+yvxuf5v/F94Fb5+tL8fzSfNcOAAAAi6KcfNHL+/1ipFAoFJfFvN9MAADA/+1q0z/vmQAAAAAAAAAAAAAAAAAAAMDiuovfic17jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/xF8BAAD//7fN4vg=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) pwritev2(r0, &(0x7f0000000500)=[{&(0x7f0000000000)='d', 0xd00600}, {0x0}, {&(0x7f0000000140)="d9", 0x1}], 0x2, 0x0, 0x0, 0x0) 04:35:07 executing program 4: prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:35:07 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 40) 04:35:07 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0) ioctl$EVIOCGNAME(r0, 0x40084504, &(0x7f0000000000)=""/201) 04:35:08 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x6940, 0x0) setxattr$security_capability(&(0x7f0000000000)='./file1\x00', &(0x7f0000000100), &(0x7f0000000140)=@v2, 0x14, 0x0) 04:35:08 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)={{0x14, 0x10, 0x2, 0x0, 0x0, {0x0, 0x25}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}]}, @NFT_MSG_NEWSETELEM={0x60, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x34, 0x3, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x24, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xc4}, 0x1, 0x5000000}, 0x0) 04:35:08 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x6940, 0x0) removexattr(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=ANY=[]) 04:35:08 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0) ioctl$EVIOCSABS20(r0, 0x401845e0, 0x0) 04:35:08 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0) ioctl$EVIOCGNAME(r0, 0x80084502, &(0x7f0000000000)=""/201) [ 2156.577140][T28177] FAULT_INJECTION: forcing a failure. [ 2156.577140][T28177] name failslab, interval 1, probability 0, space 0, times 0 [ 2156.591038][T28176] loop4: detected capacity change from 0 to 16 [ 2156.610333][T28176] erofs: (device loop4): mounted with root inode @ nid 36. [ 2156.627129][T28177] CPU: 1 PID: 28177 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2156.637193][T28177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2156.647087][T28177] Call Trace: [ 2156.650209][T28177] [ 2156.652994][T28177] dump_stack_lvl+0x151/0x1b7 [ 2156.657513][T28177] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2156.662795][T28177] ? selinux_kernfs_init_security+0x1a8/0x760 [ 2156.668699][T28177] dump_stack+0x15/0x17 [ 2156.672691][T28177] should_fail+0x3c0/0x510 [ 2156.676942][T28177] __should_failslab+0x9f/0xe0 [ 2156.681545][T28177] should_failslab+0x9/0x20 [ 2156.685881][T28177] kmem_cache_alloc+0x4f/0x2f0 [ 2156.690481][T28177] ? __kernfs_new_node+0xdb/0x6e0 [ 2156.695345][T28177] __kernfs_new_node+0xdb/0x6e0 [ 2156.700031][T28177] ? down_read_killable+0x250/0x250 [ 2156.705063][T28177] ? kernfs_new_node+0x170/0x170 [ 2156.709836][T28177] ? __kasan_check_write+0x14/0x20 [ 2156.714780][T28177] ? up_write+0x56/0x120 [ 2156.718860][T28177] ? kernfs_activate+0x409/0x420 [ 2156.723636][T28177] kernfs_new_node+0x97/0x170 [ 2156.728148][T28177] __kernfs_create_file+0x4a/0x270 [ 2156.733098][T28177] sysfs_add_file_mode_ns+0x273/0x320 [ 2156.738303][T28177] internal_create_group+0x55e/0xf60 [ 2156.743423][T28177] ? get_super+0x1ee/0x210 [ 2156.747677][T28177] ? sysfs_create_group+0x30/0x30 [ 2156.752539][T28177] ? __kasan_check_write+0x14/0x20 [ 2156.757481][T28177] sysfs_create_group+0x1f/0x30 [ 2156.762169][T28177] loop_configure+0x1077/0x1640 [ 2156.766861][T28177] lo_ioctl+0x8cd/0x25e0 [ 2156.770935][T28177] ? is_bpf_text_address+0x1a2/0x1c0 [ 2156.776059][T28177] ? lo_release+0x200/0x200 [ 2156.780393][T28177] ? stack_trace_save+0x1f0/0x1f0 [ 2156.785342][T28177] ? __kernel_text_address+0x9a/0x110 [ 2156.790551][T28177] ? unwind_get_return_address+0x4c/0x90 [ 2156.796019][T28177] ? arch_stack_walk+0xf8/0x140 [ 2156.800704][T28177] ? avc_has_perm_noaudit+0x358/0x450 [ 2156.805911][T28177] ? memcpy+0x56/0x70 [ 2156.809730][T28177] ? memset+0x35/0x40 [ 2156.813547][T28177] ? fsnotify+0x5ad/0x2240 [ 2156.817803][T28177] ? __kasan_check_write+0x14/0x20 [ 2156.822749][T28177] ? _raw_spin_lock+0xa3/0x1b0 [ 2156.827348][T28177] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2156.832557][T28177] ? avc_has_perm_noaudit+0x358/0x450 [ 2156.837764][T28177] ? _raw_spin_unlock+0x4d/0x70 [ 2156.842448][T28177] ? find_inode_fast+0x459/0x480 [ 2156.847230][T28177] ? __kasan_check_write+0x14/0x20 [ 2156.852184][T28177] ? mutex_unlock+0xa2/0x110 [ 2156.856597][T28177] ? __mutex_lock_slowpath+0x10/0x10 [ 2156.861725][T28177] ? is_bpf_text_address+0x1a2/0x1c0 [ 2156.866839][T28177] ? stack_trace_save+0x1f0/0x1f0 [ 2156.871700][T28177] ? __kernel_text_address+0x9a/0x110 [ 2156.876907][T28177] ? unwind_get_return_address+0x4c/0x90 [ 2156.882374][T28177] ? arch_stack_walk+0xf8/0x140 [ 2156.887068][T28177] ? stack_trace_save+0x12d/0x1f0 [ 2156.891924][T28177] ? stack_trace_snprint+0x100/0x100 [ 2156.897043][T28177] ? avc_has_extended_perms+0x718/0x1210 [ 2156.902512][T28177] ? memcpy+0x56/0x70 [ 2156.906328][T28177] ? avc_has_extended_perms+0xb9c/0x1210 [ 2156.911796][T28177] ? kasan_set_track+0x4c/0x70 [ 2156.916395][T28177] ? kasan_set_free_info+0x23/0x40 [ 2156.921351][T28177] ? ____kasan_slab_free+0x126/0x160 [ 2156.926464][T28177] ? __kasan_slab_free+0x11/0x20 [ 2156.931235][T28177] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2156.936617][T28177] ? kmem_cache_free+0x11a/0x2e0 [ 2156.941399][T28177] ? putname+0x10b/0x160 [ 2156.945474][T28177] ? avc_flush+0x2b0/0x2b0 [ 2156.949730][T28177] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2156.954325][T28177] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2156.959529][T28177] ? kasan_quarantine_put+0x34/0x1b0 [ 2156.964650][T28177] ? blkdev_bszset+0x240/0x240 [ 2156.969248][T28177] ? ioctl_has_perm+0x3df/0x560 [ 2156.973934][T28177] ? has_cap_mac_admin+0xb0/0xb0 [ 2156.978709][T28177] ? kmem_cache_free+0x11a/0x2e0 [ 2156.983484][T28177] ? putname+0x10b/0x160 [ 2156.987562][T28177] ? selinux_file_ioctl+0x3c9/0x530 [ 2156.992596][T28177] ? lo_release+0x200/0x200 [ 2156.996934][T28177] blkdev_ioctl+0x2e9/0x620 [ 2157.001276][T28177] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2157.006567][T28177] ? __fget_files+0x310/0x370 [ 2157.011176][T28177] block_ioctl+0xb0/0xf0 [ 2157.015248][T28177] ? blkdev_iopoll+0x100/0x100 [ 2157.019848][T28177] __se_sys_ioctl+0x115/0x190 [ 2157.024364][T28177] __x64_sys_ioctl+0x7b/0x90 [ 2157.028789][T28177] do_syscall_64+0x44/0xd0 [ 2157.033041][T28177] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2157.038778][T28177] RIP: 0033:0x7f2bac5faec7 [ 2157.043021][T28177] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2157.062464][T28177] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2157.070706][T28177] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2157.078518][T28177] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2157.086336][T28177] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2157.094138][T28177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2157.101955][T28177] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2157.109765][T28177] [ 2157.261185][T28177] loop5: detected capacity change from 0 to 16 [ 2157.272200][T28177] erofs: (device loop5): mounted with root inode @ nid 36. 04:35:12 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x6940, 0x0) mount$cgroup2(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100), 0x0, &(0x7f0000000140)={[{}], [{@fowner_gt={'fowner>', 0xee01}}]}) 04:35:12 executing program 3: bpf$PROG_LOAD_XDP(0xaf, 0x0, 0x0) 04:35:12 executing program 0: r0 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000100000000000000000000000000000205", 0x18) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000001700)=[{{0x0, 0x10000480, 0x0, 0x0, 0x0, 0x0, 0xfc}, 0x1030000}], 0x40000000000035c, 0x20800) 04:35:12 executing program 4: prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:35:12 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)={0xffffffffffffffff}) write$ppp(r2, &(0x7f0000000180)="59e402ffc8187652335d9470acdc4d9c2ab2d9f6501d0c9b32c63cb66d0d855889c92947454e79164f49d171bf2cc3496503b5659cc4d8711b935d027975e67ee4deb209a3c957267296dfd43ec77ad7a5a960d31209d47e9eeb768284c08db7e42e7af18050c42bdca4c25fda5a0d3be4201b2be735aa5c128caa9cb0db70ec898206cf2ea1b657ff4461cdb2dfa06cc65f67b63cb733a5fd1786605fd1415effc698781d53694c77eb1afc7dd90bef7e090d6832fd4c39223f5b1dc3772c45bf598654c40ea1dfbb1a76099a1936290283e3916e65a867ce00865731", 0xdd) ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) (async) write$ppp(r2, &(0x7f0000000180)="59e402ffc8187652335d9470acdc4d9c2ab2d9f6501d0c9b32c63cb66d0d855889c92947454e79164f49d171bf2cc3496503b5659cc4d8711b935d027975e67ee4deb209a3c957267296dfd43ec77ad7a5a960d31209d47e9eeb768284c08db7e42e7af18050c42bdca4c25fda5a0d3be4201b2be735aa5c128caa9cb0db70ec898206cf2ea1b657ff4461cdb2dfa06cc65f67b63cb733a5fd1786605fd1415effc698781d53694c77eb1afc7dd90bef7e090d6832fd4c39223f5b1dc3772c45bf598654c40ea1dfbb1a76099a1936290283e3916e65a867ce00865731", 0xdd) (async) ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002) (async) 04:35:12 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 41) 04:35:12 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0) ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f00000003c0)=""/69) 04:35:12 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_int(r0, 0x0, 0x31, &(0x7f0000000000), 0x4) 04:35:12 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0) ioctl$EVIOCGKEYCODE_V2(r0, 0x400445a0, 0x0) 04:35:12 executing program 3: r0 = epoll_create1(0x0) r1 = socket(0x2, 0x80802, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)) dup3(r2, r1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)) 04:35:12 executing program 2: r0 = epoll_create1(0x0) r1 = socket(0x2, 0x80802, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)) dup3(r2, r1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)) 04:35:12 executing program 3: syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1000012, &(0x7f0000000640)={[{@nojournal_checksum}, {@dioread_lock}, {@bh}, {@grpquota}]}, 0x1, 0x4ec, &(0x7f0000000680)="$eJzs3cFvFF8dAPDvbLv82h/92aIekEREwRSi7LZUoPGAkBg9kah4L7XdNk233aa7BdoQU+IfYGKMmnjy5MXEP8DEkPgHaExI9G48aIiCHDxo1uzsVGDZLQXa3R+7n0/ymPfm7cz3vaEzO29mshPAwDoTEdcjYigiLkTEeDY/l6XYbabG554+ub/QSEnU67f+kUSSzWtd5/FssZGI+M43I76XvBq3ur2zOl8ulzazcrG2tlGsbu9cXFmbXy4tl9ZnZqavzF6dvTw7dSj9bPTr2tef/eSHv/zGtd9++e5f5v5+/vuNZo1l9e36cRiaXc+n22LPcERsHkWwHhjK+pPvdUMAADiQxjn+JyPiC+n5/3gMpWdzAAAAQD+pf20s/pNE1AEAAIC+lUufgU1yhexZgLHI5QqF5jO8n44Pc+VKtfalpcrW+mLzWdmJyOeWVsqlqeyZ2onIJ43ydJp/Xr7UUp6JiBPRWGg0LRcWKuXFXl/8AAAAgAFxvGX8/2y8Of4HAAAA+sxErxsAAAAAHDnjfwAAAOh/xv8AAADQ175182Yj1ffef714Z3trtXLn4mKpulpY21ooLFQ2NwrLlcpy+pt9a69bX7lS2fhKrG/dK9ZK1Vqxur0zt1bZWq/Npe/1nit5TzQAAAB034nPPfxzEhG7Xx1NU8OxrM5YHfpbbr/K5OXScEv17c8fRYuAbhl60wXObB1NQ4Cua/1OBwaHMT6QvKZ+pFPFH94yoBMPAADousnPuP8Pg2rf+/9AX3vj+/9A33AZHgZX3hkADLzn9/9/37b+3e//1+tv3CgAAOBQjTUnu5HdCxyLXK5QiPgofS1APllaKZemIuITEfGn8fwHjfJ0j9sMAAAAAAAAAAAAAAAAAAAAAAAAAO+bej2JOgAAANDXInJ/S7L3f02OnxtrvT5wLPn3eDqNiLs/v/XTe/O12uZ0Y/4//z+/9rNs/qVeXMEAAACAQZTft3ZvnL43jgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAw/T0yf2FvdTNuI9vxGhMtIs/HCPpdCTyEfHhv5IYfmG5JCKGDiH+7oOIONkuftJoVkxkrWiNn4uI0R7HP34I8WGQPbwREdfb7X+5OJNO2+9/w1l6V49vpDt52/h7x7+hDse/jw4Y49SjXxc7xn8QcWq4/fGnGX8ijdUu/tkDxr/93Z2dTnX1X0RMtv3+SV6KVaytbRSr2zsXV9bml0vLpfWZmekrs1dnL89OFZdWyqXs37YxfvTZ3+z+uGP/c+n0xfjjWdSJdDrSsf/nDtj//z669+RTzWz+1fgR58+2//8/uU/8xt/EF7PvgUb95F5+t5l/0elf/fF0p7Y14i922P4jr+n/+QP2/8K3f/DXA34UAOiC6vbO6ny5XNp8zzJJV2KNdGP7nDjW640pk2U+yPaKt1/P77I1fCy6806ZHh6UAACAI/H8pL/XLQEAAAAAAAAAAAAAAAAAAIDB1Y2fE2uNudubrgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7Ot/AQAA///cw9BW") [ 2160.818837][T28192] cgroup2: Unknown parameter 'fowner>00000000000000060929' 04:35:12 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1c}, 0x48) 04:35:12 executing program 3: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) read$watch_queue(r0, 0x0, 0xf0ff7f00000000) 04:35:12 executing program 0: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x4, &(0x7f0000000140)=@framed={{}, [@generic]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) [ 2160.936026][T28216] FAULT_INJECTION: forcing a failure. [ 2160.936026][T28216] name failslab, interval 1, probability 0, space 0, times 0 [ 2160.952361][T28220] loop4: detected capacity change from 0 to 16 [ 2160.968344][T28220] erofs: (device loop4): mounted with root inode @ nid 36. [ 2160.981925][T28216] CPU: 1 PID: 28216 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2160.992015][T28216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2161.001891][T28216] Call Trace: [ 2161.005015][T28216] [ 2161.007792][T28216] dump_stack_lvl+0x151/0x1b7 [ 2161.012302][T28216] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2161.017596][T28216] ? selinux_kernfs_init_security+0x1a8/0x760 [ 2161.023498][T28216] dump_stack+0x15/0x17 [ 2161.027488][T28216] should_fail+0x3c0/0x510 [ 2161.031743][T28216] __should_failslab+0x9f/0xe0 [ 2161.036341][T28216] should_failslab+0x9/0x20 [ 2161.040687][T28216] kmem_cache_alloc+0x4f/0x2f0 [ 2161.045285][T28216] ? __kernfs_new_node+0xdb/0x6e0 [ 2161.050152][T28216] __kernfs_new_node+0xdb/0x6e0 [ 2161.054828][T28216] ? down_read_killable+0x250/0x250 [ 2161.059861][T28216] ? kernfs_new_node+0x170/0x170 [ 2161.064639][T28216] ? __kasan_check_write+0x14/0x20 [ 2161.069587][T28216] ? up_write+0x56/0x120 [ 2161.073757][T28216] ? kernfs_activate+0x409/0x420 [ 2161.078526][T28216] kernfs_new_node+0x97/0x170 [ 2161.083035][T28216] __kernfs_create_file+0x4a/0x270 [ 2161.087986][T28216] sysfs_add_file_mode_ns+0x273/0x320 [ 2161.093191][T28216] internal_create_group+0x55e/0xf60 [ 2161.098312][T28216] ? get_super+0x1ee/0x210 [ 2161.102565][T28216] ? sysfs_create_group+0x30/0x30 [ 2161.107437][T28216] ? __kasan_check_write+0x14/0x20 [ 2161.112371][T28216] sysfs_create_group+0x1f/0x30 [ 2161.117059][T28216] loop_configure+0x1077/0x1640 [ 2161.121749][T28216] lo_ioctl+0x8cd/0x25e0 [ 2161.125826][T28216] ? is_bpf_text_address+0x1a2/0x1c0 [ 2161.130947][T28216] ? lo_release+0x200/0x200 [ 2161.135291][T28216] ? stack_trace_save+0x1f0/0x1f0 [ 2161.140230][T28216] ? __kernel_text_address+0x9a/0x110 [ 2161.145438][T28216] ? unwind_get_return_address+0x4c/0x90 [ 2161.150908][T28216] ? arch_stack_walk+0xf8/0x140 [ 2161.155594][T28216] ? avc_has_perm_noaudit+0x358/0x450 [ 2161.160803][T28216] ? memcpy+0x56/0x70 [ 2161.164620][T28216] ? memset+0x35/0x40 [ 2161.168442][T28216] ? fsnotify+0x5ad/0x2240 [ 2161.172689][T28216] ? __kasan_check_write+0x14/0x20 [ 2161.177636][T28216] ? _raw_spin_lock+0xa3/0x1b0 [ 2161.182237][T28216] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2161.187446][T28216] ? avc_has_perm_noaudit+0x358/0x450 [ 2161.192654][T28216] ? _raw_spin_unlock+0x4d/0x70 [ 2161.197338][T28216] ? find_inode_fast+0x459/0x480 [ 2161.202114][T28216] ? __kasan_check_write+0x14/0x20 [ 2161.207060][T28216] ? mutex_unlock+0xa2/0x110 [ 2161.211487][T28216] ? __mutex_lock_slowpath+0x10/0x10 [ 2161.216609][T28216] ? is_bpf_text_address+0x1a2/0x1c0 [ 2161.221725][T28216] ? stack_trace_save+0x1f0/0x1f0 [ 2161.226587][T28216] ? __kernel_text_address+0x9a/0x110 [ 2161.231798][T28216] ? unwind_get_return_address+0x4c/0x90 [ 2161.237266][T28216] ? arch_stack_walk+0xf8/0x140 [ 2161.241951][T28216] ? stack_trace_save+0x12d/0x1f0 [ 2161.246810][T28216] ? stack_trace_snprint+0x100/0x100 [ 2161.251929][T28216] ? avc_has_extended_perms+0x718/0x1210 [ 2161.257399][T28216] ? memcpy+0x56/0x70 [ 2161.261221][T28216] ? avc_has_extended_perms+0xb9c/0x1210 [ 2161.266685][T28216] ? kasan_set_track+0x4c/0x70 [ 2161.271283][T28216] ? kasan_set_free_info+0x23/0x40 [ 2161.276231][T28216] ? ____kasan_slab_free+0x126/0x160 [ 2161.281353][T28216] ? __kasan_slab_free+0x11/0x20 [ 2161.286224][T28216] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2161.291609][T28216] ? kmem_cache_free+0x11a/0x2e0 [ 2161.296381][T28216] ? putname+0x10b/0x160 [ 2161.300460][T28216] ? avc_flush+0x2b0/0x2b0 [ 2161.304715][T28216] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2161.309315][T28216] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2161.314517][T28216] ? kasan_quarantine_put+0x34/0x1b0 [ 2161.319636][T28216] ? blkdev_bszset+0x240/0x240 [ 2161.324236][T28216] ? ioctl_has_perm+0x3df/0x560 [ 2161.328930][T28216] ? has_cap_mac_admin+0xb0/0xb0 [ 2161.333698][T28216] ? kmem_cache_free+0x11a/0x2e0 [ 2161.338475][T28216] ? putname+0x10b/0x160 [ 2161.342550][T28216] ? selinux_file_ioctl+0x3c9/0x530 [ 2161.347583][T28216] ? lo_release+0x200/0x200 [ 2161.351921][T28216] blkdev_ioctl+0x2e9/0x620 [ 2161.356288][T28216] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2161.361556][T28216] ? __fget_files+0x310/0x370 [ 2161.366072][T28216] block_ioctl+0xb0/0xf0 [ 2161.370147][T28216] ? blkdev_iopoll+0x100/0x100 [ 2161.374748][T28216] __se_sys_ioctl+0x115/0x190 [ 2161.379263][T28216] __x64_sys_ioctl+0x7b/0x90 [ 2161.383698][T28216] do_syscall_64+0x44/0xd0 [ 2161.387943][T28216] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2161.393671][T28216] RIP: 0033:0x7f2bac5faec7 [ 2161.397922][T28216] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2161.417452][T28216] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2161.425697][T28216] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2161.433508][T28216] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2161.441315][T28216] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2161.449135][T28216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2161.456940][T28216] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2161.464753][T28216] 04:35:13 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xf, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48) [ 2161.648858][T28216] loop5: detected capacity change from 0 to 16 [ 2161.657492][T28216] erofs: (device loop5): mounted with root inode @ nid 36. 04:35:17 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x2b9}, 0x48) 04:35:17 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') (async) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)={0xffffffffffffffff}) write$ppp(r2, &(0x7f0000000180)="59e402ffc8187652335d9470acdc4d9c2ab2d9f6501d0c9b32c63cb66d0d855889c92947454e79164f49d171bf2cc3496503b5659cc4d8711b935d027975e67ee4deb209a3c957267296dfd43ec77ad7a5a960d31209d47e9eeb768284c08db7e42e7af18050c42bdca4c25fda5a0d3be4201b2be735aa5c128caa9cb0db70ec898206cf2ea1b657ff4461cdb2dfa06cc65f67b63cb733a5fd1786605fd1415effc698781d53694c77eb1afc7dd90bef7e090d6832fd4c39223f5b1dc3772c45bf598654c40ea1dfbb1a76099a1936290283e3916e65a867ce00865731", 0xdd) (async) ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002) 04:35:17 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0xbe, 0x4) sendmmsg$inet(r0, &(0x7f0000006600)=[{{&(0x7f00000010c0)={0x2, 0x4e21, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="1400000000000000000000000200000009000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac1e0101000000002c000000000000000008"], 0x68}}], 0x1, 0x8804) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000100)={r0, 0x1, 0x2, 0x101}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00'}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x1dbf58) 04:35:17 executing program 4: prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:35:17 executing program 2: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000140)=@framed={{0x18, 0xb}}, &(0x7f0000000180)='syzkaller\x00', 0x3, 0xc4, &(0x7f00000001c0)=""/196, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:35:17 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 42) 04:35:17 executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0x3, &(0x7f0000000140)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x4, 0xc4, &(0x7f00000001c0)=""/196, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:35:17 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0) ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000140)=""/61) 04:35:17 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x10, 0x0, 0x0, 0x1}, 0x48) 04:35:17 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) bind$inet(r0, &(0x7f0000000000)={0x3, 0x0, @dev}, 0xf1ed200ecfd2e646) 04:35:17 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xa, 0x1, 0x9, 0x4}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4, 0x0, r0}, 0x48) bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x260, r1}, 0x38) 04:35:17 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000001400)=@base={0x16, 0x0, 0x5, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48) 04:35:17 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x6940, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100), 0x0, &(0x7f0000000180)={{}, 0x2c, {}, 0x2c, {}, 0x2c, {'group_id', 0x3d, 0xee01}}) [ 2166.034714][T28254] fuse: Bad value for 'fd' [ 2166.096907][T28257] loop4: detected capacity change from 0 to 16 [ 2166.108087][T28258] FAULT_INJECTION: forcing a failure. [ 2166.108087][T28258] name failslab, interval 1, probability 0, space 0, times 0 [ 2166.122521][T28257] erofs: (device loop4): mounted with root inode @ nid 36. [ 2166.170250][T28258] CPU: 0 PID: 28258 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2166.180317][T28258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2166.190221][T28258] Call Trace: [ 2166.193334][T28258] [ 2166.196109][T28258] dump_stack_lvl+0x151/0x1b7 [ 2166.200622][T28258] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2166.205918][T28258] ? selinux_kernfs_init_security+0x1a8/0x760 [ 2166.211820][T28258] dump_stack+0x15/0x17 [ 2166.215822][T28258] should_fail+0x3c0/0x510 [ 2166.220065][T28258] __should_failslab+0x9f/0xe0 [ 2166.224662][T28258] should_failslab+0x9/0x20 [ 2166.229001][T28258] kmem_cache_alloc+0x4f/0x2f0 [ 2166.233605][T28258] ? __kernfs_new_node+0xdb/0x6e0 [ 2166.238463][T28258] __kernfs_new_node+0xdb/0x6e0 [ 2166.243151][T28258] ? down_read_killable+0x250/0x250 [ 2166.248182][T28258] ? kernfs_new_node+0x170/0x170 [ 2166.252963][T28258] ? __kasan_check_write+0x14/0x20 [ 2166.258077][T28258] ? up_write+0x56/0x120 [ 2166.262156][T28258] ? kernfs_activate+0x409/0x420 [ 2166.266932][T28258] kernfs_new_node+0x97/0x170 [ 2166.271445][T28258] __kernfs_create_file+0x4a/0x270 [ 2166.276391][T28258] sysfs_add_file_mode_ns+0x273/0x320 [ 2166.281598][T28258] internal_create_group+0x55e/0xf60 [ 2166.286719][T28258] ? get_super+0x1ee/0x210 [ 2166.290974][T28258] ? sysfs_create_group+0x30/0x30 [ 2166.296098][T28258] ? __kasan_check_write+0x14/0x20 [ 2166.301039][T28258] sysfs_create_group+0x1f/0x30 [ 2166.305760][T28258] loop_configure+0x1077/0x1640 [ 2166.310415][T28258] lo_ioctl+0x8cd/0x25e0 [ 2166.314500][T28258] ? is_bpf_text_address+0x1a2/0x1c0 [ 2166.319610][T28258] ? lo_release+0x200/0x200 [ 2166.323952][T28258] ? stack_trace_save+0x1f0/0x1f0 [ 2166.328814][T28258] ? __kernel_text_address+0x9a/0x110 [ 2166.334017][T28258] ? unwind_get_return_address+0x4c/0x90 [ 2166.339486][T28258] ? arch_stack_walk+0xf8/0x140 [ 2166.344176][T28258] ? avc_has_perm_noaudit+0x358/0x450 [ 2166.349385][T28258] ? memcpy+0x56/0x70 [ 2166.353199][T28258] ? memset+0x35/0x40 [ 2166.357016][T28258] ? fsnotify+0x5ad/0x2240 [ 2166.361271][T28258] ? __kasan_check_write+0x14/0x20 [ 2166.366215][T28258] ? _raw_spin_lock+0xa3/0x1b0 [ 2166.370816][T28258] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2166.376024][T28258] ? avc_has_perm_noaudit+0x358/0x450 [ 2166.381925][T28258] ? _raw_spin_unlock+0x4d/0x70 [ 2166.386615][T28258] ? find_inode_fast+0x459/0x480 [ 2166.391473][T28258] ? __kasan_check_write+0x14/0x20 [ 2166.396418][T28258] ? mutex_unlock+0xa2/0x110 [ 2166.400861][T28258] ? __mutex_lock_slowpath+0x10/0x10 [ 2166.405971][T28258] ? is_bpf_text_address+0x1a2/0x1c0 [ 2166.411087][T28258] ? stack_trace_save+0x1f0/0x1f0 [ 2166.415955][T28258] ? __kernel_text_address+0x9a/0x110 [ 2166.421157][T28258] ? unwind_get_return_address+0x4c/0x90 [ 2166.426622][T28258] ? arch_stack_walk+0xf8/0x140 [ 2166.431312][T28258] ? stack_trace_save+0x12d/0x1f0 [ 2166.436169][T28258] ? stack_trace_snprint+0x100/0x100 [ 2166.441305][T28258] ? avc_has_extended_perms+0x718/0x1210 [ 2166.446757][T28258] ? memcpy+0x56/0x70 [ 2166.450578][T28258] ? avc_has_extended_perms+0xb9c/0x1210 [ 2166.456053][T28258] ? kasan_set_track+0x4c/0x70 [ 2166.460820][T28258] ? kasan_set_free_info+0x23/0x40 [ 2166.465765][T28258] ? ____kasan_slab_free+0x126/0x160 [ 2166.470886][T28258] ? __kasan_slab_free+0x11/0x20 [ 2166.476017][T28258] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2166.481388][T28258] ? kmem_cache_free+0x11a/0x2e0 [ 2166.486162][T28258] ? putname+0x10b/0x160 [ 2166.490327][T28258] ? avc_flush+0x2b0/0x2b0 [ 2166.494584][T28258] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2166.499185][T28258] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2166.504403][T28258] ? kasan_quarantine_put+0x34/0x1b0 [ 2166.509511][T28258] ? blkdev_bszset+0x240/0x240 [ 2166.514116][T28258] ? ioctl_has_perm+0x3df/0x560 [ 2166.518793][T28258] ? has_cap_mac_admin+0xb0/0xb0 [ 2166.523567][T28258] ? kmem_cache_free+0x11a/0x2e0 [ 2166.528365][T28258] ? putname+0x10b/0x160 [ 2166.532422][T28258] ? selinux_file_ioctl+0x3c9/0x530 [ 2166.537455][T28258] ? lo_release+0x200/0x200 [ 2166.541792][T28258] blkdev_ioctl+0x2e9/0x620 [ 2166.546133][T28258] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2166.551427][T28258] ? __fget_files+0x310/0x370 [ 2166.555942][T28258] block_ioctl+0xb0/0xf0 [ 2166.560020][T28258] ? blkdev_iopoll+0x100/0x100 [ 2166.564622][T28258] __se_sys_ioctl+0x115/0x190 [ 2166.569134][T28258] __x64_sys_ioctl+0x7b/0x90 [ 2166.573561][T28258] do_syscall_64+0x44/0xd0 [ 2166.577812][T28258] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2166.583540][T28258] RIP: 0033:0x7f2bac5faec7 [ 2166.587823][T28258] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2166.607329][T28258] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2166.615565][T28258] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2166.623377][T28258] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2166.631708][T28258] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2166.639546][T28258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2166.647331][T28258] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2166.655146][T28258] [ 2166.659247][T28258] loop5: detected capacity change from 0 to 16 [ 2166.674575][T28258] erofs: (device loop5): mounted with root inode @ nid 36. 04:35:22 executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000140)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2}, 0x80) 04:35:22 executing program 2: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x4, &(0x7f0000000140)=@framed={{}, [@generic={0x30}]}, &(0x7f0000000180)='syzkaller\x00', 0x3, 0xc4, &(0x7f00000001c0)=""/196, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:35:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'team0\x00', &(0x7f0000000300)=@ethtool_per_queue_op={0x4b, 0x10}}) 04:35:22 executing program 4: prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:35:22 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) rename(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) 04:35:22 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 43) 04:35:22 executing program 0: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) read$watch_queue(r0, 0x0, 0x0) 04:35:22 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000140)={'ip6tnl0\x00', 0x0}) 04:35:22 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x6940, 0x0) setxattr$incfs_id(&(0x7f0000000200)='./file1\x00', &(0x7f0000000240), &(0x7f0000000280), 0x20, 0x0) setxattr$incfs_id(&(0x7f0000000300)='./file1\x00', &(0x7f0000000340), &(0x7f0000000380), 0x20, 0x0) 04:35:22 executing program 3: r0 = socket$inet(0x2c, 0x3, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000040)={'gre0\x00', &(0x7f0000000000)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote}}}}) 04:35:22 executing program 2: fspick(0xffffffffffffffff, &(0x7f0000001140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 04:35:22 executing program 0: mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000000000000, 0x0, 0xd6600ede63ba487e, 0xffffffffffffffff, 0x10000000) 04:35:22 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0) ioctl$EVIOCGNAME(r0, 0xc01047d0, &(0x7f0000000000)=""/201) 04:35:22 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) 04:35:22 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x14, 0x0, 0x8, 0x0, 0x4}, 0x48) [ 2171.292429][T28298] loop4: detected capacity change from 0 to 16 [ 2171.295373][T28299] loop5: detected capacity change from 0 to 16 [ 2171.305300][T28298] erofs: (device loop4): mounted with root inode @ nid 36. [ 2171.324565][T28299] FAULT_INJECTION: forcing a failure. [ 2171.324565][T28299] name failslab, interval 1, probability 0, space 0, times 0 [ 2171.367976][T28299] CPU: 0 PID: 28299 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2171.378131][T28299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2171.388024][T28299] Call Trace: [ 2171.391148][T28299] [ 2171.393926][T28299] dump_stack_lvl+0x151/0x1b7 [ 2171.398536][T28299] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2171.403819][T28299] ? vprintk+0x86/0x90 [ 2171.407732][T28299] ? _printk+0xcf/0x10f [ 2171.411717][T28299] dump_stack+0x15/0x17 [ 2171.415722][T28299] should_fail+0x3c0/0x510 [ 2171.419963][T28299] ? kobject_uevent_env+0x26c/0x730 [ 2171.424998][T28299] __should_failslab+0x9f/0xe0 [ 2171.429598][T28299] should_failslab+0x9/0x20 [ 2171.433935][T28299] kmem_cache_alloc_trace+0x4a/0x310 [ 2171.439062][T28299] ? set_capacity_and_notify+0x325/0x350 [ 2171.444531][T28299] ? dev_uevent_filter+0xb0/0xb0 [ 2171.449303][T28299] kobject_uevent_env+0x26c/0x730 [ 2171.454157][T28299] ? sysfs_create_group+0x30/0x30 [ 2171.459023][T28299] kobject_uevent+0x1f/0x30 [ 2171.463359][T28299] loop_set_size+0x95/0xa0 [ 2171.467617][T28299] loop_configure+0x11c7/0x1640 [ 2171.472298][T28299] lo_ioctl+0x8cd/0x25e0 [ 2171.476389][T28299] ? is_bpf_text_address+0x1a2/0x1c0 [ 2171.481494][T28299] ? lo_release+0x200/0x200 [ 2171.485835][T28299] ? stack_trace_save+0x1f0/0x1f0 [ 2171.490695][T28299] ? __kernel_text_address+0x9a/0x110 [ 2171.495912][T28299] ? unwind_get_return_address+0x4c/0x90 [ 2171.501374][T28299] ? arch_stack_walk+0xf8/0x140 [ 2171.506060][T28299] ? avc_has_perm_noaudit+0x358/0x450 [ 2171.511265][T28299] ? memcpy+0x56/0x70 [ 2171.515097][T28299] ? memset+0x35/0x40 [ 2171.518903][T28299] ? fsnotify+0x5ad/0x2240 [ 2171.523156][T28299] ? __kasan_check_write+0x14/0x20 [ 2171.528100][T28299] ? _raw_spin_lock+0xa3/0x1b0 [ 2171.532700][T28299] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2171.537927][T28299] ? avc_has_perm_noaudit+0x358/0x450 [ 2171.543124][T28299] ? _raw_spin_unlock+0x4d/0x70 [ 2171.547807][T28299] ? find_inode_fast+0x459/0x480 [ 2171.552663][T28299] ? __kasan_check_write+0x14/0x20 [ 2171.557610][T28299] ? mutex_unlock+0xa2/0x110 [ 2171.562036][T28299] ? __mutex_lock_slowpath+0x10/0x10 [ 2171.567158][T28299] ? is_bpf_text_address+0x1a2/0x1c0 [ 2171.572452][T28299] ? stack_trace_save+0x1f0/0x1f0 [ 2171.577316][T28299] ? __kernel_text_address+0x9a/0x110 [ 2171.582703][T28299] ? unwind_get_return_address+0x4c/0x90 [ 2171.588163][T28299] ? arch_stack_walk+0xf8/0x140 [ 2171.592850][T28299] ? stack_trace_save+0x12d/0x1f0 [ 2171.597711][T28299] ? stack_trace_snprint+0x100/0x100 [ 2171.602829][T28299] ? avc_has_extended_perms+0x718/0x1210 [ 2171.608398][T28299] ? memcpy+0x56/0x70 [ 2171.612200][T28299] ? avc_has_extended_perms+0xb9c/0x1210 [ 2171.617844][T28299] ? kasan_set_track+0x4c/0x70 [ 2171.622444][T28299] ? kasan_set_free_info+0x23/0x40 [ 2171.627388][T28299] ? ____kasan_slab_free+0x126/0x160 [ 2171.632515][T28299] ? __kasan_slab_free+0x11/0x20 [ 2171.637287][T28299] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2171.642664][T28299] ? kmem_cache_free+0x11a/0x2e0 [ 2171.647439][T28299] ? putname+0x10b/0x160 [ 2171.651518][T28299] ? avc_flush+0x2b0/0x2b0 [ 2171.655782][T28299] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2171.661329][T28299] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2171.666540][T28299] ? kasan_quarantine_put+0x34/0x1b0 [ 2171.671656][T28299] ? blkdev_bszset+0x240/0x240 [ 2171.676271][T28299] ? ioctl_has_perm+0x3df/0x560 [ 2171.680946][T28299] ? has_cap_mac_admin+0xb0/0xb0 [ 2171.685715][T28299] ? kmem_cache_free+0x11a/0x2e0 [ 2171.690487][T28299] ? putname+0x10b/0x160 [ 2171.694567][T28299] ? selinux_file_ioctl+0x3c9/0x530 [ 2171.699604][T28299] ? lo_release+0x200/0x200 [ 2171.703939][T28299] blkdev_ioctl+0x2e9/0x620 [ 2171.708280][T28299] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2171.713572][T28299] ? __fget_files+0x310/0x370 [ 2171.718259][T28299] block_ioctl+0xb0/0xf0 [ 2171.722338][T28299] ? blkdev_iopoll+0x100/0x100 [ 2171.726937][T28299] __se_sys_ioctl+0x115/0x190 [ 2171.731451][T28299] __x64_sys_ioctl+0x7b/0x90 [ 2171.735879][T28299] do_syscall_64+0x44/0xd0 [ 2171.740129][T28299] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2171.745863][T28299] RIP: 0033:0x7f2bac5faec7 [ 2171.750114][T28299] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2171.769570][T28299] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2171.779221][T28299] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2171.787171][T28299] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2171.794984][T28299] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2171.802796][T28299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2171.810602][T28299] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2171.818427][T28299] [ 2171.831773][T28299] erofs: (device loop5): mounted with root inode @ nid 36. 04:35:23 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) [ 2172.189928][T28305] loop4: detected capacity change from 0 to 16 [ 2172.199030][T28305] erofs: (device loop4): mounted with root inode @ nid 36. 04:35:24 executing program 2: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x4, &(0x7f0000000140)=@framed={{}, [@generic={0x79}]}, &(0x7f0000000180)='syzkaller\x00', 0x3, 0xc4, &(0x7f00000001c0)=""/196, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:35:24 executing program 0: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x9, 0x3, &(0x7f0000000140)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:35:24 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x14, 0x0, 0x8, 0x0, 0x4}, 0x48) 04:35:24 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 44) 04:35:24 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:35:24 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) rename(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) rename(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) (async) 04:35:24 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x6940, 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={[{@nr_blocks={'nr_blocks', 0x3d, [0x0]}}]}) 04:35:24 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x14, 0x0, 0x8, 0x0, 0x4}, 0x48) 04:35:24 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000100000000000000000000000000000205", 0x18) sendto$inet6(r0, &(0x7f00000002c0)='a', 0x1, 0x4840, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) 04:35:24 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x14, 0x0, 0x8, 0x0, 0x4}, 0x48) 04:35:24 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0) ioctl$EVIOCGKEYCODE_V2(r0, 0x40044581, 0x0) 04:35:24 executing program 0: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x11000000}, [@generic={0x25}]}, &(0x7f0000000180)='syzkaller\x00', 0x3, 0xc4, &(0x7f00000001c0)=""/196, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) [ 2173.325102][T28322] tmpfs: Bad value for 'nr_blocks' [ 2173.414531][T28333] loop5: detected capacity change from 0 to 16 [ 2173.420610][T28333] FAULT_INJECTION: forcing a failure. [ 2173.420610][T28333] name failslab, interval 1, probability 0, space 0, times 0 [ 2173.439196][T28334] loop4: detected capacity change from 0 to 16 [ 2173.454162][T28334] erofs: (device loop4): mounted with root inode @ nid 36. [ 2173.472947][T28333] CPU: 1 PID: 28333 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2173.483000][T28333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2173.492903][T28333] Call Trace: [ 2173.496018][T28333] [ 2173.498797][T28333] dump_stack_lvl+0x151/0x1b7 [ 2173.503308][T28333] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2173.508606][T28333] dump_stack+0x15/0x17 [ 2173.512595][T28333] should_fail+0x3c0/0x510 [ 2173.516846][T28333] ? kobject_get_path+0xb8/0x1a0 [ 2173.521624][T28333] __should_failslab+0x9f/0xe0 [ 2173.526219][T28333] should_failslab+0x9/0x20 [ 2173.530650][T28333] __kmalloc+0x6d/0x350 [ 2173.534824][T28333] kobject_get_path+0xb8/0x1a0 [ 2173.539417][T28333] kobject_uevent_env+0x282/0x730 [ 2173.544284][T28333] ? sysfs_create_group+0x30/0x30 [ 2173.549140][T28333] kobject_uevent+0x1f/0x30 [ 2173.553477][T28333] loop_set_size+0x95/0xa0 [ 2173.557732][T28333] loop_configure+0x11c7/0x1640 [ 2173.562415][T28333] lo_ioctl+0x8cd/0x25e0 [ 2173.566495][T28333] ? is_bpf_text_address+0x1a2/0x1c0 [ 2173.571614][T28333] ? lo_release+0x200/0x200 [ 2173.575954][T28333] ? stack_trace_save+0x1f0/0x1f0 [ 2173.580811][T28333] ? __kernel_text_address+0x9a/0x110 [ 2173.586025][T28333] ? unwind_get_return_address+0x4c/0x90 [ 2173.591486][T28333] ? arch_stack_walk+0xf8/0x140 [ 2173.596173][T28333] ? avc_has_perm_noaudit+0x358/0x450 [ 2173.601380][T28333] ? memcpy+0x56/0x70 [ 2173.605207][T28333] ? memset+0x35/0x40 [ 2173.609022][T28333] ? fsnotify+0x5ad/0x2240 [ 2173.613272][T28333] ? __kasan_check_write+0x14/0x20 [ 2173.618217][T28333] ? _raw_spin_lock+0xa3/0x1b0 [ 2173.622818][T28333] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2173.628118][T28333] ? avc_has_perm_noaudit+0x358/0x450 [ 2173.633323][T28333] ? _raw_spin_unlock+0x4d/0x70 [ 2173.638006][T28333] ? find_inode_fast+0x459/0x480 [ 2173.642781][T28333] ? __kasan_check_write+0x14/0x20 [ 2173.647755][T28333] ? mutex_unlock+0xa2/0x110 [ 2173.652153][T28333] ? __mutex_lock_slowpath+0x10/0x10 [ 2173.657284][T28333] ? is_bpf_text_address+0x1a2/0x1c0 [ 2173.662395][T28333] ? stack_trace_save+0x1f0/0x1f0 [ 2173.667261][T28333] ? __kernel_text_address+0x9a/0x110 [ 2173.672465][T28333] ? unwind_get_return_address+0x4c/0x90 [ 2173.677932][T28333] ? arch_stack_walk+0xf8/0x140 [ 2173.682618][T28333] ? stack_trace_save+0x12d/0x1f0 [ 2173.687477][T28333] ? stack_trace_snprint+0x100/0x100 [ 2173.692598][T28333] ? avc_has_extended_perms+0x718/0x1210 [ 2173.698064][T28333] ? memcpy+0x56/0x70 [ 2173.701884][T28333] ? avc_has_extended_perms+0xb9c/0x1210 [ 2173.707352][T28333] ? kasan_set_track+0x4c/0x70 [ 2173.713433][T28333] ? kasan_set_free_info+0x23/0x40 [ 2173.718379][T28333] ? ____kasan_slab_free+0x126/0x160 [ 2173.723496][T28333] ? __kasan_slab_free+0x11/0x20 [ 2173.728269][T28333] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2173.733650][T28333] ? kmem_cache_free+0x11a/0x2e0 [ 2173.738430][T28333] ? putname+0x10b/0x160 [ 2173.742504][T28333] ? avc_flush+0x2b0/0x2b0 [ 2173.746755][T28333] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2173.751356][T28333] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2173.756562][T28333] ? kasan_quarantine_put+0x34/0x1b0 [ 2173.761681][T28333] ? blkdev_bszset+0x240/0x240 [ 2173.766284][T28333] ? ioctl_has_perm+0x3df/0x560 [ 2173.770969][T28333] ? has_cap_mac_admin+0xb0/0xb0 [ 2173.775740][T28333] ? kmem_cache_free+0x11a/0x2e0 [ 2173.780516][T28333] ? putname+0x10b/0x160 [ 2173.784593][T28333] ? selinux_file_ioctl+0x3c9/0x530 [ 2173.789628][T28333] ? lo_release+0x200/0x200 [ 2173.793966][T28333] blkdev_ioctl+0x2e9/0x620 [ 2173.798306][T28333] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2173.803602][T28333] ? __fget_files+0x310/0x370 [ 2173.808115][T28333] block_ioctl+0xb0/0xf0 [ 2173.812196][T28333] ? blkdev_iopoll+0x100/0x100 [ 2173.816793][T28333] __se_sys_ioctl+0x115/0x190 [ 2173.821306][T28333] __x64_sys_ioctl+0x7b/0x90 [ 2173.825731][T28333] do_syscall_64+0x44/0xd0 [ 2173.829987][T28333] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2173.835714][T28333] RIP: 0033:0x7f2bac5faec7 [ 2173.840142][T28333] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2173.859581][T28333] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2173.867833][T28333] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2173.875638][T28333] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2173.883472][T28333] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2173.891270][T28333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2173.899070][T28333] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2173.906888][T28333] [ 2174.001757][T28333] erofs: (device loop5): mounted with root inode @ nid 36. 04:35:29 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) rename(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) rename(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) (async) 04:35:29 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r0) 04:35:29 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000800)={0x0, {{0xa, 0x0, 0x0, @mcast2}}, 0x0, 0x700}, 0x90) 04:35:29 executing program 0: openat$null(0xffffffffffffff9c, &(0x7f0000000680), 0x200000, 0x0) execveat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0) 04:35:29 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:35:29 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 45) 04:35:29 executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x1d, 0x3, &(0x7f0000000140)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x3, 0xc4, &(0x7f00000001c0)=""/196, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:35:29 executing program 0: r0 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000280)={'dummy0\x00', &(0x7f0000000240)=@ethtool_sset_info={0x37, 0x0, 0x7fffffff}}) 04:35:29 executing program 2: socket$inet6(0x2, 0xc, 0x0) 04:35:29 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x36, &(0x7f0000000800)={0xffffffff, {{0xa, 0x0, 0x0, @mcast2}}}, 0x90) 04:35:29 executing program 0: mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000000000007, 0x0, 0xd6600ede63ba487e, 0xffffffffffffffff, 0x10000000) 04:35:29 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1200}, 0x48) [ 2178.502332][T28368] loop5: detected capacity change from 0 to 16 [ 2178.508615][T28367] loop4: detected capacity change from 0 to 16 [ 2178.514834][T28368] FAULT_INJECTION: forcing a failure. [ 2178.514834][T28368] name failslab, interval 1, probability 0, space 0, times 0 [ 2178.527747][T28368] CPU: 0 PID: 28368 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2178.537795][T28368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2178.547688][T28368] Call Trace: [ 2178.550811][T28368] [ 2178.553587][T28368] dump_stack_lvl+0x151/0x1b7 [ 2178.558191][T28368] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2178.563486][T28368] dump_stack+0x15/0x17 [ 2178.567482][T28368] should_fail+0x3c0/0x510 [ 2178.571732][T28368] __should_failslab+0x9f/0xe0 [ 2178.576330][T28368] should_failslab+0x9/0x20 [ 2178.580672][T28368] kmem_cache_alloc+0x4f/0x2f0 [ 2178.585266][T28368] ? __rcu_read_unlock+0xd0/0xd0 [ 2178.590041][T28368] ? __alloc_skb+0xbc/0x550 [ 2178.594382][T28368] __alloc_skb+0xbc/0x550 [ 2178.598550][T28368] alloc_uevent_skb+0x7f/0x230 [ 2178.603146][T28368] kobject_uevent_net_broadcast+0x321/0x5a0 [ 2178.608877][T28368] kobject_uevent_env+0x540/0x730 [ 2178.613735][T28368] kobject_uevent+0x1f/0x30 [ 2178.618078][T28368] loop_set_size+0x95/0xa0 [ 2178.622331][T28368] loop_configure+0x11c7/0x1640 [ 2178.627017][T28368] lo_ioctl+0x8cd/0x25e0 [ 2178.631096][T28368] ? __schedule+0xaae/0x1010 [ 2178.635518][T28368] ? lo_release+0x200/0x200 [ 2178.639863][T28368] ? __kasan_check_write+0x14/0x20 [ 2178.644824][T28368] ? __switch_to+0x617/0x1170 [ 2178.649317][T28368] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 2178.654786][T28368] ? compat_start_thread+0x20/0x20 [ 2178.659735][T28368] ? __kasan_check_write+0x14/0x20 [ 2178.664680][T28368] ? _raw_spin_lock+0xa3/0x1b0 [ 2178.669285][T28368] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2178.674486][T28368] ? __kasan_check_write+0x14/0x20 [ 2178.679437][T28368] ? __kasan_check_write+0x14/0x20 [ 2178.684381][T28368] ? __switch_to+0x617/0x1170 [ 2178.688902][T28368] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 2178.694363][T28368] ? compat_start_thread+0x20/0x20 [ 2178.699311][T28368] ? __kasan_check_read+0x11/0x20 [ 2178.704169][T28368] ? switch_mm_irqs_off+0x22f/0x860 [ 2178.709204][T28368] ? _raw_spin_unlock+0x4d/0x70 [ 2178.713890][T28368] ? finish_task_switch+0x173/0x710 [ 2178.718940][T28368] ? __kasan_check_write+0x14/0x20 [ 2178.723871][T28368] ? _raw_spin_lock+0xa3/0x1b0 [ 2178.728536][T28368] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2178.733683][T28368] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 2178.739318][T28368] ? rcu_preempt_deferred_qs_irqrestore+0x6e8/0x9f0 [ 2178.745746][T28368] ? rcu_read_unlock_special+0xdb/0x4c0 [ 2178.751125][T28368] ? irqentry_exit_cond_resched+0x2b/0x30 [ 2178.756693][T28368] ? irqentry_exit+0x30/0x40 [ 2178.761104][T28368] ? __rcu_read_unlock+0xd0/0xd0 [ 2178.765879][T28368] ? asm_sysvec_reschedule_ipi+0x1b/0x20 [ 2178.771348][T28368] ? __rcu_read_unlock+0x7c/0xd0 [ 2178.776127][T28368] ? avc_has_extended_perms+0xb9c/0x1210 [ 2178.781587][T28368] ? kasan_set_track+0x4c/0x70 [ 2178.786188][T28368] ? kasan_set_free_info+0x23/0x40 [ 2178.791132][T28368] ? ____kasan_slab_free+0x126/0x160 [ 2178.796251][T28368] ? __kasan_slab_free+0x11/0x20 [ 2178.801030][T28368] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2178.806495][T28368] ? kmem_cache_free+0x11a/0x2e0 [ 2178.811269][T28368] ? putname+0x10b/0x160 [ 2178.815347][T28368] ? avc_flush+0x2b0/0x2b0 [ 2178.819603][T28368] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2178.824205][T28368] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2178.829407][T28368] ? kasan_quarantine_put+0x34/0x1b0 [ 2178.834528][T28368] ? blkdev_bszset+0x240/0x240 [ 2178.839128][T28368] ? ioctl_has_perm+0x3df/0x560 [ 2178.843815][T28368] ? has_cap_mac_admin+0xb0/0xb0 [ 2178.848591][T28368] ? switch_mm_irqs_off+0x22f/0x860 [ 2178.853622][T28368] ? selinux_file_ioctl+0x3c9/0x530 [ 2178.858670][T28368] ? lo_release+0x200/0x200 [ 2178.862995][T28368] blkdev_ioctl+0x2e9/0x620 [ 2178.867345][T28368] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2178.872628][T28368] ? __fget_files+0x310/0x370 [ 2178.877144][T28368] block_ioctl+0xb0/0xf0 [ 2178.881223][T28368] ? blkdev_iopoll+0x100/0x100 [ 2178.885822][T28368] __se_sys_ioctl+0x115/0x190 [ 2178.890337][T28368] __x64_sys_ioctl+0x7b/0x90 [ 2178.894767][T28368] do_syscall_64+0x44/0xd0 [ 2178.899099][T28368] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2178.904833][T28368] RIP: 0033:0x7f2bac5faec7 [ 2178.909082][T28368] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2178.929913][T28368] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2178.938160][T28368] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2178.945969][T28368] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2178.953778][T28368] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2178.961590][T28368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2178.969400][T28368] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2178.977218][T28368] [ 2178.986566][T28367] erofs: (device loop4): mounted with root inode @ nid 36. [ 2178.994169][T28368] erofs: (device loop5): mounted with root inode @ nid 36. 04:35:35 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) listxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=""/6, 0x6) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) 04:35:35 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0) ioctl$EVIOCGNAME(r0, 0x40284504, &(0x7f0000000000)=""/201) 04:35:35 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x880) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000040)={'ip6gre0\x00', 0x0, 0x2f, 0x2, 0xb5, 0x1, 0x30, @dev={0xfe, 0x80, '\x00', 0x25}, @dev, 0x0, 0x8, 0x3, 0x9}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000280)={'ip6gre0\x00', 0x0, 0x29, 0x20, 0x4, 0x5, 0x30, @private0, @mcast1, 0x20, 0x20, 0x0, 0xc9}}) r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001140), 0x280980, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, 0x0) r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001140), 0x280980, 0x0) r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001140), 0x280980, 0x0) r7 = socket$inet6_udp(0xa, 0x2, 0x0) r8 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001140), 0x280980, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r8, 0x89f1, 0x0) ioctl$TIOCMSET(r4, 0x5418, &(0x7f0000000740)=0x3) setsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000780)={r2, @loopback, @local}, 0xc) pidfd_getfd(r8, r0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000700)={'ip6gre0\x00', &(0x7f0000000680)={'ip6_vti0\x00', 0x0, 0x29, 0x20, 0xcf, 0x5, 0x6a, @empty, @loopback, 0x8000, 0x8000, 0x3, 0x5}}) r9 = ioctl$TIOCGPTPEER(r5, 0x5441, 0x4) ioctl$TIOCL_SETSEL(r9, 0x541c, &(0x7f0000000800)={0x2, {0x2, 0x2, 0x3000, 0x2, 0x4, 0x3}}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000580)={'syztnl2\x00', &(0x7f0000000500)={'syztnl2\x00', 0x0, 0x29, 0x5, 0xff, 0x3, 0x6, @private2={0xfc, 0x2, '\x00', 0x1}, @private1, 0x7800, 0xa8, 0x1f, 0x5}}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)=@ipv6_newaddr={0x34, 0x14, 0x400, 0x70bd2b, 0x25dfdbfc, {0xa, 0x3f, 0x8, 0xfe, r10}, [@IFA_LOCAL={0x14, 0x2, @mcast2}, @IFA_TARGET_NETNSID={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20040881}, 0x8041) accept$inet(r5, 0x0, &(0x7f00000007c0)) ioctl$TCSETA(r6, 0x5406, &(0x7f0000000480)={0x400, 0x6a, 0x293e, 0x8, 0x11, "24a2bab291396afe"}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_ext={0x1c, 0x12, &(0x7f0000000140)=@raw=[@map_idx={0x18, 0x3, 0x5, 0x0, 0xa}, @map_idx={0x18, 0x3, 0x5, 0x0, 0x4}, @map_idx_val={0x18, 0x3, 0x6, 0x0, 0x8}, @cb_func={0x18, 0x1, 0x4, 0x0, 0xfffffffffffffffb}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x3}, @map_fd, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10000}, @exit, @call={0x85, 0x0, 0x0, 0x1c}, @map_idx={0x18, 0x9, 0x5, 0x0, 0xb}], &(0x7f0000000200)='GPL\x00', 0x7, 0x29, &(0x7f0000000240)=""/41, 0x41000, 0x11, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000000380)={0x0, 0x9, 0xd401, 0x1}, 0x10, 0x11676, r4, 0x0, &(0x7f00000003c0)=[r5]}, 0x80) 04:35:35 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x6940, 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={[], [{@permit_directio}]}) 04:35:35 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:35:35 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 46) 04:35:35 executing program 0: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x3}}, &(0x7f0000000180)='syzkaller\x00', 0x3, 0xc4, &(0x7f00000001c0)=""/196, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:35:35 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x8948, &(0x7f00000000c0)={'syztnl2\x00', 0x0}) 04:35:35 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socket$inet6_udp(0xa, 0x2, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000001140), 0x0, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000001140), 0x280980, 0x0) pselect6(0x40, &(0x7f00000004c0), &(0x7f0000000500)={0x40}, 0x0, 0x0, 0x0) 04:35:35 executing program 0: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x68}, [@generic={0x25}]}, &(0x7f0000000180)='syzkaller\x00', 0x3, 0xc4, &(0x7f00000001c0)=""/196, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:35:35 executing program 2: r0 = socket$inet(0x2c, 0x3, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10) 04:35:35 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0) ioctl$EVIOCGKEYCODE_V2(r0, 0x80104592, 0x0) [ 2183.503212][T28382] tmpfs: Unknown parameter 'permit_directio' [ 2183.621264][T28403] loop4: detected capacity change from 0 to 16 [ 2183.632742][T28404] loop5: detected capacity change from 0 to 16 [ 2183.638086][T28403] erofs: (device loop4): mounted with root inode @ nid 36. [ 2183.671591][T28404] FAULT_INJECTION: forcing a failure. [ 2183.671591][T28404] name failslab, interval 1, probability 0, space 0, times 0 [ 2183.684400][T28404] CPU: 0 PID: 28404 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2183.694451][T28404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2183.704356][T28404] Call Trace: [ 2183.707471][T28404] [ 2183.710247][T28404] dump_stack_lvl+0x151/0x1b7 [ 2183.714760][T28404] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2183.720147][T28404] dump_stack+0x15/0x17 [ 2183.724131][T28404] should_fail+0x3c0/0x510 [ 2183.728398][T28404] ? alloc_uevent_skb+0x7f/0x230 [ 2183.733159][T28404] __should_failslab+0x9f/0xe0 [ 2183.737765][T28404] should_failslab+0x9/0x20 [ 2183.742100][T28404] __kmalloc_track_caller+0x6c/0x350 [ 2183.747218][T28404] ? kmem_cache_alloc+0x1c1/0x2f0 [ 2183.752075][T28404] ? __alloc_skb+0xbc/0x550 [ 2183.756417][T28404] ? alloc_uevent_skb+0x7f/0x230 [ 2183.761191][T28404] __alloc_skb+0x10e/0x550 [ 2183.765445][T28404] alloc_uevent_skb+0x7f/0x230 [ 2183.770044][T28404] kobject_uevent_net_broadcast+0x321/0x5a0 [ 2183.775770][T28404] kobject_uevent_env+0x540/0x730 [ 2183.780632][T28404] kobject_uevent+0x1f/0x30 [ 2183.784979][T28404] loop_set_size+0x95/0xa0 [ 2183.789224][T28404] loop_configure+0x11c7/0x1640 [ 2183.793916][T28404] lo_ioctl+0x8cd/0x25e0 [ 2183.797990][T28404] ? is_bpf_text_address+0x1a2/0x1c0 [ 2183.803110][T28404] ? lo_release+0x200/0x200 [ 2183.807450][T28404] ? stack_trace_save+0x1f0/0x1f0 [ 2183.812309][T28404] ? __kernel_text_address+0x9a/0x110 [ 2183.817519][T28404] ? unwind_get_return_address+0x4c/0x90 [ 2183.822983][T28404] ? arch_stack_walk+0xf8/0x140 [ 2183.827676][T28404] ? avc_has_perm_noaudit+0x358/0x450 [ 2183.832877][T28404] ? memcpy+0x56/0x70 [ 2183.836708][T28404] ? memset+0x35/0x40 [ 2183.840516][T28404] ? fsnotify+0x5ad/0x2240 [ 2183.844768][T28404] ? __kasan_check_write+0x14/0x20 [ 2183.849714][T28404] ? _raw_spin_lock+0xa3/0x1b0 [ 2183.854315][T28404] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2183.859526][T28404] ? avc_has_perm_noaudit+0x358/0x450 [ 2183.864731][T28404] ? _raw_spin_unlock+0x4d/0x70 [ 2183.869423][T28404] ? find_inode_fast+0x459/0x480 [ 2183.874190][T28404] ? __kasan_check_write+0x14/0x20 [ 2183.879139][T28404] ? mutex_unlock+0xa2/0x110 [ 2183.883565][T28404] ? __mutex_lock_slowpath+0x10/0x10 [ 2183.888690][T28404] ? is_bpf_text_address+0x1a2/0x1c0 [ 2183.893807][T28404] ? stack_trace_save+0x1f0/0x1f0 [ 2183.898667][T28404] ? __kernel_text_address+0x9a/0x110 [ 2183.903874][T28404] ? unwind_get_return_address+0x4c/0x90 [ 2183.909341][T28404] ? arch_stack_walk+0xf8/0x140 [ 2183.914038][T28404] ? stack_trace_save+0x12d/0x1f0 [ 2183.918889][T28404] ? stack_trace_snprint+0x100/0x100 [ 2183.924009][T28404] ? avc_has_extended_perms+0x718/0x1210 [ 2183.929477][T28404] ? memcpy+0x56/0x70 [ 2183.933295][T28404] ? avc_has_extended_perms+0xb9c/0x1210 [ 2183.938762][T28404] ? kasan_set_track+0x4c/0x70 [ 2183.943363][T28404] ? kasan_set_free_info+0x23/0x40 [ 2183.948311][T28404] ? ____kasan_slab_free+0x126/0x160 [ 2183.953429][T28404] ? __kasan_slab_free+0x11/0x20 [ 2183.958203][T28404] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2183.963584][T28404] ? kmem_cache_free+0x11a/0x2e0 [ 2183.968359][T28404] ? putname+0x10b/0x160 [ 2183.972436][T28404] ? avc_flush+0x2b0/0x2b0 [ 2183.976694][T28404] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2183.981295][T28404] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2183.986499][T28404] ? kasan_quarantine_put+0x34/0x1b0 [ 2183.991621][T28404] ? blkdev_bszset+0x240/0x240 [ 2183.996218][T28404] ? ioctl_has_perm+0x3df/0x560 [ 2184.000904][T28404] ? has_cap_mac_admin+0xb0/0xb0 [ 2184.005677][T28404] ? kmem_cache_free+0x11a/0x2e0 [ 2184.010451][T28404] ? putname+0x10b/0x160 [ 2184.014530][T28404] ? selinux_file_ioctl+0x3c9/0x530 [ 2184.019566][T28404] ? lo_release+0x200/0x200 [ 2184.023903][T28404] blkdev_ioctl+0x2e9/0x620 [ 2184.028246][T28404] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2184.033536][T28404] ? __fget_files+0x310/0x370 [ 2184.038051][T28404] block_ioctl+0xb0/0xf0 [ 2184.042248][T28404] ? blkdev_iopoll+0x100/0x100 [ 2184.046845][T28404] __se_sys_ioctl+0x115/0x190 [ 2184.051363][T28404] __x64_sys_ioctl+0x7b/0x90 [ 2184.055785][T28404] do_syscall_64+0x44/0xd0 [ 2184.060041][T28404] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2184.065765][T28404] RIP: 0033:0x7f2bac5faec7 [ 2184.070019][T28404] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2184.089458][T28404] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2184.097708][T28404] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2184.105515][T28404] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2184.113328][T28404] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2184.121136][T28404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2184.128946][T28404] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2184.136763][T28404] [ 2184.145883][T28404] erofs: (device loop5): mounted with root inode @ nid 36. 04:35:39 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) listxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=""/6, 0x6) (async, rerun: 64) chdir(&(0x7f0000000140)='./file0\x00') (async, rerun: 64) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) 04:35:39 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0) ioctl$EVIOCGNAME(r0, 0x80044501, &(0x7f0000000000)=""/201) 04:35:39 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000000)={@dev, @empty}, 0x8) 04:35:39 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_udp_int(r0, 0x11, 0xa, 0x0, &(0x7f0000000100)) 04:35:39 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:35:39 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 47) 04:35:39 executing program 3: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$9p(r0, &(0x7f00000013c0)='`', 0x1) 04:35:39 executing program 0: munmap(&(0x7f0000400000/0xc00000)=nil, 0xc00000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) 04:35:39 executing program 2: mlock2(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) munmap(&(0x7f0000400000/0xc00000)=nil, 0xc00000) 04:35:39 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@fwd]}}, &(0x7f0000000100)=""/160, 0x26, 0xa0, 0x1}, 0x20) 04:35:39 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, r1, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0x0, 0x1}}}}, 0x30}}, 0x0) 04:35:39 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)={0x28, r1, 0x1, 0x0, 0x0, {{}, {}, {0xc, 0x14, 'syz1\x00'}}}, 0x28}}, 0x0) [ 2187.982048][T28439] loop5: detected capacity change from 0 to 16 [ 2187.988062][T28439] FAULT_INJECTION: forcing a failure. [ 2187.988062][T28439] name failslab, interval 1, probability 0, space 0, times 0 [ 2188.011135][T28439] CPU: 1 PID: 28439 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2188.021206][T28439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2188.031187][T28439] Call Trace: [ 2188.034315][T28439] [ 2188.037085][T28439] dump_stack_lvl+0x151/0x1b7 [ 2188.041601][T28439] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2188.046982][T28439] dump_stack+0x15/0x17 [ 2188.050972][T28439] should_fail+0x3c0/0x510 [ 2188.055223][T28439] ? alloc_uevent_skb+0x7f/0x230 [ 2188.060006][T28439] __should_failslab+0x9f/0xe0 [ 2188.064598][T28439] should_failslab+0x9/0x20 [ 2188.068938][T28439] __kmalloc_track_caller+0x6c/0x350 [ 2188.074070][T28439] ? kmem_cache_alloc+0x1c1/0x2f0 [ 2188.078918][T28439] ? __alloc_skb+0xbc/0x550 [ 2188.083259][T28439] ? alloc_uevent_skb+0x7f/0x230 [ 2188.088037][T28439] __alloc_skb+0x10e/0x550 [ 2188.092292][T28439] alloc_uevent_skb+0x7f/0x230 [ 2188.096889][T28439] kobject_uevent_net_broadcast+0x321/0x5a0 [ 2188.102619][T28439] kobject_uevent_env+0x540/0x730 [ 2188.107562][T28439] kobject_uevent+0x1f/0x30 [ 2188.111898][T28439] loop_set_size+0x95/0xa0 [ 2188.116151][T28439] loop_configure+0x11c7/0x1640 [ 2188.120928][T28439] lo_ioctl+0x8cd/0x25e0 [ 2188.125004][T28439] ? is_bpf_text_address+0x1a2/0x1c0 [ 2188.130210][T28439] ? lo_release+0x200/0x200 [ 2188.134600][T28439] ? stack_trace_save+0x1f0/0x1f0 [ 2188.139414][T28439] ? __kernel_text_address+0x9a/0x110 [ 2188.144620][T28439] ? unwind_get_return_address+0x4c/0x90 [ 2188.150085][T28439] ? arch_stack_walk+0xf8/0x140 [ 2188.154774][T28439] ? avc_has_perm_noaudit+0x358/0x450 [ 2188.159981][T28439] ? memcpy+0x56/0x70 [ 2188.163800][T28439] ? memset+0x35/0x40 [ 2188.167616][T28439] ? fsnotify+0x5ad/0x2240 [ 2188.171870][T28439] ? __kasan_check_write+0x14/0x20 [ 2188.176819][T28439] ? _raw_spin_lock+0xa3/0x1b0 [ 2188.181416][T28439] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2188.186625][T28439] ? avc_has_perm_noaudit+0x358/0x450 [ 2188.191831][T28439] ? _raw_spin_unlock+0x4d/0x70 [ 2188.196519][T28439] ? find_inode_fast+0x459/0x480 [ 2188.201299][T28439] ? __kasan_check_write+0x14/0x20 [ 2188.206237][T28439] ? mutex_unlock+0xa2/0x110 [ 2188.210665][T28439] ? __mutex_lock_slowpath+0x10/0x10 [ 2188.215788][T28439] ? is_bpf_text_address+0x1a2/0x1c0 [ 2188.220908][T28439] ? stack_trace_save+0x1f0/0x1f0 [ 2188.225768][T28439] ? __kernel_text_address+0x9a/0x110 [ 2188.230984][T28439] ? unwind_get_return_address+0x4c/0x90 [ 2188.236442][T28439] ? arch_stack_walk+0xf8/0x140 [ 2188.241311][T28439] ? stack_trace_save+0x12d/0x1f0 [ 2188.246170][T28439] ? stack_trace_snprint+0x100/0x100 [ 2188.251283][T28439] ? avc_has_extended_perms+0x718/0x1210 [ 2188.256755][T28439] ? memcpy+0x56/0x70 [ 2188.260579][T28439] ? avc_has_extended_perms+0xb9c/0x1210 [ 2188.266048][T28439] ? kasan_set_track+0x4c/0x70 [ 2188.270637][T28439] ? kasan_set_free_info+0x23/0x40 [ 2188.275671][T28439] ? ____kasan_slab_free+0x126/0x160 [ 2188.280790][T28439] ? __kasan_slab_free+0x11/0x20 [ 2188.285574][T28439] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2188.290948][T28439] ? kmem_cache_free+0x11a/0x2e0 [ 2188.295719][T28439] ? putname+0x10b/0x160 [ 2188.299800][T28439] ? avc_flush+0x2b0/0x2b0 [ 2188.304065][T28439] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2188.308658][T28439] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2188.313860][T28439] ? kasan_quarantine_put+0x34/0x1b0 [ 2188.318994][T28439] ? blkdev_bszset+0x240/0x240 [ 2188.323579][T28439] ? ioctl_has_perm+0x3df/0x560 [ 2188.328274][T28439] ? has_cap_mac_admin+0xb0/0xb0 [ 2188.333040][T28439] ? kmem_cache_free+0x11a/0x2e0 [ 2188.337989][T28439] ? putname+0x10b/0x160 [ 2188.342070][T28439] ? selinux_file_ioctl+0x3c9/0x530 [ 2188.347103][T28439] ? lo_release+0x200/0x200 [ 2188.351445][T28439] blkdev_ioctl+0x2e9/0x620 [ 2188.355780][T28439] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2188.361075][T28439] ? __fget_files+0x310/0x370 [ 2188.365597][T28439] block_ioctl+0xb0/0xf0 [ 2188.369676][T28439] ? blkdev_iopoll+0x100/0x100 [ 2188.374266][T28439] __se_sys_ioctl+0x115/0x190 [ 2188.378784][T28439] __x64_sys_ioctl+0x7b/0x90 [ 2188.383208][T28439] do_syscall_64+0x44/0xd0 [ 2188.387721][T28439] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2188.393536][T28439] RIP: 0033:0x7f2bac5faec7 [ 2188.397791][T28439] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2188.417227][T28439] RSP: 002b:00007f2bab32bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2188.425475][T28439] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f2bac5faec7 [ 2188.433287][T28439] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 2188.441103][T28439] RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000178 [ 2188.448907][T28439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2188.456719][T28439] R13: 00007f2bab32bfdc R14: 00007f2bab32bfe0 R15: 0000000000000000 [ 2188.464530][T28439] [ 2188.521352][T28440] loop4: detected capacity change from 0 to 16 [ 2188.534487][T28439] erofs: (device loop5): mounted with root inode @ nid 36. [ 2188.543479][T28440] erofs: (device loop4): mounted with root inode @ nid 36. 04:35:44 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async, rerun: 64) listxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=""/6, 0x6) (async, rerun: 64) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) 04:35:44 executing program 3: mlock2(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0) munmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000) 04:35:44 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 04:35:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) 04:35:44 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 48) 04:35:44 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:35:44 executing program 3: syz_genetlink_get_family_id$team(&(0x7f0000000fc0), 0xffffffffffffffff) 04:35:44 executing program 2: r0 = fsopen(&(0x7f0000000580)='bpf\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f00000005c0)='devlink\x00', &(0x7f0000000600)='P', 0x100000) 04:35:44 executing program 3: clock_adjtime(0x0, &(0x7f0000000200)={0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}) 04:35:44 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000300)={@private2}) 04:35:44 executing program 3: pipe(&(0x7f0000000200)={0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001740)=ANY=[@ANYBLOB="620af8ff25200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fa093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415bd1966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b7845e6b607130c89f18c0c1089d8b853289d01aa27ae82e61b0f9223684198e1148f49faf2ad0000000000000026fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364145835108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e68242aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000009711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b000020435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c55609a6e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f879b13634c31da2c25cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ece0ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6006e56237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77682efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b0a3dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d122a7cca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710db8f3e5c7ebfd6d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aed7a1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81643a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de553101cae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225f728d44d0973171ad47d6b70ebc660309e1e245b00001743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933bee24c7e8000f2c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cefa86966d7ba19e900413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e000000000000037010632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef96ccecc467acc45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127cf72748a028daf5fc4d4e6d5265bec44219ee8fbfe86f441c724fa7b3d1ff0555e63ad00a1c7f9f9af10154f1e109dc3f7dd87ea308a1fb5a983490c6c93610864623613dabec4c0b64461d21f807515d8fadec636c99aa95ff895c25aad5ac0993a65c7668ca2b6d46edbad410df7390d27e4ddc8f47d5a918b14da4ec07c8199259b8e3dd36de9be47549f053234c67b88969ec7f168fe635ce25d39686f2470afb1b1db18221841cee6e5531280d65f1d28886e0f06856a5ca37a91ea6e19977c517b10fb66858a05b03084d1f3bd5542d2796a33cfe545be3dc03d302e4839492cdc7694142e48f23271787d3a2360996ca3c9b18000000000700000000000000000000004882ce2e7a68512b23b0ab1f7a6c960bd002984955dc620614f97a234c8e1df96d5e7a67c8d26cd7a4bbacc4a086c2cb5a9af5fab1f01e2b7cf653f9d25f942b1cff6d738e17df64464fbc9d89911829458645ef2d2d23f55eb1b09855cc74d29cbca2aeff07a9bf56c3fa68a7d71aad094d5d968ad88fdda027c65e434e9a6bc68ec751d6d21fa471ac8646d714ce68f1f46f6ec4c1e87d720385be6f3a70fe730ccad42a9051cd07f356023e855e5acd5cc7d990cebcac66cbd3229d18511bfa1e3d2c82af72932cfd875584d0fc2daff4dfebe41c37494b8136a37f12caecba3e09a31a00410ff161089935db303df012b165663cc1f915d65f69f9d2c1d853b0150445d088da47c170155cd0cc863f4ef36a626e6e59ef4708dc0f6d8d9650207e29081772ce79577f93b9aac8b738822dd6a8168011c421d530caed04a229e75b77905097eafe9042ed10931145b37d87bb3493b0b8a75bbc43910382286fedafbc3f75bff9082f599c1b1144b04bc987"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) r3 = openat$cgroup(r0, &(0x7f00000003c0)='syz0\x00', 0x200002, 0x0) openat$cgroup_ro(r3, &(0x7f0000000380)='blkio.bfq.avg_queue_size\x00', 0x0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000300)='dctcp\x00', 0x6) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f00000000c0)=ANY=[], 0x208e19b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r4, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(r1, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0) 04:35:44 executing program 2: mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4) [ 2192.960521][T28480] loop5: detected capacity change from 0 to 16 [ 2192.977258][T28481] loop4: detected capacity change from 0 to 16 [ 2192.985159][T28480] FAULT_INJECTION: forcing a failure. [ 2192.985159][T28480] name failslab, interval 1, probability 0, space 0, times 0 [ 2193.024200][T28481] erofs: (device loop4): mounted with root inode @ nid 36. [ 2193.031334][T28480] CPU: 0 PID: 28480 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2193.041397][T28480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2193.051290][T28480] Call Trace: [ 2193.054411][T28480] [ 2193.057188][T28480] dump_stack_lvl+0x151/0x1b7 [ 2193.061703][T28480] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2193.067005][T28480] dump_stack+0x15/0x17 [ 2193.070988][T28480] should_fail+0x3c0/0x510 [ 2193.075240][T28480] __should_failslab+0x9f/0xe0 [ 2193.079841][T28480] should_failslab+0x9/0x20 [ 2193.084180][T28480] kmem_cache_alloc+0x4f/0x2f0 [ 2193.088782][T28480] ? getname_flags+0xba/0x510 [ 2193.093295][T28480] getname_flags+0xba/0x510 [ 2193.097634][T28480] __x64_sys_mkdirat+0x7c/0xa0 [ 2193.102233][T28480] do_syscall_64+0x44/0xd0 [ 2193.106487][T28480] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2193.112217][T28480] RIP: 0033:0x7f2bac5fa0f7 [ 2193.116467][T28480] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2193.135909][T28480] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2193.144151][T28480] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fa0f7 [ 2193.151962][T28480] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2193.159778][T28480] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000178 [ 2193.167708][T28480] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2193.175481][T28480] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2193.183299][T28480] 04:35:49 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000000180)={@dev}, 0x14) 04:35:49 executing program 2: r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="0d01000009000008250592d20700006a3b010902241700fa0074980904e4ff11070103000905010200ffe000000905820264"], 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000380)={0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x20, 0x0, 0x1}}) syz_open_dev$char_usb(0xc, 0xb4, 0x0) 04:35:49 executing program 3: syz_genetlink_get_family_id$devlink(&(0x7f0000000500), 0xffffffffffffffff) syz_open_dev$vcsu(&(0x7f0000000ac0), 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) 04:35:49 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 49) 04:35:49 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:35:49 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) sync_file_range(r1, 0x0, 0x0, 0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x80010, r1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0) pipe(&(0x7f0000003d00)) 04:35:49 executing program 3: syz_open_dev$usbfs(&(0x7f0000000180), 0x2144, 0x0) 04:35:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x8946, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)={@private0={0x27}, @multicast2}}) 04:35:49 executing program 0: syz_io_uring_setup(0x109d, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000411000/0x2000)=nil, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r0, &(0x7f0000e3e000)=""/8, 0xffd8, 0x103f00) 04:35:49 executing program 0: socketpair(0xa, 0x3, 0x8, &(0x7f0000001700)) 04:35:49 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x19, 0x0, 0x0) 04:35:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000fef000/0x1000)=nil, 0x930, 0x0, 0x11, r3, 0x0) 04:35:49 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14}, 0x14}}, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f00000001c0), r0) [ 2198.013457][T28520] loop4: detected capacity change from 0 to 16 [ 2198.020294][T28520] erofs: (device loop4): mounted with root inode @ nid 36. [ 2198.082772][T28521] loop5: detected capacity change from 0 to 15 [ 2198.098184][T28521] FAULT_INJECTION: forcing a failure. [ 2198.098184][T28521] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2198.121242][T28521] CPU: 1 PID: 28521 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2198.131311][T28521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2198.141203][T28521] Call Trace: [ 2198.144330][T28521] [ 2198.147103][T28521] dump_stack_lvl+0x151/0x1b7 [ 2198.151618][T28521] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2198.156914][T28521] dump_stack+0x15/0x17 [ 2198.160919][T28521] should_fail+0x3c0/0x510 [ 2198.165155][T28521] should_fail_usercopy+0x1a/0x20 [ 2198.170112][T28521] strncpy_from_user+0x24/0x2b0 [ 2198.174838][T28521] getname_flags+0xf2/0x510 [ 2198.179131][T28521] __x64_sys_mkdirat+0x7c/0xa0 [ 2198.183733][T28521] do_syscall_64+0x44/0xd0 [ 2198.187984][T28521] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2198.193709][T28521] RIP: 0033:0x7f2bac5fa0f7 [ 2198.197963][T28521] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2198.217411][T28521] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2198.225738][T28521] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fa0f7 [ 2198.233545][T28521] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2198.241354][T28521] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000178 [ 2198.249168][T28521] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2198.256977][T28521] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2198.264794][T28521] 04:35:49 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x4, &(0x7f0000001700)={'filter\x00', 0x4}, 0x68) 04:35:49 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x3, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_STATS(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x24040001}, 0x80) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'veth0_vlan\x00'}) sendmsg$NFNL_MSG_CTHELPER_DEL(r1, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x10c, 0x2, 0x9, 0x801, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFCTH_TUPLE={0x7c, 0x2, [@CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x3}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_TUPLE={0x2c, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_ZONE={0x6}]}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x4}, @NFCTH_STATUS={0x8}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x6}]}, 0x10c}}, 0x0) 04:35:50 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0xc, &(0x7f0000001700)={'filter\x00', 0x4}, 0x68) 04:35:50 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 50) [ 2198.863334][T28534] loop5: detected capacity change from 0 to 16 [ 2198.869697][T28534] FAULT_INJECTION: forcing a failure. [ 2198.869697][T28534] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2198.882727][T28534] CPU: 0 PID: 28534 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2198.892776][T28534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2198.902670][T28534] Call Trace: [ 2198.905795][T28534] [ 2198.908661][T28534] dump_stack_lvl+0x151/0x1b7 [ 2198.913173][T28534] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2198.918484][T28534] dump_stack+0x15/0x17 [ 2198.922461][T28534] should_fail+0x3c0/0x510 [ 2198.926715][T28534] should_fail_usercopy+0x1a/0x20 [ 2198.931576][T28534] strncpy_from_user+0x24/0x2b0 [ 2198.936256][T28534] getname_flags+0xf2/0x510 [ 2198.940597][T28534] __x64_sys_mkdirat+0x7c/0xa0 [ 2198.945195][T28534] do_syscall_64+0x44/0xd0 [ 2198.949451][T28534] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2198.955178][T28534] RIP: 0033:0x7f2bac5fa0f7 [ 2198.959429][T28534] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2198.979046][T28534] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2198.987288][T28534] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fa0f7 [ 2198.995102][T28534] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2199.002910][T28534] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000178 [ 2199.010731][T28534] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2199.018536][T28534] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2199.026349][T28534] 04:35:54 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) sync_file_range(r1, 0x0, 0x0, 0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x80010, r1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0) pipe(&(0x7f0000003d00)) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000000)='./file1\x00') (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) (async) sync_file_range(r1, 0x0, 0x0, 0x6) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x80010, r1, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0) (async) pipe(&(0x7f0000003d00)) (async) 04:35:54 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:35:54 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_REMOVE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x268, 0x1, 0x5, 0x401, 0x0, 0x0, {}, [{{0x254, 0x1, {{}, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', "58c6b56c58e5c8a2077a3dea9390db45581c014fd0d04c208f26733f61a03ec0", "70a3ac9b09fb8cc4938a016096b52fc22e53ad6a0fb5135cb9916f75dc17b321"}}}]}, 0x268}}, 0x0) 04:35:54 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x1, 0x8, 0x301}, 0x14}}, 0x0) 04:35:54 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x1, 0x4, 0x101}, 0x14}}, 0x0) 04:35:54 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 51) 04:35:54 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x9, 0x3, 0x1f8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1a8, 0xffffffff, 0xffffffff, 0x1a8, 0xffffffff, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'veth1_macvtap\x00', 'ip6_vti0\x00'}, 0x0, 0x70, 0xd0}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'pimreg0\x00', {}, {}, 0x0, 0xe4b7366c4f67006d}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x258) 04:35:54 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_REMOVE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x268, 0x1, 0x5, 0x401, 0x0, 0x0, {}, [{{0x3, 0x1, {{}, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', "58c6b56c58e5c8a2077a3dea9390db45581c014fd0d04c208f26733f61a03ec0", "70a3ac9b09fb8cc4938a016096b52fc26153ad6a0fb5135cb9916f75dc17b321"}}}]}, 0x268}}, 0x0) 04:35:54 executing program 3: r0 = socket(0x25, 0x1, 0x0) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x40895) 04:35:54 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x5, &(0x7f0000001700)={'filter\x00', 0x4}, 0x68) 04:35:54 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x14, 0x1, 0x1, 0x301}, 0x14}}, 0x0) 04:35:54 executing program 0: futex(0x0, 0xb, 0x0, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000100), 0x0) [ 2202.874981][ T30] audit: type=1400 audit(1669523754.391:697): avc: denied { create } for pid=28553 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 2202.965613][T28566] loop4: detected capacity change from 0 to 16 [ 2202.973411][T28566] erofs: (device loop4): mounted with root inode @ nid 36. [ 2203.001924][T28567] loop5: detected capacity change from 0 to 16 [ 2203.040710][T28567] FAULT_INJECTION: forcing a failure. [ 2203.040710][T28567] name failslab, interval 1, probability 0, space 0, times 0 [ 2203.061918][T28567] CPU: 1 PID: 28567 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2203.071987][T28567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2203.081966][T28567] Call Trace: [ 2203.085267][T28567] [ 2203.088051][T28567] dump_stack_lvl+0x151/0x1b7 [ 2203.092554][T28567] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2203.097847][T28567] ? release_firmware_map_entry+0x193/0x193 [ 2203.103575][T28567] dump_stack+0x15/0x17 [ 2203.107565][T28567] should_fail+0x3c0/0x510 [ 2203.111818][T28567] __should_failslab+0x9f/0xe0 [ 2203.116417][T28567] should_failslab+0x9/0x20 [ 2203.120759][T28567] kmem_cache_alloc+0x4f/0x2f0 [ 2203.125357][T28567] ? ext4_alloc_inode+0x21/0x620 [ 2203.130131][T28567] ? ext4_set_test_dummy_encryption+0x220/0x220 [ 2203.136215][T28567] ext4_alloc_inode+0x21/0x620 [ 2203.140808][T28567] ? ext4_set_test_dummy_encryption+0x220/0x220 [ 2203.146966][T28567] new_inode_pseudo+0x64/0x220 [ 2203.151575][T28567] new_inode+0x28/0x1c0 [ 2203.155680][T28567] __ext4_new_inode+0x29d/0x4780 [ 2203.160447][T28567] ? memset+0x35/0x40 [ 2203.164270][T28567] ? __dquot_initialize+0x241/0xe10 [ 2203.169307][T28567] ? ext4_mark_inode_used+0xc00/0xc00 [ 2203.174518][T28567] ? dquot_initialize+0x20/0x20 [ 2203.179190][T28567] ? may_create+0x647/0x8c0 [ 2203.183532][T28567] ext4_mkdir+0x41a/0xcf0 [ 2203.187699][T28567] ? ext4_symlink+0xfe0/0xfe0 [ 2203.192207][T28567] ? selinux_inode_mkdir+0x22/0x30 [ 2203.197157][T28567] ? security_inode_mkdir+0xf1/0x130 [ 2203.202287][T28567] vfs_mkdir+0x360/0x580 [ 2203.207312][T28567] do_mkdirat+0x1e8/0x420 [ 2203.211478][T28567] ? vfs_mkdir+0x580/0x580 [ 2203.215728][T28567] ? getname_flags+0x1fb/0x510 [ 2203.220415][T28567] __x64_sys_mkdirat+0x89/0xa0 [ 2203.225018][T28567] do_syscall_64+0x44/0xd0 [ 2203.229272][T28567] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2203.234999][T28567] RIP: 0033:0x7f2bac5fa0f7 [ 2203.239250][T28567] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2203.258691][T28567] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2203.267035][T28567] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fa0f7 [ 2203.274832][T28567] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2203.282653][T28567] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000178 [ 2203.290455][T28567] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2203.298264][T28567] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2203.306078][T28567] 04:35:58 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x21, &(0x7f0000001700)={'filter\x00', 0x4}, 0x68) 04:35:58 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x16, 0x0, 0x0) 04:35:58 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) sync_file_range(r1, 0x0, 0x0, 0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x80010, r1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0) pipe(&(0x7f0000003d00)) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000000)='./file1\x00') (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) (async) sync_file_range(r1, 0x0, 0x0, 0x6) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x80010, r1, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0) (async) pipe(&(0x7f0000003d00)) (async) 04:35:58 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x25, 0x0, 0x0) 04:35:58 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:35:58 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 52) 04:35:58 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x15, 0x0, 0x0) 04:35:58 executing program 0: socket$inet6(0xa, 0x5, 0x7) 04:35:58 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="020d000014000000000400000000000005000600000000000a000000000000000000000000000000000000000000000000000000000000000800120000000200000000000000000006000000000000000000000000000000ff020000000000000000000000000001ac1414aa00000000000000000000000005000500000000000a"], 0xa0}}, 0x0) 04:35:58 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@NL80211_ATTR_PRIVACY={0x4}]}, 0x24}}, 0x0) 04:35:58 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x17, 0x0, 0x0) 04:35:58 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000040)={{0x2, 0x0, @multicast2}, {0x0, @random="77662ec0ef5f"}, 0x0, {0x2, 0x0, @loopback}, 'veth1_to_hsr\x00'}) 04:35:58 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x18, 0x0, 0x0) [ 2207.233617][T28611] loop4: detected capacity change from 0 to 16 [ 2207.241215][T28611] erofs: (device loop4): mounted with root inode @ nid 36. [ 2207.334259][T28612] loop5: detected capacity change from 0 to 16 [ 2207.369498][T28612] FAULT_INJECTION: forcing a failure. [ 2207.369498][T28612] name failslab, interval 1, probability 0, space 0, times 0 [ 2207.384858][T28612] CPU: 1 PID: 28612 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2207.394928][T28612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2207.404811][T28612] Call Trace: [ 2207.407946][T28612] [ 2207.410800][T28612] dump_stack_lvl+0x151/0x1b7 [ 2207.415313][T28612] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2207.420724][T28612] ? security_compute_sid+0x1ec7/0x2020 [ 2207.426182][T28612] dump_stack+0x15/0x17 [ 2207.430346][T28612] should_fail+0x3c0/0x510 [ 2207.434584][T28612] __should_failslab+0x9f/0xe0 [ 2207.439269][T28612] should_failslab+0x9/0x20 [ 2207.444012][T28612] kmem_cache_alloc+0x4f/0x2f0 [ 2207.448821][T28612] ? memcpy+0x56/0x70 [ 2207.452743][T28612] ? ext4_alloc_inode+0x21/0x620 [ 2207.457608][T28612] ? ext4_set_test_dummy_encryption+0x220/0x220 [ 2207.463690][T28612] ext4_alloc_inode+0x21/0x620 [ 2207.468290][T28612] ? ext4_set_test_dummy_encryption+0x220/0x220 [ 2207.474354][T28612] new_inode_pseudo+0x64/0x220 [ 2207.478970][T28612] new_inode+0x28/0x1c0 [ 2207.482956][T28612] __ext4_new_inode+0x29d/0x4780 [ 2207.487880][T28612] ? memset+0x35/0x40 [ 2207.491702][T28612] ? __dquot_initialize+0x241/0xe10 [ 2207.496730][T28612] ? ext4_mark_inode_used+0xc00/0xc00 [ 2207.501935][T28612] ? dquot_initialize+0x20/0x20 [ 2207.506617][T28612] ? may_create+0x647/0x8c0 [ 2207.510970][T28612] ext4_mkdir+0x41a/0xcf0 [ 2207.515131][T28612] ? ext4_symlink+0xfe0/0xfe0 [ 2207.519631][T28612] ? selinux_inode_mkdir+0x22/0x30 [ 2207.524581][T28612] ? security_inode_mkdir+0xf1/0x130 [ 2207.529723][T28612] vfs_mkdir+0x360/0x580 [ 2207.533782][T28612] do_mkdirat+0x1e8/0x420 [ 2207.538042][T28612] ? vfs_mkdir+0x580/0x580 [ 2207.542291][T28612] ? getname_flags+0x1fb/0x510 [ 2207.546972][T28612] __x64_sys_mkdirat+0x89/0xa0 [ 2207.551669][T28612] do_syscall_64+0x44/0xd0 [ 2207.555911][T28612] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2207.561639][T28612] RIP: 0033:0x7f2bac5fa0f7 [ 2207.565892][T28612] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2207.585331][T28612] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2207.593579][T28612] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fa0f7 [ 2207.601394][T28612] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2207.609294][T28612] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000178 [ 2207.617185][T28612] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2207.624997][T28612] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2207.632900][T28612] 04:36:03 executing program 3: futex(0x0, 0x0, 0x0, &(0x7f00000000c0)={0x77359400}, 0x0, 0x0) 04:36:03 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_mreqsrc(r0, 0x0, 0x26, &(0x7f0000000040)={@multicast2, @empty, @multicast1}, 0xc) 04:36:03 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x88, 0x66, &(0x7f0000001700)={'filter\x00', 0x4}, 0x68) 04:36:03 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 53) 04:36:03 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:03 executing program 0: syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000010280)='./mnt\x00', 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="6d6f64653d61646170746976652c6e6f657874656e745f63616368652c64697361626c655f726f6c6c5f666f72776172642c6261636b67726f756e645f67633d6f66662c6d6f64653d6c66732c0022c52efc6a4d70dd1bf174c1378128fc0f11d328dd5b73e48f7e67a007e8a4ee84da3a2541d61632d3"], 0x10, 0x10221, &(0x7f0000020540)="$eJzs3L9vG+UfB/CPm2+jL7SUCDGw8UiA5EjEOttJBWWJqKoOkCqiZWRwbMdym9hR7DihEws/Nv4BNpj4H1jY2Fg69D9AYkNiqZBAvrsgqBgKGAec10u6e989d/0891i3fE5VAji3VtKPP1TiSjwVEUvx9aeXI/LjSrnlNot4ISJejIgLv9kq5fivA8sR8XREXJkWn9Ys7ple+vyrj9774ru3Xvnsy2+Wsk8+/v7sVg2ctZcjYv+gOD7eL3LYK/JuOd6a9PPcX5+UWVzYv1eeD4s87u7kFY5bp/e18mz2ivuHB0ejae7utdrT7PV38/GDQTHhaNI7rZP/g7utw/y8093Jsz8a5tm7XzzXSZn3R+OiTqes935ePsbj0yzGuyfdYj0H9/JsD8bleFF32OmeTHNSZjlddHb++u/7X/F2f3B0kibdw1F/OEgbtXpWy9YO21fXsqz+enOt12nttq92G+ud1u56qnY3R8O91VTttdupevP69dVUz2qNWvZqunnr3bTXSdVpvtkfHI37e6PV1Kg1N2r11fRSPd3e2k7b79y4sbV9J20NB+nWcJKaWao3r200rjVfS9u376RG1sisf64qc56PBeMFAvjTft//R+j/gXnQ/+v/Q/977tevfeNv8QIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxbl7594yg/WCnOL5Tjz5RDz5XnlfLaz3+g8ljNpWndiLj4hPd/WIlYLuc43f4XEZvl9tOz/+xvAAAAAIvs4aPqg0rerRe7lbN+IOZpOd9XLn8wo3r5Z52ZvUP5h6jnZ1VtKX++Wa30UpRfqGbi4nT3/1lVeyJLc50NAAD4d9AJAAAAwEJ7/L/hAwAAAItH/w8AAACLL+///f0/AAAAWGwPH1UfnPUzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPALO/eOsjAQBAB48r+a8KN4CsHCThAbj+BlPIK1Z7ATvIyNRQpPYSeiFq4gQSQQRQzfB0OYJDv76LYZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDp8vVoWuy7m7p1jqd6nrMbAAAA4KH25fGV0v/0qpPyLH27d3fPSqW+IyKPiN+K/8+yiL80xzV+ImKc4tAqDRj0lv3hfLV9xTkAAABAwxSL3eTdawAAAAAAAAAAAAAAAAAAAABufFL/PwAAAKAy/f8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADizOy8nAMAgDED7WaD7T1sE3UDw8h4k5BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPjuzTo0b9aZ/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGdPDmoABoEgim62BmqpInqu22rhggYIWVSQ95K5/AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLP1J6JdtVzhrp77f8f/Tfbr2AQAEIaioMEFrNx/VBsLEWuDeAch7Wv/6e/iVvCrenYAAAAAP6jzyrLVoyUGAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHbn0AoAGASiWEv3Yf/xKnh4HCYxfIE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG3ujjnuiMSgAASvbN5SEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8dOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswAEJAAAAgKD/r9sRKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBEAQAA//9hzBqI") r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14da42, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time_recursive\x00', 0x26e1, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80001d00c0d0) 04:36:03 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x11, 0x61, &(0x7f0000001700)={'filter\x00', 0x4}, 0x68) 04:36:03 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) sync_file_range(r2, 0x0, 0x0, 0x6) write$binfmt_script(r2, &(0x7f0000000180)={'#! ', './file0', [{0x20, '$'}, {}, {0x20, '(i\xa7@*)\xc9#}'}, {0x20, ',#!&#v-'}, {0x20, 'vfat\x00'}, {0x20, 'cgroup.controllers\x00'}, {}, {0x20, 'vfat\x00'}, {0x20, 'huge=always'}], 0xa, "aaf01d6360e5de94fe4780eb2fd25a207dbc2662ba6a966a6ffe01960c1ebd93625c5ac650f11808006b394cca5f39990a3def2bb698b3b650b9f57ac1eb5d5624fee7a9667d263d0416acc935cbc1c7b4b496561df3b53878d1f2e167e35371a4c21944cfc88b673a3438f0a83bb7531662a7ce287859405f8b00ffc04d897e15ccf0ab1cdd4ffce134181a52d9f41b97ea706d0a17fa21d139582357b5d8ecfdd5cbcd9ef1994519f6f12651ff06f3"}, 0xfd) mkdir(&(0x7f00000000c0)='./file0\x00', 0x4) mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0xa4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) 04:36:03 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x14, 0x1, 0xa, 0x201}, 0x14}}, 0x0) 04:36:03 executing program 3: socket(0x0, 0xbb93d893bab1908b, 0x0) 04:36:03 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x28, 0x0, 0xb, 0x201, 0x0, 0x0, {}, [@NFTA_COMPAT_NAME={0xb, 0x1, 'filter\x00'}, @NFTA_COMPAT_REV={0x8}]}, 0x28}}, 0x0) 04:36:03 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x88, 0x64, &(0x7f0000001700)={'filter\x00', 0x4}, 0x68) [ 2211.693401][T28659] loop4: detected capacity change from 0 to 16 04:36:03 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x48, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_HT_CAPABILITY={0x1e}]}, 0x48}}, 0x0) 04:36:03 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x5}, 0x14}}, 0x0) 04:36:03 executing program 2: syz_mount_image$f2fs(&(0x7f00000000c0), &(0x7f0000010600)='./file2\x00', 0x2, &(0x7f0000000140)={[{@six_active_logs}, {@fastboot}, {@prjjquota={'prjjquota', 0x3d, 'iQ\xdcu\xba\xf0\x1cL\x9c\rtry\xf7\x8c\xd4\xd0\x83%\xab\x19\xd27\xc10\x91\x9f'}}, {@data_flush}, {@four_active_logs}, {@nolazytime}, {@jqfmt_vfsold}, {@jqfmt_vfsv1}, {}, {@jqfmt_vfsold}]}, 0x1, 0x105a5, &(0x7f0000020c40)="$eJzs3M1rI2UcB/Bftu6r61pkX/TkgAgNmNC03aIgUnUXXbBL8eXgSdNkGrKbZEqTvrhnPemf4FUQ8ebf4MV/Y/EgeBK8rSiZmcpW96A226zbzwem32eePPPL84RcnkyZAI6t2eTXXypxIc5GxExEnI/I25XyyK0U8WxEPB8RJ+47KmX/nx2nIuJcRFwYFy9qVsqXln+7e++r5268+vk3d6uNn77+cnqrBqbtxYjobxbt3X6RWafIW2V/c6ebZ39pp8zihf7t8jwrcjddzyvsNvfHNfNc7BTjs83t4Tg3es3WODvdjbx/c1C84XCns18nv+BWcys/b6freXaHWZ6dO8W89sq8MxwVddplvU/y8jEa7WfRn+6lxXo2b+fZGozK/qJu1k73xrlTZvl20cp67Xwe6//5Y37kvdMdbO8lO+nWsJsNkqv1xsv1xnKtsZW101G6VGv228tLyVynNx5WG6XN/konyzq9tN7K+tVkrtNq1RqNZO5aut5tDpJGo75Yn69drZatl5K3bn6Q9NrJ3Djf6A62R93eMNnItpLiimqyUF98pZq80EjeW11L1t69fn117f2Prn148/XVG2+Wg/42rWRuYX5hodaYry00qtZ/GJXDXc5x5wsE8K/Z/wPTYP9v/x/2v8d+/bZvHIovEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAsfXjye/ezhuzxfmTZf9TZdczEXElIi5HxKWI+P0BZuLUgZoXI6JSth80/uRf5vB9JfIK42tOl8e5iFgpj3tPP+xPAQAAAB5f3/7w6WcRM+Nm/ue1aU+Io1T+aHNmUvXyn3yemFS1i3mxvQlVu7RfciIuR8TJ2Z8nVO1KRJw4//GEqv0jMwfizH1RKeLEUc4GAAA4Ggd3AhPbvQEAAPDI+WLaE2A68vu15f/il/eCTxdR3hA8e+AMAAAA+B+qTHsCAAAAwEOX7/89/w8AAAAeb8Xz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/YuZfctKEoDMAHqAt9qajisRVGVYcMWESX0GEnnbW76aisoRJiD5mRWZYQQYR9E8URg0i+xgn6Psmcawt+HZgdX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo03WxXv7d/v7TNGd/aCbPtwEAAABO2RXrZbkYV+cf0vVP6dKXiJhHxCwiphFxanYfxNta5iQieml96v3Fkx7+R5QJx88M0/E+Ir6l4/Zz278CAAAAXK7tZrGKGByX5cvXrhvinNJNm1GuvPKWz5tcaZMy7GemtOl9ZBaziCjGN5nS5hHR//g9U9qzDGpl9Kj0qtI/ZzcAAMB51CeBbNMbAAAAL86PrhugG+V+bfovftoLHlYlbQi+q50BAAAAr1Cv6wYAAACA1pXzv+f/AQAAwGWrnv8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAm3bFerndLFZNc/aHZh6CJv+ufjVtBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDv25x0FQiAMwmDv+r7T4P2PJQ2amZtUgfDxNwYDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+t1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf7c3cCIRAEYbDv/M9pMf+wpEFjEKEKFj5mmIcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPii3/3yf2JqnEnmThtLxyPJ2lVj66qx96Bx9GC8/RsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrC/tzbJgyEcRx+fUmUuE1GSG8lMAMNFYIR+JCQLHkGBmAhGipai0VgBZDgXNOZgudp/r/iinsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNd0efjiLSKKSF2mSOPNz+k9Ij4ibdt29HnLYnc+Nl/3nO0Pk5zfMf0tI6KMoo9zAAB6V3WbY7Wul395//MO8g7zVvOmXjzz0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAV3buWLWpKAwA8EnSRKuToxVEcNDFxiZWI2RxKHQXBN1CG0sxVUkztKVLn0B0cvUV7Kav4AsIDlpwcOig4CKIkuQmPcEgKcK9oX4f/Pf+ucO552QI/Pc/NwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLEc7oWzgzwXQpibOcq73n/dXRl3fvvsw9wgvtx5czEesztEMYTwcL3VvJ7iWqbd5vbOo0ar1WxLJBLJMMn6lwkAgJOmmES3rv9U3F/uXsvVQ/j1arT+vxLl4S/1/+eX5y8M4ufWu058r7j+X0hthdOv3Nl4Wt7c3rm2vtFYa641H1erlcWbizdu36qUe89Kyp6YAAAA8G9KScT1f77+Z///TJSHCev/e0sP7sf3Kqj/xzpq+mU9EwAAgP/buUvfv+XGXM+VSmGr0em0F/rH4edK/5jBVI/tVBJx/V+oZz0rAAAAIA2He7mR/v9qlIcJ+//zr3cP4jELIYTZpP8/v/KktZrecqZaGq8TZ71GAAAAsjWbRNz/L/b2/+eHWx7yIYSrl/t58jeAE9X/H1/cHXlpPd7/X01viVMpX+t/H71zLYSZWtYzAgAA4CQ7nUS32D8o7i+3fzxfKtn/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBvduwYJWIgCgBoNtloJS5YiFp5AVG0sFqwEMRG8AqiIHgCEdQDiKWW3sHSO2ytIIiF5RZ6AplJRmUttEqUfQ8m/2cImZ9Jkx8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgR8ONz7wIh16V5/Xc/evJXogPIzF4uZ5bCCPknSaL/oc6621XAAAAwDgoUn+fZdlzebsVYt6P/X+Zrgk9/81Ulad+frTvT/Hu8nE+9f+nO4vHHwv1qnXCTQ8Oj/aXG3vCv2/6+9TV7tPq29nabH3ajTsf/70U8YXk2+czwzLuZ+diMNiciOlkw4UDAL+2lGKdpO+hEFfaLAyAsdGtR/al/y/67dYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IT3AAAA//9UhWfc") [ 2211.774401][T28659] erofs: (device loop4): mounted with root inode @ nid 36. [ 2211.822433][T28666] loop5: detected capacity change from 0 to 16 [ 2211.853187][T28666] FAULT_INJECTION: forcing a failure. [ 2211.853187][T28666] name failslab, interval 1, probability 0, space 0, times 0 [ 2211.956802][T28666] CPU: 1 PID: 28666 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2211.966882][T28666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2211.976773][T28666] Call Trace: [ 2211.979907][T28666] [ 2211.982674][T28666] dump_stack_lvl+0x151/0x1b7 [ 2211.987218][T28666] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2211.992480][T28666] ? write_boundary_block+0x150/0x150 [ 2211.997687][T28666] dump_stack+0x15/0x17 [ 2212.001689][T28666] should_fail+0x3c0/0x510 [ 2212.005942][T28666] __should_failslab+0x9f/0xe0 [ 2212.010535][T28666] should_failslab+0x9/0x20 [ 2212.014870][T28666] kmem_cache_alloc+0x4f/0x2f0 [ 2212.019472][T28666] ? jbd2__journal_start+0x14f/0x6f0 [ 2212.024592][T28666] jbd2__journal_start+0x14f/0x6f0 [ 2212.029538][T28666] ? __kasan_check_read+0x11/0x20 [ 2212.035496][T28666] __ext4_journal_start_sb+0xf2/0x2a0 [ 2212.042050][T28666] __ext4_new_inode+0x1443/0x4780 [ 2212.046898][T28666] ? ext4_mark_inode_used+0xc00/0xc00 [ 2212.052363][T28666] ? dquot_initialize+0x20/0x20 [ 2212.057051][T28666] ? may_create+0x647/0x8c0 [ 2212.061572][T28666] ext4_mkdir+0x41a/0xcf0 [ 2212.065819][T28666] ? ext4_symlink+0xfe0/0xfe0 [ 2212.070339][T28666] ? selinux_inode_mkdir+0x22/0x30 [ 2212.075276][T28666] ? security_inode_mkdir+0xf1/0x130 [ 2212.080409][T28666] vfs_mkdir+0x360/0x580 [ 2212.084477][T28666] do_mkdirat+0x1e8/0x420 [ 2212.088652][T28666] ? vfs_mkdir+0x580/0x580 [ 2212.092899][T28666] ? getname_flags+0x1fb/0x510 [ 2212.098537][T28666] __x64_sys_mkdirat+0x89/0xa0 [ 2212.103310][T28666] do_syscall_64+0x44/0xd0 [ 2212.107570][T28666] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2212.113374][T28666] RIP: 0033:0x7f2bac5fa0f7 [ 2212.117641][T28666] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2212.137074][T28666] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2212.145320][T28666] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fa0f7 [ 2212.153127][T28666] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2212.160938][T28666] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000178 [ 2212.168755][T28666] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2212.176561][T28666] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2212.184376][T28666] [ 2212.611126][T28666] EXT4-fs error (device sda1) in __ext4_new_inode:1085: Out of memory 04:36:04 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 54) 04:36:04 executing program 3: inotify_add_watch(0xffffffffffffffff, 0x0, 0x2800004) [ 2212.971682][T28673] loop5: detected capacity change from 0 to 16 [ 2212.977913][T28673] FAULT_INJECTION: forcing a failure. [ 2212.977913][T28673] name failslab, interval 1, probability 0, space 0, times 0 [ 2213.021179][T28673] CPU: 1 PID: 28673 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2213.031254][T28673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2213.041155][T28673] Call Trace: [ 2213.044271][T28673] [ 2213.047054][T28673] dump_stack_lvl+0x151/0x1b7 [ 2213.051567][T28673] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2213.056854][T28673] dump_stack+0x15/0x17 [ 2213.060846][T28673] should_fail+0x3c0/0x510 [ 2213.065096][T28673] ? sidtab_sid2str_get+0x127/0x2a0 [ 2213.070131][T28673] __should_failslab+0x9f/0xe0 [ 2213.074902][T28673] should_failslab+0x9/0x20 [ 2213.079243][T28673] __kmalloc_track_caller+0x6c/0x350 [ 2213.084372][T28673] kmemdup+0x24/0x50 [ 2213.088111][T28673] sidtab_sid2str_get+0x127/0x2a0 [ 2213.092957][T28673] security_sid_to_context_core+0x2b1/0x490 [ 2213.098778][T28673] security_sid_to_context_force+0x36/0x40 [ 2213.104419][T28673] selinux_inode_init_security+0x705/0xaf0 [ 2213.110058][T28673] ? selinux_inode_free_security+0x200/0x200 [ 2213.115869][T28673] security_inode_init_security+0x16f/0x3c0 [ 2213.122193][T28673] ? ext4_init_security+0x40/0x40 [ 2213.127019][T28673] ? security_dentry_create_files_as+0xd0/0xd0 [ 2213.133015][T28673] ? __ext4_set_acl+0x5f0/0x5f0 [ 2213.137956][T28673] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2213.144041][T28673] ext4_init_security+0x34/0x40 [ 2213.148735][T28673] __ext4_new_inode+0x37e3/0x4780 [ 2213.153580][T28673] ? ext4_mark_inode_used+0xc00/0xc00 [ 2213.158783][T28673] ? dquot_initialize+0x20/0x20 [ 2213.163472][T28673] ? may_create+0x647/0x8c0 [ 2213.167903][T28673] ext4_mkdir+0x41a/0xcf0 [ 2213.172062][T28673] ? ext4_symlink+0xfe0/0xfe0 [ 2213.176595][T28673] ? selinux_inode_mkdir+0x22/0x30 [ 2213.181526][T28673] ? security_inode_mkdir+0xf1/0x130 [ 2213.186668][T28673] vfs_mkdir+0x360/0x580 [ 2213.190736][T28673] do_mkdirat+0x1e8/0x420 [ 2213.194897][T28673] ? vfs_mkdir+0x580/0x580 [ 2213.199152][T28673] ? getname_flags+0x1fb/0x510 [ 2213.203747][T28673] __x64_sys_mkdirat+0x89/0xa0 [ 2213.208462][T28673] do_syscall_64+0x44/0xd0 [ 2213.212707][T28673] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2213.218525][T28673] RIP: 0033:0x7f2bac5fa0f7 [ 2213.223035][T28673] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2213.242820][T28673] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2213.251068][T28673] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fa0f7 [ 2213.258960][T28673] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2213.266781][T28673] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000178 [ 2213.274581][T28673] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2213.282395][T28673] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2213.290209][T28673] 04:36:05 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:05 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendto$inet(r0, &(0x7f0000000000)="3bc2a7b196f9237ae0e55cf8f7eebd320fd87ed4422e6c00", 0x18, 0x0, &(0x7f0000000080)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x15}}, 0x10) [ 2213.727560][T28680] loop4: detected capacity change from 0 to 16 [ 2213.734459][T28680] erofs: (device loop4): mounted with root inode @ nid 36. 04:36:08 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async, rerun: 64) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async, rerun: 64) chdir(&(0x7f0000000140)='./file0\x00') (async, rerun: 64) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (rerun: 64) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async, rerun: 32) r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) (rerun: 32) sync_file_range(r2, 0x0, 0x0, 0x6) write$binfmt_script(r2, &(0x7f0000000180)={'#! ', './file0', [{0x20, '$'}, {}, {0x20, '(i\xa7@*)\xc9#}'}, {0x20, ',#!&#v-'}, {0x20, 'vfat\x00'}, {0x20, 'cgroup.controllers\x00'}, {}, {0x20, 'vfat\x00'}, {0x20, 'huge=always'}], 0xa, "aaf01d6360e5de94fe4780eb2fd25a207dbc2662ba6a966a6ffe01960c1ebd93625c5ac650f11808006b394cca5f39990a3def2bb698b3b650b9f57ac1eb5d5624fee7a9667d263d0416acc935cbc1c7b4b496561df3b53878d1f2e167e35371a4c21944cfc88b673a3438f0a83bb7531662a7ce287859405f8b00ffc04d897e15ccf0ab1cdd4ffce134181a52d9f41b97ea706d0a17fa21d139582357b5d8ecfdd5cbcd9ef1994519f6f12651ff06f3"}, 0xfd) (async, rerun: 32) mkdir(&(0x7f00000000c0)='./file0\x00', 0x4) (async, rerun: 32) mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0xa4) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) 04:36:08 executing program 3: socket(0x23, 0x0, 0xfffff6b8) 04:36:08 executing program 2: syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000010280)='./mnt\x00', 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="6d6f64653d61646170746976652c6e6f657874656e745f63616368652c64697361626c655f726f6c6c5f666f72776172642c6261636b67726f756e645f67633d6f66662c6d6f64653d6c66732c0022c52efc6a4d70dd1bf174c1378128fc0f11d328dd5b73e48f7e67a007e8a4ee84da3a2541d61632d3"], 0x10, 0x10221, &(0x7f0000020540)="$eJzs3L9vG+UfB/CPm2+jL7SUCDGw8UiA5EjEOttJBWWJqKoOkCqiZWRwbMdym9hR7DihEws/Nv4BNpj4H1jY2Fg69D9AYkNiqZBAvrsgqBgKGAec10u6e989d/0891i3fE5VAji3VtKPP1TiSjwVEUvx9aeXI/LjSrnlNot4ISJejIgLv9kq5fivA8sR8XREXJkWn9Ys7ple+vyrj9774ru3Xvnsy2+Wsk8+/v7sVg2ctZcjYv+gOD7eL3LYK/JuOd6a9PPcX5+UWVzYv1eeD4s87u7kFY5bp/e18mz2ivuHB0ejae7utdrT7PV38/GDQTHhaNI7rZP/g7utw/y8093Jsz8a5tm7XzzXSZn3R+OiTqes935ePsbj0yzGuyfdYj0H9/JsD8bleFF32OmeTHNSZjlddHb++u/7X/F2f3B0kibdw1F/OEgbtXpWy9YO21fXsqz+enOt12nttq92G+ud1u56qnY3R8O91VTttdupevP69dVUz2qNWvZqunnr3bTXSdVpvtkfHI37e6PV1Kg1N2r11fRSPd3e2k7b79y4sbV9J20NB+nWcJKaWao3r200rjVfS9u376RG1sisf64qc56PBeMFAvjTft//R+j/gXnQ/+v/Q/977tevfeNv8QIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxbl7594yg/WCnOL5Tjz5RDz5XnlfLaz3+g8ljNpWndiLj4hPd/WIlYLuc43f4XEZvl9tOz/+xvAAAAAIvs4aPqg0rerRe7lbN+IOZpOd9XLn8wo3r5Z52ZvUP5h6jnZ1VtKX++Wa30UpRfqGbi4nT3/1lVeyJLc50NAAD4d9AJAAAAwEJ7/L/hAwAAAItH/w8AAACLL+///f0/AAAAWGwPH1UfnPUzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPALO/eOsjAQBAB48r+a8KN4CsHCThAbj+BlPIK1Z7ATvIyNRQpPYSeiFq4gQSQQRQzfB0OYJDv76LYZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDp8vVoWuy7m7p1jqd6nrMbAAAA4KH25fGV0v/0qpPyLH27d3fPSqW+IyKPiN+K/8+yiL80xzV+ImKc4tAqDRj0lv3hfLV9xTkAAABAwxSL3eTdawAAAAAAAAAAAAAAAAAAAABufFL/PwAAAKAy/f8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADizOy8nAMAgDED7WaD7T1sE3UDw8h4k5BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPjuzTo0b9aZ/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGdPDmoABoEgim62BmqpInqu22rhggYIWVSQ95K5/AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLP1J6JdtVzhrp77f8f/Tfbr2AQAEIaioMEFrNx/VBsLEWuDeAch7Wv/6e/iVvCrenYAAAAAP6jzyrLVoyUGAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHbn0AoAGASiWEv3Yf/xKnh4HCYxfIE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG3ujjnuiMSgAASvbN5SEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8dOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswAEJAAAAgKD/r9sRKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBEAQAA//9hzBqI") r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14da42, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80001d00c0d0) 04:36:08 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 55) 04:36:08 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:08 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x13, 0x0, 0x0) 04:36:08 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r0, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001480)={&(0x7f0000000400)={0x14, 0xd, 0xa, 0x401}, 0x14}}, 0x0) 04:36:08 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0xc, 0x0, 0x0) 04:36:08 executing program 0: socket$inet(0x2, 0x2, 0x23) 04:36:08 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4) 04:36:08 executing program 3: prctl$PR_GET_NAME(0x10, &(0x7f0000000000)=""/41) 04:36:08 executing program 0: bpf$OBJ_GET_PROG(0x7, &(0x7f00000004c0)={0x0, 0x0, 0x18}, 0x10) [ 2216.821604][T28703] loop4: detected capacity change from 0 to 16 [ 2216.832011][T28703] erofs: (device loop4): mounted with root inode @ nid 36. [ 2216.881880][T28704] loop5: detected capacity change from 0 to 16 [ 2216.932553][T28704] FAULT_INJECTION: forcing a failure. [ 2216.932553][T28704] name failslab, interval 1, probability 0, space 0, times 0 [ 2216.954960][T28704] CPU: 1 PID: 28704 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2216.965208][T28704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2216.975101][T28704] Call Trace: [ 2216.978218][T28704] [ 2216.980996][T28704] dump_stack_lvl+0x151/0x1b7 [ 2216.985511][T28704] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2216.990804][T28704] dump_stack+0x15/0x17 [ 2216.994794][T28704] should_fail+0x3c0/0x510 [ 2216.999063][T28704] ? ext4_find_extent+0x249/0xd80 [ 2217.003913][T28704] __should_failslab+0x9f/0xe0 [ 2217.008512][T28704] should_failslab+0x9/0x20 [ 2217.012850][T28704] __kmalloc+0x6d/0x350 [ 2217.016850][T28704] ext4_find_extent+0x249/0xd80 [ 2217.021530][T28704] ext4_ext_map_blocks+0x22d/0x3cb0 [ 2217.026570][T28704] ? release_firmware_map_entry+0x193/0x193 [ 2217.032293][T28704] ? preempt_schedule+0xd9/0xe0 [ 2217.036978][T28704] ? __kasan_check_read+0x11/0x20 [ 2217.041833][T28704] ? preempt_schedule_common+0xcb/0x100 [ 2217.047215][T28704] ? ext4_ext_release+0x10/0x10 [ 2217.051908][T28704] ? preempt_schedule+0xd9/0xe0 [ 2217.056624][T28704] ? schedule_preempt_disabled+0x20/0x20 [ 2217.062064][T28704] ? irqentry_exit+0x30/0x40 [ 2217.066483][T28704] ? sysvec_reschedule_ipi+0x7e/0x150 [ 2217.071696][T28704] ? asm_sysvec_reschedule_ipi+0x1b/0x20 [ 2217.077940][T28704] ? __kasan_check_write+0x14/0x20 [ 2217.083664][T28704] ? down_read+0xf9/0x230 [ 2217.087833][T28704] ? ext4_es_lookup_extent+0x3c5/0x9d0 [ 2217.093135][T28704] ext4_map_blocks+0x42c/0x1e20 [ 2217.097817][T28704] ? ext4_blocks_for_truncate+0x2d0/0x2d0 [ 2217.103365][T28704] ? ext4_issue_zeroout+0x260/0x260 [ 2217.108401][T28704] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2217.113782][T28704] ext4_append+0x253/0x570 [ 2217.118044][T28704] ? ext4_init_new_dir+0xa10/0xa10 [ 2217.122988][T28704] ext4_init_new_dir+0x337/0xa10 [ 2217.127757][T28704] ? may_create+0x647/0x8c0 [ 2217.132092][T28704] ? ext4_init_dot_dotdot+0x500/0x500 [ 2217.137302][T28704] ext4_mkdir+0x4fa/0xcf0 [ 2217.141468][T28704] ? ext4_symlink+0xfe0/0xfe0 [ 2217.145989][T28704] ? selinux_inode_mkdir+0x22/0x30 [ 2217.150927][T28704] ? security_inode_mkdir+0xf1/0x130 [ 2217.156050][T28704] vfs_mkdir+0x360/0x580 [ 2217.160141][T28704] do_mkdirat+0x1e8/0x420 [ 2217.164314][T28704] ? vfs_mkdir+0x580/0x580 [ 2217.168558][T28704] ? getname_flags+0x1fb/0x510 [ 2217.173164][T28704] __x64_sys_mkdirat+0x89/0xa0 [ 2217.177753][T28704] do_syscall_64+0x44/0xd0 [ 2217.182006][T28704] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2217.187735][T28704] RIP: 0033:0x7f2bac5fa0f7 [ 2217.191982][T28704] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2217.211423][T28704] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2217.219668][T28704] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fa0f7 [ 2217.227484][T28704] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2217.235550][T28704] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000178 [ 2217.243358][T28704] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2217.251171][T28704] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2217.258990][T28704] 04:36:09 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$VHOST_GET_FEATURES(r0, 0x8008af00, &(0x7f0000000080)) 04:36:13 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async, rerun: 64) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (rerun: 64) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) sync_file_range(r2, 0x0, 0x0, 0x6) (async) write$binfmt_script(r2, &(0x7f0000000180)={'#! ', './file0', [{0x20, '$'}, {}, {0x20, '(i\xa7@*)\xc9#}'}, {0x20, ',#!&#v-'}, {0x20, 'vfat\x00'}, {0x20, 'cgroup.controllers\x00'}, {}, {0x20, 'vfat\x00'}, {0x20, 'huge=always'}], 0xa, "aaf01d6360e5de94fe4780eb2fd25a207dbc2662ba6a966a6ffe01960c1ebd93625c5ac650f11808006b394cca5f39990a3def2bb698b3b650b9f57ac1eb5d5624fee7a9667d263d0416acc935cbc1c7b4b496561df3b53878d1f2e167e35371a4c21944cfc88b673a3438f0a83bb7531662a7ce287859405f8b00ffc04d897e15ccf0ab1cdd4ffce134181a52d9f41b97ea706d0a17fa21d139582357b5d8ecfdd5cbcd9ef1994519f6f12651ff06f3"}, 0xfd) (async, rerun: 32) mkdir(&(0x7f00000000c0)='./file0\x00', 0x4) (async, rerun: 32) mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0xa4) (async, rerun: 64) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async, rerun: 64) pipe(&(0x7f0000003d00)) 04:36:13 executing program 3: bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0xfffffe08) r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) ioctl$PPPIOCBRIDGECHAN(r0, 0x40047435, 0x0) 04:36:13 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000000), 0x8) ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000080)) 04:36:13 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:13 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 56) 04:36:13 executing program 2: r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000002780)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) fchmod(r0, 0x0) 04:36:13 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000001300)={0x10, 0x0, 0x0, 0x40000}, 0xc) 04:36:13 executing program 3: inotify_init1(0xc0400) 04:36:13 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000001300)={0x10, 0x0, 0x25dfdbff, 0x40000}, 0xc) 04:36:13 executing program 2: sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, 0x0, 0xab3dc641a185cfc2) 04:36:13 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='%'], 0x14}}, 0x0) 04:36:13 executing program 3: r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000002780)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) ioctl$USBDEVFS_CLAIM_PORT(r0, 0x80045518, 0x0) [ 2221.918127][ T30] audit: type=1400 audit(1669523773.431:698): avc: denied { bind } for pid=28733 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 2222.137903][T28750] loop5: detected capacity change from 0 to 16 [ 2222.145418][T28750] FAULT_INJECTION: forcing a failure. [ 2222.145418][T28750] name failslab, interval 1, probability 0, space 0, times 0 [ 2222.158033][T28750] CPU: 0 PID: 28750 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2222.168157][T28750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2222.178038][T28750] Call Trace: [ 2222.181162][T28750] [ 2222.183939][T28750] dump_stack_lvl+0x151/0x1b7 [ 2222.188453][T28750] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2222.193749][T28750] dump_stack+0x15/0x17 [ 2222.197748][T28750] should_fail+0x3c0/0x510 [ 2222.201990][T28750] __should_failslab+0x9f/0xe0 [ 2222.206676][T28750] should_failslab+0x9/0x20 [ 2222.211016][T28750] kmem_cache_alloc+0x4f/0x2f0 [ 2222.215613][T28750] ? __es_insert_extent+0x800/0x1810 [ 2222.221098][T28750] __es_insert_extent+0x800/0x1810 [ 2222.226119][T28750] ? __kasan_check_write+0x14/0x20 [ 2222.231239][T28750] ? _raw_write_trylock+0x1e0/0x1e0 [ 2222.236273][T28750] ext4_es_insert_extent+0x320/0x2e40 [ 2222.241566][T28750] ? ext4_es_scan_clu+0x340/0x340 [ 2222.246425][T28750] ? preempt_schedule_thunk+0x16/0x18 [ 2222.251634][T28750] ? _raw_read_unlock+0x38/0x40 [ 2222.256319][T28750] ? ext4_es_find_extent_range+0xd2/0x2d0 [ 2222.261872][T28750] ? trace_ext4_ext_convert_to_initialized_fastpath+0x130/0x130 [ 2222.269603][T28750] ext4_ext_map_blocks+0x1f32/0x3cb0 [ 2222.274720][T28750] ? release_firmware_map_entry+0x193/0x193 [ 2222.280459][T28750] ? ext4_ext_release+0x10/0x10 [ 2222.285131][T28750] ? preempt_schedule_irq+0xef/0x140 [ 2222.290258][T28750] ? __ext4_handle_dirty_metadata+0x2cd/0x820 [ 2222.296157][T28750] ? preempt_schedule_thunk+0x16/0x18 [ 2222.301626][T28750] ? __kasan_check_write+0x14/0x20 [ 2222.307011][T28750] ? down_read+0xf9/0x230 [ 2222.311181][T28750] ? ext4_es_lookup_extent+0x3c5/0x9d0 [ 2222.316477][T28750] ext4_map_blocks+0x42c/0x1e20 [ 2222.321162][T28750] ? ext4_blocks_for_truncate+0x2d0/0x2d0 [ 2222.326724][T28750] ? ext4_issue_zeroout+0x260/0x260 [ 2222.331747][T28750] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2222.337130][T28750] ext4_append+0x253/0x570 [ 2222.341387][T28750] ? ext4_init_new_dir+0xa10/0xa10 [ 2222.346333][T28750] ext4_init_new_dir+0x337/0xa10 [ 2222.351103][T28750] ? asm_common_interrupt+0x40/0x40 [ 2222.356140][T28750] ? ext4_init_dot_dotdot+0x500/0x500 [ 2222.361355][T28750] ext4_mkdir+0x4fa/0xcf0 [ 2222.365574][T28750] ? ext4_symlink+0xfe0/0xfe0 [ 2222.370025][T28750] ? selinux_inode_mkdir+0x22/0x30 [ 2222.374970][T28750] ? security_inode_mkdir+0xf1/0x130 [ 2222.380111][T28750] vfs_mkdir+0x360/0x580 [ 2222.384172][T28750] do_mkdirat+0x1e8/0x420 [ 2222.388346][T28750] ? vfs_mkdir+0x580/0x580 [ 2222.392588][T28750] ? getname_flags+0x1fb/0x510 [ 2222.397189][T28750] __x64_sys_mkdirat+0x89/0xa0 [ 2222.401788][T28750] do_syscall_64+0x44/0xd0 [ 2222.406047][T28750] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2222.411768][T28750] RIP: 0033:0x7f2bac5fa0f7 [ 2222.416054][T28750] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2222.435735][T28750] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2222.444229][T28750] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fa0f7 [ 2222.452039][T28750] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2222.459876][T28750] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000178 [ 2222.467663][T28750] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2222.475474][T28750] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2222.483288][T28750] [ 2222.486250][T28749] loop4: detected capacity change from 0 to 16 [ 2222.501293][T28749] erofs: (device loop4): mounted with root inode @ nid 36. [ 2222.515735][T28750] erofs: (device loop5): mounted with root inode @ nid 36. 04:36:17 executing program 2: r0 = socket(0x10, 0x2, 0x0) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000008c0)=ANY=[@ANYRESOCT], 0x14}}, 0x0) 04:36:17 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x3d, &(0x7f0000000000)="52fececb31b883730f0713fde8b760765692e9aa277304e973044a970988", 0x1e) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) 04:36:17 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x3b, 0x0, 0x0) 04:36:17 executing program 0: request_key(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0xfffffffffffffffb) 04:36:17 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 57) 04:36:17 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:17 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)={0x18, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_SEC_DEVKEY={0x4}]}, 0x18}}, 0x0) 04:36:17 executing program 0: bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000002ec0)={0xffffffffffffffff, 0x0, 0x0}, 0x10) 04:36:17 executing program 3: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) pwrite64(r0, 0x0, 0x0, 0x0) 04:36:17 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="c3"], 0x14}}, 0x0) 04:36:17 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_GET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)={0x14, r1, 0x1}, 0x14}}, 0x0) 04:36:17 executing program 3: ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000013c0)) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000080)) 04:36:17 executing program 2: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) fsetxattr$trusted_overlay_opaque(r0, &(0x7f00000007c0), 0x0, 0x55, 0x0) [ 2226.213619][T28792] loop4: detected capacity change from 0 to 16 [ 2226.224996][T28792] erofs: (device loop4): mounted with root inode @ nid 36. [ 2226.333142][T28793] loop5: detected capacity change from 0 to 16 [ 2226.339414][T28793] FAULT_INJECTION: forcing a failure. [ 2226.339414][T28793] name failslab, interval 1, probability 0, space 0, times 0 [ 2226.352118][T28793] CPU: 1 PID: 28793 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2226.362135][T28793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2226.372027][T28793] Call Trace: [ 2226.375154][T28793] [ 2226.377932][T28793] dump_stack_lvl+0x151/0x1b7 [ 2226.382444][T28793] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2226.387737][T28793] ? kasan_set_track+0x5e/0x70 [ 2226.392338][T28793] ? kasan_set_free_info+0x23/0x40 [ 2226.397285][T28793] ? ____kasan_slab_free+0x126/0x160 [ 2226.402405][T28793] ? __kasan_slab_free+0x11/0x20 [ 2226.407183][T28793] ? kfree+0xc8/0x210 [ 2226.410995][T28793] ? ext4_ext_map_blocks+0x210d/0x3cb0 [ 2226.416291][T28793] ? ext4_map_blocks+0x42c/0x1e20 [ 2226.421149][T28793] ? ext4_append+0x253/0x570 [ 2226.425582][T28793] dump_stack+0x15/0x17 [ 2226.429572][T28793] should_fail+0x3c0/0x510 [ 2226.433845][T28793] ? ext4_find_extent+0x249/0xd80 [ 2226.438684][T28793] __should_failslab+0x9f/0xe0 [ 2226.443286][T28793] should_failslab+0x9/0x20 [ 2226.447625][T28793] __kmalloc+0x6d/0x350 [ 2226.451617][T28793] ext4_find_extent+0x249/0xd80 [ 2226.456303][T28793] ext4_ext_map_blocks+0x22d/0x3cb0 [ 2226.461337][T28793] ? ____kasan_slab_free+0x131/0x160 [ 2226.466454][T28793] ? __kasan_slab_free+0x11/0x20 [ 2226.471229][T28793] ? ext4_ext_map_blocks+0x210d/0x3cb0 [ 2226.476523][T28793] ? ext4_ext_release+0x10/0x10 [ 2226.481217][T28793] ? ext4_ext_map_blocks+0x2151/0x3cb0 [ 2226.486513][T28793] ? ext4_es_lookup_extent+0x3c5/0x9d0 [ 2226.491800][T28793] ext4_map_blocks+0xacd/0x1e20 [ 2226.496496][T28793] ? ext4_issue_zeroout+0x260/0x260 [ 2226.501523][T28793] ? __kasan_check_write+0x14/0x20 [ 2226.506466][T28793] ? up_read+0x14/0x90 [ 2226.510371][T28793] ext4_getblk+0x19c/0x6f0 [ 2226.514717][T28793] ? ext4_get_block_unwritten+0x40/0x40 [ 2226.520096][T28793] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2226.525472][T28793] ext4_bread+0x2f/0x180 [ 2226.529558][T28793] ext4_append+0x2e8/0x570 [ 2226.533811][T28793] ? ext4_init_new_dir+0xa10/0xa10 [ 2226.538754][T28793] ext4_init_new_dir+0x337/0xa10 [ 2226.543533][T28793] ? may_create+0x647/0x8c0 [ 2226.547863][T28793] ? ext4_init_dot_dotdot+0x500/0x500 [ 2226.553071][T28793] ext4_mkdir+0x4fa/0xcf0 [ 2226.557327][T28793] ? ext4_symlink+0xfe0/0xfe0 [ 2226.561837][T28793] ? selinux_inode_mkdir+0x22/0x30 [ 2226.566786][T28793] ? security_inode_mkdir+0xf1/0x130 [ 2226.571905][T28793] vfs_mkdir+0x360/0x580 [ 2226.575985][T28793] do_mkdirat+0x1e8/0x420 [ 2226.580152][T28793] ? vfs_mkdir+0x580/0x580 [ 2226.584404][T28793] ? getname_flags+0x1fb/0x510 [ 2226.589002][T28793] __x64_sys_mkdirat+0x89/0xa0 [ 2226.593604][T28793] do_syscall_64+0x44/0xd0 [ 2226.597863][T28793] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2226.603582][T28793] RIP: 0033:0x7f2bac5fa0f7 [ 2226.607838][T28793] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2226.627279][T28793] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2226.635522][T28793] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fa0f7 [ 2226.643333][T28793] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2226.651145][T28793] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000178 [ 2226.658957][T28793] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2226.666766][T28793] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2226.674586][T28793] 04:36:22 executing program 2: r0 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000001c0)={0x1c, r0, 0x425, 0x0, 0x0, {}, [@GTPA_VERSION={0x8}]}, 0x1c}}, 0x0) 04:36:22 executing program 0: r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'sit0\x00', 0x0}) 04:36:22 executing program 3: openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x1) 04:36:22 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:22 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (async) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x3d, &(0x7f0000000000)="52fececb31b883730f0713fde8b760765692e9aa277304e973044a970988", 0x1e) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) 04:36:22 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 58) 04:36:22 executing program 0: r0 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r0, @ANYBLOB="2504000000ffffffed3712"], 0x14}}, 0x0) 04:36:22 executing program 2: r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000180)={'ip_vti0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @private}}}}) 04:36:22 executing program 3: getresgid(&(0x7f0000000000), &(0x7f0000000080), &(0x7f00000000c0)) 04:36:22 executing program 0: syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)="de") pipe2(&(0x7f00000002c0), 0x0) 04:36:22 executing program 2: request_key(&(0x7f0000000080)='asymmetric\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0xffffffffffffffff) 04:36:22 executing program 2: getresuid(&(0x7f0000003380), &(0x7f00000033c0), &(0x7f0000003400)) 04:36:22 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000cc0), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_INTERFACE(r0, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000d40)={0x14, r1, 0x88c8ca9c41b3d82d}, 0x14}}, 0x0) 04:36:22 executing program 2: pipe(&(0x7f0000000200)={0xffffffffffffffff}) pwrite64(r0, 0x0, 0x0, 0x0) 04:36:22 executing program 3: r0 = socket$can_raw(0x1d, 0x3, 0x1) recvmsg$can_raw(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x40) [ 2231.207436][T28834] loop4: detected capacity change from 0 to 16 [ 2231.261651][T28834] erofs: (device loop4): mounted with root inode @ nid 36. [ 2231.280189][T28833] loop5: detected capacity change from 0 to 16 [ 2231.319444][T28833] FAULT_INJECTION: forcing a failure. [ 2231.319444][T28833] name failslab, interval 1, probability 0, space 0, times 0 [ 2231.392282][T28833] CPU: 1 PID: 28833 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2231.402364][T28833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2231.412269][T28833] Call Trace: [ 2231.415368][T28833] [ 2231.418146][T28833] dump_stack_lvl+0x151/0x1b7 [ 2231.422656][T28833] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2231.427968][T28833] ? __kasan_check_write+0x14/0x20 [ 2231.432905][T28833] ? _raw_spin_lock+0xa3/0x1b0 [ 2231.437501][T28833] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2231.442706][T28833] dump_stack+0x15/0x17 [ 2231.446697][T28833] should_fail+0x3c0/0x510 [ 2231.450951][T28833] __should_failslab+0x9f/0xe0 [ 2231.455636][T28833] should_failslab+0x9/0x20 [ 2231.459982][T28833] kmem_cache_alloc+0x4f/0x2f0 [ 2231.464577][T28833] ? ext4_mb_new_blocks+0x4de/0x3c00 [ 2231.469697][T28833] ext4_mb_new_blocks+0x4de/0x3c00 [ 2231.474647][T28833] ? __kasan_kmalloc+0x9/0x10 [ 2231.479160][T28833] ? __kmalloc+0x203/0x350 [ 2231.483410][T28833] ? ext4_mb_pa_callback+0xd0/0xd0 [ 2231.488362][T28833] ? ext4_ext_search_right+0x4d3/0x890 [ 2231.493652][T28833] ? ext4_inode_to_goal_block+0x31e/0x460 [ 2231.499209][T28833] ? ext4_ext_find_goal+0x113/0x200 [ 2231.504415][T28833] ext4_ext_map_blocks+0x17db/0x3cb0 [ 2231.509539][T28833] ? ext4_ext_release+0x10/0x10 [ 2231.514222][T28833] ? ext4_ext_map_blocks+0x2151/0x3cb0 [ 2231.519604][T28833] ? ext4_es_lookup_extent+0x3c5/0x9d0 [ 2231.524900][T28833] ext4_map_blocks+0xacd/0x1e20 [ 2231.529587][T28833] ? ext4_issue_zeroout+0x260/0x260 [ 2231.534624][T28833] ? __kasan_check_write+0x14/0x20 [ 2231.539565][T28833] ? up_read+0x14/0x90 [ 2231.543471][T28833] ext4_getblk+0x19c/0x6f0 [ 2231.547727][T28833] ? ext4_get_block_unwritten+0x40/0x40 [ 2231.553112][T28833] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2231.558487][T28833] ext4_bread+0x2f/0x180 [ 2231.562566][T28833] ext4_append+0x2e8/0x570 [ 2231.566819][T28833] ? ext4_init_new_dir+0xa10/0xa10 [ 2231.571766][T28833] ext4_init_new_dir+0x337/0xa10 [ 2231.576538][T28833] ? may_create+0x647/0x8c0 [ 2231.580877][T28833] ? ext4_init_dot_dotdot+0x500/0x500 [ 2231.586092][T28833] ext4_mkdir+0x4fa/0xcf0 [ 2231.590261][T28833] ? ext4_symlink+0xfe0/0xfe0 [ 2231.594763][T28833] ? selinux_inode_mkdir+0x22/0x30 [ 2231.599709][T28833] ? security_inode_mkdir+0xf1/0x130 [ 2231.604829][T28833] vfs_mkdir+0x360/0x580 [ 2231.608922][T28833] do_mkdirat+0x1e8/0x420 [ 2231.613074][T28833] ? vfs_mkdir+0x580/0x580 [ 2231.617327][T28833] ? getname_flags+0x1fb/0x510 [ 2231.621950][T28833] __x64_sys_mkdirat+0x89/0xa0 [ 2231.626527][T28833] do_syscall_64+0x44/0xd0 [ 2231.630782][T28833] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2231.636508][T28833] RIP: 0033:0x7f2bac5fa0f7 [ 2231.640767][T28833] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2231.660204][T28833] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2231.668448][T28833] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fa0f7 [ 2231.676279][T28833] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2231.684071][T28833] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000178 [ 2231.691880][T28833] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2231.699699][T28833] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2231.707511][T28833] 04:36:23 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) [ 2232.089532][T28842] loop4: detected capacity change from 0 to 16 [ 2232.096498][T28842] erofs: (device loop4): mounted with root inode @ nid 36. 04:36:26 executing program 3: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 04:36:26 executing program 0: clock_getres(0x0, &(0x7f00000023c0)) 04:36:26 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x3d, &(0x7f0000000000)="52fececb31b883730f0713fde8b760765692e9aa277304e973044a970988", 0x1e) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) 04:36:26 executing program 2: r0 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket(0x10, 0x2, 0x6) sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)={0x14, r0, 0x425}, 0x14}}, 0x0) 04:36:26 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 59) 04:36:26 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:26 executing program 0: r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000180)={'ip_vti0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @private=0xa010100}}}}) 04:36:26 executing program 0: pipe2(&(0x7f0000008d80), 0x0) 04:36:26 executing program 2: r0 = socket(0x11, 0xa, 0x0) getsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, 0x0, 0x0) 04:36:26 executing program 3: r0 = socket(0x10, 0x2, 0x6) syz_genetlink_get_family_id$gtp(&(0x7f0000000000), r0) 04:36:26 executing program 0: syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x101800) 04:36:26 executing program 3: request_key(&(0x7f0000000080)='blacklist\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0) 04:36:26 executing program 2: r0 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000a80)={&(0x7f00000009c0), 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x14, r0, 0x425}, 0x14}}, 0x0) [ 2235.222039][T28857] selinux_netlink_send: 1 callbacks suppressed [ 2235.222056][T28857] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=28857 comm=syz-executor.2 [ 2235.343602][T28878] loop4: detected capacity change from 0 to 16 [ 2235.350605][T28878] erofs: (device loop4): mounted with root inode @ nid 36. [ 2235.363506][T28879] loop5: detected capacity change from 0 to 16 [ 2235.370897][T28879] FAULT_INJECTION: forcing a failure. [ 2235.370897][T28879] name failslab, interval 1, probability 0, space 0, times 0 [ 2235.384477][T28879] CPU: 1 PID: 28879 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2235.394545][T28879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2235.404439][T28879] Call Trace: [ 2235.407552][T28879] [ 2235.410329][T28879] dump_stack_lvl+0x151/0x1b7 [ 2235.414844][T28879] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2235.420149][T28879] ? ext4_mb_initialize_context+0x4c7/0xd80 [ 2235.425874][T28879] dump_stack+0x15/0x17 [ 2235.429861][T28879] should_fail+0x3c0/0x510 [ 2235.434116][T28879] __should_failslab+0x9f/0xe0 [ 2235.438711][T28879] should_failslab+0x9/0x20 [ 2235.443050][T28879] kmem_cache_alloc+0x4f/0x2f0 [ 2235.447652][T28879] ? ext4_mb_new_blocks+0xd81/0x3c00 [ 2235.452777][T28879] ext4_mb_new_blocks+0xd81/0x3c00 [ 2235.457726][T28879] ? __kasan_kmalloc+0x9/0x10 [ 2235.462232][T28879] ? __kmalloc+0x203/0x350 [ 2235.466484][T28879] ? ext4_mb_pa_callback+0xd0/0xd0 [ 2235.471430][T28879] ? ext4_ext_search_right+0x4d3/0x890 [ 2235.476724][T28879] ? ext4_inode_to_goal_block+0x31e/0x460 [ 2235.482282][T28879] ? ext4_ext_find_goal+0x113/0x200 [ 2235.487318][T28879] ext4_ext_map_blocks+0x17db/0x3cb0 [ 2235.492446][T28879] ? ext4_ext_release+0x10/0x10 [ 2235.497132][T28879] ? ext4_ext_map_blocks+0x2151/0x3cb0 [ 2235.502421][T28879] ? ext4_es_lookup_extent+0x3c5/0x9d0 [ 2235.507709][T28879] ext4_map_blocks+0xacd/0x1e20 [ 2235.512399][T28879] ? ext4_issue_zeroout+0x260/0x260 [ 2235.517429][T28879] ? __kasan_check_write+0x14/0x20 [ 2235.522376][T28879] ? up_read+0x14/0x90 [ 2235.526281][T28879] ext4_getblk+0x19c/0x6f0 [ 2235.530535][T28879] ? ext4_get_block_unwritten+0x40/0x40 [ 2235.535916][T28879] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2235.541295][T28879] ext4_bread+0x2f/0x180 [ 2235.545378][T28879] ext4_append+0x2e8/0x570 [ 2235.549629][T28879] ? ext4_init_new_dir+0xa10/0xa10 [ 2235.554578][T28879] ext4_init_new_dir+0x337/0xa10 [ 2235.559352][T28879] ? may_create+0x647/0x8c0 [ 2235.563690][T28879] ? ext4_init_dot_dotdot+0x500/0x500 [ 2235.568906][T28879] ext4_mkdir+0x4fa/0xcf0 [ 2235.573068][T28879] ? ext4_symlink+0xfe0/0xfe0 [ 2235.577576][T28879] ? selinux_inode_mkdir+0x22/0x30 [ 2235.582548][T28879] ? security_inode_mkdir+0xf1/0x130 [ 2235.587644][T28879] vfs_mkdir+0x360/0x580 [ 2235.591722][T28879] do_mkdirat+0x1e8/0x420 [ 2235.595888][T28879] ? vfs_mkdir+0x580/0x580 [ 2235.600149][T28879] ? getname_flags+0x1fb/0x510 [ 2235.604740][T28879] __x64_sys_mkdirat+0x89/0xa0 [ 2235.609341][T28879] do_syscall_64+0x44/0xd0 [ 2235.613591][T28879] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2235.619323][T28879] RIP: 0033:0x7f2bac5fa0f7 [ 2235.623575][T28879] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2235.643019][T28879] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2235.651256][T28879] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fa0f7 [ 2235.659069][T28879] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2235.666882][T28879] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000178 [ 2235.675473][T28879] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2235.683287][T28879] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2235.691100][T28879] 04:36:30 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) 04:36:30 executing program 0: socketpair(0x29, 0x0, 0x0, 0x0) 04:36:30 executing program 2: openat$null(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) 04:36:30 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x7, &(0x7f0000001700)={'filter\x00', 0x4}, 0x68) 04:36:30 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:30 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 60) 04:36:30 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$UI_END_FF_ERASE(r0, 0x400c55cb, &(0x7f0000000200)) 04:36:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSPGRP(r0, 0x5410, 0x0) 04:36:30 executing program 2: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000900)='./cgroup.net/syz0\x00', 0x200002, 0x0) 04:36:30 executing program 3: socket(0xa, 0x5, 0x4) 04:36:30 executing program 2: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000002240), 0x0, 0x0) ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) 04:36:30 executing program 2: r0 = socket(0x1, 0x2, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x48001) [ 2239.492547][T28915] loop4: detected capacity change from 0 to 16 [ 2239.499547][T28915] erofs: (device loop4): mounted with root inode @ nid 36. [ 2239.561887][T28916] loop5: detected capacity change from 0 to 16 [ 2239.586261][T28916] FAULT_INJECTION: forcing a failure. [ 2239.586261][T28916] name failslab, interval 1, probability 0, space 0, times 0 [ 2239.598789][T28916] CPU: 0 PID: 28916 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2239.608747][T28916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2239.618719][T28916] Call Trace: [ 2239.621840][T28916] [ 2239.624620][T28916] dump_stack_lvl+0x151/0x1b7 [ 2239.629136][T28916] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2239.634433][T28916] dump_stack+0x15/0x17 [ 2239.638424][T28916] should_fail+0x3c0/0x510 [ 2239.642676][T28916] __should_failslab+0x9f/0xe0 [ 2239.647279][T28916] should_failslab+0x9/0x20 [ 2239.651610][T28916] kmem_cache_alloc+0x4f/0x2f0 [ 2239.656211][T28916] ? __es_insert_extent+0x800/0x1810 [ 2239.661343][T28916] __es_insert_extent+0x800/0x1810 [ 2239.666282][T28916] ? __kasan_check_write+0x14/0x20 [ 2239.671231][T28916] ext4_es_insert_extent+0x320/0x2e40 [ 2239.676436][T28916] ? ext4_es_scan_clu+0x340/0x340 [ 2239.681295][T28916] ? ext4_es_lookup_extent+0x3c5/0x9d0 [ 2239.686692][T28916] ext4_map_blocks+0xebc/0x1e20 [ 2239.691370][T28916] ? ext4_issue_zeroout+0x260/0x260 [ 2239.696394][T28916] ? __kasan_check_write+0x14/0x20 [ 2239.701342][T28916] ? up_read+0x14/0x90 [ 2239.705249][T28916] ext4_getblk+0x19c/0x6f0 [ 2239.709506][T28916] ? ext4_get_block_unwritten+0x40/0x40 [ 2239.714889][T28916] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2239.720264][T28916] ext4_bread+0x2f/0x180 [ 2239.724341][T28916] ext4_append+0x2e8/0x570 [ 2239.728597][T28916] ? ext4_init_new_dir+0xa10/0xa10 [ 2239.733547][T28916] ext4_init_new_dir+0x337/0xa10 [ 2239.738323][T28916] ? may_create+0x647/0x8c0 [ 2239.742660][T28916] ? ext4_init_dot_dotdot+0x500/0x500 [ 2239.752508][T28916] ext4_mkdir+0x4fa/0xcf0 [ 2239.756632][T28916] ? ext4_symlink+0xfe0/0xfe0 [ 2239.761141][T28916] ? selinux_inode_mkdir+0x22/0x30 [ 2239.766157][T28916] ? security_inode_mkdir+0xf1/0x130 [ 2239.771209][T28916] vfs_mkdir+0x360/0x580 [ 2239.775291][T28916] do_mkdirat+0x1e8/0x420 [ 2239.779486][T28916] ? vfs_mkdir+0x580/0x580 [ 2239.783709][T28916] ? getname_flags+0x1fb/0x510 [ 2239.788319][T28916] __x64_sys_mkdirat+0x89/0xa0 [ 2239.792917][T28916] do_syscall_64+0x44/0xd0 [ 2239.797162][T28916] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2239.802886][T28916] RIP: 0033:0x7f2bac5fa0f7 [ 2239.807144][T28916] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2239.826581][T28916] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2239.834833][T28916] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fa0f7 [ 2239.843230][T28916] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2239.850989][T28916] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000178 [ 2239.858788][T28916] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2239.866602][T28916] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2239.874577][T28916] [ 2239.888638][T28916] erofs: (device loop5): mounted with root inode @ nid 36. 04:36:35 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async, rerun: 32) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async, rerun: 32) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) 04:36:35 executing program 0: mprotect(&(0x7f0000fee000/0x10000)=nil, 0x10000, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) 04:36:35 executing program 3: openat$hwrng(0xffffffffffffff9c, &(0x7f0000001ec0), 0x40202, 0x0) 04:36:35 executing program 2: rt_sigaction(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x8, &(0x7f00000002c0)) 04:36:35 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:35 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 61) 04:36:35 executing program 3: r0 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)='ns/user\x00') sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000001c0)={0x2c, r0, 0x425, 0x0, 0x0, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r2}, @GTPA_VERSION={0x8}, @GTPA_LINK={0x8}]}, 0x2c}}, 0x0) 04:36:36 executing program 2: r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000000), 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{}, {{}, {0x0, 0x1}}], 0x10) 04:36:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x3000)=nil, 0x930, 0x4, 0x12, r2, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 04:36:36 executing program 3: socketpair(0x28, 0x0, 0x9, 0x0) 04:36:36 executing program 2: openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/handlers\x00', 0x0, 0x0) 04:36:36 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x9) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) [ 2244.573383][T28954] loop4: detected capacity change from 0 to 16 [ 2244.580312][T28954] erofs: (device loop4): mounted with root inode @ nid 36. [ 2244.617046][T28955] loop5: detected capacity change from 0 to 16 [ 2244.656579][T28955] FAULT_INJECTION: forcing a failure. [ 2244.656579][T28955] name failslab, interval 1, probability 0, space 0, times 0 [ 2244.673305][T28955] CPU: 0 PID: 28955 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2244.683453][T28955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2244.693343][T28955] Call Trace: [ 2244.696469][T28955] [ 2244.699244][T28955] dump_stack_lvl+0x151/0x1b7 [ 2244.703759][T28955] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2244.709054][T28955] ? pagecache_get_page+0xce3/0xdb0 [ 2244.714086][T28955] ? __kasan_check_read+0x11/0x20 [ 2244.718945][T28955] ? preempt_schedule_irq+0xef/0x140 [ 2244.724068][T28955] ? __cond_resched+0x20/0x20 [ 2244.728580][T28955] dump_stack+0x15/0x17 [ 2244.732572][T28955] should_fail+0x3c0/0x510 [ 2244.736825][T28955] __should_failslab+0x9f/0xe0 [ 2244.741426][T28955] should_failslab+0x9/0x20 [ 2244.745763][T28955] kmem_cache_alloc+0x4f/0x2f0 [ 2244.750363][T28955] ? jbd2_journal_add_journal_head+0x84/0x4b0 [ 2244.756264][T28955] jbd2_journal_add_journal_head+0x84/0x4b0 [ 2244.761995][T28955] jbd2_journal_get_create_access+0x48/0x4a0 [ 2244.767812][T28955] __ext4_journal_get_create_access+0xaf/0x550 [ 2244.773798][T28955] ? __ext4_forget+0x850/0x850 [ 2244.778395][T28955] ? __kasan_check_write+0x14/0x20 [ 2244.783342][T28955] ? up_read+0x14/0x90 [ 2244.787252][T28955] ext4_getblk+0x3d9/0x6f0 [ 2244.791507][T28955] ? ext4_get_block_unwritten+0x40/0x40 [ 2244.796889][T28955] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2244.802265][T28955] ext4_bread+0x2f/0x180 [ 2244.806345][T28955] ext4_append+0x2e8/0x570 [ 2244.810599][T28955] ? ext4_init_new_dir+0xa10/0xa10 [ 2244.815545][T28955] ext4_init_new_dir+0x337/0xa10 [ 2244.820317][T28955] ? may_create+0x647/0x8c0 [ 2244.824661][T28955] ? ext4_init_dot_dotdot+0x500/0x500 [ 2244.829890][T28955] ext4_mkdir+0x4fa/0xcf0 [ 2244.834034][T28955] ? ext4_symlink+0xfe0/0xfe0 [ 2244.838542][T28955] ? selinux_inode_mkdir+0x22/0x30 [ 2244.843493][T28955] ? security_inode_mkdir+0xf1/0x130 [ 2244.848611][T28955] vfs_mkdir+0x360/0x580 [ 2244.852698][T28955] do_mkdirat+0x1e8/0x420 [ 2244.856857][T28955] ? vfs_mkdir+0x580/0x580 [ 2244.861108][T28955] ? getname_flags+0x1fb/0x510 [ 2244.865710][T28955] __x64_sys_mkdirat+0x89/0xa0 [ 2244.870308][T28955] do_syscall_64+0x44/0xd0 [ 2244.874565][T28955] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2244.880294][T28955] RIP: 0033:0x7f2bac5fa0f7 [ 2244.884544][T28955] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2244.903994][T28955] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2244.912225][T28955] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fa0f7 [ 2244.920039][T28955] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2244.927850][T28955] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000178 [ 2244.935661][T28955] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2244.943479][T28955] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2244.951289][T28955] [ 2244.965933][T28955] ENOMEM in journal_alloc_journal_head, retrying. [ 2244.973548][T28955] erofs: (device loop5): mounted with root inode @ nid 36. 04:36:36 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async, rerun: 32) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (async, rerun: 32) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) 04:36:36 executing program 2: openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) clock_getres(0x0, &(0x7f00000023c0)) 04:36:36 executing program 0: openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/mdstat\x00', 0x0, 0x0) 04:36:36 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) 04:36:36 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:36 executing program 2: openat$hwrng(0xffffffffffffff9c, &(0x7f0000001ec0), 0x0, 0x0) 04:36:36 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 62) 04:36:36 executing program 0: r0 = socket(0x10, 0x2, 0x6) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000008c0)=ANY=[@ANYBLOB="14000000deca3b"], 0x14}}, 0x0) 04:36:36 executing program 3: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000002240), 0x0, 0x0) read$usbfs(r0, 0x0, 0x0) 04:36:36 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001080)={0x14, 0x0, 0x1}, 0x14}}, 0x0) 04:36:36 executing program 3: syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001f40)=')') getresuid(&(0x7f0000003380), &(0x7f00000033c0), &(0x7f0000003400)) 04:36:36 executing program 2: r0 = request_key(&(0x7f0000000080)='blacklist\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000380)='big_key\x00', 0x0) request_key(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)='syz', r0) geteuid() request_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000400)='dns_resolver\x00', &(0x7f0000000440)={'syz', 0x2}, &(0x7f0000000480)='blacklist\x00', 0x0) [ 2245.416662][T28970] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=51934 sclass=netlink_xfrm_socket pid=28970 comm=syz-executor.0 [ 2245.552543][T28984] loop4: detected capacity change from 0 to 16 [ 2245.559557][T28984] erofs: (device loop4): mounted with root inode @ nid 36. [ 2245.573062][T28985] loop5: detected capacity change from 0 to 16 [ 2245.583144][T28985] FAULT_INJECTION: forcing a failure. [ 2245.583144][T28985] name failslab, interval 1, probability 0, space 0, times 0 [ 2245.596072][T28985] CPU: 1 PID: 28985 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2245.606128][T28985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2245.616019][T28985] Call Trace: [ 2245.619143][T28985] [ 2245.621923][T28985] dump_stack_lvl+0x151/0x1b7 [ 2245.626440][T28985] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2245.631732][T28985] dump_stack+0x15/0x17 [ 2245.635720][T28985] should_fail+0x3c0/0x510 [ 2245.639975][T28985] ? __se_sys_mount+0x9b/0x3c0 [ 2245.644658][T28985] __should_failslab+0x9f/0xe0 [ 2245.649257][T28985] should_failslab+0x9/0x20 [ 2245.653624][T28985] __kmalloc_track_caller+0x6c/0x350 [ 2245.658727][T28985] ? strnlen_user+0x130/0x1c0 [ 2245.663233][T28985] strndup_user+0x76/0x150 [ 2245.667485][T28985] __se_sys_mount+0x9b/0x3c0 [ 2245.671911][T28985] ? __kasan_check_write+0x14/0x20 [ 2245.676949][T28985] ? fpregs_restore_userregs+0x1f0/0x3a0 [ 2245.682413][T28985] ? __x64_sys_mount+0xd0/0xd0 [ 2245.687016][T28985] __x64_sys_mount+0xbf/0xd0 [ 2245.691442][T28985] do_syscall_64+0x44/0xd0 [ 2245.695704][T28985] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2245.701421][T28985] RIP: 0033:0x7f2bac5fc60a [ 2245.705673][T28985] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2245.725114][T28985] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2245.733358][T28985] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2245.741176][T28985] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2245.748982][T28985] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2245.756820][T28985] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2245.764604][T28985] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2245.772420][T28985] 04:36:41 executing program 2: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) fsetxattr$trusted_overlay_opaque(r0, &(0x7f00000007c0), 0x0, 0x0, 0x0) 04:36:41 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)={0x20, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) 04:36:41 executing program 3: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000002800), 0x0, 0x0) dup(r0) 04:36:41 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:41 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r2 = syz_open_dev$loop(&(0x7f0000000000), 0xf23d, 0x1) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) 04:36:41 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 63) 04:36:41 executing program 3: r0 = socket(0x2, 0xa, 0x0) sendmsg$ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={0x0}}, 0x0) 04:36:41 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_RATE_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000ac0)={0xec4, 0x0, 0x0, 0x0, 0x0, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8}, @DEVLINK_ATTR_RATE_NODE_NAME={0xea5, 0xa8, @random="1d21a7d65cfde3be2ef7d83f855c53cdf35dcea374d65a2c83770410cd40b14e3905f890732b29bd44d975bbf5be33780c02a52ceeb4fcbaefb12941a3335277c390143bb290c10a7b91bad32622da552215363f2da14a9cc48528c4d0d1e5a6eeefefa428b53005fccd5501b27b64f9ee1aa53a9f6d80ef8ee1dfffb469896227a466c38e4b6b60a932c5204d24c15bb4114106b2ec24d649fa3924df60170dfbfaf50970c38a920305f89645a20d9fa14738c5577c72ee887e711adf59a18af9a11214a52fcd28ccfce13ca20fc371f596292b2cee72f51cc6e321104b77c17b721149fbbb54a8e887f50417f04758ca6cc54ad706bf7886c5bb10fba6607198eaf951354608e63553847afcb5258fee872f5cae1dbe761ba18aed85573a666e674553bd48ee7ad9d55fe78a1aa890ef7d59ec88c286cbbaa2444626d5c8340e993c05bbcb1d0e3d5441c80f3d2f06debee3d0596dbd224e18ab9b6df65edf669f3b853a5dc77b005f310c66d53eecadec72d14bad171659d692fcd5ee64689f939a5833e3cdb9dc806477c79ade2179cbff1fdef9636d23fb4440396854cbb31ddbf2107f73926051983e5ef5a0898d9b9c42a17d4710a32aca889040656d42f585bc974a2d589274e6d68eb2a7a5bd6ea45925f34aacd9e556656493abe5d9550e9595219459efbe93afce0d08d1454abc972b91a10f2a2977cc37c4eaa3daf29d9233b87751db860f46657bb641f6fdbe2c6db05d30e86e3ed979c886863adf1717a1901da80fabd73d3d15460dc86dd5bc0d649fdc223a24791e4777a7e2311528d0274e8e89c2a3de1def9871f93db34f0b52ac758e3053948391874c27859440cd3d2bec1a275730f7c1c4523d3543b05b95894af3056ffe4d172378f1a57de6fd756b5cf0ce9288ba0866706a45c0880c2f9dbd6b05c108aa1912a2b28e07b2afa004dffedece6b6214bd77e1e95d09945b1b371788156810439b8f787d40c5f7d18244def82b7d03f53a5388e830252a1839bc3972749b3f1715ce49243133a59054f3df9f05a38a26ef60f61b5bc081baf8dd5428e2720fe51b03cc3a542c5bb524a41522bfbd6f44648beb13b7f40ea5a6ffcf4da0ee9f0605afe20811645c3bd92a2ccaaae0e83d3a7c1d640b440613863a6ff3cce889b5d7c180dab6d177610d8764183e3c6965a04213a87cec2e8fa0d45445d39f857e61305bf38fe9961438e1c813aa504aa92176d357e1435d8cb3478da415dd87322732b9828900f84a10632053ecfa19f5a712f54b9105a8834026fe3415b95d833d750aa64a7c532a3edb12acced146da20f060955e611f6dc253f7a9793c61c0f324161c6f97665bd71b9748957b3d4f2f487bea4e8c720fe8db1a71f5016b685dd9e722406408f8d1163d9eea3b361e398f9a4943102d09fe77ef23df3f0cdff1a27dd10e6c3ff44c582eec674168b06ea99f687cf5a9a3c6c8cedfaa50fdd4b1a78070cf4f3e3cfe3973b6232fa147acc31d87613757a6e7b30f83300f74942213d12bf9a0669a6d75f803a29af691871c0c3c71e162197137b0dbe4760153087a34b03aafa4a5e17c5b638b381a3cbf572e1a1ffc9af344204f07ed2418d12f5b55eb6f82d47b34c2f265e253f2cd40f0a08f3e97659727329d45cc0b42919c8a440a73622df612cae8a21333a8f6f536b3bef656ceff9fcd0b66415162cd264875f5d62b9e4b5adc7a4fda71fd2513305a59ccca2df0a6ca210647e29260c721eef9d04c01dd6bd8aaadf9b009d1d8c81ea8aa4d94a6b53c1cfea7955448c0eb1da1fbf3b031e8fc56bd8e4153ca56d28cdbdaa2c75a2b63e144547884033fe726e02d74c72ce7a4c0fa5cae453828398fb195f96778f837abe8526246b615f5e74fba07c7ab9ac7521426ba3563f4192e2ceb7b5a5e78c19edb75b280129554566069cd9787be865a709853ba65def48deca549544ba5b1c9fc512b3f20eba15f407e7c37731d70eafae7d661524d4cc0602f75965ab5a4b6be4e6c08ca8fc0ca5660b5f8721f8b4bdc813570e2d3b033c0f7a2f2cecb660fbb4199b10a26502a42a78c6a07e168e1b6b68cfa8343fa9f573834b75192e8818f2c61a42558ccb2e359c5143d53c61d0e0161d83a73bd6d80fe79cf42036a0dbf6657344747e36e6925fd78d381c8e9eacfed6f753820817c031a607384e0a6cffaef0247ee6ceffb7341fe9e76c2ac76bf92c7b44cbbd2756ca083af070215b6fbc816a3110f5bd0159ef1388e35d6952388807f45b03e2b5fe810c52389ea32533399270672ea3c982b6fa6b7a7ad061cde63efbb34bcd35513705d4f8d6605c096286c0c5f645d3be48552851967ed2bf373ebe30929c177d6221f262cf31b095b6a83661f78b900951003cfada7585944fd90e69bfd3c38c3cf6aaacf662f538289795d08606d6f9b47d34b26ca9bf45bd57161556b4a3e417fae28306fcedace5d2adf99e60ed90dafec14844d64e21f2fe415f85bf07bbe5d3c70f10be91943f275c5b8c8e1e22c6fe20dec0c20f20f4d297dfaa165bff3fd17a08c2e2b3c32ba96bdae1657a8a165bb50ff2f8041f715167849c5bcc6a031a46898c9f45952f38fd63ab4a2c16e7def88b2af0f660599ef6b30b8061eaa44a675aa347d2b78d1416b63513a1e1019f9c279477974a7fdf0f9924dc5df60869b0a98eb027ea1e1a2d6e214ea471c3f57021088c3b406ce50a69c11fa56a35c7e8a3001ba4f71aa88e0cb59e3c93f82bde679411ad53fbf5f9d954b64345bf489c56d891d0bd95692e43dfb6609cf4a8df10540ff830ee8676debf406b7c4e6ec8414231cc7337cc113c095e9c676b49d1f132b57a43b21ab779ff9158470676591cb439bd0ebe9bfa4e04fbca673317dc7bbce8d1f8926c625f878bf83d4fa3b491ca84ebaa419747aa83c48f22afbdf808242e4b737b6fe905d054e8b60f3f7a3d18f5be2e51c6ee22b2d1e81dbde856b86a6cb55328d674c43bbb31c91b1815a957115669a4ce0d2da9add04967dc56f5e95046a9aed0961ecdf55547f839ed96949416977eeec5ce88ec006ddfefd5eb70fab9546552e5ea858818acbcc475917c7848bcaa9e060026d279847dcebb360c62443d0f1ef391ff6b9cbda05a647d1ab954e6f66c5d188d2e48fa401ab307373a5fb6ec911c7a110517a7a2c9a1b570a0195ab7af5c7d24830ea3c176b06ec024e0f3a1e5fcb3c820cc0e995dbca132e35b30fbf87caef59faab9574361339239de0ce7cd05aa11c877f75dedb4d2eeb2110a80383ce8666e85acaa8456114b89caa8f157ac9e5f27a8972d92410ef501db315619697776bdf5b3b4c087cf036727b12c932663e1ba8dddf174e767770bf0e47a7521f14249ddf8b74be6e66b66425b4c3cada743f5ad101ae1e529d8ad1372530abb8774387f6ba3ad39e09e98a397e8d673521a455603782679527ab69fe88d52b69124b1af008bb54f909272d8925ba141018088bd1dcee5196e8def19c14115c538a5a15c9e5d3c71f8e4a1f3c4b5f60581e4db144163f0c441c76f246dd10a0f4dc8c586eb9d12eaba31abe0864fc2192d8cc9ed346baa19c07a652c0b9c3ff2b24204b4c42a77b540b2e0474726e5c1d16548e559f1e39a49c562e773660600d55082657ca03cfe18d2e6e2ff910706fc38c1dad41b72c5a84307fcf2650283b5fceb9f03e0ff8373b47f558d4c1d936918cf04fc3a0ded3c08c065e64d16d12b6fac21c0e5ddf0a44059048350ecd4a97d3a772dac6bedb16b470093e283e7317bd3184cce02ea095814108ed24c108bdc6cfe7e9b2dda52d65cc7055ec6f92624026303fbdeeee3bf2019b8bef226f24c667aca18a15ea6b1e8dc8d6058deeaaf60c224fa25db02bec498c8a1e734832dfae944d84ad3069cfb3972b37bc48e6de548f43139dc353c70b389c0b6f494c5d16243a012b467227a689b1445c23ff0064e6af326e02632ce922b2a9fc1f21deeb2551e8ee4c00a17c74db373fe4effbe333564a4ead1741529c404828021da782a084641e27eb8fc31aaaeed842b7f3765ac4adbd185cd340baed861c65bd6b8ea38619d90c6670fa05175c8bc98f8b3885c4f9b317f65d6cd4da352b0f2f3e7938faeaaa0df56615384bb9dc53b0802e721a2028d293b25f001eb9f223669246a35df0f01ef1b235576a83bb38749c220a34f12ecedca0e0de398853aeae0b1e06478d33665efa014943de0f3793c1a6f32060f87ca0d044428ca1e0012e04c70ed06df5fb3afd236ebd35d6eb8cbad668cf2122b71af4083224926ddeed3b3f8c12aba8c56fbdc5940ec8748294664e1fdf8ffb346da0b1cb43c654752b8bd141d401c856e155c8fe340efd877937a7d1f919087c9720ddc8d33b905e32a140f972628e6a230a882fade03c048e76153c72b210c242aa972716cb80b10e56c7bd15664ac5bfae93fa7decb1408509b8d14a026ee53b6ae56c747479a21d1ee0d7a3fe9e4f6e25d4a3353a4281185595433ccacb373b64950e49bc28a0e0ce2d6f2a467bad021382855147f551f11f8285b356282c65e70b091844b94cc564ece6ab13c5ef5be3fe45afa79b0aa870272d632798786bee4337571029a70b3b3480bade3b0f3111d9836bca14f8be608994efff0e8a7d7b0610937e3e94b25ba1c01badc7501ce7645e1f9424d01e146c7e490199e3b87059518430379848fc12f0aaf4796753fb6888d1d0b5ff6b37ae20e332b1f3422ae2531ca8572f6727ccf555a649714b4ab709009084773c8631830d1026e2322f42253a1c298962a59a503d9ef982e9e833486b72ee7fb1733c77ef8369adf1a9d146a37a0cd31e702e09b9384f6e86b7dec0a4b358699d01513722f2abb691c0c215eb5d3d5f289af619a85af1b7c7ff7e40fd21ffdf945728f21de75fd78143ce6f0b6dacb2bd80c3099e8c638e9c60ec2366a30d49d8fdeab0e05e2abb4cc8b7d87adbb7ca4822a922180d358dde81278ff03463da2739ad4ea1e3b1cfc29011f83c5ded7a8a0503e685e01eff3db2d370944eb7b231d566d6b24a7ca3f0fdc59de77242d3db3d1ab40c7d67f7debab99c309368cb5aeef03350a3711a37983ef429b2d1e30432457e8ed92debf066999f89f394e4ea3d909b16785d6465547cdb9c6d6e71b37c12442eb5d5959ff8c350edaf9fbeefb0c479df38d367229ab3770fc0e8190b82b51178b8da4a03baa70655a101850ac6422722c1b5e68f6480b2fb35128a0addfbc49ab15ccec01aef70f52862cbd63e"}]}, 0xec4}}, 0x0) 04:36:41 executing program 0: socketpair(0x23, 0x0, 0x6, 0x0) 04:36:41 executing program 3: syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000008fc0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) 04:36:41 executing program 2: request_key(&(0x7f0000000040)='logon\x00', &(0x7f00000000c0)={'syz', 0x3}, &(0x7f0000000100)='s\xcd2', 0x0) 04:36:41 executing program 0: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) fsetxattr$trusted_overlay_opaque(r0, 0x0, 0x0, 0x0, 0x4) 04:36:41 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x9) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @remote}, 0x1c) 04:36:41 executing program 3: pkey_mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000008, 0xffffffffffffffff) 04:36:42 executing program 2: request_key(&(0x7f0000000080)='cifs.idmap\x00', &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0xfffffffffffffffe) [ 2250.494405][T29021] loop4: detected capacity change from 0 to 16 [ 2250.501679][T29021] erofs: (device loop4): mounted with root inode @ nid 36. [ 2250.553365][T29020] loop5: detected capacity change from 0 to 16 [ 2250.603492][T29020] FAULT_INJECTION: forcing a failure. [ 2250.603492][T29020] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2250.633195][T29020] CPU: 0 PID: 29020 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2250.643265][T29020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2250.653329][T29020] Call Trace: [ 2250.656473][T29020] [ 2250.659230][T29020] dump_stack_lvl+0x151/0x1b7 [ 2250.663741][T29020] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2250.669038][T29020] ? sysvec_reschedule_ipi+0x7e/0x150 [ 2250.674244][T29020] dump_stack+0x15/0x17 [ 2250.678237][T29020] should_fail+0x3c0/0x510 [ 2250.682490][T29020] should_fail_usercopy+0x1a/0x20 [ 2250.687438][T29020] _copy_from_user+0x20/0xd0 [ 2250.691860][T29020] strndup_user+0xb3/0x150 [ 2250.696117][T29020] __se_sys_mount+0x9b/0x3c0 [ 2250.700540][T29020] ? __x64_sys_mount+0xd0/0xd0 [ 2250.705145][T29020] __x64_sys_mount+0xbf/0xd0 [ 2250.709656][T29020] do_syscall_64+0x44/0xd0 [ 2250.713907][T29020] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2250.719644][T29020] RIP: 0033:0x7f2bac5fc60a [ 2250.723889][T29020] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2250.743415][T29020] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2250.751660][T29020] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2250.759477][T29020] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2250.767283][T29020] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2250.775102][T29020] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2250.782911][T29020] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2250.790818][T29020] 04:36:42 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) getpid() sched_setscheduler(0x0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) [ 2251.434887][T29032] loop4: detected capacity change from 0 to 16 [ 2251.442520][T29032] erofs: (device loop4): mounted with root inode @ nid 36. 04:36:44 executing program 3: r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast2, @loopback}}}}) 04:36:44 executing program 0: r0 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)=ANY=[@ANYBLOB="14000000", @ANYRES16=r0, @ANYBLOB="c3250400000000009eb5f6"], 0x14}}, 0x0) 04:36:44 executing program 2: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000002080), 0x0, 0x0) splice(r0, 0x0, r0, 0x0, 0x5, 0x0) 04:36:44 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 64) 04:36:44 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) getpid() sched_setscheduler(0x0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:44 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async, rerun: 32) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async, rerun: 32) chdir(&(0x7f0000000140)='./file0\x00') (async) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async, rerun: 64) r2 = syz_open_dev$loop(&(0x7f0000000000), 0xf23d, 0x1) (rerun: 64) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async, rerun: 64) pipe(&(0x7f0000003d00)) (rerun: 64) 04:36:44 executing program 2: r0 = socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000000), r0) 04:36:44 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_VERDICT_BATCH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x14, 0x3, 0x3, 0x201}, 0x14}}, 0x0) 04:36:44 executing program 0: request_key(&(0x7f0000000140)='rxrpc_s\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)='^(*\'$(++${^-:&\x00', 0x0) 04:36:44 executing program 0: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) setsockopt$nfc_llcp_NFC_LLCP_RW(r0, 0x118, 0x0, &(0x7f0000000580), 0x4) 04:36:44 executing program 2: syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 04:36:44 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x9) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @remote}, 0x1c) 04:36:44 executing program 2: syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001a40)="12") 04:36:44 executing program 3: r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_TIMER_IOCTL_GINFO(r0, 0xc0f85403, &(0x7f0000000200)={{0x1, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0x0, 'id1\x00', 'timer1\x00'}) 04:36:44 executing program 2: openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x6180) [ 2252.557691][ T30] audit: type=1400 audit(1669523804.071:699): avc: denied { setopt } for pid=29059 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 2252.639813][T29071] loop4: detected capacity change from 0 to 16 [ 2252.649774][T29072] loop5: detected capacity change from 0 to 16 [ 2252.656214][T29071] erofs: (device loop4): mounted with root inode @ nid 36. [ 2252.668373][T29072] FAULT_INJECTION: forcing a failure. [ 2252.668373][T29072] name failslab, interval 1, probability 0, space 0, times 0 [ 2252.697636][T29072] CPU: 1 PID: 29072 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2252.707708][T29072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2252.717597][T29072] Call Trace: [ 2252.720716][T29072] [ 2252.723497][T29072] dump_stack_lvl+0x151/0x1b7 [ 2252.728006][T29072] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2252.733388][T29072] dump_stack+0x15/0x17 [ 2252.737383][T29072] should_fail+0x3c0/0x510 [ 2252.741720][T29072] ? __se_sys_mount+0xde/0x3c0 [ 2252.746322][T29072] __should_failslab+0x9f/0xe0 [ 2252.750931][T29072] should_failslab+0x9/0x20 [ 2252.755267][T29072] __kmalloc_track_caller+0x6c/0x350 [ 2252.760382][T29072] ? strnlen_user+0x130/0x1c0 [ 2252.764904][T29072] strndup_user+0x76/0x150 [ 2252.769157][T29072] __se_sys_mount+0xde/0x3c0 [ 2252.773595][T29072] ? __x64_sys_mount+0xd0/0xd0 [ 2252.778174][T29072] __x64_sys_mount+0xbf/0xd0 [ 2252.782600][T29072] do_syscall_64+0x44/0xd0 [ 2252.786859][T29072] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2252.792583][T29072] RIP: 0033:0x7f2bac5fc60a [ 2252.796927][T29072] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2252.816361][T29072] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2252.824605][T29072] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2252.832414][T29072] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2252.840229][T29072] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2252.848045][T29072] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2252.855858][T29072] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2252.863664][T29072] 04:36:44 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 65) 04:36:44 executing program 0: r0 = socket(0x18, 0x0, 0x0) ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, 0x0) [ 2253.469064][T29079] loop5: detected capacity change from 0 to 16 [ 2253.491463][T29079] FAULT_INJECTION: forcing a failure. [ 2253.491463][T29079] name failslab, interval 1, probability 0, space 0, times 0 [ 2253.504023][T29079] CPU: 1 PID: 29079 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2253.514144][T29079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2253.524028][T29079] Call Trace: [ 2253.527230][T29079] [ 2253.530006][T29079] dump_stack_lvl+0x151/0x1b7 [ 2253.534521][T29079] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2253.539815][T29079] dump_stack+0x15/0x17 [ 2253.543808][T29079] should_fail+0x3c0/0x510 [ 2253.548060][T29079] ? __se_sys_mount+0xde/0x3c0 [ 2253.552659][T29079] __should_failslab+0x9f/0xe0 [ 2253.557259][T29079] should_failslab+0x9/0x20 [ 2253.561599][T29079] __kmalloc_track_caller+0x6c/0x350 [ 2253.566718][T29079] ? strnlen_user+0x130/0x1c0 [ 2253.571235][T29079] strndup_user+0x76/0x150 [ 2253.575497][T29079] __se_sys_mount+0xde/0x3c0 [ 2253.579942][T29079] ? __x64_sys_mount+0xd0/0xd0 [ 2253.584514][T29079] __x64_sys_mount+0xbf/0xd0 [ 2253.588947][T29079] do_syscall_64+0x44/0xd0 [ 2253.593198][T29079] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2253.599095][T29079] RIP: 0033:0x7f2bac5fc60a [ 2253.603355][T29079] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2253.622787][T29079] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2253.631129][T29079] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2253.638931][T29079] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2253.646747][T29079] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2253.654557][T29079] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2253.662367][T29079] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2253.670180][T29079] 04:36:46 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000140)='./file0\x00') (async, rerun: 64) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (rerun: 64) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (async) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) r2 = syz_open_dev$loop(&(0x7f0000000000), 0xf23d, 0x1) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000000c0)) (async, rerun: 32) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async, rerun: 32) pipe(&(0x7f0000003d00)) 04:36:46 executing program 3: r0 = socket(0x10, 0x2, 0x0) sendmsg$DEVLINK_CMD_RATE_DEL(r0, 0xfffffffffffffffc, 0x0) 04:36:46 executing program 2: socketpair(0x1e, 0x0, 0x7ff, 0x0) 04:36:46 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) getpid() sched_setscheduler(0x0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:46 executing program 0: openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/slabinfo\x00', 0x0, 0x0) 04:36:46 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 66) 04:36:46 executing program 2: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/partitions\x00', 0x0, 0x0) inotify_rm_watch(r0, 0x0) 04:36:46 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000080)={@dev, 0xffffffff}) 04:36:46 executing program 0: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) fsetxattr$trusted_overlay_opaque(r0, &(0x7f00000007c0), &(0x7f0000000800), 0x2, 0x0) 04:36:46 executing program 3: request_key(&(0x7f0000000100)='keyring\x00', &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0xfffffffffffffff8) 04:36:46 executing program 0: sched_getaffinity(0x0, 0x8, &(0x7f0000000080)) 04:36:46 executing program 3: openat$vsock(0xffffffffffffff9c, &(0x7f0000002240), 0x1c3402, 0x0) [ 2254.849427][T29107] loop4: detected capacity change from 0 to 16 [ 2254.859519][T29108] loop5: detected capacity change from 0 to 16 [ 2254.866015][T29107] erofs: (device loop4): mounted with root inode @ nid 36. [ 2254.873859][T29108] FAULT_INJECTION: forcing a failure. [ 2254.873859][T29108] name failslab, interval 1, probability 0, space 0, times 0 [ 2254.913208][T29108] CPU: 0 PID: 29108 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2254.923279][T29108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2254.933169][T29108] Call Trace: [ 2254.936308][T29108] [ 2254.939592][T29108] dump_stack_lvl+0x151/0x1b7 [ 2254.944104][T29108] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2254.949489][T29108] dump_stack+0x15/0x17 [ 2254.953479][T29108] should_fail+0x3c0/0x510 [ 2254.957729][T29108] ? __se_sys_mount+0x156/0x3c0 [ 2254.962414][T29108] __should_failslab+0x9f/0xe0 [ 2254.967017][T29108] should_failslab+0x9/0x20 [ 2254.971382][T29108] kmem_cache_alloc_trace+0x4a/0x310 [ 2254.976650][T29108] __se_sys_mount+0x156/0x3c0 [ 2254.981164][T29108] ? __x64_sys_mount+0xd0/0xd0 [ 2254.985763][T29108] __x64_sys_mount+0xbf/0xd0 [ 2254.990189][T29108] do_syscall_64+0x44/0xd0 [ 2254.994441][T29108] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2255.000168][T29108] RIP: 0033:0x7f2bac5fc60a [ 2255.004424][T29108] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2255.023876][T29108] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2255.032109][T29108] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2255.039918][T29108] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2255.047729][T29108] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2255.055542][T29108] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2255.063350][T29108] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2255.071167][T29108] 04:36:50 executing program 0: syz_emit_ethernet(0x4a, &(0x7f0000000200)={@broadcast, @broadcast, @val={@void}, {@mpls_uc={0x8847, {[], @ipv6=@dccp_packet={0x0, 0x6, "d47282", 0x10, 0x21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "010091", 0x0, "01e5ff"}}}}}}}}, 0x0) 04:36:50 executing program 2: r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000000), 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f00000003c0)=[{}], 0x8) 04:36:50 executing program 3: sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, 0x0, 0xdee12a97daefceb8) 04:36:50 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:50 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x3010010, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) r2 = getpid() sched_setscheduler(r2, 0x1, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_LIST(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)={0xb0, r5, 0x301, 0x70bd29, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @remote}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @rand_addr=0x64010101}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'team_slave_0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @rand_addr=' \x01\x00'}, @NLBL_UNLABEL_A_SECCTX={0x28, 0x7, 'system_u:object_r:crypt_device_t:s0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'netpci0\x00'}]}, 0xb0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10) r8 = getpid() sched_setscheduler(r8, 0x1, &(0x7f0000001700)=0x4) sched_setscheduler(r8, 0x0, &(0x7f0000000000)=0x200) r9 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(r9, 0x107, 0xc, 0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000002ec0)='./file0\x00', &(0x7f0000003f80)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x100) r11 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000004280)={0x6, 0x6, &(0x7f0000004100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffff211}, [@cb_func={0x18, 0x2}, @call={0x85, 0x0, 0x0, 0x63}]}, &(0x7f0000004140)='GPL\x00', 0x7, 0x7, &(0x7f0000004180)=""/7, 0x40f00, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000041c0)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000004200)={0x0, 0xc, 0x9, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000004240)=[0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005500)=[{{&(0x7f0000000700)=@abs={0x0, 0x0, 0x4e20}, 0x6e, 0xfffffffffffffffd, 0x0, &(0x7f0000000940)=[@cred={{0x1c, 0x1, 0x2, {r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xee01}}}, @cred={{0x1c}}], 0x60, 0x50000}}, {{&(0x7f00000009c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002e00)=[{&(0x7f0000002f80)="2f3abdf20c9832a7dc6dabfd6c0eee09f826f0a7dc1ddd790e8dd520082a8da6d9aafa22fda38b83149d924659339519191e614aaae5cc2161026081c37c5c01b8b927d1fc9b739a413f41746a52cfa97d0b7a978a1ceec1670be9e20a06564b0db8ed3c58c2c781f563eecb07a1c269b1217d274a74f5d7ad6e0779ba521bc0f163473c91af541aae0a826c986aca228960f4d51dab81e41530808feeb0adc028db9038e24e2577aaec86d59f5f8bc4bc892f50ec7c7d35ca864f4ecee104c1d757093aeca49f9e2a97a5aadaf85f3f82f63ab3ff008ba5c6b6d93a19960144fda2dd30f0d088dccf3a37541126628e9cc3048a0199ca915999944246be5e4f6f2207b92cab5a3800bd5d42024c20b237cdb8a179b224c43ddbf658ae3ddb82d7be720eeb770a5072624a3dbb80d0d35f44103b1a829c6ef6ea154a1c0b55927cb7cf501fcf0ef6504631525a841196974e129223612940e0e71b16a80ec23566c3287c165d325b54ae526617a602af47eced6ef79107b88ebf2939975a3cf63abb224cfd1ea7c996754843f602285e2dccac2cb678907384c68336e5a7c919a18fe82bfc027c3a7841741c29b77485967b3db2cf7f4469b52ce4e9048587b7f2dc4f11f0b60a76ee45403a2fc9b7724e98fdc20188361d0c369f41d165ea71b62ff5a1c8095a5406d04a78149862e4aeedee831226a84a316b44895f06fae20eaf027c61e417cda216108f6004ad928509afee16bbbedcdbbb7b435f82c62a1c38389543dd0178bcb7bc7c8079d551ced601127a12e1282ce996c065dbabe4b9ed0519d662911cf6aa6dd1b0652b898c70e16248be46da1764fc86c0c20d40d154411f2a560906ad8be588249717bb5c576b0599f4d741e92ace5b90a44cdb59420feb1183141b562106836d2c7355149c06cd32c94009cbf6f60bc05304e118559ea9c72a13d1b2c63bee89b45146251b277347eac3e34562237f228002813d83b89574960139cda4f7eb8ac6ee39d970049a85e68eb8e4f6befb8d4b8aa9d696d58e7156a2e5288ea338ac9b8774d1ab05124d49ee7084865f3828c2598bbf3e26d1d1379d5337b840e4e8eacbb76c3effeff8df19e154f165df7064c684ea8f449c93b659e9738065553bbec1482157ec3796cf82c82f95f1d61282bdd3f3ab06f1e302efb063643ea7e6c86948a8be7806b2a1f3eab68becb4900fb49aac932a0e0da3f6469775a6ffd2e175450d89f6bad14f1b46e1a3e393c50019ef79ce65567ca44449a333688adc6178ac1f6a7d296eadf10a066c6b228ec2bef00de3ed269c40bf914ffd48518fd1ea9b302ae8c20af06af3b9cedce4fc4ce9b70a4d983dd07a46179198c83b25252f496e2bf1b0267c4f90f9f6dd8f46c6bc29f4fcbd01b82daf242d2d39b5fdb6aab87682c28c0702ca27ababc588df75b52903bad60115ca8466b1f9a289ef9d48ef06fdf1f55115a1537f1ba2456970a1be93bb4ff0a503550827942c95a928d7141de7514524cad4651f13c237ba2530787716f9b440f1238998790e066f74666cc1e22f19188c4d211ca7ee9dade1ab77f7aa3adaeaca6e9601c71b4db83da23aa45b8240cacc80d20213b80681980b927e461f3997d3c7d7fd9e20640d9b51e8c57be1e0685ecc713339f3ce65874531992584548cffcae8b5743d1b88ba4c4b61ef4636e4e31bd7f54b8309139d12bcf0714a121913f7177e9e56017b1407450e75523131a8bb2f4260f458df7101898c7e1603333b97a5b1ff794bbbb91cd1c6fac9efcbf9367b1b2438fa080298c20d142b89b61ad37deee69a4e3c30bcda452a2d1eecd8adcac9d578c50af11f8573be93668c524f6ff777062c0b58a97a2f9855d4d733bb3afee68fb9e033d1aeaaf376c39cc7affcf4c24b6ed3429a02237d2947fe2e61a80ff8b237c8c80026aae7b30051b6df84d95d8cd787799817b6f79933b903acc28766a68bb27ec18cc9e8f715f623b5f4536869f3c543e12de96b7db5091a9bf76cee7532e6cb6e4494cb6dc4e2570f2fd571e0da96ced0edf0112b36f57fe98174a228cd2b3c54f8df8bfd54dadb2ab34c9c4a56ea88e32046e62b1b61345ad8bb62321c019403811474cbcfd676f25e63aaead0b9571d21f409a884b025459d121c21080d7aaa29b4b42066308b8a85786475c8cbf39dc8edf5d7367a210d8c4bcbca979a26e8c728dd68fe9833f03f6291109deb3a3b8eb1646ebae2dbe24965d5064cf3c8819d76ec990e018657e967389b8d708aeb48306c7f7ec566ef5ba8ba4a2be4886c9dbcf97f3f11829512a1b282a1d510b806239cdd0416f3095e9f7ba2f64729372cd305e73e370f0cd357b4fb50b48a93df741b2e1bdfcb89d407159f2419f5bb5944e320bea62ca334717af5e4a74d372f27c3e585512f782bd7c40f8ebc4146c7982aec16006415eb488fefe00acd76f95361ccc7205aad2cc605a2cceef61a62666520c3ef290b5777dbc63fb7527cc8fdf554332da2e7259857784f58ff89b746785d34847b0efb114f38a9c259c60c18fbea054a4b6280d1fc6d8866ddaf8d393708f04a71398c2ba2cc46aba26cf63c7a0f99a65363329f56eaf00eecc3c70dc767a2f579819348df20c1060f99489840db65083801720da032a48f084df95c5cf6369899e4dd414208875ca162b2c8ea176b17bf4d5ee819788d92f4962bc5b7026957666201d5a6a8ae4ef1a366c429dabf72f34a0ab9e66edc8386383dd2ebdecae38fc77d9753847266b3f7dfd66e2b1eed08d5b32d23b2beaca873e217dbc4363b30b35288649b96075559fcbe315ea61aad279d52ef1ba25fcc5a40e24b77c3ebd54e009430f9670fd02304cde41b29de8a207846ec0ead0a269710946bba378b3cd2bd9778320f1e28ec79c972af53b46dfc829d391d63e61752a597164fc5e074ffaf1c1c5258114afef57465536a25a44af4ee5dbecddaae24806b074ae51098b2c6dd8a27a4472c0db8d0b54c18c73b1793b06ae72e3cb1394efcb8a70bf092bd7ad68269fe972cd03bef34937157a62530a80cd9a3ad44688a8f30e9b09f08feb0eff8b663c7ce8347903471e54539afc7d6dbf39c76d08f1a525e37dc45cadcb1425573de676fce68aa5169a431d2ea7037e27f69fad351b4d955ad3ca1821a7666b0c487cf65ae977ef4dfda29458e53ce2b5ae2bf3f822c02a67096b526807e524d3fcf2cf2abce5b1066568e74aa56163454125cca2968e8eea2c25682bf91f33cd1b6fa4155bed379f10c670468aa82a607ee5065ef85a4b588b0b8ca5945128d1a27315d11a50764de6f208ea1c6b4bee8414f2bac645a9428429330fcc2d0b59c762057772176c03b7888f8be4b1d56da7fa3d1e354302eead093d53628e3e814aa8702bd5249e7bdf15752128f77440bd0dc46ba0972f724dee2903251d275528546193ba4059fca9004023b9e07dae8c54f8b95900ff8d7665fc6cdf8a6f79df9ac1018275b2ec33f14473cea5275f902e6b4682bc5a188023d15b02cb24069db0a5d85199ef1c0c4fceee1028fde3d577b6691744e815e36418b4764f977daa8d463a54655dc65e389ff303a65c02ac35564307dba3adb4ae556f141aa9ba6bbc653aaffd6130c8fca2b36edb5a5fa7d5e6e246d9997af2d3c1b56f10e1d3d0e43a962aeb7035ba25ddf68ab342d2f79f48b9df3f07e27ca456e8f35f6ad25f71173307a4876bd06cdb4a943afdf62a79cb8670b8c31f8c7b45bb555c44f65f8a7904bacc6df829e3e9058d462004cfac2daa8556998ad9e6656022eabc99d1c1ada3b2e6ec66149832d8520ae91432d336a9aa6ac5084da29b7c818282e7e30f15d4366465b119ea1765a7d628e25d9aae55e15e0033ab3d2d2c2136cbc73902fb6ef575f5912dfa8634559398ce4171f73e8154a88a160cdfa9ed1fb46420425ffad21a9bf67a370f1531e3fec135078637ef8a58db8abad65b17390d99f913224cddbcf23df0c1cd0c629242904a18e18088354834fae12e5a19c9d792cc9e30d05a2627972d973cb6e241d6900fd4dc5d66455289911c8dd5ebaf974fd5c6c9f5af90357d5b63eefc5a56a4ac082c23bdb1868eb3814898c469c7f80955de9f2773b847e3d5fcb1d0638fccb3eb65e9615f0614e8f3a6997d56a617d287d58d380b0b94708cd2c071cb6ed930bec48c73e96c29708f57a7fef55d54b076384ab8b1167e8c80dd2e702e66f03ad2202d5b27395302ca574d89f3d667639addc6838a7fd9ef59206e5613958788c4fd6eac0624f8337f56fdab418ce8b112a315a18eeb41418a5620899a5abe40b928fba90bd1a8026c66a3de9fa15dce6bf60918bda2769cdccf2ea4f04e889dc85459b4f937d57261c22ccfc78698d050fff1331a77415484c9df4e8317bdbd0a82f74825424c0b0b464ba2f679cf711d461f30c2c40ba0b2210f918c47b233853c09d1d1534dea2bb0c30316f41100587d66c3ab12b757b033fbf79fb4279fef4cb0d5f11d334ab797a220e15553ada8160c045cdf3bdf1ec1ad1420a9891f71c09f5c7702fe1114e3bbb3d1364138b1d5f7942870c809ed5a923c29e3538f2a31cecb618425faf7c68883dc636d5fc54b24d81785318cf6a35cdac023db270fc8784bda140aa3d5be808140c03f595a72912182f28b1cdba22f5fb63a911b94594cb01c43e39ef415d2a21c2d42a14fcefd321d6192b1fc83dc5bb4b893bb691a5bfa76cdd611ca09eb5fdbcc05b1a0b3c35f2aeec8f36ce80682635054da52483e8297c2f167515463bc5e377bde0f5a7dd962b148b6421a5b8d86e54af488a38dfecb2b9f866b888c26da99d1ab46b778e78ec3913ebbe8cd359569946b2939fdef08e347b238de9e15b17746e43e101d1afc28a460d1e44e9472b7e5537274737249af58dcebaca798c3c7f96ed63bc64efcac80497503d0161a75d25954d583a91aa7245952762f0c0421eca96db9693273b9680be7a9a6fc03a92748c5aebc83de3c7e35338020b380e7f6630c9cf073476e84977696305bf01a00fe1de6e67a8dbc631a6483a124bd1afb1753df020dc69ac0646c1295f1190c5814c16d2a146b60745d094a1dc0221c1c2e892f9dd66a40ad2f32385ffee56354daaf1f6fc9742322485a6a93480f4c11778d67f9bd7dd9148bbd71de0e170c7834f70b0379bb0ac3a51cf5e8fb2ee4b3a6ea91cc4ba131b87c559a2d8c75532799ffa06c621f5435f2f0d8b884cc3e39e56b1a7d18564a47cc7c182d112d7f3451773558326d4833bfa72d87450e323902a981b5463655400b0dfb4e33d075fb7e9ae01d97923a96ac0a4806f71a3b862ac6cba93ebbd20ed49d4e6dceb02bb1cbf61e9f6a4fb7042f9399da88416746cf6ec1b309531a1b8cf6d0a4515d09f76823abe97786358fa97b325a11824142b2c4057b0eeb55c6406506cfdb1800aa1559129a7391fc85c83af4a67264765c1d6ff64531a9aced6b006614ddf40d432be6f17b67ea74e472edc2c990cf24bcbf4d4030f2cc0f300dea89ba5982a067a5c0ca281601516808a18023ea2b59adc803f43d20eb4dccc038e9419da3b2902cb1468c33097753827630ea09587b14d85dc2ff9740d857a2daf76b1be511189c3d99ad04db57a19920efd47b58a94d33bbf51ecaf3a5fe75ca02ab1e3a4926b1a627807061c5dbbb939a2218cda211423603c79c6b33694294c77dac50be96af64c4baa212038447b32b542f36071fffec03398b82e417e603e22e4d4026bac943d243fca8b", 0x1000}, {&(0x7f0000000bc0)="9ae7968195678dda3f9fad614168ef4ad5b48749764aaa79857be95b61fbf18c69402c3fd04aa07deb2451e3d09f87d71d1e0aa2b8bcf21cc1c7a237e17d210fb311995b5ea604fb8e774b2d67f0c5b192e2eb9bac012da9633baceaf2f1994818bbe67647dc7cb84d2d7fea0c1c5d42b37813", 0x73}, {&(0x7f00000043c0)="afeedeb87d0de443ebf7ec9c5c75b0b7bb2fdda02ede01143726331b21a422145c116977bf54c10e2a275d6f0a1265a2b5d5c39ea9a9401c9e1dd00fc59d0005fd03c81ae6a5897354445a6c3b6a3bf139b373c7f7929645af9287a51f8b6f4f277e259ee14d503bdb1819d10bac2994cb44252b01d9f617331866a67c4e44c673452b2ffbed090266e1c84c541299c074c6a2201724b2df37f25dd3d89a4d8f1af8266afbd5293fba25efaf85618878d733fb10b0d72e6e01142a614757f8e9b4156c6781e9310de2f5679eb269a00d8c1b9e5b35290de657a6fc2457ebaab3c2f24ad70fcfbc81ac7a6f76b6829946874670ef4296ca30428a05872ea710b3bd7c7c22acfac59602c4d587c55e874ff3ee909453598d2487bd05a07829793f4cd50a18c931aa157cfb56ca9159cb8622fca7f0290cd99d3e239c6bf5843f1519679315af326d19b66e6a8589df2f0e0244b952aebae048c440f494cc23c6db1cea96185962adf8beb798a402da45a8f1480affbff570b17855dfcc07a0d5760ba50a30146ccf4362de3a87dfc0c9777cb6388ba1faebca36ff99f78ed272d8e3589aa58cc3b8f00377bce892480de777b07abcd188b068de6887301874ab5d2d5f7c715a5b50b3e9ea708b5d39e4612ae1543cb121661d3233d8373e3a40be2c97bd57172745ceadf9dddda179fb5dc45c4ea97e13cb4bf9f8a8d7677b342b2873e21cf0703f2d6cee75f778c8ef296ea4f2c4fe28b212c481aee2a323a13bc707bdf8cc3a4ce00511461b9a258a1dabe310a716dbc66e064b639135fab577ea1ff472c6854b5577055f439d00a516fa100d127d3992b08e281d4983c0d0defde1fd366093fdcc40b0dc510a7dda820bf98ac5f75b77e41ff1d3b94825eea1ba5ac0c95481049ad8d5c5e9de6d438a4bcf43b4da55886d6033ed0024e0c5c77b44d01f312a6d3f0f906cd562c9c3ab8b561f9237220968828a1cdc74019734659c4f5b0922c48c81f73993dc420976a2538a7e4a517284cc5091ecdaa1ff57a655104f2abb23cdfffb802d49d7fbb485cfb8d47bc9067dc10bcdb677ef091555ebc7497fa8538671e8a72d38eff40c5e248492f41edf40429750bc4f70b2a33edb0b73ad303694072b20614b44302d566662f221d920a38602369e0744d84d10f6bb2077d35d72e976c21914ce403dbe5a0e370890b68ddf7c8d8eeaaeb462927732ba0c42cf957464afe2a80a0fc4cd8d76508feeb7858a4651557a83bc2657151154f6a170f3e076bc641313ac119e614be9d62d1f43be7441bb6d1e835cf2dfe4f3e7476e3fdccbb977df53efc80c34977fd911733180042538f829a5df96216f79f4e41bc7201a2f1fb6baaa887d709c0e5179d33ce261c34133b2b8141cac849fea1a94d46206d870ada3187b0ddee1b14a158659cd99f30effbcafde0c2074449834ba09f47df460fe85d680c6d0a799d22f1131eff819c0a2e44c216bdb95dfed45d2c82bb322adf633d1dc859318bd95144d68c8e0625e9b8b035cc414bd7a1967a8ce9d63dfd81702a19ca95ea03934431e566a914d299549f969b1a076ffa748be227c54740656d9d72306853b30e2bf559316224653054945d7cb8a86428bdccebd96d161eb7b04a1680a68bc2830bc0f773f4308f15ec88b963092d4116f218296491eb7dfbc13347d6cfff1612c79f8fd67f9143c37b032eca9096af812d7deb3e25d552fb6d3abb0d921e666d46cc93bb8f3d47745a55b64e33d3af0905614ac12a84aa1ae763d04e460605ef47388f4085007fc51736a93c0defd12dcb75596ea3a6e55d8c3683b352cb2ab67a19d3c941059696296b93c1c152cb0bb96bc9228298bf603ab5bee74f559e03060c99e19bc9ffc4ff58b773295e34278b8e24d64490dac36963f882b7de9394320e469da6b1a57c72017f78871a71fe287c98f3f12bf86188a55588d35336b1e868901b9cd11c377097d16fe11f9e86119545dbe3783919736779c3e2e7da71bac8054c0cc6f682f5351b15ec58834fb8d2ff9ee025d1dbf9f064af13fc9dda225ae6213d6aca28d7176c7f49eb9fea4fc0e6c6116dcbc464774ff7a205afae6ca5c69f933b2cfb373f903c5ea75dc074560a9b17457e78bf1b6fac62e27101eb099d2215463b8bf31d22fe3c85347a663b264c0c1c8e650403b76c7575dd7244fe9d59a0f73677e7da3fe5ca4a5a7908368be56c33010230c1f37adb8247e2a8fd39ef3ec6abfa8bbc0779bf89544fbc5352ca5f12d4ca06871995613472e57ff12afe657580d68e6754ca89fc1816efd29d8e7cecb18dd9ea1dec72f0b794ff3b8b88858d3616a65acc033231421b0f14fb4b4dc7b07f748e502a916ce8efdaf821c3d21951e1c9a923bb1fca8960ec47a1db89fa5876ad0f0fb0fffffbc7719e4998a3c2bf266b908b7ea683f712560472bb787dc037b64947d4d30cf9cbef98f258ea769e1068c1f408a0062e5d6b488f33a5a1f2dd355db036b8212a59916bc9fedba66b6b01788e68c9a409632a146e2f0d9331fccf4af3f2fd52a80c19e611a5ed4fd0097832de580324f70ae0303cc32ef3e293a2a2d7c1f420a7a1359be21b12b3b75b57e700274e7a9b4d43e3ce6463e8e1935e6c0a4d7fc5789b783ba3d7dacee7ec00bfb3177542624e5ad95fcea55ac30d1d121aa785a4b29230c3abee940372daf96dabdf3f4e0c6100b85e1e1134fd60dc55320b68d0345817a90697153d9cafd83c017988d584747dffce6664bcdcbb55c22beb89a35ecb7f22d5589d2f76ca882c8786cb71ee14340a924ac49c2447dbc1195ed1ed35df8af6101f8c84b530cf97a938f471830b612564e5c123901177d285d6e07a87e91560948c0aac24f8124073ac8f3b60e33c80faba24ad72556b6617a265677e2bbe00359b89d7bc09142bca3dde8d4ce7cd00bc2313a9144470b83a705da2c363b0a6cfc00e5bef29c332df367951f12bf730370960913c7676b7936319bf8c7656d105d3aaaf64d4a0716a36d2b44feec6ae87afe45933fbefb82c389d52b4b74cf832f0c5dbc2bae74cf7d4f1e01dbac8cca918219515a3acecd877618720a56e4aa79cd4cd2f892cd3def194bd1ff0ab6a7355b9ea07a336e1c172be0bbb0475a8fe33ebe5835b12aa9cb5e7a1ca4eae1cb152354ebd40a496190a877316ed4fcf9317c7fab2da9297d45b9023f844e476415de73d0439cf1fc24a95ed516df382f946ff231569caab9d959169eb6420c74c1e865312d2071201739c8af2d2718629ae7cd3d3edf5e6e4ce265c89d43030cbae195a0f72525c009d3ad8592c80bf69a6a9b1b98d0674b0da868bf03eac4fda6571f139248773798767a3bb9297c13f12afcc0c3def05206d171312a68ab5001366dc9c342fa46457997ab059d4e85464efb452bc2ebe102f6d845d94e779cb61f4b86f755dcf1efc05a9815356bae7bbcbd8f06d9abd0426f1fcd464892caf0b85b6508de527215eb71d58982c5f425e2491c60852ea0946b5204a15edd577938eaef2906d3d52225aaa440b0249fb4565b829a6be5075484883e41795adddb45cb55b8f3fd4a33d3bc47c0ffdfb1d569b83ecec65d0994b202a61df5db1f95df3cbee6b2bf6972748f0355a97061fd93e0d1dab0e8ea8cce58a9f36ed03c0ee4a912bafaf0f45b6ab6c3c04ca40504832ce9acf0a0b84f50ecdd3ba51f5952aca49d3315f8c4ba1450e75159f40dbd501a6e94b74fb2008c2c886e823927b53c0222167a3f6a785c4853ed0b6c05089eb12e5a06fe9d242e4d6627d6a810b681e03f8d364593e6dc230f81e3bb739c9bde3d222b83cf5885e06c578839db4485cf84f67252e201de67e632b459f0049aafa9b010f4f6df402f70c2f36b3ff26a7688db5c07f22969969e7871e10d63d6f5169d9ed6502440278651cc7ab521cea7b6bc68396d7e6cf692952524d4ab2718c4e88530ec637fa4bc5277a6140c730a32713ce37435756db3ed7784bf5d5438726f115b8ac7ed9033ed37758585527eb5db2411789204ffc67def6702b98e8fd7bbe47836ad5da93a1207b0bae378546f859eecc462ae2602bd73d4b3c945defa39ddcfd21ed1b307295dceb5f52282478f06d766ecc83c5aaf87e4d30e8379410175e88c4cde24e696f01726e69e3ea85480c60871d1b3df2e33cc427b519d7810f482523b4f9c26fa45e161cbbcaf70859a621c45d2c09995d49b2b0641469362e6c459b37310914fdd045a26726472ecaa573a6f76ec350d1078b28eeeb0a14bc73d0ae902af70edf00d982cae5cec6c798fc6117ed93cbbbc7af672df5dad8f68397cdc9d393ddb28ef158c078d20a23af846d7d5552d3e176bcbf755906ab8a0dc77e0887a0f12cacffdf84843627942e67eb07291d0e412d629dbe0d41920c12b66fc1b434140d8cc424785e447cab92eab096aa56a39f1b986249cb62236e3a88176655444f898936a930503c4acf9464146aed408b09abfcb49d6f45df877f06434447230c880c3f3b7b895343cf26a43f602a1e5323bf51caa1387eb99f43916595eafee854d8d1fef20eed08e09b93d678b36ee7fee529eb2e52b4327d54d63a9725a2e1bcefb516709645c0da2503cb5fbc7fd9cbbe30df9d8a0bf78ea487c68bcdc130bb6212f336e2e3ed8905a24e70c113054a864aa330aec7f17ef49e84bf2ea31c5f597bf7c42635320e24a3b5a44846bf13418f4af3bb03d319730d78707451721a9565d366dde6cc7c09306e17727f380f4d732d3ee5ee1004f930abed7f8e29d5fc8f8f883969182592ea9d2f3aed86764ac786a6049cccdfba5922bae26f7e1e006c5fa2ece285f1958def6e41942bb7c58f0bfcc7772d508830e2fd7e2c23f2620441ec88bcf8109ef8368340af01f30837c81478f5018b42918a1a03db3ede3f6d994ff830d8985b99bc480616c6259015664cd1a28ae5ddbd80e1a92604b4da348c1352dba49ff3b392ce5cd0ab500a209d4e04a66d2f62f9d1adae15eeeb4e2caab3780f5403ff3b94d1b9c0b46d8f99d80d0e63e335be3957384320b7535092f66e27b721a7a0c8fba0b8c800561209d00c2d5c63ae43bfdaf6bd5d349f68e3e6614ae9ce788d19f4e733c5327995be44ce70e293304ca7c0891e714e38d8c04e130dacb5b9016a5889814b49e17563ad7553126fabcd60b470c3089005779397ff780eb06c5417d6780db650f4cacfd1b8a9986c83c91386671f32b0c8b7a5038032ef0b5bc863480c1a8c6d4164ffc25f3e1ab91ad6fec9fac754bc8ec72ca01668e590947603382460a77a5a66a1a754a21b9f132072f0118c45905f6c4955b6792c721f59f2286e32343fb0b19ed1eb59225323a63707d9e15958b79f359c1691587593c3a26a0bcc01499e4d08ddd33231ae979554c17fd0a2159d3f7e8bd6fa17547ec984a21aa72b2f9c8d4bc149226a24768ddb502153aa84e00b287a6651fe2698b21f1f97669728f2d03871607d427872f043a5c2b86480949c88f537a25e6ba8d28b1881ac13bbc4738bf0ecdb0f2bba578619773c9d9a936d7d37c3ba9510944f7304fcb7822bd184b29753034b183379dc984ad98fd0f65aae36af9f660465b4272af8d64731fe4bd4d3e97e42f4049c6450c78a346269c0f4880bc856305bf5742e04d84dcaf7564dd2a4a325c55afd98be1a93eec58ab6b6449447381d34910fe141a5a7fd55de68361d3da68cfa504cefa68a563691b4f38b5aa85132f22becca4888e35c50ef575a150ba2e3b8255dbc6", 0x1000}, {&(0x7f0000000c40)="f890bd648c6141ac9fa21519cc78696d7b5b2a5cb6d79850d223c5a765b40abe009d1095f1424d70a282a1099bcf20f0a8f0098668f1cbf1d999293cccdbd4572772f7afbf97fc14667be95255f836cd2003e649603ab958429d239c36bb253771c6769fa2893fcb6dc735336d24f3ce3acad4d8955202e4354442a69c259fc2194c57b13e23cc1c3a55d6eb3cc101bf976b4af7ca78232a6411d84b0397a24701abe99e7e196240c057ef4fdd", 0xad}], 0x4}}, {{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000004040)="e27f1fdbcb9e4f11d6853329aee3d4ab363921972c410cbd0f4d3804a886eee2ca3bbd6481776f0846670b50ad1e868fc4902456d9858fa32f7a79b918752b965616c09f0e5d7819d3572138d9f7dc30aac4759cb6d822d155155362ab33afae1b32dfa7d2163290d16f633ff085c3489eb94671464c8a88f805c9198a2f4b83687faa05f21fa8b065ac6a9c4acbf07e78242e13bfc9f88cf06e3cf7ffd5e3e3b1e68ebbc8014f601990a118eba3b9", 0xaf}], 0x1, &(0x7f00000053c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {r8, 0xffffffffffffffff, 0xee00}}}, @rights={{0x1c, 0x1, 0x1, [r9, r6, r3]}}, @cred={{0x1c, 0x1, 0x2, {r2, r10, 0xee00}}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r7, r4, r11]}}, @cred={{0x1c, 0x1, 0x2, {r2}}}, @rights={{0x14, 0x1, 0x1, [r6]}}, @rights={{0x14, 0x1, 0x1, [r4]}}, @rights={{0x14, 0x1, 0x1, [r3]}}], 0x108, 0x4004000}}], 0x3, 0x40000c0) getresuid(&(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)=0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x1000004, &(0x7f0000000300)={[], [{@smackfshat={'smackfshat', 0x3d, 'cgroup.controllers\x00'}}, {@dont_measure}, {@smackfsfloor={'smackfsfloor', 0x3d, '/'}}, {@func={'func', 0x3d, 'BPRM_CHECK'}}, {@uid_eq={'uid', 0x3d, r10}}, {@fowner_eq={'fowner', 0x3d, r12}}]}) pipe(&(0x7f0000003d00)) 04:36:50 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 67) 04:36:50 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(r0, &(0x7f00000000c0)={&(0x7f0000000c80), 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x14}, 0xfffffffffffffd36}}, 0x0) 04:36:50 executing program 0: r0 = socket(0x10, 0x2, 0x0) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000800)={0x14}, 0x14}}, 0x0) 04:36:50 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) bind$can_raw(r0, &(0x7f0000000000), 0x10) 04:36:50 executing program 2: r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, &(0x7f00000000c0)=0x1) 04:36:50 executing program 3: sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, 0x0, 0x0) 04:36:50 executing program 2: r0 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000001c0)={0x24, r0, 0x425, 0x0, 0x0, {}, [@GTPA_VERSION={0x8}, @GTPA_LINK={0x8}]}, 0x24}}, 0x0) 04:36:50 executing program 3: openat$binder_debug(0xffffffffffffff9c, &(0x7f0000002780)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) 04:36:50 executing program 0: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, 0x0) 04:36:50 executing program 3: openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x28043) [ 2258.940018][T29135] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=29135 comm=syz-executor.0 [ 2259.026354][T29151] loop5: detected capacity change from 0 to 16 [ 2259.036378][T29150] loop4: detected capacity change from 0 to 16 [ 2259.042965][T29151] FAULT_INJECTION: forcing a failure. [ 2259.042965][T29151] name failslab, interval 1, probability 0, space 0, times 0 [ 2259.057744][T29150] erofs: (device loop4): mounted with root inode @ nid 36. [ 2259.068111][T29151] CPU: 1 PID: 29151 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2259.078172][T29151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2259.088066][T29151] Call Trace: [ 2259.091185][T29151] [ 2259.093965][T29151] dump_stack_lvl+0x151/0x1b7 [ 2259.098483][T29151] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2259.103772][T29151] dump_stack+0x15/0x17 [ 2259.107763][T29151] should_fail+0x3c0/0x510 [ 2259.112014][T29151] ? __se_sys_mount+0x156/0x3c0 [ 2259.116702][T29151] __should_failslab+0x9f/0xe0 [ 2259.121310][T29151] should_failslab+0x9/0x20 [ 2259.125645][T29151] kmem_cache_alloc_trace+0x4a/0x310 [ 2259.130765][T29151] __se_sys_mount+0x156/0x3c0 [ 2259.135274][T29151] ? __x64_sys_mount+0xd0/0xd0 [ 2259.139878][T29151] __x64_sys_mount+0xbf/0xd0 [ 2259.144309][T29151] do_syscall_64+0x44/0xd0 [ 2259.148554][T29151] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2259.154283][T29151] RIP: 0033:0x7f2bac5fc60a [ 2259.158538][T29151] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2259.177977][T29151] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2259.186219][T29151] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2259.194033][T29151] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2259.201842][T29151] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2259.209654][T29151] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2259.217570][T29151] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2259.225370][T29151] 04:36:51 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) [ 2259.959989][T29157] loop4: detected capacity change from 0 to 16 [ 2259.971691][T29157] erofs: (device loop4): mounted with root inode @ nid 36. 04:36:53 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}]}, 0x20}}, 0x0) 04:36:53 executing program 2: syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x80060100, 0x0, 0x0, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setresuid(0x0, 0xee01, 0x0) syz_clone(0x20000400, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001f40)=')') 04:36:53 executing program 3: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000002080), 0xc82, 0x0) splice(r0, 0x0, r0, 0x0, 0x5, 0x0) 04:36:53 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 68) 04:36:53 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x3010010, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (async) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) r2 = getpid() sched_setscheduler(r2, 0x1, 0x0) (async) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) (async) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 32) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async, rerun: 32) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) (async) r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_LIST(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)={0xb0, r5, 0x301, 0x70bd29, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @remote}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @rand_addr=0x64010101}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'team_slave_0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @rand_addr=' \x01\x00'}, @NLBL_UNLABEL_A_SECCTX={0x28, 0x7, 'system_u:object_r:crypt_device_t:s0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'netpci0\x00'}]}, 0xb0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10) r8 = getpid() sched_setscheduler(r8, 0x1, &(0x7f0000001700)=0x4) (async, rerun: 32) sched_setscheduler(r8, 0x0, &(0x7f0000000000)=0x200) (rerun: 32) r9 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(r9, 0x107, 0xc, 0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000002ec0)='./file0\x00', &(0x7f0000003f80)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x100) r11 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000004280)={0x6, 0x6, &(0x7f0000004100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffff211}, [@cb_func={0x18, 0x2}, @call={0x85, 0x0, 0x0, 0x63}]}, &(0x7f0000004140)='GPL\x00', 0x7, 0x7, &(0x7f0000004180)=""/7, 0x40f00, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000041c0)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000004200)={0x0, 0xc, 0x9, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000004240)=[0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005500)=[{{&(0x7f0000000700)=@abs={0x0, 0x0, 0x4e20}, 0x6e, 0xfffffffffffffffd, 0x0, &(0x7f0000000940)=[@cred={{0x1c, 0x1, 0x2, {r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xee01}}}, @cred={{0x1c}}], 0x60, 0x50000}}, {{&(0x7f00000009c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002e00)=[{&(0x7f0000002f80)="2f3abdf20c9832a7dc6dabfd6c0eee09f826f0a7dc1ddd790e8dd520082a8da6d9aafa22fda38b83149d924659339519191e614aaae5cc2161026081c37c5c01b8b927d1fc9b739a413f41746a52cfa97d0b7a978a1ceec1670be9e20a06564b0db8ed3c58c2c781f563eecb07a1c269b1217d274a74f5d7ad6e0779ba521bc0f163473c91af541aae0a826c986aca228960f4d51dab81e41530808feeb0adc028db9038e24e2577aaec86d59f5f8bc4bc892f50ec7c7d35ca864f4ecee104c1d757093aeca49f9e2a97a5aadaf85f3f82f63ab3ff008ba5c6b6d93a19960144fda2dd30f0d088dccf3a37541126628e9cc3048a0199ca915999944246be5e4f6f2207b92cab5a3800bd5d42024c20b237cdb8a179b224c43ddbf658ae3ddb82d7be720eeb770a5072624a3dbb80d0d35f44103b1a829c6ef6ea154a1c0b55927cb7cf501fcf0ef6504631525a841196974e129223612940e0e71b16a80ec23566c3287c165d325b54ae526617a602af47eced6ef79107b88ebf2939975a3cf63abb224cfd1ea7c996754843f602285e2dccac2cb678907384c68336e5a7c919a18fe82bfc027c3a7841741c29b77485967b3db2cf7f4469b52ce4e9048587b7f2dc4f11f0b60a76ee45403a2fc9b7724e98fdc20188361d0c369f41d165ea71b62ff5a1c8095a5406d04a78149862e4aeedee831226a84a316b44895f06fae20eaf027c61e417cda216108f6004ad928509afee16bbbedcdbbb7b435f82c62a1c38389543dd0178bcb7bc7c8079d551ced601127a12e1282ce996c065dbabe4b9ed0519d662911cf6aa6dd1b0652b898c70e16248be46da1764fc86c0c20d40d154411f2a560906ad8be588249717bb5c576b0599f4d741e92ace5b90a44cdb59420feb1183141b562106836d2c7355149c06cd32c94009cbf6f60bc05304e118559ea9c72a13d1b2c63bee89b45146251b277347eac3e34562237f228002813d83b89574960139cda4f7eb8ac6ee39d970049a85e68eb8e4f6befb8d4b8aa9d696d58e7156a2e5288ea338ac9b8774d1ab05124d49ee7084865f3828c2598bbf3e26d1d1379d5337b840e4e8eacbb76c3effeff8df19e154f165df7064c684ea8f449c93b659e9738065553bbec1482157ec3796cf82c82f95f1d61282bdd3f3ab06f1e302efb063643ea7e6c86948a8be7806b2a1f3eab68becb4900fb49aac932a0e0da3f6469775a6ffd2e175450d89f6bad14f1b46e1a3e393c50019ef79ce65567ca44449a333688adc6178ac1f6a7d296eadf10a066c6b228ec2bef00de3ed269c40bf914ffd48518fd1ea9b302ae8c20af06af3b9cedce4fc4ce9b70a4d983dd07a46179198c83b25252f496e2bf1b0267c4f90f9f6dd8f46c6bc29f4fcbd01b82daf242d2d39b5fdb6aab87682c28c0702ca27ababc588df75b52903bad60115ca8466b1f9a289ef9d48ef06fdf1f55115a1537f1ba2456970a1be93bb4ff0a503550827942c95a928d7141de7514524cad4651f13c237ba2530787716f9b440f1238998790e066f74666cc1e22f19188c4d211ca7ee9dade1ab77f7aa3adaeaca6e9601c71b4db83da23aa45b8240cacc80d20213b80681980b927e461f3997d3c7d7fd9e20640d9b51e8c57be1e0685ecc713339f3ce65874531992584548cffcae8b5743d1b88ba4c4b61ef4636e4e31bd7f54b8309139d12bcf0714a121913f7177e9e56017b1407450e75523131a8bb2f4260f458df7101898c7e1603333b97a5b1ff794bbbb91cd1c6fac9efcbf9367b1b2438fa080298c20d142b89b61ad37deee69a4e3c30bcda452a2d1eecd8adcac9d578c50af11f8573be93668c524f6ff777062c0b58a97a2f9855d4d733bb3afee68fb9e033d1aeaaf376c39cc7affcf4c24b6ed3429a02237d2947fe2e61a80ff8b237c8c80026aae7b30051b6df84d95d8cd787799817b6f79933b903acc28766a68bb27ec18cc9e8f715f623b5f4536869f3c543e12de96b7db5091a9bf76cee7532e6cb6e4494cb6dc4e2570f2fd571e0da96ced0edf0112b36f57fe98174a228cd2b3c54f8df8bfd54dadb2ab34c9c4a56ea88e32046e62b1b61345ad8bb62321c019403811474cbcfd676f25e63aaead0b9571d21f409a884b025459d121c21080d7aaa29b4b42066308b8a85786475c8cbf39dc8edf5d7367a210d8c4bcbca979a26e8c728dd68fe9833f03f6291109deb3a3b8eb1646ebae2dbe24965d5064cf3c8819d76ec990e018657e967389b8d708aeb48306c7f7ec566ef5ba8ba4a2be4886c9dbcf97f3f11829512a1b282a1d510b806239cdd0416f3095e9f7ba2f64729372cd305e73e370f0cd357b4fb50b48a93df741b2e1bdfcb89d407159f2419f5bb5944e320bea62ca334717af5e4a74d372f27c3e585512f782bd7c40f8ebc4146c7982aec16006415eb488fefe00acd76f95361ccc7205aad2cc605a2cceef61a62666520c3ef290b5777dbc63fb7527cc8fdf554332da2e7259857784f58ff89b746785d34847b0efb114f38a9c259c60c18fbea054a4b6280d1fc6d8866ddaf8d393708f04a71398c2ba2cc46aba26cf63c7a0f99a65363329f56eaf00eecc3c70dc767a2f579819348df20c1060f99489840db65083801720da032a48f084df95c5cf6369899e4dd414208875ca162b2c8ea176b17bf4d5ee819788d92f4962bc5b7026957666201d5a6a8ae4ef1a366c429dabf72f34a0ab9e66edc8386383dd2ebdecae38fc77d9753847266b3f7dfd66e2b1eed08d5b32d23b2beaca873e217dbc4363b30b35288649b96075559fcbe315ea61aad279d52ef1ba25fcc5a40e24b77c3ebd54e009430f9670fd02304cde41b29de8a207846ec0ead0a269710946bba378b3cd2bd9778320f1e28ec79c972af53b46dfc829d391d63e61752a597164fc5e074ffaf1c1c5258114afef57465536a25a44af4ee5dbecddaae24806b074ae51098b2c6dd8a27a4472c0db8d0b54c18c73b1793b06ae72e3cb1394efcb8a70bf092bd7ad68269fe972cd03bef34937157a62530a80cd9a3ad44688a8f30e9b09f08feb0eff8b663c7ce8347903471e54539afc7d6dbf39c76d08f1a525e37dc45cadcb1425573de676fce68aa5169a431d2ea7037e27f69fad351b4d955ad3ca1821a7666b0c487cf65ae977ef4dfda29458e53ce2b5ae2bf3f822c02a67096b526807e524d3fcf2cf2abce5b1066568e74aa56163454125cca2968e8eea2c25682bf91f33cd1b6fa4155bed379f10c670468aa82a607ee5065ef85a4b588b0b8ca5945128d1a27315d11a50764de6f208ea1c6b4bee8414f2bac645a9428429330fcc2d0b59c762057772176c03b7888f8be4b1d56da7fa3d1e354302eead093d53628e3e814aa8702bd5249e7bdf15752128f77440bd0dc46ba0972f724dee2903251d275528546193ba4059fca9004023b9e07dae8c54f8b95900ff8d7665fc6cdf8a6f79df9ac1018275b2ec33f14473cea5275f902e6b4682bc5a188023d15b02cb24069db0a5d85199ef1c0c4fceee1028fde3d577b6691744e815e36418b4764f977daa8d463a54655dc65e389ff303a65c02ac35564307dba3adb4ae556f141aa9ba6bbc653aaffd6130c8fca2b36edb5a5fa7d5e6e246d9997af2d3c1b56f10e1d3d0e43a962aeb7035ba25ddf68ab342d2f79f48b9df3f07e27ca456e8f35f6ad25f71173307a4876bd06cdb4a943afdf62a79cb8670b8c31f8c7b45bb555c44f65f8a7904bacc6df829e3e9058d462004cfac2daa8556998ad9e6656022eabc99d1c1ada3b2e6ec66149832d8520ae91432d336a9aa6ac5084da29b7c818282e7e30f15d4366465b119ea1765a7d628e25d9aae55e15e0033ab3d2d2c2136cbc73902fb6ef575f5912dfa8634559398ce4171f73e8154a88a160cdfa9ed1fb46420425ffad21a9bf67a370f1531e3fec135078637ef8a58db8abad65b17390d99f913224cddbcf23df0c1cd0c629242904a18e18088354834fae12e5a19c9d792cc9e30d05a2627972d973cb6e241d6900fd4dc5d66455289911c8dd5ebaf974fd5c6c9f5af90357d5b63eefc5a56a4ac082c23bdb1868eb3814898c469c7f80955de9f2773b847e3d5fcb1d0638fccb3eb65e9615f0614e8f3a6997d56a617d287d58d380b0b94708cd2c071cb6ed930bec48c73e96c29708f57a7fef55d54b076384ab8b1167e8c80dd2e702e66f03ad2202d5b27395302ca574d89f3d667639addc6838a7fd9ef59206e5613958788c4fd6eac0624f8337f56fdab418ce8b112a315a18eeb41418a5620899a5abe40b928fba90bd1a8026c66a3de9fa15dce6bf60918bda2769cdccf2ea4f04e889dc85459b4f937d57261c22ccfc78698d050fff1331a77415484c9df4e8317bdbd0a82f74825424c0b0b464ba2f679cf711d461f30c2c40ba0b2210f918c47b233853c09d1d1534dea2bb0c30316f41100587d66c3ab12b757b033fbf79fb4279fef4cb0d5f11d334ab797a220e15553ada8160c045cdf3bdf1ec1ad1420a9891f71c09f5c7702fe1114e3bbb3d1364138b1d5f7942870c809ed5a923c29e3538f2a31cecb618425faf7c68883dc636d5fc54b24d81785318cf6a35cdac023db270fc8784bda140aa3d5be808140c03f595a72912182f28b1cdba22f5fb63a911b94594cb01c43e39ef415d2a21c2d42a14fcefd321d6192b1fc83dc5bb4b893bb691a5bfa76cdd611ca09eb5fdbcc05b1a0b3c35f2aeec8f36ce80682635054da52483e8297c2f167515463bc5e377bde0f5a7dd962b148b6421a5b8d86e54af488a38dfecb2b9f866b888c26da99d1ab46b778e78ec3913ebbe8cd359569946b2939fdef08e347b238de9e15b17746e43e101d1afc28a460d1e44e9472b7e5537274737249af58dcebaca798c3c7f96ed63bc64efcac80497503d0161a75d25954d583a91aa7245952762f0c0421eca96db9693273b9680be7a9a6fc03a92748c5aebc83de3c7e35338020b380e7f6630c9cf073476e84977696305bf01a00fe1de6e67a8dbc631a6483a124bd1afb1753df020dc69ac0646c1295f1190c5814c16d2a146b60745d094a1dc0221c1c2e892f9dd66a40ad2f32385ffee56354daaf1f6fc9742322485a6a93480f4c11778d67f9bd7dd9148bbd71de0e170c7834f70b0379bb0ac3a51cf5e8fb2ee4b3a6ea91cc4ba131b87c559a2d8c75532799ffa06c621f5435f2f0d8b884cc3e39e56b1a7d18564a47cc7c182d112d7f3451773558326d4833bfa72d87450e323902a981b5463655400b0dfb4e33d075fb7e9ae01d97923a96ac0a4806f71a3b862ac6cba93ebbd20ed49d4e6dceb02bb1cbf61e9f6a4fb7042f9399da88416746cf6ec1b309531a1b8cf6d0a4515d09f76823abe97786358fa97b325a11824142b2c4057b0eeb55c6406506cfdb1800aa1559129a7391fc85c83af4a67264765c1d6ff64531a9aced6b006614ddf40d432be6f17b67ea74e472edc2c990cf24bcbf4d4030f2cc0f300dea89ba5982a067a5c0ca281601516808a18023ea2b59adc803f43d20eb4dccc038e9419da3b2902cb1468c33097753827630ea09587b14d85dc2ff9740d857a2daf76b1be511189c3d99ad04db57a19920efd47b58a94d33bbf51ecaf3a5fe75ca02ab1e3a4926b1a627807061c5dbbb939a2218cda211423603c79c6b33694294c77dac50be96af64c4baa212038447b32b542f36071fffec03398b82e417e603e22e4d4026bac943d243fca8b", 0x1000}, {&(0x7f0000000bc0)="9ae7968195678dda3f9fad614168ef4ad5b48749764aaa79857be95b61fbf18c69402c3fd04aa07deb2451e3d09f87d71d1e0aa2b8bcf21cc1c7a237e17d210fb311995b5ea604fb8e774b2d67f0c5b192e2eb9bac012da9633baceaf2f1994818bbe67647dc7cb84d2d7fea0c1c5d42b37813", 0x73}, {&(0x7f00000043c0)="afeedeb87d0de443ebf7ec9c5c75b0b7bb2fdda02ede01143726331b21a422145c116977bf54c10e2a275d6f0a1265a2b5d5c39ea9a9401c9e1dd00fc59d0005fd03c81ae6a5897354445a6c3b6a3bf139b373c7f7929645af9287a51f8b6f4f277e259ee14d503bdb1819d10bac2994cb44252b01d9f617331866a67c4e44c673452b2ffbed090266e1c84c541299c074c6a2201724b2df37f25dd3d89a4d8f1af8266afbd5293fba25efaf85618878d733fb10b0d72e6e01142a614757f8e9b4156c6781e9310de2f5679eb269a00d8c1b9e5b35290de657a6fc2457ebaab3c2f24ad70fcfbc81ac7a6f76b6829946874670ef4296ca30428a05872ea710b3bd7c7c22acfac59602c4d587c55e874ff3ee909453598d2487bd05a07829793f4cd50a18c931aa157cfb56ca9159cb8622fca7f0290cd99d3e239c6bf5843f1519679315af326d19b66e6a8589df2f0e0244b952aebae048c440f494cc23c6db1cea96185962adf8beb798a402da45a8f1480affbff570b17855dfcc07a0d5760ba50a30146ccf4362de3a87dfc0c9777cb6388ba1faebca36ff99f78ed272d8e3589aa58cc3b8f00377bce892480de777b07abcd188b068de6887301874ab5d2d5f7c715a5b50b3e9ea708b5d39e4612ae1543cb121661d3233d8373e3a40be2c97bd57172745ceadf9dddda179fb5dc45c4ea97e13cb4bf9f8a8d7677b342b2873e21cf0703f2d6cee75f778c8ef296ea4f2c4fe28b212c481aee2a323a13bc707bdf8cc3a4ce00511461b9a258a1dabe310a716dbc66e064b639135fab577ea1ff472c6854b5577055f439d00a516fa100d127d3992b08e281d4983c0d0defde1fd366093fdcc40b0dc510a7dda820bf98ac5f75b77e41ff1d3b94825eea1ba5ac0c95481049ad8d5c5e9de6d438a4bcf43b4da55886d6033ed0024e0c5c77b44d01f312a6d3f0f906cd562c9c3ab8b561f9237220968828a1cdc74019734659c4f5b0922c48c81f73993dc420976a2538a7e4a517284cc5091ecdaa1ff57a655104f2abb23cdfffb802d49d7fbb485cfb8d47bc9067dc10bcdb677ef091555ebc7497fa8538671e8a72d38eff40c5e248492f41edf40429750bc4f70b2a33edb0b73ad303694072b20614b44302d566662f221d920a38602369e0744d84d10f6bb2077d35d72e976c21914ce403dbe5a0e370890b68ddf7c8d8eeaaeb462927732ba0c42cf957464afe2a80a0fc4cd8d76508feeb7858a4651557a83bc2657151154f6a170f3e076bc641313ac119e614be9d62d1f43be7441bb6d1e835cf2dfe4f3e7476e3fdccbb977df53efc80c34977fd911733180042538f829a5df96216f79f4e41bc7201a2f1fb6baaa887d709c0e5179d33ce261c34133b2b8141cac849fea1a94d46206d870ada3187b0ddee1b14a158659cd99f30effbcafde0c2074449834ba09f47df460fe85d680c6d0a799d22f1131eff819c0a2e44c216bdb95dfed45d2c82bb322adf633d1dc859318bd95144d68c8e0625e9b8b035cc414bd7a1967a8ce9d63dfd81702a19ca95ea03934431e566a914d299549f969b1a076ffa748be227c54740656d9d72306853b30e2bf559316224653054945d7cb8a86428bdccebd96d161eb7b04a1680a68bc2830bc0f773f4308f15ec88b963092d4116f218296491eb7dfbc13347d6cfff1612c79f8fd67f9143c37b032eca9096af812d7deb3e25d552fb6d3abb0d921e666d46cc93bb8f3d47745a55b64e33d3af0905614ac12a84aa1ae763d04e460605ef47388f4085007fc51736a93c0defd12dcb75596ea3a6e55d8c3683b352cb2ab67a19d3c941059696296b93c1c152cb0bb96bc9228298bf603ab5bee74f559e03060c99e19bc9ffc4ff58b773295e34278b8e24d64490dac36963f882b7de9394320e469da6b1a57c72017f78871a71fe287c98f3f12bf86188a55588d35336b1e868901b9cd11c377097d16fe11f9e86119545dbe3783919736779c3e2e7da71bac8054c0cc6f682f5351b15ec58834fb8d2ff9ee025d1dbf9f064af13fc9dda225ae6213d6aca28d7176c7f49eb9fea4fc0e6c6116dcbc464774ff7a205afae6ca5c69f933b2cfb373f903c5ea75dc074560a9b17457e78bf1b6fac62e27101eb099d2215463b8bf31d22fe3c85347a663b264c0c1c8e650403b76c7575dd7244fe9d59a0f73677e7da3fe5ca4a5a7908368be56c33010230c1f37adb8247e2a8fd39ef3ec6abfa8bbc0779bf89544fbc5352ca5f12d4ca06871995613472e57ff12afe657580d68e6754ca89fc1816efd29d8e7cecb18dd9ea1dec72f0b794ff3b8b88858d3616a65acc033231421b0f14fb4b4dc7b07f748e502a916ce8efdaf821c3d21951e1c9a923bb1fca8960ec47a1db89fa5876ad0f0fb0fffffbc7719e4998a3c2bf266b908b7ea683f712560472bb787dc037b64947d4d30cf9cbef98f258ea769e1068c1f408a0062e5d6b488f33a5a1f2dd355db036b8212a59916bc9fedba66b6b01788e68c9a409632a146e2f0d9331fccf4af3f2fd52a80c19e611a5ed4fd0097832de580324f70ae0303cc32ef3e293a2a2d7c1f420a7a1359be21b12b3b75b57e700274e7a9b4d43e3ce6463e8e1935e6c0a4d7fc5789b783ba3d7dacee7ec00bfb3177542624e5ad95fcea55ac30d1d121aa785a4b29230c3abee940372daf96dabdf3f4e0c6100b85e1e1134fd60dc55320b68d0345817a90697153d9cafd83c017988d584747dffce6664bcdcbb55c22beb89a35ecb7f22d5589d2f76ca882c8786cb71ee14340a924ac49c2447dbc1195ed1ed35df8af6101f8c84b530cf97a938f471830b612564e5c123901177d285d6e07a87e91560948c0aac24f8124073ac8f3b60e33c80faba24ad72556b6617a265677e2bbe00359b89d7bc09142bca3dde8d4ce7cd00bc2313a9144470b83a705da2c363b0a6cfc00e5bef29c332df367951f12bf730370960913c7676b7936319bf8c7656d105d3aaaf64d4a0716a36d2b44feec6ae87afe45933fbefb82c389d52b4b74cf832f0c5dbc2bae74cf7d4f1e01dbac8cca918219515a3acecd877618720a56e4aa79cd4cd2f892cd3def194bd1ff0ab6a7355b9ea07a336e1c172be0bbb0475a8fe33ebe5835b12aa9cb5e7a1ca4eae1cb152354ebd40a496190a877316ed4fcf9317c7fab2da9297d45b9023f844e476415de73d0439cf1fc24a95ed516df382f946ff231569caab9d959169eb6420c74c1e865312d2071201739c8af2d2718629ae7cd3d3edf5e6e4ce265c89d43030cbae195a0f72525c009d3ad8592c80bf69a6a9b1b98d0674b0da868bf03eac4fda6571f139248773798767a3bb9297c13f12afcc0c3def05206d171312a68ab5001366dc9c342fa46457997ab059d4e85464efb452bc2ebe102f6d845d94e779cb61f4b86f755dcf1efc05a9815356bae7bbcbd8f06d9abd0426f1fcd464892caf0b85b6508de527215eb71d58982c5f425e2491c60852ea0946b5204a15edd577938eaef2906d3d52225aaa440b0249fb4565b829a6be5075484883e41795adddb45cb55b8f3fd4a33d3bc47c0ffdfb1d569b83ecec65d0994b202a61df5db1f95df3cbee6b2bf6972748f0355a97061fd93e0d1dab0e8ea8cce58a9f36ed03c0ee4a912bafaf0f45b6ab6c3c04ca40504832ce9acf0a0b84f50ecdd3ba51f5952aca49d3315f8c4ba1450e75159f40dbd501a6e94b74fb2008c2c886e823927b53c0222167a3f6a785c4853ed0b6c05089eb12e5a06fe9d242e4d6627d6a810b681e03f8d364593e6dc230f81e3bb739c9bde3d222b83cf5885e06c578839db4485cf84f67252e201de67e632b459f0049aafa9b010f4f6df402f70c2f36b3ff26a7688db5c07f22969969e7871e10d63d6f5169d9ed6502440278651cc7ab521cea7b6bc68396d7e6cf692952524d4ab2718c4e88530ec637fa4bc5277a6140c730a32713ce37435756db3ed7784bf5d5438726f115b8ac7ed9033ed37758585527eb5db2411789204ffc67def6702b98e8fd7bbe47836ad5da93a1207b0bae378546f859eecc462ae2602bd73d4b3c945defa39ddcfd21ed1b307295dceb5f52282478f06d766ecc83c5aaf87e4d30e8379410175e88c4cde24e696f01726e69e3ea85480c60871d1b3df2e33cc427b519d7810f482523b4f9c26fa45e161cbbcaf70859a621c45d2c09995d49b2b0641469362e6c459b37310914fdd045a26726472ecaa573a6f76ec350d1078b28eeeb0a14bc73d0ae902af70edf00d982cae5cec6c798fc6117ed93cbbbc7af672df5dad8f68397cdc9d393ddb28ef158c078d20a23af846d7d5552d3e176bcbf755906ab8a0dc77e0887a0f12cacffdf84843627942e67eb07291d0e412d629dbe0d41920c12b66fc1b434140d8cc424785e447cab92eab096aa56a39f1b986249cb62236e3a88176655444f898936a930503c4acf9464146aed408b09abfcb49d6f45df877f06434447230c880c3f3b7b895343cf26a43f602a1e5323bf51caa1387eb99f43916595eafee854d8d1fef20eed08e09b93d678b36ee7fee529eb2e52b4327d54d63a9725a2e1bcefb516709645c0da2503cb5fbc7fd9cbbe30df9d8a0bf78ea487c68bcdc130bb6212f336e2e3ed8905a24e70c113054a864aa330aec7f17ef49e84bf2ea31c5f597bf7c42635320e24a3b5a44846bf13418f4af3bb03d319730d78707451721a9565d366dde6cc7c09306e17727f380f4d732d3ee5ee1004f930abed7f8e29d5fc8f8f883969182592ea9d2f3aed86764ac786a6049cccdfba5922bae26f7e1e006c5fa2ece285f1958def6e41942bb7c58f0bfcc7772d508830e2fd7e2c23f2620441ec88bcf8109ef8368340af01f30837c81478f5018b42918a1a03db3ede3f6d994ff830d8985b99bc480616c6259015664cd1a28ae5ddbd80e1a92604b4da348c1352dba49ff3b392ce5cd0ab500a209d4e04a66d2f62f9d1adae15eeeb4e2caab3780f5403ff3b94d1b9c0b46d8f99d80d0e63e335be3957384320b7535092f66e27b721a7a0c8fba0b8c800561209d00c2d5c63ae43bfdaf6bd5d349f68e3e6614ae9ce788d19f4e733c5327995be44ce70e293304ca7c0891e714e38d8c04e130dacb5b9016a5889814b49e17563ad7553126fabcd60b470c3089005779397ff780eb06c5417d6780db650f4cacfd1b8a9986c83c91386671f32b0c8b7a5038032ef0b5bc863480c1a8c6d4164ffc25f3e1ab91ad6fec9fac754bc8ec72ca01668e590947603382460a77a5a66a1a754a21b9f132072f0118c45905f6c4955b6792c721f59f2286e32343fb0b19ed1eb59225323a63707d9e15958b79f359c1691587593c3a26a0bcc01499e4d08ddd33231ae979554c17fd0a2159d3f7e8bd6fa17547ec984a21aa72b2f9c8d4bc149226a24768ddb502153aa84e00b287a6651fe2698b21f1f97669728f2d03871607d427872f043a5c2b86480949c88f537a25e6ba8d28b1881ac13bbc4738bf0ecdb0f2bba578619773c9d9a936d7d37c3ba9510944f7304fcb7822bd184b29753034b183379dc984ad98fd0f65aae36af9f660465b4272af8d64731fe4bd4d3e97e42f4049c6450c78a346269c0f4880bc856305bf5742e04d84dcaf7564dd2a4a325c55afd98be1a93eec58ab6b6449447381d34910fe141a5a7fd55de68361d3da68cfa504cefa68a563691b4f38b5aa85132f22becca4888e35c50ef575a150ba2e3b8255dbc6", 0x1000}, {&(0x7f0000000c40)="f890bd648c6141ac9fa21519cc78696d7b5b2a5cb6d79850d223c5a765b40abe009d1095f1424d70a282a1099bcf20f0a8f0098668f1cbf1d999293cccdbd4572772f7afbf97fc14667be95255f836cd2003e649603ab958429d239c36bb253771c6769fa2893fcb6dc735336d24f3ce3acad4d8955202e4354442a69c259fc2194c57b13e23cc1c3a55d6eb3cc101bf976b4af7ca78232a6411d84b0397a24701abe99e7e196240c057ef4fdd", 0xad}], 0x4}}, {{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000004040)="e27f1fdbcb9e4f11d6853329aee3d4ab363921972c410cbd0f4d3804a886eee2ca3bbd6481776f0846670b50ad1e868fc4902456d9858fa32f7a79b918752b965616c09f0e5d7819d3572138d9f7dc30aac4759cb6d822d155155362ab33afae1b32dfa7d2163290d16f633ff085c3489eb94671464c8a88f805c9198a2f4b83687faa05f21fa8b065ac6a9c4acbf07e78242e13bfc9f88cf06e3cf7ffd5e3e3b1e68ebbc8014f601990a118eba3b9", 0xaf}], 0x1, &(0x7f00000053c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {r8, 0xffffffffffffffff, 0xee00}}}, @rights={{0x1c, 0x1, 0x1, [r9, r6, r3]}}, @cred={{0x1c, 0x1, 0x2, {r2, r10, 0xee00}}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r7, r4, r11]}}, @cred={{0x1c, 0x1, 0x2, {r2}}}, @rights={{0x14, 0x1, 0x1, [r6]}}, @rights={{0x14, 0x1, 0x1, [r4]}}, @rights={{0x14, 0x1, 0x1, [r3]}}], 0x108, 0x4004000}}], 0x3, 0x40000c0) (async) getresuid(&(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)=0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x1000004, &(0x7f0000000300)={[], [{@smackfshat={'smackfshat', 0x3d, 'cgroup.controllers\x00'}}, {@dont_measure}, {@smackfsfloor={'smackfsfloor', 0x3d, '/'}}, {@func={'func', 0x3d, 'BPRM_CHECK'}}, {@uid_eq={'uid', 0x3d, r10}}, {@fowner_eq={'fowner', 0x3d, r12}}]}) pipe(&(0x7f0000003d00)) 04:36:53 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:53 executing program 0: socket(0x2, 0x0, 0x7fff0000) 04:36:53 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000f00)='/proc/asound/seq/clients\x00', 0x0, 0x0) 04:36:53 executing program 2: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) fsetxattr$trusted_overlay_opaque(r0, 0x0, 0x0, 0x0, 0x0) 04:36:53 executing program 0: r0 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)=ANY=[@ANYBLOB="14000000", @ANYRES16=r0, @ANYBLOB="c3"], 0x14}}, 0x0) 04:36:53 executing program 3: r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000180)={'ip_vti0\x00', 0x0}) 04:36:53 executing program 2: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000040), 0x0, 0x0, 0x0) 04:36:53 executing program 0: openat$kvm(0xffffffffffffff9c, 0x0, 0x4088c3, 0x0) 04:36:53 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x9) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 04:36:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, 0x930, 0x0, 0x2012, r2, 0x0) mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2) [ 2262.029737][T29191] loop4: detected capacity change from 0 to 16 [ 2262.042026][T29192] loop5: detected capacity change from 0 to 16 [ 2262.071799][T29191] erofs: (device loop4): mounted with root inode @ nid 36. [ 2262.081621][T29192] FAULT_INJECTION: forcing a failure. [ 2262.081621][T29192] name failslab, interval 1, probability 0, space 0, times 0 [ 2262.121739][T29192] CPU: 1 PID: 29192 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2262.131833][T29192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2262.141724][T29192] Call Trace: [ 2262.144848][T29192] [ 2262.147629][T29192] dump_stack_lvl+0x151/0x1b7 [ 2262.152138][T29192] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2262.157433][T29192] dump_stack+0x15/0x17 [ 2262.161429][T29192] should_fail+0x3c0/0x510 [ 2262.165677][T29192] __should_failslab+0x9f/0xe0 [ 2262.170277][T29192] should_failslab+0x9/0x20 [ 2262.174616][T29192] kmem_cache_alloc+0x4f/0x2f0 [ 2262.179227][T29192] ? exc_page_fault+0x75/0x1a0 [ 2262.183835][T29192] ? getname_flags+0xba/0x510 [ 2262.188338][T29192] getname_flags+0xba/0x510 [ 2262.192669][T29192] user_path_at_empty+0x2e/0x1b0 [ 2262.197442][T29192] __se_sys_mount+0x293/0x3c0 [ 2262.201955][T29192] ? __x64_sys_mount+0xd0/0xd0 [ 2262.206645][T29192] __x64_sys_mount+0xbf/0xd0 [ 2262.211069][T29192] do_syscall_64+0x44/0xd0 [ 2262.215326][T29192] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2262.221050][T29192] RIP: 0033:0x7f2bac5fc60a [ 2262.225306][T29192] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2262.244742][T29192] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2262.252996][T29192] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2262.260799][T29192] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2262.268612][T29192] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2262.276421][T29192] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2262.284321][T29192] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2262.292141][T29192] 04:36:54 executing program 2: r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) timerfd_gettime(r0, 0x0) 04:36:58 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:36:58 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x3010010, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') (async) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (async) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) r2 = getpid() sched_setscheduler(r2, 0x1, 0x0) (async) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) (async) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) (async) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_LIST(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)={0xb0, r5, 0x301, 0x70bd29, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @remote}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @rand_addr=0x64010101}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'team_slave_0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @rand_addr=' \x01\x00'}, @NLBL_UNLABEL_A_SECCTX={0x28, 0x7, 'system_u:object_r:crypt_device_t:s0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'netpci0\x00'}]}, 0xb0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10) (async) r8 = getpid() sched_setscheduler(r8, 0x1, &(0x7f0000001700)=0x4) (async) sched_setscheduler(r8, 0x0, &(0x7f0000000000)=0x200) r9 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(r9, 0x107, 0xc, 0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000002ec0)='./file0\x00', &(0x7f0000003f80)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x100) r11 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000004280)={0x6, 0x6, &(0x7f0000004100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffff211}, [@cb_func={0x18, 0x2}, @call={0x85, 0x0, 0x0, 0x63}]}, &(0x7f0000004140)='GPL\x00', 0x7, 0x7, &(0x7f0000004180)=""/7, 0x40f00, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000041c0)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000004200)={0x0, 0xc, 0x9, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000004240)=[0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005500)=[{{&(0x7f0000000700)=@abs={0x0, 0x0, 0x4e20}, 0x6e, 0xfffffffffffffffd, 0x0, &(0x7f0000000940)=[@cred={{0x1c, 0x1, 0x2, {r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xee01}}}, @cred={{0x1c}}], 0x60, 0x50000}}, {{&(0x7f00000009c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002e00)=[{&(0x7f0000002f80)="2f3abdf20c9832a7dc6dabfd6c0eee09f826f0a7dc1ddd790e8dd520082a8da6d9aafa22fda38b83149d924659339519191e614aaae5cc2161026081c37c5c01b8b927d1fc9b739a413f41746a52cfa97d0b7a978a1ceec1670be9e20a06564b0db8ed3c58c2c781f563eecb07a1c269b1217d274a74f5d7ad6e0779ba521bc0f163473c91af541aae0a826c986aca228960f4d51dab81e41530808feeb0adc028db9038e24e2577aaec86d59f5f8bc4bc892f50ec7c7d35ca864f4ecee104c1d757093aeca49f9e2a97a5aadaf85f3f82f63ab3ff008ba5c6b6d93a19960144fda2dd30f0d088dccf3a37541126628e9cc3048a0199ca915999944246be5e4f6f2207b92cab5a3800bd5d42024c20b237cdb8a179b224c43ddbf658ae3ddb82d7be720eeb770a5072624a3dbb80d0d35f44103b1a829c6ef6ea154a1c0b55927cb7cf501fcf0ef6504631525a841196974e129223612940e0e71b16a80ec23566c3287c165d325b54ae526617a602af47eced6ef79107b88ebf2939975a3cf63abb224cfd1ea7c996754843f602285e2dccac2cb678907384c68336e5a7c919a18fe82bfc027c3a7841741c29b77485967b3db2cf7f4469b52ce4e9048587b7f2dc4f11f0b60a76ee45403a2fc9b7724e98fdc20188361d0c369f41d165ea71b62ff5a1c8095a5406d04a78149862e4aeedee831226a84a316b44895f06fae20eaf027c61e417cda216108f6004ad928509afee16bbbedcdbbb7b435f82c62a1c38389543dd0178bcb7bc7c8079d551ced601127a12e1282ce996c065dbabe4b9ed0519d662911cf6aa6dd1b0652b898c70e16248be46da1764fc86c0c20d40d154411f2a560906ad8be588249717bb5c576b0599f4d741e92ace5b90a44cdb59420feb1183141b562106836d2c7355149c06cd32c94009cbf6f60bc05304e118559ea9c72a13d1b2c63bee89b45146251b277347eac3e34562237f228002813d83b89574960139cda4f7eb8ac6ee39d970049a85e68eb8e4f6befb8d4b8aa9d696d58e7156a2e5288ea338ac9b8774d1ab05124d49ee7084865f3828c2598bbf3e26d1d1379d5337b840e4e8eacbb76c3effeff8df19e154f165df7064c684ea8f449c93b659e9738065553bbec1482157ec3796cf82c82f95f1d61282bdd3f3ab06f1e302efb063643ea7e6c86948a8be7806b2a1f3eab68becb4900fb49aac932a0e0da3f6469775a6ffd2e175450d89f6bad14f1b46e1a3e393c50019ef79ce65567ca44449a333688adc6178ac1f6a7d296eadf10a066c6b228ec2bef00de3ed269c40bf914ffd48518fd1ea9b302ae8c20af06af3b9cedce4fc4ce9b70a4d983dd07a46179198c83b25252f496e2bf1b0267c4f90f9f6dd8f46c6bc29f4fcbd01b82daf242d2d39b5fdb6aab87682c28c0702ca27ababc588df75b52903bad60115ca8466b1f9a289ef9d48ef06fdf1f55115a1537f1ba2456970a1be93bb4ff0a503550827942c95a928d7141de7514524cad4651f13c237ba2530787716f9b440f1238998790e066f74666cc1e22f19188c4d211ca7ee9dade1ab77f7aa3adaeaca6e9601c71b4db83da23aa45b8240cacc80d20213b80681980b927e461f3997d3c7d7fd9e20640d9b51e8c57be1e0685ecc713339f3ce65874531992584548cffcae8b5743d1b88ba4c4b61ef4636e4e31bd7f54b8309139d12bcf0714a121913f7177e9e56017b1407450e75523131a8bb2f4260f458df7101898c7e1603333b97a5b1ff794bbbb91cd1c6fac9efcbf9367b1b2438fa080298c20d142b89b61ad37deee69a4e3c30bcda452a2d1eecd8adcac9d578c50af11f8573be93668c524f6ff777062c0b58a97a2f9855d4d733bb3afee68fb9e033d1aeaaf376c39cc7affcf4c24b6ed3429a02237d2947fe2e61a80ff8b237c8c80026aae7b30051b6df84d95d8cd787799817b6f79933b903acc28766a68bb27ec18cc9e8f715f623b5f4536869f3c543e12de96b7db5091a9bf76cee7532e6cb6e4494cb6dc4e2570f2fd571e0da96ced0edf0112b36f57fe98174a228cd2b3c54f8df8bfd54dadb2ab34c9c4a56ea88e32046e62b1b61345ad8bb62321c019403811474cbcfd676f25e63aaead0b9571d21f409a884b025459d121c21080d7aaa29b4b42066308b8a85786475c8cbf39dc8edf5d7367a210d8c4bcbca979a26e8c728dd68fe9833f03f6291109deb3a3b8eb1646ebae2dbe24965d5064cf3c8819d76ec990e018657e967389b8d708aeb48306c7f7ec566ef5ba8ba4a2be4886c9dbcf97f3f11829512a1b282a1d510b806239cdd0416f3095e9f7ba2f64729372cd305e73e370f0cd357b4fb50b48a93df741b2e1bdfcb89d407159f2419f5bb5944e320bea62ca334717af5e4a74d372f27c3e585512f782bd7c40f8ebc4146c7982aec16006415eb488fefe00acd76f95361ccc7205aad2cc605a2cceef61a62666520c3ef290b5777dbc63fb7527cc8fdf554332da2e7259857784f58ff89b746785d34847b0efb114f38a9c259c60c18fbea054a4b6280d1fc6d8866ddaf8d393708f04a71398c2ba2cc46aba26cf63c7a0f99a65363329f56eaf00eecc3c70dc767a2f579819348df20c1060f99489840db65083801720da032a48f084df95c5cf6369899e4dd414208875ca162b2c8ea176b17bf4d5ee819788d92f4962bc5b7026957666201d5a6a8ae4ef1a366c429dabf72f34a0ab9e66edc8386383dd2ebdecae38fc77d9753847266b3f7dfd66e2b1eed08d5b32d23b2beaca873e217dbc4363b30b35288649b96075559fcbe315ea61aad279d52ef1ba25fcc5a40e24b77c3ebd54e009430f9670fd02304cde41b29de8a207846ec0ead0a269710946bba378b3cd2bd9778320f1e28ec79c972af53b46dfc829d391d63e61752a597164fc5e074ffaf1c1c5258114afef57465536a25a44af4ee5dbecddaae24806b074ae51098b2c6dd8a27a4472c0db8d0b54c18c73b1793b06ae72e3cb1394efcb8a70bf092bd7ad68269fe972cd03bef34937157a62530a80cd9a3ad44688a8f30e9b09f08feb0eff8b663c7ce8347903471e54539afc7d6dbf39c76d08f1a525e37dc45cadcb1425573de676fce68aa5169a431d2ea7037e27f69fad351b4d955ad3ca1821a7666b0c487cf65ae977ef4dfda29458e53ce2b5ae2bf3f822c02a67096b526807e524d3fcf2cf2abce5b1066568e74aa56163454125cca2968e8eea2c25682bf91f33cd1b6fa4155bed379f10c670468aa82a607ee5065ef85a4b588b0b8ca5945128d1a27315d11a50764de6f208ea1c6b4bee8414f2bac645a9428429330fcc2d0b59c762057772176c03b7888f8be4b1d56da7fa3d1e354302eead093d53628e3e814aa8702bd5249e7bdf15752128f77440bd0dc46ba0972f724dee2903251d275528546193ba4059fca9004023b9e07dae8c54f8b95900ff8d7665fc6cdf8a6f79df9ac1018275b2ec33f14473cea5275f902e6b4682bc5a188023d15b02cb24069db0a5d85199ef1c0c4fceee1028fde3d577b6691744e815e36418b4764f977daa8d463a54655dc65e389ff303a65c02ac35564307dba3adb4ae556f141aa9ba6bbc653aaffd6130c8fca2b36edb5a5fa7d5e6e246d9997af2d3c1b56f10e1d3d0e43a962aeb7035ba25ddf68ab342d2f79f48b9df3f07e27ca456e8f35f6ad25f71173307a4876bd06cdb4a943afdf62a79cb8670b8c31f8c7b45bb555c44f65f8a7904bacc6df829e3e9058d462004cfac2daa8556998ad9e6656022eabc99d1c1ada3b2e6ec66149832d8520ae91432d336a9aa6ac5084da29b7c818282e7e30f15d4366465b119ea1765a7d628e25d9aae55e15e0033ab3d2d2c2136cbc73902fb6ef575f5912dfa8634559398ce4171f73e8154a88a160cdfa9ed1fb46420425ffad21a9bf67a370f1531e3fec135078637ef8a58db8abad65b17390d99f913224cddbcf23df0c1cd0c629242904a18e18088354834fae12e5a19c9d792cc9e30d05a2627972d973cb6e241d6900fd4dc5d66455289911c8dd5ebaf974fd5c6c9f5af90357d5b63eefc5a56a4ac082c23bdb1868eb3814898c469c7f80955de9f2773b847e3d5fcb1d0638fccb3eb65e9615f0614e8f3a6997d56a617d287d58d380b0b94708cd2c071cb6ed930bec48c73e96c29708f57a7fef55d54b076384ab8b1167e8c80dd2e702e66f03ad2202d5b27395302ca574d89f3d667639addc6838a7fd9ef59206e5613958788c4fd6eac0624f8337f56fdab418ce8b112a315a18eeb41418a5620899a5abe40b928fba90bd1a8026c66a3de9fa15dce6bf60918bda2769cdccf2ea4f04e889dc85459b4f937d57261c22ccfc78698d050fff1331a77415484c9df4e8317bdbd0a82f74825424c0b0b464ba2f679cf711d461f30c2c40ba0b2210f918c47b233853c09d1d1534dea2bb0c30316f41100587d66c3ab12b757b033fbf79fb4279fef4cb0d5f11d334ab797a220e15553ada8160c045cdf3bdf1ec1ad1420a9891f71c09f5c7702fe1114e3bbb3d1364138b1d5f7942870c809ed5a923c29e3538f2a31cecb618425faf7c68883dc636d5fc54b24d81785318cf6a35cdac023db270fc8784bda140aa3d5be808140c03f595a72912182f28b1cdba22f5fb63a911b94594cb01c43e39ef415d2a21c2d42a14fcefd321d6192b1fc83dc5bb4b893bb691a5bfa76cdd611ca09eb5fdbcc05b1a0b3c35f2aeec8f36ce80682635054da52483e8297c2f167515463bc5e377bde0f5a7dd962b148b6421a5b8d86e54af488a38dfecb2b9f866b888c26da99d1ab46b778e78ec3913ebbe8cd359569946b2939fdef08e347b238de9e15b17746e43e101d1afc28a460d1e44e9472b7e5537274737249af58dcebaca798c3c7f96ed63bc64efcac80497503d0161a75d25954d583a91aa7245952762f0c0421eca96db9693273b9680be7a9a6fc03a92748c5aebc83de3c7e35338020b380e7f6630c9cf073476e84977696305bf01a00fe1de6e67a8dbc631a6483a124bd1afb1753df020dc69ac0646c1295f1190c5814c16d2a146b60745d094a1dc0221c1c2e892f9dd66a40ad2f32385ffee56354daaf1f6fc9742322485a6a93480f4c11778d67f9bd7dd9148bbd71de0e170c7834f70b0379bb0ac3a51cf5e8fb2ee4b3a6ea91cc4ba131b87c559a2d8c75532799ffa06c621f5435f2f0d8b884cc3e39e56b1a7d18564a47cc7c182d112d7f3451773558326d4833bfa72d87450e323902a981b5463655400b0dfb4e33d075fb7e9ae01d97923a96ac0a4806f71a3b862ac6cba93ebbd20ed49d4e6dceb02bb1cbf61e9f6a4fb7042f9399da88416746cf6ec1b309531a1b8cf6d0a4515d09f76823abe97786358fa97b325a11824142b2c4057b0eeb55c6406506cfdb1800aa1559129a7391fc85c83af4a67264765c1d6ff64531a9aced6b006614ddf40d432be6f17b67ea74e472edc2c990cf24bcbf4d4030f2cc0f300dea89ba5982a067a5c0ca281601516808a18023ea2b59adc803f43d20eb4dccc038e9419da3b2902cb1468c33097753827630ea09587b14d85dc2ff9740d857a2daf76b1be511189c3d99ad04db57a19920efd47b58a94d33bbf51ecaf3a5fe75ca02ab1e3a4926b1a627807061c5dbbb939a2218cda211423603c79c6b33694294c77dac50be96af64c4baa212038447b32b542f36071fffec03398b82e417e603e22e4d4026bac943d243fca8b", 0x1000}, {&(0x7f0000000bc0)="9ae7968195678dda3f9fad614168ef4ad5b48749764aaa79857be95b61fbf18c69402c3fd04aa07deb2451e3d09f87d71d1e0aa2b8bcf21cc1c7a237e17d210fb311995b5ea604fb8e774b2d67f0c5b192e2eb9bac012da9633baceaf2f1994818bbe67647dc7cb84d2d7fea0c1c5d42b37813", 0x73}, {&(0x7f00000043c0)="afeedeb87d0de443ebf7ec9c5c75b0b7bb2fdda02ede01143726331b21a422145c116977bf54c10e2a275d6f0a1265a2b5d5c39ea9a9401c9e1dd00fc59d0005fd03c81ae6a5897354445a6c3b6a3bf139b373c7f7929645af9287a51f8b6f4f277e259ee14d503bdb1819d10bac2994cb44252b01d9f617331866a67c4e44c673452b2ffbed090266e1c84c541299c074c6a2201724b2df37f25dd3d89a4d8f1af8266afbd5293fba25efaf85618878d733fb10b0d72e6e01142a614757f8e9b4156c6781e9310de2f5679eb269a00d8c1b9e5b35290de657a6fc2457ebaab3c2f24ad70fcfbc81ac7a6f76b6829946874670ef4296ca30428a05872ea710b3bd7c7c22acfac59602c4d587c55e874ff3ee909453598d2487bd05a07829793f4cd50a18c931aa157cfb56ca9159cb8622fca7f0290cd99d3e239c6bf5843f1519679315af326d19b66e6a8589df2f0e0244b952aebae048c440f494cc23c6db1cea96185962adf8beb798a402da45a8f1480affbff570b17855dfcc07a0d5760ba50a30146ccf4362de3a87dfc0c9777cb6388ba1faebca36ff99f78ed272d8e3589aa58cc3b8f00377bce892480de777b07abcd188b068de6887301874ab5d2d5f7c715a5b50b3e9ea708b5d39e4612ae1543cb121661d3233d8373e3a40be2c97bd57172745ceadf9dddda179fb5dc45c4ea97e13cb4bf9f8a8d7677b342b2873e21cf0703f2d6cee75f778c8ef296ea4f2c4fe28b212c481aee2a323a13bc707bdf8cc3a4ce00511461b9a258a1dabe310a716dbc66e064b639135fab577ea1ff472c6854b5577055f439d00a516fa100d127d3992b08e281d4983c0d0defde1fd366093fdcc40b0dc510a7dda820bf98ac5f75b77e41ff1d3b94825eea1ba5ac0c95481049ad8d5c5e9de6d438a4bcf43b4da55886d6033ed0024e0c5c77b44d01f312a6d3f0f906cd562c9c3ab8b561f9237220968828a1cdc74019734659c4f5b0922c48c81f73993dc420976a2538a7e4a517284cc5091ecdaa1ff57a655104f2abb23cdfffb802d49d7fbb485cfb8d47bc9067dc10bcdb677ef091555ebc7497fa8538671e8a72d38eff40c5e248492f41edf40429750bc4f70b2a33edb0b73ad303694072b20614b44302d566662f221d920a38602369e0744d84d10f6bb2077d35d72e976c21914ce403dbe5a0e370890b68ddf7c8d8eeaaeb462927732ba0c42cf957464afe2a80a0fc4cd8d76508feeb7858a4651557a83bc2657151154f6a170f3e076bc641313ac119e614be9d62d1f43be7441bb6d1e835cf2dfe4f3e7476e3fdccbb977df53efc80c34977fd911733180042538f829a5df96216f79f4e41bc7201a2f1fb6baaa887d709c0e5179d33ce261c34133b2b8141cac849fea1a94d46206d870ada3187b0ddee1b14a158659cd99f30effbcafde0c2074449834ba09f47df460fe85d680c6d0a799d22f1131eff819c0a2e44c216bdb95dfed45d2c82bb322adf633d1dc859318bd95144d68c8e0625e9b8b035cc414bd7a1967a8ce9d63dfd81702a19ca95ea03934431e566a914d299549f969b1a076ffa748be227c54740656d9d72306853b30e2bf559316224653054945d7cb8a86428bdccebd96d161eb7b04a1680a68bc2830bc0f773f4308f15ec88b963092d4116f218296491eb7dfbc13347d6cfff1612c79f8fd67f9143c37b032eca9096af812d7deb3e25d552fb6d3abb0d921e666d46cc93bb8f3d47745a55b64e33d3af0905614ac12a84aa1ae763d04e460605ef47388f4085007fc51736a93c0defd12dcb75596ea3a6e55d8c3683b352cb2ab67a19d3c941059696296b93c1c152cb0bb96bc9228298bf603ab5bee74f559e03060c99e19bc9ffc4ff58b773295e34278b8e24d64490dac36963f882b7de9394320e469da6b1a57c72017f78871a71fe287c98f3f12bf86188a55588d35336b1e868901b9cd11c377097d16fe11f9e86119545dbe3783919736779c3e2e7da71bac8054c0cc6f682f5351b15ec58834fb8d2ff9ee025d1dbf9f064af13fc9dda225ae6213d6aca28d7176c7f49eb9fea4fc0e6c6116dcbc464774ff7a205afae6ca5c69f933b2cfb373f903c5ea75dc074560a9b17457e78bf1b6fac62e27101eb099d2215463b8bf31d22fe3c85347a663b264c0c1c8e650403b76c7575dd7244fe9d59a0f73677e7da3fe5ca4a5a7908368be56c33010230c1f37adb8247e2a8fd39ef3ec6abfa8bbc0779bf89544fbc5352ca5f12d4ca06871995613472e57ff12afe657580d68e6754ca89fc1816efd29d8e7cecb18dd9ea1dec72f0b794ff3b8b88858d3616a65acc033231421b0f14fb4b4dc7b07f748e502a916ce8efdaf821c3d21951e1c9a923bb1fca8960ec47a1db89fa5876ad0f0fb0fffffbc7719e4998a3c2bf266b908b7ea683f712560472bb787dc037b64947d4d30cf9cbef98f258ea769e1068c1f408a0062e5d6b488f33a5a1f2dd355db036b8212a59916bc9fedba66b6b01788e68c9a409632a146e2f0d9331fccf4af3f2fd52a80c19e611a5ed4fd0097832de580324f70ae0303cc32ef3e293a2a2d7c1f420a7a1359be21b12b3b75b57e700274e7a9b4d43e3ce6463e8e1935e6c0a4d7fc5789b783ba3d7dacee7ec00bfb3177542624e5ad95fcea55ac30d1d121aa785a4b29230c3abee940372daf96dabdf3f4e0c6100b85e1e1134fd60dc55320b68d0345817a90697153d9cafd83c017988d584747dffce6664bcdcbb55c22beb89a35ecb7f22d5589d2f76ca882c8786cb71ee14340a924ac49c2447dbc1195ed1ed35df8af6101f8c84b530cf97a938f471830b612564e5c123901177d285d6e07a87e91560948c0aac24f8124073ac8f3b60e33c80faba24ad72556b6617a265677e2bbe00359b89d7bc09142bca3dde8d4ce7cd00bc2313a9144470b83a705da2c363b0a6cfc00e5bef29c332df367951f12bf730370960913c7676b7936319bf8c7656d105d3aaaf64d4a0716a36d2b44feec6ae87afe45933fbefb82c389d52b4b74cf832f0c5dbc2bae74cf7d4f1e01dbac8cca918219515a3acecd877618720a56e4aa79cd4cd2f892cd3def194bd1ff0ab6a7355b9ea07a336e1c172be0bbb0475a8fe33ebe5835b12aa9cb5e7a1ca4eae1cb152354ebd40a496190a877316ed4fcf9317c7fab2da9297d45b9023f844e476415de73d0439cf1fc24a95ed516df382f946ff231569caab9d959169eb6420c74c1e865312d2071201739c8af2d2718629ae7cd3d3edf5e6e4ce265c89d43030cbae195a0f72525c009d3ad8592c80bf69a6a9b1b98d0674b0da868bf03eac4fda6571f139248773798767a3bb9297c13f12afcc0c3def05206d171312a68ab5001366dc9c342fa46457997ab059d4e85464efb452bc2ebe102f6d845d94e779cb61f4b86f755dcf1efc05a9815356bae7bbcbd8f06d9abd0426f1fcd464892caf0b85b6508de527215eb71d58982c5f425e2491c60852ea0946b5204a15edd577938eaef2906d3d52225aaa440b0249fb4565b829a6be5075484883e41795adddb45cb55b8f3fd4a33d3bc47c0ffdfb1d569b83ecec65d0994b202a61df5db1f95df3cbee6b2bf6972748f0355a97061fd93e0d1dab0e8ea8cce58a9f36ed03c0ee4a912bafaf0f45b6ab6c3c04ca40504832ce9acf0a0b84f50ecdd3ba51f5952aca49d3315f8c4ba1450e75159f40dbd501a6e94b74fb2008c2c886e823927b53c0222167a3f6a785c4853ed0b6c05089eb12e5a06fe9d242e4d6627d6a810b681e03f8d364593e6dc230f81e3bb739c9bde3d222b83cf5885e06c578839db4485cf84f67252e201de67e632b459f0049aafa9b010f4f6df402f70c2f36b3ff26a7688db5c07f22969969e7871e10d63d6f5169d9ed6502440278651cc7ab521cea7b6bc68396d7e6cf692952524d4ab2718c4e88530ec637fa4bc5277a6140c730a32713ce37435756db3ed7784bf5d5438726f115b8ac7ed9033ed37758585527eb5db2411789204ffc67def6702b98e8fd7bbe47836ad5da93a1207b0bae378546f859eecc462ae2602bd73d4b3c945defa39ddcfd21ed1b307295dceb5f52282478f06d766ecc83c5aaf87e4d30e8379410175e88c4cde24e696f01726e69e3ea85480c60871d1b3df2e33cc427b519d7810f482523b4f9c26fa45e161cbbcaf70859a621c45d2c09995d49b2b0641469362e6c459b37310914fdd045a26726472ecaa573a6f76ec350d1078b28eeeb0a14bc73d0ae902af70edf00d982cae5cec6c798fc6117ed93cbbbc7af672df5dad8f68397cdc9d393ddb28ef158c078d20a23af846d7d5552d3e176bcbf755906ab8a0dc77e0887a0f12cacffdf84843627942e67eb07291d0e412d629dbe0d41920c12b66fc1b434140d8cc424785e447cab92eab096aa56a39f1b986249cb62236e3a88176655444f898936a930503c4acf9464146aed408b09abfcb49d6f45df877f06434447230c880c3f3b7b895343cf26a43f602a1e5323bf51caa1387eb99f43916595eafee854d8d1fef20eed08e09b93d678b36ee7fee529eb2e52b4327d54d63a9725a2e1bcefb516709645c0da2503cb5fbc7fd9cbbe30df9d8a0bf78ea487c68bcdc130bb6212f336e2e3ed8905a24e70c113054a864aa330aec7f17ef49e84bf2ea31c5f597bf7c42635320e24a3b5a44846bf13418f4af3bb03d319730d78707451721a9565d366dde6cc7c09306e17727f380f4d732d3ee5ee1004f930abed7f8e29d5fc8f8f883969182592ea9d2f3aed86764ac786a6049cccdfba5922bae26f7e1e006c5fa2ece285f1958def6e41942bb7c58f0bfcc7772d508830e2fd7e2c23f2620441ec88bcf8109ef8368340af01f30837c81478f5018b42918a1a03db3ede3f6d994ff830d8985b99bc480616c6259015664cd1a28ae5ddbd80e1a92604b4da348c1352dba49ff3b392ce5cd0ab500a209d4e04a66d2f62f9d1adae15eeeb4e2caab3780f5403ff3b94d1b9c0b46d8f99d80d0e63e335be3957384320b7535092f66e27b721a7a0c8fba0b8c800561209d00c2d5c63ae43bfdaf6bd5d349f68e3e6614ae9ce788d19f4e733c5327995be44ce70e293304ca7c0891e714e38d8c04e130dacb5b9016a5889814b49e17563ad7553126fabcd60b470c3089005779397ff780eb06c5417d6780db650f4cacfd1b8a9986c83c91386671f32b0c8b7a5038032ef0b5bc863480c1a8c6d4164ffc25f3e1ab91ad6fec9fac754bc8ec72ca01668e590947603382460a77a5a66a1a754a21b9f132072f0118c45905f6c4955b6792c721f59f2286e32343fb0b19ed1eb59225323a63707d9e15958b79f359c1691587593c3a26a0bcc01499e4d08ddd33231ae979554c17fd0a2159d3f7e8bd6fa17547ec984a21aa72b2f9c8d4bc149226a24768ddb502153aa84e00b287a6651fe2698b21f1f97669728f2d03871607d427872f043a5c2b86480949c88f537a25e6ba8d28b1881ac13bbc4738bf0ecdb0f2bba578619773c9d9a936d7d37c3ba9510944f7304fcb7822bd184b29753034b183379dc984ad98fd0f65aae36af9f660465b4272af8d64731fe4bd4d3e97e42f4049c6450c78a346269c0f4880bc856305bf5742e04d84dcaf7564dd2a4a325c55afd98be1a93eec58ab6b6449447381d34910fe141a5a7fd55de68361d3da68cfa504cefa68a563691b4f38b5aa85132f22becca4888e35c50ef575a150ba2e3b8255dbc6", 0x1000}, {&(0x7f0000000c40)="f890bd648c6141ac9fa21519cc78696d7b5b2a5cb6d79850d223c5a765b40abe009d1095f1424d70a282a1099bcf20f0a8f0098668f1cbf1d999293cccdbd4572772f7afbf97fc14667be95255f836cd2003e649603ab958429d239c36bb253771c6769fa2893fcb6dc735336d24f3ce3acad4d8955202e4354442a69c259fc2194c57b13e23cc1c3a55d6eb3cc101bf976b4af7ca78232a6411d84b0397a24701abe99e7e196240c057ef4fdd", 0xad}], 0x4}}, {{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000004040)="e27f1fdbcb9e4f11d6853329aee3d4ab363921972c410cbd0f4d3804a886eee2ca3bbd6481776f0846670b50ad1e868fc4902456d9858fa32f7a79b918752b965616c09f0e5d7819d3572138d9f7dc30aac4759cb6d822d155155362ab33afae1b32dfa7d2163290d16f633ff085c3489eb94671464c8a88f805c9198a2f4b83687faa05f21fa8b065ac6a9c4acbf07e78242e13bfc9f88cf06e3cf7ffd5e3e3b1e68ebbc8014f601990a118eba3b9", 0xaf}], 0x1, &(0x7f00000053c0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {r8, 0xffffffffffffffff, 0xee00}}}, @rights={{0x1c, 0x1, 0x1, [r9, r6, r3]}}, @cred={{0x1c, 0x1, 0x2, {r2, r10, 0xee00}}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r7, r4, r11]}}, @cred={{0x1c, 0x1, 0x2, {r2}}}, @rights={{0x14, 0x1, 0x1, [r6]}}, @rights={{0x14, 0x1, 0x1, [r4]}}, @rights={{0x14, 0x1, 0x1, [r3]}}], 0x108, 0x4004000}}], 0x3, 0x40000c0) (async) getresuid(&(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)=0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x1000004, &(0x7f0000000300)={[], [{@smackfshat={'smackfshat', 0x3d, 'cgroup.controllers\x00'}}, {@dont_measure}, {@smackfsfloor={'smackfsfloor', 0x3d, '/'}}, {@func={'func', 0x3d, 'BPRM_CHECK'}}, {@uid_eq={'uid', 0x3d, r10}}, {@fowner_eq={'fowner', 0x3d, r12}}]}) (async) pipe(&(0x7f0000003d00)) 04:36:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, 0x930, 0x0, 0x2012, r2, 0x0) mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2) 04:36:58 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, 0x930, 0x0, 0x2012, r2, 0x0) 04:36:58 executing program 2: socketpair(0x1d, 0x0, 0x1, 0x0) 04:36:58 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 69) 04:36:58 executing program 3: clock_settime(0x0, &(0x7f0000000280)) 04:36:58 executing program 2: request_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0xffffffffffffffff) request_key(&(0x7f00000004c0)='blacklist\x00', &(0x7f0000000500)={'syz', 0x0}, 0x0, 0xfffffffffffffffd) 04:36:58 executing program 3: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_SET(r0, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x3c}, 0x3c}}, 0x0) 04:36:58 executing program 2: syz_open_procfs(0x0, &(0x7f00000005c0)='numa_maps\x00') 04:36:58 executing program 2: openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x44640, 0x0) 04:36:58 executing program 3: rt_sigaction(0x22, 0x0, 0x0, 0x8, &(0x7f00000002c0)) [ 2267.047532][T29240] loop5: detected capacity change from 0 to 16 [ 2267.064800][T29239] loop4: detected capacity change from 0 to 16 [ 2267.073749][T29240] FAULT_INJECTION: forcing a failure. [ 2267.073749][T29240] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2267.086996][T29240] CPU: 0 PID: 29240 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2267.097057][T29240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2267.107038][T29240] Call Trace: [ 2267.110163][T29240] [ 2267.112938][T29240] dump_stack_lvl+0x151/0x1b7 [ 2267.117453][T29240] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2267.122742][T29240] dump_stack+0x15/0x17 [ 2267.126735][T29240] should_fail+0x3c0/0x510 [ 2267.130992][T29240] should_fail_usercopy+0x1a/0x20 [ 2267.135849][T29240] strncpy_from_user+0x24/0x2b0 [ 2267.140541][T29240] getname_flags+0xf2/0x510 [ 2267.144966][T29240] user_path_at_empty+0x2e/0x1b0 [ 2267.149735][T29240] __se_sys_mount+0x293/0x3c0 [ 2267.154246][T29240] ? __x64_sys_mount+0xd0/0xd0 [ 2267.158845][T29240] __x64_sys_mount+0xbf/0xd0 [ 2267.163274][T29240] do_syscall_64+0x44/0xd0 [ 2267.167523][T29240] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2267.173258][T29240] RIP: 0033:0x7f2bac5fc60a [ 2267.177505][T29240] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2267.196950][T29240] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2267.205281][T29240] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2267.213095][T29240] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2267.220897][T29240] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2267.228708][T29240] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2267.236521][T29240] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2267.244336][T29240] [ 2267.248542][T29239] erofs: (device loop4): mounted with root inode @ nid 36. 04:37:03 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) pipe2$watch_queue(&(0x7f0000001780)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_WATCH_KEY(0x20, r1, r0, 0xffffffffffffffff) sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x20, 0x0, 0x20, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xae6, 0x73}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x20040040) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r2, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r3, 0x0) pipe(&(0x7f0000003d00)) 04:37:03 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) 04:37:03 executing program 2: request_key(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)='syz', 0x0) 04:37:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, 0x930, 0x0, 0x2012, r2, 0x0) mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2) 04:37:03 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:03 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 70) 04:37:03 executing program 2: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000002240), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, 0x0) 04:37:03 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/slabinfo\x00', 0x0, 0x0) write$tcp_mem(r0, 0x0, 0x0) 04:37:03 executing program 2: modify_ldt$write2(0x11, &(0x7f0000000000), 0x10) modify_ldt$write2(0x11, &(0x7f0000000400)={0x401}, 0x10) 04:37:03 executing program 3: socket(0x10, 0x2, 0x800) 04:37:03 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "846557d1e2decacb3eb26b578db3005a246341"}) 04:37:03 executing program 3: socketpair(0x22, 0x0, 0xfffffffb, 0x0) [ 2272.109021][T29276] loop4: detected capacity change from 0 to 16 [ 2272.115842][T29275] loop5: detected capacity change from 0 to 16 [ 2272.123954][T29276] erofs: (device loop4): mounted with root inode @ nid 36. [ 2272.137971][T29275] FAULT_INJECTION: forcing a failure. [ 2272.137971][T29275] name failslab, interval 1, probability 0, space 0, times 0 [ 2272.156120][T29275] CPU: 0 PID: 29275 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2272.166178][T29275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2272.176074][T29275] Call Trace: [ 2272.179201][T29275] [ 2272.181978][T29275] dump_stack_lvl+0x151/0x1b7 [ 2272.186573][T29275] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2272.191868][T29275] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2272.197076][T29275] dump_stack+0x15/0x17 [ 2272.201072][T29275] should_fail+0x3c0/0x510 [ 2272.205321][T29275] ? alloc_fs_context+0x65/0x830 [ 2272.210100][T29275] __should_failslab+0x9f/0xe0 [ 2272.214700][T29275] should_failslab+0x9/0x20 [ 2272.219034][T29275] kmem_cache_alloc_trace+0x4a/0x310 [ 2272.224157][T29275] alloc_fs_context+0x65/0x830 [ 2272.228755][T29275] ? _raw_read_unlock+0x25/0x40 [ 2272.233438][T29275] ? get_fs_type+0x3f3/0x510 [ 2272.237874][T29275] fs_context_for_mount+0x24/0x30 [ 2272.242727][T29275] do_new_mount+0x15c/0xad0 [ 2272.247077][T29275] ? do_move_mount_old+0x160/0x160 [ 2272.252014][T29275] ? security_capable+0xb2/0xd0 [ 2272.256704][T29275] ? ns_capable+0x8a/0xf0 [ 2272.260866][T29275] path_mount+0x60b/0x1050 [ 2272.265123][T29275] __se_sys_mount+0x2d2/0x3c0 [ 2272.269634][T29275] ? __x64_sys_mount+0xd0/0xd0 [ 2272.274232][T29275] __x64_sys_mount+0xbf/0xd0 [ 2272.278674][T29275] do_syscall_64+0x44/0xd0 [ 2272.282914][T29275] ? irqentry_exit+0x12/0x40 [ 2272.287338][T29275] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2272.293065][T29275] RIP: 0033:0x7f2bac5fc60a [ 2272.297320][T29275] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2272.316761][T29275] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2272.325002][T29275] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2272.332813][T29275] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2272.340623][T29275] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2272.348434][T29275] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2272.356245][T29275] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2272.364070][T29275] 04:37:06 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) pipe2$watch_queue(&(0x7f0000001780)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_WATCH_KEY(0x20, r1, r0, 0xffffffffffffffff) (async) sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x20, 0x0, 0x20, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xae6, 0x73}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x20040040) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') (async) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r2, 0x0) (async) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r3, 0x0) (async, rerun: 64) pipe(&(0x7f0000003d00)) (rerun: 64) 04:37:06 executing program 2: remap_file_pages(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0xfffffffffffffffe, 0x0) 04:37:06 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$UI_SET_PROPBIT(r0, 0x4004556e, 0x400001) 04:37:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, 0x930, 0x0, 0x2012, r2, 0x0) mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2) 04:37:06 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:06 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 71) 04:37:06 executing program 2: openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sysvipc/sem\x00', 0x0, 0x0) 04:37:06 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/crypto\x00', 0x0, 0x0) 04:37:06 executing program 3: openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x200000) 04:37:06 executing program 2: openat$vsock(0xffffffffffffff9c, 0x0, 0x1c3402, 0x0) 04:37:06 executing program 3: socketpair(0xa, 0x3, 0x87, 0x0) 04:37:06 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r0) connect$netlink(r0, &(0x7f0000000100)=@proc, 0xc) [ 2275.101099][T29307] loop4: detected capacity change from 0 to 16 [ 2275.108082][T29307] erofs: (device loop4): mounted with root inode @ nid 36. [ 2275.127132][T29308] loop5: detected capacity change from 0 to 16 [ 2275.141790][T29308] FAULT_INJECTION: forcing a failure. [ 2275.141790][T29308] name failslab, interval 1, probability 0, space 0, times 0 [ 2275.171262][T29308] CPU: 1 PID: 29308 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2275.181332][T29308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2275.191226][T29308] Call Trace: [ 2275.194349][T29308] [ 2275.197128][T29308] dump_stack_lvl+0x151/0x1b7 [ 2275.201639][T29308] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2275.206934][T29308] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2275.212143][T29308] dump_stack+0x15/0x17 [ 2275.216133][T29308] should_fail+0x3c0/0x510 [ 2275.220389][T29308] ? alloc_fs_context+0x65/0x830 [ 2275.225177][T29308] __should_failslab+0x9f/0xe0 [ 2275.229762][T29308] should_failslab+0x9/0x20 [ 2275.234097][T29308] kmem_cache_alloc_trace+0x4a/0x310 [ 2275.239395][T29308] alloc_fs_context+0x65/0x830 [ 2275.243997][T29308] ? _raw_read_unlock+0x25/0x40 [ 2275.248680][T29308] ? get_fs_type+0x3f3/0x510 [ 2275.253108][T29308] fs_context_for_mount+0x24/0x30 [ 2275.257967][T29308] do_new_mount+0x15c/0xad0 [ 2275.262308][T29308] ? do_move_mount_old+0x160/0x160 [ 2275.267262][T29308] ? security_capable+0xb2/0xd0 [ 2275.271941][T29308] ? ns_capable+0x8a/0xf0 [ 2275.276107][T29308] path_mount+0x60b/0x1050 [ 2275.280449][T29308] __se_sys_mount+0x2d2/0x3c0 [ 2275.284959][T29308] ? __x64_sys_mount+0xd0/0xd0 [ 2275.289665][T29308] __x64_sys_mount+0xbf/0xd0 [ 2275.294085][T29308] do_syscall_64+0x44/0xd0 [ 2275.298339][T29308] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2275.304066][T29308] RIP: 0033:0x7f2bac5fc60a [ 2275.308315][T29308] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2275.327766][T29308] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2275.336105][T29308] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2275.343904][T29308] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2275.351706][T29308] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2275.359517][T29308] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2275.367331][T29308] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2275.375149][T29308] 04:37:11 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) pipe2$watch_queue(&(0x7f0000001780)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_WATCH_KEY(0x20, r1, r0, 0xffffffffffffffff) sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x20, 0x0, 0x20, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xae6, 0x73}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x20040040) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r2, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r3, 0x0) pipe(&(0x7f0000003d00)) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) pipe2$watch_queue(&(0x7f0000001780), 0x80) (async) add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) (async) keyctl$KEYCTL_WATCH_KEY(0x20, r1, r0, 0xffffffffffffffff) (async) sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x20, 0x0, 0x20, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xae6, 0x73}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x20040040) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async) write$binfmt_script(r2, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r2, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r3, 0x0) (async) pipe(&(0x7f0000003d00)) (async) 04:37:11 executing program 2: syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x8000000, &(0x7f00000004c0)='u', 0x1, &(0x7f0000000500), &(0x7f0000000540), &(0x7f0000000580)="4c01ca8df41a248cf00e2e69702aa588a70d336e696aeff2a894ca004a3852cf9ed2e4a907171c86c647741762062a521e5a4000c4cd5f6de90031edb22c3ce17efb1ab56cd65bdce1c8f097eba7ea57a83360aacde2bb80d0933a249529e4b549579a2248c7516b96b5b73d4054bf42b5a5fa48f3b63177222dca6212fc71050402f724db4e8ff8fbe84ec96bd47f45c0107a291b976d1d22a7d0b0d2ec4b303c63fa520e88fa086080e4af8758ab7a544a5f416a8533171222f520dcfc7dca0804576e8bb8419552ade5ffeba291d85a8ace0942bf3acdc82a84b19f") 04:37:11 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x80) getresgid(&(0x7f0000000900), &(0x7f0000000940), &(0x7f0000000980)) 04:37:11 executing program 0: bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0}, 0x20) 04:37:11 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:11 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 72) 04:37:11 executing program 3: request_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0xffffffffffffffff) 04:37:11 executing program 0: mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4) mlock(&(0x7f0000ffb000/0x4000)=nil, 0x4000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x7) 04:37:11 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x28}}, 0x0) 04:37:11 executing program 2: syz_clone(0x346080, 0x0, 0x0, 0x0, 0x0, 0x0) 04:37:11 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, 0xffffffffffffffff, 0x0) 04:37:11 executing program 3: io_uring_setup(0x376d, &(0x7f0000000100)={0x0, 0x0, 0x6, 0x7}) [ 2280.094229][T29350] loop4: detected capacity change from 0 to 16 [ 2280.104031][T29349] loop5: detected capacity change from 0 to 16 [ 2280.120374][T29350] erofs: (device loop4): mounted with root inode @ nid 36. [ 2280.121657][T29349] FAULT_INJECTION: forcing a failure. [ 2280.121657][T29349] name failslab, interval 1, probability 0, space 0, times 0 [ 2280.156486][T29349] CPU: 0 PID: 29349 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2280.166554][T29349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2280.176530][T29349] Call Trace: [ 2280.179653][T29349] [ 2280.182437][T29349] dump_stack_lvl+0x151/0x1b7 [ 2280.186945][T29349] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2280.192244][T29349] dump_stack+0x15/0x17 [ 2280.196230][T29349] should_fail+0x3c0/0x510 [ 2280.200485][T29349] ? erofs_init_fs_context+0x98/0x2d0 [ 2280.205690][T29349] __should_failslab+0x9f/0xe0 [ 2280.210294][T29349] should_failslab+0x9/0x20 [ 2280.214638][T29349] kmem_cache_alloc_trace+0x4a/0x310 [ 2280.219750][T29349] ? erofs_init_fs_context+0x54/0x2d0 [ 2280.224959][T29349] erofs_init_fs_context+0x98/0x2d0 [ 2280.229992][T29349] alloc_fs_context+0x671/0x830 [ 2280.234681][T29349] fs_context_for_mount+0x24/0x30 [ 2280.239537][T29349] do_new_mount+0x15c/0xad0 [ 2280.243878][T29349] ? do_move_mount_old+0x160/0x160 [ 2280.248825][T29349] ? security_capable+0xb2/0xd0 [ 2280.253525][T29349] ? ns_capable+0x8a/0xf0 [ 2280.257683][T29349] path_mount+0x60b/0x1050 [ 2280.261944][T29349] __se_sys_mount+0x2d2/0x3c0 [ 2280.266445][T29349] ? __x64_sys_mount+0xd0/0xd0 [ 2280.271048][T29349] __x64_sys_mount+0xbf/0xd0 [ 2280.275475][T29349] do_syscall_64+0x44/0xd0 [ 2280.279723][T29349] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2280.285454][T29349] RIP: 0033:0x7f2bac5fc60a [ 2280.289762][T29349] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2280.309148][T29349] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2280.317396][T29349] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2280.325205][T29349] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2280.333185][T29349] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2280.340996][T29349] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2280.348806][T29349] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2280.356625][T29349] 04:37:16 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="687580653d616c772c00"/26]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) 04:37:16 executing program 3: pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x8a]}, 0x8}) 04:37:16 executing program 0: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000380)='n', 0x0}, 0x48) 04:37:16 executing program 2: r0 = socket$can_bcm(0x1d, 0x2, 0x2) recvmsg$can_bcm(r0, &(0x7f0000001a80)={0x0, 0x0, &(0x7f0000001900)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x40) 04:37:16 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:16 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 73) 04:37:16 executing program 2: openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x1c1003, 0x0) 04:37:16 executing program 3: syz_clone(0x21005000, 0x0, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="0abe2d34475c61d96b9b27ae1b3e07205e1c7311064928e510dac410097aa2882a11c72cd79e3930ef2c3eb001dd8517f0315e93402c9e5e8e9239f0d6d6863ca7ca597609ab7cf89f88ab4cb6") 04:37:16 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000f40)={'wpan0\x00'}) 04:37:16 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x5d139b31e8bdefae, 0x1, &(0x7f0000000500)=@raw=[@exit], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:37:16 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0x2, &(0x7f0000000040)=@raw=[@map_idx_val], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:37:16 executing program 0: syz_clone(0xc0000400, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x0) [ 2285.144075][T29386] loop5: detected capacity change from 0 to 16 [ 2285.153060][T29386] FAULT_INJECTION: forcing a failure. [ 2285.153060][T29386] name failslab, interval 1, probability 0, space 0, times 0 [ 2285.165696][T29386] CPU: 0 PID: 29386 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2285.168160][T29387] loop4: detected capacity change from 0 to 16 [ 2285.175765][T29386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2285.175781][T29386] Call Trace: [ 2285.175787][T29386] [ 2285.175795][T29386] dump_stack_lvl+0x151/0x1b7 [ 2285.202050][T29386] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2285.207343][T29386] dump_stack+0x15/0x17 [ 2285.211420][T29386] should_fail+0x3c0/0x510 [ 2285.215675][T29386] ? vfs_parse_fs_string+0x169/0x2a0 [ 2285.220791][T29386] __should_failslab+0x9f/0xe0 [ 2285.225396][T29386] should_failslab+0x9/0x20 [ 2285.229734][T29386] __kmalloc_track_caller+0x6c/0x350 [ 2285.234857][T29386] kmemdup_nul+0x2a/0xa0 [ 2285.238932][T29386] vfs_parse_fs_string+0x169/0x2a0 [ 2285.243876][T29386] ? __init_rwsem+0xd5/0x1c0 [ 2285.248306][T29386] ? vfs_parse_fs_param+0x4a0/0x4a0 [ 2285.253344][T29386] do_new_mount+0x22c/0xad0 [ 2285.257682][T29386] ? do_move_mount_old+0x160/0x160 [ 2285.262629][T29386] ? security_capable+0xb2/0xd0 [ 2285.267312][T29386] ? ns_capable+0x8a/0xf0 [ 2285.271476][T29386] path_mount+0x60b/0x1050 [ 2285.275740][T29386] __se_sys_mount+0x2d2/0x3c0 [ 2285.280253][T29386] ? __x64_sys_mount+0xd0/0xd0 [ 2285.284846][T29386] __x64_sys_mount+0xbf/0xd0 [ 2285.289275][T29386] do_syscall_64+0x44/0xd0 [ 2285.293528][T29386] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2285.299251][T29386] RIP: 0033:0x7f2bac5fc60a [ 2285.303514][T29386] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2285.322950][T29386] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2285.331192][T29386] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2285.339001][T29386] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2285.346898][T29386] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2285.354711][T29386] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2285.362522][T29386] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2285.370509][T29386] [ 2285.383047][T29387] erofs: (device loop4): mounted with root inode @ nid 36. 04:37:19 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="687580653d616c772c00"/26]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="687580653d616c772c00"/26]) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) (async) 04:37:19 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x4004811) 04:37:19 executing program 2: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) recvmsg$can_bcm(r0, 0x0, 0x0) 04:37:19 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_LBT_MODE(r0, &(0x7f00000004c0)={&(0x7f0000000040), 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x28, r1, 0x505, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x28}}, 0x0) 04:37:19 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 74) 04:37:19 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:19 executing program 2: pselect6(0x40, &(0x7f0000000000), &(0x7f0000000080)={0x6}, &(0x7f00000000c0)={0x3}, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8a]}, 0x8}) 04:37:19 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:19 executing program 2: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000440)="b1"}, 0x48) 04:37:19 executing program 3: openat$vcsu(0xffffffffffffff9c, &(0x7f0000001a40), 0x40, 0x0) 04:37:19 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x3, &(0x7f0000000540)=@framed, &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:37:19 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000200)=@nat={'nat\x00', 0x1b, 0x5, 0x3e8, 0x120, 0x120, 0xffffffff, 0x260, 0x120, 0x438, 0x438, 0xffffffff, 0x438, 0x438, 0x5, 0x0, {[{{@ip={@local, @loopback, 0x0, 0x0, 'bond0\x00', 'pimreg0\x00'}, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz1\x00'}}]}, @common=@SET={0x60}}, {{@ip={@loopback, @multicast1, 0x0, 0x0, 'vxcan1\x00', 'bridge_slave_0\x00'}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @random="c120d01b3094"}}}, {{@uncond, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @multicast2, @dev, @gre_key, @gre_key}}}}, {{@ip={@private, @broadcast, 0x0, 0x0, 'veth1_vlan\x00', 'virt_wifi0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @gre_key, @gre_key}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x448) [ 2288.030339][T29398] loop4: detected capacity change from 0 to 16 [ 2288.037456][T29398] erofs: (device loop4): mounted with root inode @ nid 36. [ 2288.038043][T29403] tmpfs: Unknown parameter 'hu€e' [ 2288.099315][T29413] loop4: detected capacity change from 0 to 16 [ 2288.106245][T29413] erofs: (device loop4): mounted with root inode @ nid 36. [ 2288.165848][T29418] loop5: detected capacity change from 0 to 16 [ 2288.205635][T29418] FAULT_INJECTION: forcing a failure. [ 2288.205635][T29418] name failslab, interval 1, probability 0, space 0, times 0 [ 2288.221719][T29418] CPU: 1 PID: 29418 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2288.232226][T29418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2288.242232][T29418] Call Trace: [ 2288.245339][T29418] [ 2288.248118][T29418] dump_stack_lvl+0x151/0x1b7 [ 2288.252617][T29418] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2288.257918][T29418] dump_stack+0x15/0x17 [ 2288.261903][T29418] should_fail+0x3c0/0x510 [ 2288.266161][T29418] ? vfs_parse_fs_string+0x169/0x2a0 [ 2288.271277][T29418] __should_failslab+0x9f/0xe0 [ 2288.275878][T29418] should_failslab+0x9/0x20 [ 2288.280219][T29418] __kmalloc_track_caller+0x6c/0x350 [ 2288.285339][T29418] kmemdup_nul+0x2a/0xa0 [ 2288.289417][T29418] vfs_parse_fs_string+0x169/0x2a0 [ 2288.294364][T29418] ? __init_rwsem+0xd5/0x1c0 [ 2288.298795][T29418] ? vfs_parse_fs_param+0x4a0/0x4a0 [ 2288.303833][T29418] do_new_mount+0x22c/0xad0 [ 2288.308166][T29418] ? do_move_mount_old+0x160/0x160 [ 2288.313110][T29418] ? security_capable+0xb2/0xd0 [ 2288.317796][T29418] ? ns_capable+0x8a/0xf0 [ 2288.321970][T29418] path_mount+0x60b/0x1050 [ 2288.326230][T29418] __se_sys_mount+0x2d2/0x3c0 [ 2288.330815][T29418] ? __x64_sys_mount+0xd0/0xd0 [ 2288.335414][T29418] __x64_sys_mount+0xbf/0xd0 [ 2288.339843][T29418] do_syscall_64+0x44/0xd0 [ 2288.344094][T29418] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2288.349819][T29418] RIP: 0033:0x7f2bac5fc60a [ 2288.354077][T29418] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2288.373604][T29418] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2288.381845][T29418] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2288.389665][T29418] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2288.397472][T29418] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2288.405284][T29418] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2288.413092][T29418] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2288.420909][T29418] 04:37:22 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="687580653d616c772c00"/26]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="687580653d616c772c00"/26]) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) (async) 04:37:22 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000200)=@nat={'nat\x00', 0x1b, 0x5, 0x458, 0x120, 0x120, 0xffffffff, 0x260, 0x120, 0x438, 0x438, 0xffffffff, 0x438, 0x438, 0x5, 0x0, {[{{@ip={@local, @loopback, 0x0, 0x0, 'bond0\x00', 'pimreg0\x00'}, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz1\x00'}}]}, @common=@SET={0x60}}, {{@ip={@loopback, @multicast1, 0x0, 0x0, 'vxcan1\x00', 'bridge_slave_0\x00'}, 0x0, 0xe0, 0x140, 0x0, {}, [@common=@set={{0x40}}, @common=@ah={{0x30}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @random="c120d01b3094"}}}, {{@uncond, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @multicast2, @dev, @gre_key, @gre_key}}}}, {{@ip={@private, @broadcast, 0x0, 0x0, 'veth1_vlan\x00', 'virt_wifi0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @gre_key, @gre_key}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4b8) 04:37:22 executing program 3: clock_gettime(0x3, &(0x7f0000000440)) 04:37:22 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_LBT_MODE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x20, r1, 0x505, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}]}, 0x20}}, 0x0) 04:37:22 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:22 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 75) 04:37:22 executing program 2: timer_create(0xfeffffff, 0x0, 0x0) 04:37:22 executing program 3: setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000740)=@raw={'raw\x00', 0x9, 0x3, 0x200, 0x98, 0xffffffff, 0xffffffff, 0x98, 0xffffffff, 0x168, 0xffffffff, 0xffffffff, 0x168, 0xffffffff, 0x3, &(0x7f0000000080), {[{{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0xffffffffffffffe0) 04:37:22 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:22 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000780)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000140), 0x4) [ 2290.616679][T29426] loop4: detected capacity change from 0 to 16 [ 2290.623834][T29426] erofs: (device loop4): mounted with root inode @ nid 36. 04:37:22 executing program 3: sched_getparam(0x0, &(0x7f00000002c0)) 04:37:22 executing program 2: syz_io_uring_setup(0x90c, &(0x7f0000000200), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0) io_uring_setup(0x43dc, &(0x7f0000000100)={0x0, 0x0, 0x2}) [ 2290.660060][T29439] tmpfs: Unknown parameter 'hu€e' [ 2290.701952][T29446] loop4: detected capacity change from 0 to 16 [ 2290.708818][T29446] erofs: (device loop4): mounted with root inode @ nid 36. [ 2290.741374][T29450] loop5: detected capacity change from 0 to 16 [ 2290.760367][T29450] FAULT_INJECTION: forcing a failure. [ 2290.760367][T29450] name failslab, interval 1, probability 0, space 0, times 0 [ 2290.788386][T29450] CPU: 1 PID: 29450 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2290.798459][T29450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2290.808445][T29450] Call Trace: [ 2290.811568][T29450] [ 2290.814344][T29450] dump_stack_lvl+0x151/0x1b7 [ 2290.818855][T29450] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2290.824149][T29450] ? avc_has_perm_noaudit+0x358/0x450 [ 2290.829360][T29450] dump_stack+0x15/0x17 [ 2290.833393][T29450] should_fail+0x3c0/0x510 [ 2290.837607][T29450] __should_failslab+0x9f/0xe0 [ 2290.842200][T29450] should_failslab+0x9/0x20 [ 2290.846545][T29450] kmem_cache_alloc+0x4f/0x2f0 [ 2290.851138][T29450] ? getname_kernel+0x59/0x2e0 [ 2290.855748][T29450] getname_kernel+0x59/0x2e0 [ 2290.860167][T29450] kern_path+0x24/0x1b0 [ 2290.864157][T29450] blkdev_get_by_path+0xc3/0x2d0 [ 2290.868929][T29450] ? bd_finish_claiming+0x230/0x230 [ 2290.873962][T29450] ? vfs_parse_fs_string+0x2a0/0x2a0 [ 2290.879083][T29450] ? vfs_parse_fs_string+0x1dd/0x2a0 [ 2290.884207][T29450] ? __init_rwsem+0xd5/0x1c0 [ 2290.888630][T29450] get_tree_bdev+0xd4/0x680 [ 2290.892969][T29450] ? erofs_release_device_info+0x90/0x90 [ 2290.898436][T29450] erofs_fc_get_tree+0x1c/0x20 [ 2290.903040][T29450] vfs_get_tree+0x88/0x290 [ 2290.907295][T29450] do_new_mount+0x289/0xad0 [ 2290.911632][T29450] ? do_move_mount_old+0x160/0x160 [ 2290.916576][T29450] ? security_capable+0xb2/0xd0 [ 2290.921296][T29450] ? ns_capable+0x8a/0xf0 [ 2290.925523][T29450] path_mount+0x60b/0x1050 [ 2290.929781][T29450] __se_sys_mount+0x2d2/0x3c0 [ 2290.934281][T29450] ? __x64_sys_mount+0xd0/0xd0 [ 2290.938883][T29450] __x64_sys_mount+0xbf/0xd0 [ 2290.943309][T29450] do_syscall_64+0x44/0xd0 [ 2290.947560][T29450] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2290.953295][T29450] RIP: 0033:0x7f2bac5fc60a [ 2290.957556][T29450] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2290.977068][T29450] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2290.985315][T29450] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2290.993220][T29450] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2291.001126][T29450] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2291.008939][T29450] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2291.016762][T29450] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2291.024563][T29450] [ 2291.042296][T29450] /dev/loop5: Can't open blockdev 04:37:27 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="340000006400010844610000fddbdf250000", @ANYRES32=0x0, @ANYBLOB="0700080000000e000d000d0008000b0009"], 0x34}}, 0x0) 04:37:27 executing program 0: clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000000), &(0x7f0000000080)={0x6}, &(0x7f00000000c0)={0x3}, &(0x7f0000000140)={0x0, r0+60000000}, 0x0) 04:37:27 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_LISTALL(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="01"], 0x3c}}, 0x0) 04:37:27 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 76) 04:37:27 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f00000017c0)=@bloom_filter={0x1e, 0x60b}, 0x48) 04:37:27 executing program 0: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f0000000380)='n', &(0x7f0000000440)="b1"}, 0x48) 04:37:27 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) sync_file_range(r2, 0x0, 0x0, 0x6) write$binfmt_misc(r2, &(0x7f00000000c0)={'syz1', "56917ccb4309ac7cd56577b5f90615e9c9bcb07551bccf412132fce40824a1b90e74c6322be851f6"}, 0x2c) 04:37:27 executing program 0: timer_create(0x0, 0x0, &(0x7f0000000800)) timer_settime(0x0, 0x0, &(0x7f0000000080), &(0x7f00000000c0)) 04:37:27 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:27 executing program 2: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) 04:37:27 executing program 3: io_uring_setup(0x1738, &(0x7f0000000040)={0x0, 0x5690, 0x8}) 04:37:27 executing program 2: openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/tty/ldiscs\x00', 0x0, 0x0) [ 2295.747540][T29460] loop4: detected capacity change from 0 to 16 [ 2295.759596][T29460] erofs: (device loop4): mounted with root inode @ nid 36. [ 2295.766960][T29462] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. 04:37:27 executing program 0: timer_create(0x0, 0x0, &(0x7f0000000800)) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {r0, r1+10000000}}, 0x0) timer_delete(0x0) 04:37:27 executing program 2: clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000000), 0x0, &(0x7f00000000c0)={0x3}, &(0x7f0000000140)={0x0, r0+60000000}, 0x0) 04:37:27 executing program 3: bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000080)={0xffffffffffffffff, 0x1c, 0x0, 0x0, 0x0}, 0x20) [ 2295.818119][T29484] loop4: detected capacity change from 0 to 16 [ 2295.825934][T29484] erofs: (device loop4): mounted with root inode @ nid 36. [ 2295.864405][T29491] loop5: detected capacity change from 0 to 16 [ 2295.885221][T29491] FAULT_INJECTION: forcing a failure. [ 2295.885221][T29491] name failslab, interval 1, probability 0, space 0, times 0 [ 2295.900681][T29491] CPU: 1 PID: 29491 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2295.910747][T29491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2295.920644][T29491] Call Trace: [ 2295.923763][T29491] [ 2295.926540][T29491] dump_stack_lvl+0x151/0x1b7 [ 2295.931055][T29491] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2295.936348][T29491] dump_stack+0x15/0x17 [ 2295.940339][T29491] should_fail+0x3c0/0x510 [ 2295.944594][T29491] ? security_sb_alloc+0x3f/0x140 [ 2295.949452][T29491] __should_failslab+0x9f/0xe0 [ 2295.954062][T29491] should_failslab+0x9/0x20 [ 2295.958403][T29491] __kmalloc+0x6d/0x350 [ 2295.962385][T29491] ? down_read_killable+0x250/0x250 [ 2295.967418][T29491] ? __kasan_kmalloc+0x9/0x10 [ 2295.971935][T29491] security_sb_alloc+0x3f/0x140 [ 2295.976618][T29491] alloc_super+0x172/0x7d0 [ 2295.980879][T29491] ? get_tree_bdev+0x680/0x680 [ 2295.985481][T29491] sget_fc+0x236/0x640 [ 2295.989376][T29491] ? test_bdev_super_fc+0x70/0x70 [ 2295.994237][T29491] get_tree_bdev+0x28c/0x680 [ 2295.998669][T29491] ? erofs_release_device_info+0x90/0x90 [ 2296.004132][T29491] erofs_fc_get_tree+0x1c/0x20 [ 2296.008742][T29491] vfs_get_tree+0x88/0x290 [ 2296.012982][T29491] do_new_mount+0x289/0xad0 [ 2296.017417][T29491] ? do_move_mount_old+0x160/0x160 [ 2296.022366][T29491] ? security_capable+0xb2/0xd0 [ 2296.027056][T29491] ? ns_capable+0x8a/0xf0 [ 2296.031226][T29491] path_mount+0x60b/0x1050 [ 2296.035478][T29491] __se_sys_mount+0x2d2/0x3c0 [ 2296.039984][T29491] ? __x64_sys_mount+0xd0/0xd0 [ 2296.044585][T29491] __x64_sys_mount+0xbf/0xd0 [ 2296.049098][T29491] do_syscall_64+0x44/0xd0 [ 2296.053349][T29491] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2296.059077][T29491] RIP: 0033:0x7f2bac5fc60a [ 2296.063332][T29491] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2296.082771][T29491] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2296.091515][T29491] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2296.099498][T29491] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2296.107311][T29491] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2296.115212][T29491] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2296.123020][T29491] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2296.130841][T29491] 04:37:28 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 77) 04:37:28 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:28 executing program 0: syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan3\x00'}) sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1100000}, 0xc, 0x0}, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0xc73d5014752d580c}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x44, 0x0, 0x0, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x8}, @NL802154_ATTR_MIN_BE={0x5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x24004004}, 0x44) clock_gettime(0x0, &(0x7f0000000440)) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, 0x0, 0x20000040) bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000800)={'wpan3\x00'}) [ 2296.700222][T29502] loop4: detected capacity change from 0 to 16 [ 2296.710489][T29503] loop5: detected capacity change from 0 to 16 [ 2296.717990][T29502] erofs: (device loop4): mounted with root inode @ nid 36. [ 2296.727632][T29503] FAULT_INJECTION: forcing a failure. [ 2296.727632][T29503] name failslab, interval 1, probability 0, space 0, times 0 [ 2296.744895][T29503] CPU: 0 PID: 29503 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2296.754956][T29503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2296.764851][T29503] Call Trace: [ 2296.767973][T29503] [ 2296.770753][T29503] dump_stack_lvl+0x151/0x1b7 [ 2296.775286][T29503] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2296.780559][T29503] dump_stack+0x15/0x17 [ 2296.784548][T29503] should_fail+0x3c0/0x510 [ 2296.788803][T29503] ? security_sb_alloc+0x3f/0x140 [ 2296.793661][T29503] __should_failslab+0x9f/0xe0 [ 2296.798266][T29503] should_failslab+0x9/0x20 [ 2296.802617][T29503] __kmalloc+0x6d/0x350 [ 2296.806609][T29503] ? down_read_killable+0x250/0x250 [ 2296.811715][T29503] ? __kasan_kmalloc+0x9/0x10 [ 2296.816320][T29503] security_sb_alloc+0x3f/0x140 [ 2296.821002][T29503] alloc_super+0x172/0x7d0 [ 2296.825255][T29503] ? get_tree_bdev+0x680/0x680 [ 2296.829853][T29503] sget_fc+0x236/0x640 [ 2296.833760][T29503] ? test_bdev_super_fc+0x70/0x70 [ 2296.838630][T29503] get_tree_bdev+0x28c/0x680 [ 2296.843046][T29503] ? erofs_release_device_info+0x90/0x90 [ 2296.848626][T29503] erofs_fc_get_tree+0x1c/0x20 [ 2296.853206][T29503] vfs_get_tree+0x88/0x290 [ 2296.857452][T29503] do_new_mount+0x289/0xad0 [ 2296.861800][T29503] ? do_move_mount_old+0x160/0x160 [ 2296.866739][T29503] ? security_capable+0xb2/0xd0 [ 2296.871426][T29503] ? ns_capable+0x8a/0xf0 [ 2296.875594][T29503] path_mount+0x60b/0x1050 [ 2296.879848][T29503] __se_sys_mount+0x2d2/0x3c0 [ 2296.884357][T29503] ? __x64_sys_mount+0xd0/0xd0 [ 2296.889132][T29503] __x64_sys_mount+0xbf/0xd0 [ 2296.893644][T29503] do_syscall_64+0x44/0xd0 [ 2296.897902][T29503] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2296.903626][T29503] RIP: 0033:0x7f2bac5fc60a [ 2296.907877][T29503] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2296.927320][T29503] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2296.935746][T29503] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2296.943547][T29503] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2296.951360][T29503] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2296.959171][T29503] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2296.966989][T29503] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2296.974796][T29503] 04:37:32 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) (async) r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) sync_file_range(r2, 0x0, 0x0, 0x6) (async) write$binfmt_misc(r2, &(0x7f00000000c0)={'syz1', "56917ccb4309ac7cd56577b5f90615e9c9bcb07551bccf412132fce40824a1b90e74c6322be851f6"}, 0x2c) 04:37:32 executing program 3: io_uring_setup(0x3c9d, &(0x7f0000000180)={0x0, 0x0, 0x4}) 04:37:32 executing program 2: syz_clone(0x80020080, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) 04:37:32 executing program 0: bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000000), 0x14) 04:37:32 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:32 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 78) 04:37:32 executing program 3: io_uring_setup(0x5c5e, &(0x7f0000000000)={0x0, 0x0, 0x600}) 04:37:32 executing program 0: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$binder(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x0) 04:37:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_LBT_MODE(r0, &(0x7f00000004c0)={&(0x7f0000000040), 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x28, r1, 0x505, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x28}}, 0x0) 04:37:32 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000003c0), r0) 04:37:32 executing program 0: r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$MRT6_ASSERT(r0, 0x29, 0xcf, &(0x7f0000000040), 0x0) 04:37:32 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000200)=@nat={'nat\x00', 0x1b, 0x5, 0x4d0, 0x120, 0x120, 0xffffffff, 0x260, 0x120, 0x438, 0x438, 0xffffffff, 0x438, 0x438, 0x5, 0x0, {[{{@ip={@local, @loopback, 0x0, 0x0, 'bond0\x00', 'pimreg0\x00'}, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz1\x00'}}]}, @common=@SET={0x60}}, {{@ip={@loopback, @multicast1, 0x0, 0x0, 'vxcan1\x00', 'bridge_slave_0\x00'}, 0x0, 0xe0, 0x140, 0x0, {}, [@common=@set={{0x40}}, @common=@ah={{0x30}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @random="c120d01b3094"}}}, {{@uncond, 0x0, 0x90, 0xc8, 0x0, {}, [@common=@socket0={{0x20}}]}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @multicast2, @dev, @gre_key, @gre_key}}}}, {{@ip={@private, @broadcast, 0x0, 0x0, 'veth1_vlan\x00', 'virt_wifi0\x00', {}, {}, 0x0, 0x0, 0x1}, 0x0, 0xc8, 0x110, 0x0, {}, [@common=@ttl={{0x28}}, @common=@ah={{0x30}}]}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @gre_key, @gre_key}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x530) [ 2300.923384][T29535] x_tables: duplicate underflow at hook 1 [ 2300.979707][T29537] loop5: detected capacity change from 0 to 16 [ 2300.982069][T29536] loop4: detected capacity change from 0 to 16 [ 2301.005422][T29537] FAULT_INJECTION: forcing a failure. [ 2301.005422][T29537] name failslab, interval 1, probability 0, space 0, times 0 [ 2301.034224][T29536] erofs: (device loop4): mounted with root inode @ nid 36. [ 2301.046021][T29537] CPU: 0 PID: 29537 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2301.056084][T29537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2301.065986][T29537] Call Trace: [ 2301.069100][T29537] [ 2301.071878][T29537] dump_stack_lvl+0x151/0x1b7 [ 2301.076395][T29537] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2301.081696][T29537] ? idr_alloc+0x202/0x2f0 [ 2301.085936][T29537] dump_stack+0x15/0x17 [ 2301.089929][T29537] should_fail+0x3c0/0x510 [ 2301.094270][T29537] ? __list_lru_init+0xae/0x5a0 [ 2301.099130][T29537] __should_failslab+0x9f/0xe0 [ 2301.103732][T29537] should_failslab+0x9/0x20 [ 2301.108152][T29537] kmem_cache_alloc_trace+0x4a/0x310 [ 2301.113320][T29537] __list_lru_init+0xae/0x5a0 [ 2301.117789][T29537] ? prealloc_shrinker+0xeb/0x140 [ 2301.122650][T29537] alloc_super+0x667/0x7d0 [ 2301.126902][T29537] ? get_tree_bdev+0x680/0x680 [ 2301.131498][T29537] sget_fc+0x236/0x640 [ 2301.135409][T29537] ? test_bdev_super_fc+0x70/0x70 [ 2301.140269][T29537] get_tree_bdev+0x28c/0x680 [ 2301.144699][T29537] ? erofs_release_device_info+0x90/0x90 [ 2301.150271][T29537] erofs_fc_get_tree+0x1c/0x20 [ 2301.154849][T29537] vfs_get_tree+0x88/0x290 [ 2301.159103][T29537] do_new_mount+0x289/0xad0 [ 2301.163442][T29537] ? do_move_mount_old+0x160/0x160 [ 2301.168487][T29537] ? security_capable+0xb2/0xd0 [ 2301.173173][T29537] ? ns_capable+0x8a/0xf0 [ 2301.177339][T29537] path_mount+0x60b/0x1050 [ 2301.181594][T29537] __se_sys_mount+0x2d2/0x3c0 [ 2301.186104][T29537] ? __x64_sys_mount+0xd0/0xd0 [ 2301.190704][T29537] __x64_sys_mount+0xbf/0xd0 [ 2301.195133][T29537] do_syscall_64+0x44/0xd0 [ 2301.199392][T29537] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2301.205116][T29537] RIP: 0033:0x7f2bac5fc60a [ 2301.209368][T29537] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2301.228810][T29537] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2301.237055][T29537] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2301.245046][T29537] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2301.252855][T29537] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2301.260660][T29537] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2301.268556][T29537] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2301.276393][T29537] 04:37:37 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) sync_file_range(r2, 0x0, 0x0, 0x6) write$binfmt_misc(r2, &(0x7f00000000c0)={'syz1', "56917ccb4309ac7cd56577b5f90615e9c9bcb07551bccf412132fce40824a1b90e74c6322be851f6"}, 0x2c) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) (async) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) (async) sync_file_range(r2, 0x0, 0x0, 0x6) (async) write$binfmt_misc(r2, &(0x7f00000000c0)={'syz1', "56917ccb4309ac7cd56577b5f90615e9c9bcb07551bccf412132fce40824a1b90e74c6322be851f6"}, 0x2c) (async) 04:37:37 executing program 2: r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) rt_tgsigqueueinfo(r0, r0, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x6}) 04:37:37 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_LBT_MODE(r0, &(0x7f00000004c0)={&(0x7f0000000040), 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x2c, r1, 0x505, 0x0, 0x0, {}, [@NL802154_ATTR_LBT_MODE={0x5}, @NL802154_ATTR_LBT_MODE={0x5}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x2c}}, 0x8004) 04:37:37 executing program 3: openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x115440, 0x0) 04:37:37 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:37 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 79) 04:37:37 executing program 3: syz_clone(0x800, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)="89") waitid(0x0, 0x0, &(0x7f0000000280), 0x0, 0x0) 04:37:37 executing program 0: timer_create(0x7, 0x0, &(0x7f00000002c0)) clock_gettime(0x0, &(0x7f0000000300)={0x0}) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x77359400}, {r0}}, 0x0) 04:37:37 executing program 2: bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000080)={0xffffffffffffffff, 0xb, 0x0, 0x0, 0x0}, 0x20) 04:37:37 executing program 3: syz_clone(0x80020080, 0x0, 0x0, 0x0, 0x0, 0x0) 04:37:37 executing program 0: timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x77359400}, {0x77359400}}, 0x0) 04:37:37 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1a, 0xd, 0x0, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x80) [ 2306.009984][T29577] loop5: detected capacity change from 0 to 16 [ 2306.023192][T29576] loop4: detected capacity change from 0 to 16 [ 2306.041715][T29577] FAULT_INJECTION: forcing a failure. [ 2306.041715][T29577] name failslab, interval 1, probability 0, space 0, times 0 [ 2306.060170][T29576] erofs: (device loop4): mounted with root inode @ nid 36. [ 2306.097641][T29577] CPU: 1 PID: 29577 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2306.107708][T29577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2306.117600][T29577] Call Trace: [ 2306.120729][T29577] [ 2306.123512][T29577] dump_stack_lvl+0x151/0x1b7 [ 2306.128016][T29577] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2306.133310][T29577] dump_stack+0x15/0x17 [ 2306.137301][T29577] should_fail+0x3c0/0x510 [ 2306.141554][T29577] ? __list_lru_init+0xae/0x5a0 [ 2306.146240][T29577] __should_failslab+0x9f/0xe0 [ 2306.150842][T29577] should_failslab+0x9/0x20 [ 2306.155179][T29577] kmem_cache_alloc_trace+0x4a/0x310 [ 2306.160301][T29577] __list_lru_init+0xae/0x5a0 [ 2306.164816][T29577] alloc_super+0x696/0x7d0 [ 2306.169070][T29577] ? get_tree_bdev+0x680/0x680 [ 2306.173670][T29577] sget_fc+0x236/0x640 [ 2306.177573][T29577] ? test_bdev_super_fc+0x70/0x70 [ 2306.182433][T29577] get_tree_bdev+0x28c/0x680 [ 2306.186866][T29577] ? erofs_release_device_info+0x90/0x90 [ 2306.192327][T29577] erofs_fc_get_tree+0x1c/0x20 [ 2306.196933][T29577] vfs_get_tree+0x88/0x290 [ 2306.201272][T29577] do_new_mount+0x289/0xad0 [ 2306.205622][T29577] ? do_move_mount_old+0x160/0x160 [ 2306.210558][T29577] ? security_capable+0xb2/0xd0 [ 2306.215248][T29577] ? ns_capable+0x8a/0xf0 [ 2306.219421][T29577] path_mount+0x60b/0x1050 [ 2306.223668][T29577] __se_sys_mount+0x2d2/0x3c0 [ 2306.228182][T29577] ? __x64_sys_mount+0xd0/0xd0 [ 2306.232780][T29577] __x64_sys_mount+0xbf/0xd0 [ 2306.237207][T29577] do_syscall_64+0x44/0xd0 [ 2306.241464][T29577] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2306.247188][T29577] RIP: 0033:0x7f2bac5fc60a [ 2306.251448][T29577] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2306.271139][T29577] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2306.279385][T29577] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2306.287195][T29577] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2306.295025][T29577] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2306.302820][T29577] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2306.310638][T29577] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2306.318709][T29577] 04:37:41 executing program 3: timer_create(0x2, 0x0, &(0x7f0000000800)) timer_settime(0x0, 0x0, &(0x7f0000000080), 0x0) 04:37:41 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="340000006400010844610000fddb", @ANYRES32=0x0, @ANYBLOB='\a\x00\b'], 0x34}}, 0x0) 04:37:41 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0x1}, 0x24}}, 0x0) 04:37:41 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:41 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) 04:37:41 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 80) 04:37:41 executing program 3: mincore(&(0x7f0000fee000/0x12000)=nil, 0x12000, &(0x7f0000000340)=""/172) 04:37:41 executing program 2: r0 = syz_clone(0x11002000, 0x0, 0x0, 0x0, 0x0, 0x0) get_robust_list(r0, &(0x7f00000003c0)=0x0, &(0x7f0000000400)) 04:37:41 executing program 3: socketpair(0x1e, 0x0, 0x0, &(0x7f0000000200)) 04:37:41 executing program 2: bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0xc}, 0xc) 04:37:41 executing program 0: get_robust_list(0x0, &(0x7f0000000480)=0x0, &(0x7f00000004c0)) 04:37:41 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x0, 0x0, 0x0, 0x0, 0x2c7, 0x1}, 0x48) 04:37:41 executing program 3: syz_clone(0x81000, &(0x7f0000001840), 0x0, &(0x7f0000000280), 0x0, 0x0) 04:37:41 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000780)={0xffffffffffffffff, 0xffffffffffffffff}) openat$cgroup_ro(r0, &(0x7f0000000d40)='cgroup.freeze\x00', 0x0, 0x0) [ 2310.159180][T29595] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. 04:37:41 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000004880)={0x0, 0x0, &(0x7f0000004840)={&(0x7f0000000200)=@newtaction={0xec4, 0x30, 0x0, 0x0, 0x0, {}, [{0xeb0, 0x1, [@m_mirred={0x128, 0x5, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x1, 0x20000000, 0x1ff, 0x9}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x0, 0x9}}}]}, {0x99, 0x6, "5fa40e09fa20512eb820124e337f6ea5c4a38f074b12708e4cbe4f608255533624bcd69221d74e684ee14988ae6edb373a5276133e87fb0171bcc7bf144e83cb14206a80862234b585ef7c62ba3d9ac021d1a3da758798409f83cda62fcab1eff8b6378ce9a166caf20a4a319e27272d452dca128533c515db0d2843c6864ef324560997df71b26d46d25e53204e6cf41f42272d61"}, {0xc}, {0xc}}}, @m_police={0xd54, 0x0, 0x0, 0x0, {{0xb}, {0xd14, 0x2, 0x0, 0x1, [[@TCA_POLICE_RESULT={0x8}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x2000, 0x0, 0x0, {0x0, 0x2, 0x0, 0x0, 0x725, 0x1}, {0x72, 0x1, 0x4, 0x8}, 0x0, 0x931}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x6}, @TCA_POLICE_RESULT={0x8}], [@TCA_POLICE_RATE64={0xc}, @TCA_POLICE_PEAKRATE64={0xc}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_RATE={0x404, 0x2, [0x3ff, 0xfffffff8, 0x200, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, 0x9, 0x9, 0x6, 0x5, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x67a, 0x9, 0xa31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2bc5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x9, 0x621, 0x1f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xed1, 0x6, 0x1, 0xffffff80, 0x0, 0x0, 0x5, 0x0, 0x65c, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0xf95, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x714, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x1f, 0x6, 0x31, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x9, 0x80000000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x5ec00000, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x4, 0x0, 0x1]}, @TCA_POLICE_RATE={0x404, 0x2, [0x7b00, 0xfffffffa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x2c, 0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc9f, 0x0, 0x0, 0x0, 0x1000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffff9, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, 0x7ff, 0x8, 0x85, 0x1, 0x7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c90, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1f, 0x4, 0x0, 0xd5, 0x6, 0x6, 0x1, 0xff, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x7fff, 0x7ff, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8a, 0x2, 0x1, 0xfffffff8, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1b, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x68, 0x8, 0x0, 0x6]}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x8000, 0xfffffffc, 0x60, {0x7, 0x2}, {0x6}}}], [@TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {0x0, 0x0, 0x3ff}, 0xfffffe01, 0x4}}, @TCA_POLICE_RATE={0x404}]]}, {0x17, 0x6, "5771f853df652887e27c25911bca5369799a4b"}, {0xc}, {0xc}}}, @m_gact={0x30, 0x0, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0xec4}}, 0x0) [ 2310.275574][T29624] loop4: detected capacity change from 0 to 16 [ 2310.286365][T29623] loop5: detected capacity change from 0 to 16 [ 2310.298866][T29624] erofs: (device loop4): mounted with root inode @ nid 36. [ 2310.314056][T29623] FAULT_INJECTION: forcing a failure. [ 2310.314056][T29623] name failslab, interval 1, probability 0, space 0, times 0 [ 2310.346880][T29623] CPU: 1 PID: 29623 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2310.356951][T29623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2310.366848][T29623] Call Trace: [ 2310.369968][T29623] [ 2310.373095][T29623] dump_stack_lvl+0x151/0x1b7 [ 2310.377605][T29623] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2310.382903][T29623] dump_stack+0x15/0x17 [ 2310.386897][T29623] should_fail+0x3c0/0x510 [ 2310.391148][T29623] ? kvmalloc_node+0x82/0x130 [ 2310.395660][T29623] __should_failslab+0x9f/0xe0 [ 2310.400260][T29623] should_failslab+0x9/0x20 [ 2310.404599][T29623] __kmalloc+0x6d/0x350 [ 2310.408780][T29623] ? __kasan_kmalloc+0x9/0x10 [ 2310.413297][T29623] kvmalloc_node+0x82/0x130 [ 2310.417625][T29623] __list_lru_init+0x1d6/0x5a0 [ 2310.422234][T29623] alloc_super+0x696/0x7d0 [ 2310.426476][T29623] ? get_tree_bdev+0x680/0x680 [ 2310.431083][T29623] sget_fc+0x236/0x640 [ 2310.434989][T29623] ? test_bdev_super_fc+0x70/0x70 [ 2310.439845][T29623] get_tree_bdev+0x28c/0x680 [ 2310.444274][T29623] ? erofs_release_device_info+0x90/0x90 [ 2310.449745][T29623] erofs_fc_get_tree+0x1c/0x20 [ 2310.454351][T29623] vfs_get_tree+0x88/0x290 [ 2310.458595][T29623] do_new_mount+0x289/0xad0 [ 2310.462940][T29623] ? do_move_mount_old+0x160/0x160 [ 2310.467975][T29623] ? security_capable+0xb2/0xd0 [ 2310.472685][T29623] ? ns_capable+0x8a/0xf0 [ 2310.476818][T29623] path_mount+0x60b/0x1050 [ 2310.481071][T29623] __se_sys_mount+0x2d2/0x3c0 [ 2310.485585][T29623] ? __x64_sys_mount+0xd0/0xd0 [ 2310.490183][T29623] __x64_sys_mount+0xbf/0xd0 [ 2310.494701][T29623] do_syscall_64+0x44/0xd0 [ 2310.498956][T29623] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2310.504683][T29623] RIP: 0033:0x7f2bac5fc60a [ 2310.508943][T29623] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2310.528555][T29623] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2310.536803][T29623] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2310.544606][T29623] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2310.552416][T29623] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2310.560401][T29623] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2310.568212][T29623] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2310.576032][T29623] 04:37:42 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) [ 2311.173586][T29630] loop4: detected capacity change from 0 to 16 [ 2311.180727][T29630] erofs: (device loop4): mounted with root inode @ nid 36. 04:37:46 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) 04:37:46 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000700)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)=@deltaction={0x14}, 0x14}}, 0x0) 04:37:46 executing program 3: prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x4000)=nil, 0x4000, &(0x7f0000000040)='/dev/vcsu\x00') 04:37:46 executing program 2: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$xdp(&(0x7f0000bfd000/0x400000)=nil, 0x400000, 0x1000005, 0x10, r0, 0x0) 04:37:46 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 81) 04:37:46 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:46 executing program 0: rt_sigtimedwait(0x0, 0x0, 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x2, 0xaa4}, &(0x7f0000000080)={0x6, 0x7}, &(0x7f00000000c0)={0x3, 0x1, 0xffffffff00000001, 0x0, 0x7f, 0x0, 0x0, 0xfffffffffffffff9}, &(0x7f0000000140)={r0, r1+60000000}, 0x0) 04:37:46 executing program 3: sendmsg$NL802154_CMD_DEL_SEC_DEV(0xffffffffffffffff, 0x0, 0x0) 04:37:46 executing program 2: socketpair(0x1, 0x0, 0x2, &(0x7f0000000080)) 04:37:46 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x0, 0x0, 0x0, 0x0, 0x2c7, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x48) 04:37:46 executing program 0: timer_create(0x0, &(0x7f00000007c0)={0x0, 0x0, 0x1}, &(0x7f0000000800)) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, r0+60000000}}, &(0x7f0000000300)) 04:37:46 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f00000017c0)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4}, 0x48) [ 2315.284994][T29663] loop5: detected capacity change from 0 to 16 [ 2315.297549][T29664] loop4: detected capacity change from 0 to 16 [ 2315.304764][T29663] FAULT_INJECTION: forcing a failure. [ 2315.304764][T29663] name failslab, interval 1, probability 0, space 0, times 0 [ 2315.319763][T29664] erofs: (device loop4): mounted with root inode @ nid 36. [ 2315.339348][T29663] CPU: 1 PID: 29663 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2315.349414][T29663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2315.359305][T29663] Call Trace: [ 2315.362429][T29663] [ 2315.365208][T29663] dump_stack_lvl+0x151/0x1b7 [ 2315.369719][T29663] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2315.375012][T29663] ? vsnprintf+0x1c02/0x1ce0 [ 2315.379439][T29663] dump_stack+0x15/0x17 [ 2315.383441][T29663] should_fail+0x3c0/0x510 [ 2315.387687][T29663] ? erofs_fc_fill_super+0xbb/0x1180 [ 2315.392807][T29663] __should_failslab+0x9f/0xe0 [ 2315.397406][T29663] should_failslab+0x9/0x20 [ 2315.401744][T29663] kmem_cache_alloc_trace+0x4a/0x310 [ 2315.406866][T29663] erofs_fc_fill_super+0xbb/0x1180 [ 2315.411812][T29663] ? sb_set_blocksize+0xb7/0xf0 [ 2315.416504][T29663] get_tree_bdev+0x441/0x680 [ 2315.421012][T29663] ? erofs_release_device_info+0x90/0x90 [ 2315.426574][T29663] erofs_fc_get_tree+0x1c/0x20 [ 2315.431171][T29663] vfs_get_tree+0x88/0x290 [ 2315.435428][T29663] do_new_mount+0x289/0xad0 [ 2315.441329][T29663] ? do_move_mount_old+0x160/0x160 [ 2315.446274][T29663] ? security_capable+0xb2/0xd0 [ 2315.450961][T29663] ? ns_capable+0x8a/0xf0 [ 2315.455126][T29663] path_mount+0x60b/0x1050 [ 2315.459379][T29663] __se_sys_mount+0x2d2/0x3c0 [ 2315.463895][T29663] ? __x64_sys_mount+0xd0/0xd0 [ 2315.468494][T29663] __x64_sys_mount+0xbf/0xd0 [ 2315.472918][T29663] do_syscall_64+0x44/0xd0 [ 2315.477172][T29663] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2315.482896][T29663] RIP: 0033:0x7f2bac5fc60a [ 2315.487246][T29663] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2315.506698][T29663] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2315.514924][T29663] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2315.522735][T29663] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2315.530556][T29663] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2315.538357][T29663] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2315.546191][T29663] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2315.553995][T29663] 04:37:51 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') (async, rerun: 64) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (rerun: 64) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async, rerun: 64) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (rerun: 64) r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) 04:37:51 executing program 0: timer_create(0x2, 0x0, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) 04:37:51 executing program 2: syz_clone(0x80020080, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)) timer_create(0x0, 0x0, 0x0) 04:37:51 executing program 3: r0 = socket$xdp(0x2c, 0x3, 0x0) sendmsg$xdp(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)=[{0x0}, {0x0}], 0x2}, 0x0) 04:37:51 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:51 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 82) 04:37:51 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f00000017c0)=@bloom_filter={0x1e, 0x0, 0x3, 0x7cd, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48) 04:37:51 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000880)={0x14, 0x0, 0x40d}, 0x14}}, 0x0) 04:37:51 executing program 2: timer_create(0x0, 0x0, &(0x7f0000000800)) timer_delete(0x0) 04:37:51 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xa, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:37:51 executing program 2: socketpair(0x1a, 0x0, 0x0, &(0x7f0000001400)) 04:37:51 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000004880)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000004840)={&(0x7f0000000200)=@newtaction={0x1ec4, 0x30, 0x0, 0x0, 0x0, {}, [{0x1c50, 0x1, [@m_mirred={0x12c, 0x0, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20}, @TCA_MIRRED_PARMS={0x20}, @TCA_MIRRED_PARMS={0x20}]}, {0x9d, 0x6, "5fa40e09fa20512eb820124e337f6ea5c4a38f074b12708e4cbe4f608255533624bcd69221d74e684ee14988ae6edb373a5276133e87fb0171bcc7bf144e83cb14206a80862234b585ef7c62ba3d9ac021d1a3da758798409f83cda62fcab1eff8b6378ce9a166caf20a4a319e27272d452dca128533c515db0d2843c6864ef324560997df71b26d46d25e53204e6cf41f42272d61a8462393"}, {0xc}, {0xc}}}, @m_police={0x1644, 0x0, 0x0, 0x0, {{0xb}, {0x1604, 0x2, 0x0, 0x1, [[@TCA_POLICE_RESULT={0x8}, @TCA_POLICE_TBF={0x3c}, @TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_RESULT={0x8}], [@TCA_POLICE_RATE64={0xc}, @TCA_POLICE_PEAKRATE64={0xc}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_RATE={0x404}, @TCA_POLICE_RATE={0x404}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_TBF={0x3c}, @TCA_POLICE_RATE64={0xc}], [@TCA_POLICE_PEAKRATE64={0xc}, @TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_TBF={0x3c}, @TCA_POLICE_TBF={0x3c}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_RATE={0x404}, @TCA_POLICE_RATE={0x404}, @TCA_POLICE_AVRATE={0x8}], [@TCA_POLICE_TBF={0x3c}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_RESULT={0x8}, @TCA_POLICE_RESULT={0x8}, @TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_PEAKRATE64={0xc}, @TCA_POLICE_RATE={0x404}]]}, {0x15, 0x6, "5771f853df652887e27c25911bca536979"}, {0xc}, {0xc}}}, @m_tunnel_key={0x114, 0x0, 0x0, 0x0, {{0xf}, {0x40, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @private}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @multicast2}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6}, @TCA_TUNNEL_KEY_PARMS={0x1c}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6}]}, {0xa5, 0x6, "4477c597c237cc764280db81ed400d7cc22bcd160af3188c5b13a237757253864d5c9e8b5d6776d0259b1cc5ae1f7d036ea4e99aa85c3cecf2088bf4404313fead3f831e7dddc8086aa68c327aa614a130696dd10c28883e2635fb05bad23b55a72ba2aaf2afe6522f701a80a5111929828dc8d69eae04605711752200e6842a71072b847b684ee3a370887c2dd6b4470589d8bc91d4404fc4b58cbb42a767da76"}, {0xc}, {0xc}}}, @m_mirred={0x1a0, 0x0, 0x0, 0x0, {{0xb}, {0xc4, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20}, @TCA_MIRRED_PARMS={0x20}, @TCA_MIRRED_PARMS={0x20}, @TCA_MIRRED_PARMS={0x20}, @TCA_MIRRED_PARMS={0x20}, @TCA_MIRRED_PARMS={0x20}]}, {0xb1, 0x6, "d199bd00592ee219fd9954e2d65a9f7578288ec36ae7ed8fce86a54e43456d0de67e716c4229469b8f77a07fc8ef63aa45ce76a0d64afc0e53665009255a801e0dedb4ea94f7543005e536f869c6c9cf491080830a2ceb010cd323cad46242de0edf7c743095200c95f7b24825459c61e41f641490bd5f973e25d0a23827139f5d3215d8a8970014ea29d8ea95a7f736541d8cbc8726e2b305ebdc5e110454ba6ae3cec03493b23c9b948bfd9f"}, {0xc}, {0xc}}}, @m_gact={0x184, 0x0, 0x0, 0x0, {{0x9}, {0x64, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18}, @TCA_GACT_PROB={0xc}, @TCA_GACT_PROB={0xc}, @TCA_GACT_PARMS={0x18}, @TCA_GACT_PARMS={0x18}]}, {0xf5, 0x6, "274cdf33ed1eeff8d68c370369437ba8e130b7503fb2895c4f5b9ff12d8da9f9715b8afde50f607aba0b75b3db18d58b0c79c5560c803c0745ed922c237067093d5dd82ef659ce2c18beff8a4ea5c6b6d2e49e9629bc90cab6affd361cc6b1b2a6f6dbf5e5d4a95729675491584f15c09dcacce4547187eac20c92243b1d52849ec0aab6e374f3d2f558cf577e998cae563814e156ddbcb76f2fad98c33117f392880a3d3ebc4e0d3317686581ed6ab58a7a81bd799de333552174ad461f415fa955c073ec6c7b9bbf4bd13b9a738fa2399b5e1c430cbcc581184eaed58867ed04562cb864473b4ef81d11ff041f45c66d"}, {0xc}, {0xc}}}, @m_tunnel_key={0xa4, 0x0, 0x0, 0x0, {{0xf}, {0x38, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_KEY_ID={0x8}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @dev}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @mcast2}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6}]}, {0x3d, 0x6, "ca958201edebfb6f4582b58dd0218716463b5bed69ead9ba953827faac52ef297b3fba303aaa6794012001e12e0e10a4c09810187b6388f37a"}, {0xc}, {0xc}}}]}, {0x260, 0x1, [@m_gact={0x120, 0x0, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc}, @TCA_GACT_PROB={0xc}, @TCA_GACT_PROB={0xc}]}, {0xcd, 0x6, "eac44cf92c69816a07aef4cab9b07fa32d8aecc072f8e97d6f9ce4d81121673bb35260ddab9e139916626e61d33f7aeaa0af87868e665dfe1e2dbc8c5d5bc8dc785bef25925a9505341db4cc42ef9463a9b4c1b99f083b62884bb22805fd6ba48bf93c34d8fdaacf1cb3bf85353fea207c260873c904e6da4563b77b488775675e64dd575790bb46242dea0ea13ee973fca3d0e3087721b8c16122716e68de4ce66532e410b2bf6a10b9a7d07ad25c3b3549ea556b737394e32ded88ac5844e2e44f930e0e672e41a8"}, {0xc}, {0xc}}}, @m_csum={0x13c, 0x0, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c}]}, {0xf1, 0x6, "218e681b6c5edc100e9d5d76d2126dc412dbbb2386eecce3df21906b56513657a48257831db5733f40f36da8c74f5ff167894b58fddd1ff54266c073d1fe6e032ad0397e402f082fd165a4e0d865a53cd9eb254e2e50e0f299c2e5d3b18fceba6e99db719c486b700a5af04e4b28b0a3b006f4ae9df8c10898eab7e6defb8e37c3c0b88b36528eb8e1577191069c425d5ecfca7e48ec266c1cf8b0e02f45dc1ac5984b013b34b7c4953c5b2b960e0e825b3b2ec8b2eeaf22e5019a1e4e96e8c2ed14d9d0df9ef8f5f7c3745e90f8ee6a1601919deaaf7a4a4809671bf4ba9c7017924edd0b70b23b6f1144e74c"}, {0xc}, {0xc}}}]}]}, 0x1ec4}}, 0x0) [ 2320.281836][T29699] loop4: detected capacity change from 0 to 16 [ 2320.301486][T29699] erofs: (device loop4): mounted with root inode @ nid 36. [ 2320.335349][T29704] loop5: detected capacity change from 0 to 16 [ 2320.343448][T29704] FAULT_INJECTION: forcing a failure. [ 2320.343448][T29704] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2320.357810][T29704] CPU: 0 PID: 29704 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2320.367878][T29704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2320.377843][T29704] Call Trace: [ 2320.380968][T29704] [ 2320.383745][T29704] dump_stack_lvl+0x151/0x1b7 [ 2320.388261][T29704] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2320.393642][T29704] ? erofs_fc_fill_super+0xbb/0x1180 [ 2320.398761][T29704] ? ____kasan_kmalloc+0xee/0x110 [ 2320.403619][T29704] ? ____kasan_kmalloc+0xdc/0x110 [ 2320.408826][T29704] ? __kasan_kmalloc+0x9/0x10 [ 2320.413342][T29704] dump_stack+0x15/0x17 [ 2320.417332][T29704] should_fail+0x3c0/0x510 [ 2320.421593][T29704] should_fail_alloc_page+0x58/0x70 [ 2320.426618][T29704] __alloc_pages+0x1de/0x7c0 [ 2320.431046][T29704] ? __count_vm_events+0x30/0x30 [ 2320.435820][T29704] do_read_cache_page+0x16d/0xa70 [ 2320.440688][T29704] read_cache_page+0x4d/0x70 [ 2320.445106][T29704] erofs_fc_fill_super+0x1eb/0x1180 [ 2320.450139][T29704] ? sb_set_blocksize+0xb7/0xf0 [ 2320.454824][T29704] get_tree_bdev+0x441/0x680 [ 2320.459253][T29704] ? erofs_release_device_info+0x90/0x90 [ 2320.464719][T29704] erofs_fc_get_tree+0x1c/0x20 [ 2320.469670][T29704] vfs_get_tree+0x88/0x290 [ 2320.474104][T29704] do_new_mount+0x289/0xad0 [ 2320.479149][T29704] ? do_move_mount_old+0x160/0x160 [ 2320.484080][T29704] ? security_capable+0xb2/0xd0 [ 2320.488769][T29704] ? ns_capable+0x8a/0xf0 [ 2320.492937][T29704] path_mount+0x60b/0x1050 [ 2320.497193][T29704] __se_sys_mount+0x2d2/0x3c0 [ 2320.501707][T29704] ? __x64_sys_mount+0xd0/0xd0 [ 2320.506306][T29704] __x64_sys_mount+0xbf/0xd0 [ 2320.510733][T29704] do_syscall_64+0x44/0xd0 [ 2320.514982][T29704] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2320.520705][T29704] RIP: 0033:0x7f2bac5fc60a [ 2320.524960][T29704] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2320.544400][T29704] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2320.552642][T29704] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2320.560454][T29704] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2320.568267][T29704] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2320.576077][T29704] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2320.583909][T29704] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2320.591718][T29704] [ 2320.599168][T29704] erofs: (device loop5): erofs_read_superblock: cannot read erofs superblock 04:37:54 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) 04:37:54 executing program 2: syz_io_uring_setup(0x1a97, &(0x7f0000000140), &(0x7f0000c00000/0x400000)=nil, &(0x7f0000dff000/0x1000)=nil, 0x0, 0x0) 04:37:54 executing program 3: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_ext={0x1c, 0x6, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:37:54 executing program 0: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000540)=@bpf_lsm={0x1d, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x80) 04:37:54 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:54 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 83) 04:37:54 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x2, &(0x7f0000000000)=@raw=[@map_fd={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000180)={0x2, 0x0, 0x3}, 0x10}, 0x80) 04:37:54 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f00000017c0)=@bloom_filter={0x1e, 0x0, 0x3, 0x7cd, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4}, 0x48) 04:37:54 executing program 0: prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x1000)=nil, 0x1000, &(0x7f0000000200)='V\x87&#\'\x00') 04:37:54 executing program 3: timer_create(0xfefffffa, 0x0, &(0x7f0000000000)) 04:37:54 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x0) 04:37:54 executing program 2: timer_create(0x0, 0x0, &(0x7f0000000800)) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000040)={{}, {0x0, r0+10000000}}, 0x0) timer_delete(0x0) [ 2323.280589][T29732] loop4: detected capacity change from 0 to 16 [ 2323.288492][T29732] erofs: (device loop4): mounted with root inode @ nid 36. [ 2323.341910][T29733] loop5: detected capacity change from 0 to 16 [ 2323.348828][T29733] FAULT_INJECTION: forcing a failure. [ 2323.348828][T29733] name failslab, interval 1, probability 0, space 0, times 0 [ 2323.361455][T29733] CPU: 1 PID: 29733 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2323.371497][T29733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2323.381391][T29733] Call Trace: [ 2323.384516][T29733] [ 2323.387293][T29733] dump_stack_lvl+0x151/0x1b7 [ 2323.391808][T29733] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2323.397099][T29733] ? vsnprintf+0x1c02/0x1ce0 [ 2323.401528][T29733] dump_stack+0x15/0x17 [ 2323.405518][T29733] should_fail+0x3c0/0x510 [ 2323.409772][T29733] ? erofs_fc_fill_super+0xbb/0x1180 [ 2323.414891][T29733] __should_failslab+0x9f/0xe0 [ 2323.419492][T29733] should_failslab+0x9/0x20 [ 2323.423832][T29733] kmem_cache_alloc_trace+0x4a/0x310 [ 2323.428955][T29733] erofs_fc_fill_super+0xbb/0x1180 [ 2323.433899][T29733] ? sb_set_blocksize+0xb7/0xf0 [ 2323.438586][T29733] get_tree_bdev+0x441/0x680 [ 2323.443012][T29733] ? erofs_release_device_info+0x90/0x90 [ 2323.448480][T29733] erofs_fc_get_tree+0x1c/0x20 [ 2323.453080][T29733] vfs_get_tree+0x88/0x290 [ 2323.457331][T29733] do_new_mount+0x289/0xad0 [ 2323.461672][T29733] ? do_move_mount_old+0x160/0x160 [ 2323.466618][T29733] ? security_capable+0xb2/0xd0 [ 2323.471309][T29733] ? ns_capable+0x8a/0xf0 [ 2323.475472][T29733] path_mount+0x60b/0x1050 [ 2323.479725][T29733] __se_sys_mount+0x2d2/0x3c0 [ 2323.484237][T29733] ? __x64_sys_mount+0xd0/0xd0 [ 2323.488839][T29733] __x64_sys_mount+0xbf/0xd0 [ 2323.493264][T29733] do_syscall_64+0x44/0xd0 [ 2323.497516][T29733] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2323.503244][T29733] RIP: 0033:0x7f2bac5fc60a [ 2323.507516][T29733] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2323.527123][T29733] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2323.535369][T29733] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2323.543168][T29733] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2323.550980][T29733] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2323.558794][T29733] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2323.566603][T29733] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2323.574509][T29733] 04:37:59 executing program 2: rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f0000000200)) 04:37:59 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) (async) 04:37:59 executing program 0: timer_create(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x4, @thr={&(0x7f0000000000), 0x0}}, 0x0) 04:37:59 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:37:59 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 84) 04:37:59 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x2, &(0x7f0000000000)=@raw=[@map_fd={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 04:37:59 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_LBT_MODE(r0, &(0x7f00000004c0)={&(0x7f0000000040), 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x3c, r1, 0x505, 0x0, 0x0, {}, [@NL802154_ATTR_LBT_MODE={0x5}, @NL802154_ATTR_LBT_MODE={0x5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x3c}}, 0x8004) 04:37:59 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x2, 0x1, &(0x7f0000000080)=@raw=[@func], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x80) 04:37:59 executing program 0: sendmsg$NL802154_CMD_NEW_SEC_DEV(0xffffffffffffffff, 0x0, 0x869ee6efb3809c7a) 04:37:59 executing program 2: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_setup(0x1a97, &(0x7f0000000140)={0x0, 0x0, 0x20, 0x0, 0x0, 0x0, r0}, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000dff000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) 04:37:59 executing program 0: r0 = socket$xdp(0x2c, 0x3, 0x0) sendmsg$xdp(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) 04:37:59 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="340000006400010844610000fddb", @ANYRES32=0x0, @ANYBLOB="0700080000000e000d000d0008000b0009"], 0x34}, 0x1, 0x0, 0x0, 0x48080}, 0x0) 04:37:59 executing program 3: r0 = socket$xdp(0x2c, 0x3, 0x0) mmap$xdp(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x100010, r0, 0x0) [ 2328.263017][T29764] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2328.284167][T29768] loop4: detected capacity change from 0 to 16 [ 2328.323861][T29768] erofs: (device loop4): mounted with root inode @ nid 36. [ 2328.324569][T29769] loop5: detected capacity change from 0 to 16 [ 2328.366211][T29769] FAULT_INJECTION: forcing a failure. [ 2328.366211][T29769] name failslab, interval 1, probability 0, space 0, times 0 [ 2328.378912][T29769] CPU: 1 PID: 29769 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2328.388965][T29769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2328.398862][T29769] Call Trace: [ 2328.401994][T29769] [ 2328.404761][T29769] dump_stack_lvl+0x151/0x1b7 [ 2328.409273][T29769] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2328.414581][T29769] dump_stack+0x15/0x17 [ 2328.418560][T29769] should_fail+0x3c0/0x510 [ 2328.422841][T29769] __should_failslab+0x9f/0xe0 [ 2328.427421][T29769] should_failslab+0x9/0x20 [ 2328.431750][T29769] kmem_cache_alloc+0x4f/0x2f0 [ 2328.436350][T29769] ? create_task_io_context+0x2c/0x400 [ 2328.441644][T29769] create_task_io_context+0x2c/0x400 [ 2328.446773][T29769] submit_bio_checks+0xb47/0xf40 [ 2328.451541][T29769] ? __submit_bio+0x930/0x930 [ 2328.456052][T29769] ? __kasan_slab_alloc+0xc4/0xe0 [ 2328.460913][T29769] ? __kasan_slab_alloc+0xb2/0xe0 [ 2328.465772][T29769] ? blk_try_enter_queue+0x15c/0x340 [ 2328.470891][T29769] ? read_cache_page+0x4d/0x70 [ 2328.475492][T29769] ? erofs_fc_fill_super+0x1eb/0x1180 [ 2328.480701][T29769] __submit_bio+0x592/0x930 [ 2328.485038][T29769] ? do_syscall_64+0x44/0xd0 [ 2328.489465][T29769] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2328.495368][T29769] ? trace_raw_output_block_rq_remap+0x240/0x240 [ 2328.501531][T29769] submit_bio_noacct+0x89b/0xa80 [ 2328.506302][T29769] ? mempool_alloc_slab+0x1d/0x30 [ 2328.511253][T29769] ? mempool_free+0x310/0x310 [ 2328.515763][T29769] ? mempool_alloc_slab+0x1d/0x30 [ 2328.520633][T29769] ? blk_put_request+0x20/0x20 [ 2328.525224][T29769] ? memset+0x35/0x40 [ 2328.529043][T29769] ? fscrypt_set_bio_crypt_ctx+0x173/0x500 [ 2328.534693][T29769] ? mempool_resize+0x8e0/0x8e0 [ 2328.539369][T29769] ? __kasan_check_read+0x11/0x20 [ 2328.544230][T29769] submit_bio+0x2d7/0x560 [ 2328.548396][T29769] ? submit_bio_noacct+0xa80/0xa80 [ 2328.553347][T29769] ? bio_add_page+0x2cc/0x450 [ 2328.557865][T29769] ? guard_bio_eod+0xf3/0x140 [ 2328.562456][T29769] submit_bh_wbc+0x5cf/0x6b0 [ 2328.566887][T29769] block_read_full_page+0x8a6/0xa70 [ 2328.571957][T29769] ? blkdev_fallocate+0x3e0/0x3e0 [ 2328.576775][T29769] ? block_is_partially_uptodate+0x270/0x270 [ 2328.582694][T29769] ? add_to_page_cache_locked+0x40/0x40 [ 2328.588061][T29769] blkdev_readpage+0x1c/0x20 [ 2328.592493][T29769] do_read_cache_page+0x68b/0xa70 [ 2328.597443][T29769] read_cache_page+0x4d/0x70 [ 2328.601859][T29769] erofs_fc_fill_super+0x1eb/0x1180 [ 2328.606894][T29769] ? sb_set_blocksize+0xb7/0xf0 [ 2328.611802][T29769] get_tree_bdev+0x441/0x680 [ 2328.616189][T29769] ? erofs_release_device_info+0x90/0x90 [ 2328.621650][T29769] erofs_fc_get_tree+0x1c/0x20 [ 2328.626251][T29769] vfs_get_tree+0x88/0x290 [ 2328.630506][T29769] do_new_mount+0x289/0xad0 [ 2328.634935][T29769] ? do_move_mount_old+0x160/0x160 [ 2328.639968][T29769] ? security_capable+0xb2/0xd0 [ 2328.644744][T29769] ? ns_capable+0x8a/0xf0 [ 2328.648901][T29769] path_mount+0x60b/0x1050 [ 2328.653157][T29769] __se_sys_mount+0x2d2/0x3c0 [ 2328.657667][T29769] ? __x64_sys_mount+0xd0/0xd0 [ 2328.662268][T29769] __x64_sys_mount+0xbf/0xd0 [ 2328.666709][T29769] do_syscall_64+0x44/0xd0 [ 2328.671316][T29769] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2328.677120][T29769] RIP: 0033:0x7f2bac5fc60a [ 2328.681370][T29769] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2328.701590][T29769] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2328.709835][T29769] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2328.717736][T29769] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2328.728336][T29769] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2328.736686][T29769] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2328.744573][T29769] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2328.752387][T29769] [ 2328.757324][T29769] erofs: (device loop5): mounted with root inode @ nid 36. 04:38:04 executing program 1: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) pipe(&(0x7f0000003d00)) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (async) chdir(&(0x7f0000000140)='./file0\x00') (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r0, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) (async) pipe(&(0x7f0000003d00)) (async) 04:38:04 executing program 0: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_genetlink_get_family_id$wireguard(&(0x7f0000000540), r0) 04:38:04 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), r0) sendmsg$IEEE802154_LLSEC_LIST_KEY(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000680)={0x14, r1, 0x21}, 0x14}}, 0x0) 04:38:04 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f00000017c0)=@bloom_filter={0x1e, 0x0, 0x3}, 0x48) 04:38:04 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:38:04 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 85) 04:38:04 executing program 0: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) bind$xdp(r0, 0x0, 0x0) 04:38:04 executing program 2: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000380)='n', &(0x7f0000000440)}, 0x48) 04:38:04 executing program 3: pselect6(0x40, &(0x7f0000000000), &(0x7f0000000080)={0x6}, 0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={[0x8a]}, 0x8}) 04:38:04 executing program 0: bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001200)={0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0}, 0x20) 04:38:04 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f00000017c0)=@bloom_filter, 0x48) 04:38:04 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000440), r0) [ 2332.633131][T29805] loop4: detected capacity change from 0 to 16 [ 2332.651124][T29805] erofs: (device loop4): mounted with root inode @ nid 36. [ 2332.683993][T29806] loop5: detected capacity change from 0 to 16 [ 2332.691088][T29806] FAULT_INJECTION: forcing a failure. [ 2332.691088][T29806] name failslab, interval 1, probability 0, space 0, times 0 [ 2332.703490][T29806] CPU: 0 PID: 29806 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2332.713557][T29806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2332.723447][T29806] Call Trace: [ 2332.726571][T29806] [ 2332.729349][T29806] dump_stack_lvl+0x151/0x1b7 [ 2332.733874][T29806] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2332.739156][T29806] ? mod_timer_pending+0x30/0x30 [ 2332.743931][T29806] dump_stack+0x15/0x17 [ 2332.747920][T29806] should_fail+0x3c0/0x510 [ 2332.752173][T29806] ? loop_queue_rq+0x3d8/0xb40 [ 2332.756784][T29806] __should_failslab+0x9f/0xe0 [ 2332.761378][T29806] should_failslab+0x9/0x20 [ 2332.765713][T29806] kmem_cache_alloc_trace+0x4a/0x310 [ 2332.770832][T29806] ? cgroup_get_e_css+0x2b9/0x470 [ 2332.775697][T29806] loop_queue_rq+0x3d8/0xb40 [ 2332.780122][T29806] __blk_mq_issue_directly+0x216/0xab0 [ 2332.785413][T29806] ? __blk_mq_run_hw_queue+0x170/0x170 [ 2332.790716][T29806] ? __kasan_check_write+0x14/0x20 [ 2332.795654][T29806] __blk_mq_try_issue_directly+0x297/0x310 [ 2332.801299][T29806] blk_mq_try_issue_directly+0xe3/0x360 [ 2332.806698][T29806] blk_mq_submit_bio+0xd68/0x1c80 [ 2332.811541][T29806] ? blk_cgroup_bio_start+0x258/0x310 [ 2332.816753][T29806] ? blk_mq_try_issue_list_directly+0x500/0x500 [ 2332.822831][T29806] ? __kasan_slab_alloc+0xc4/0xe0 [ 2332.827679][T29806] ? blk_try_enter_queue+0x15c/0x340 [ 2332.832895][T29806] ? read_cache_page+0x4d/0x70 [ 2332.837489][T29806] ? erofs_fc_fill_super+0x1eb/0x1180 [ 2332.842693][T29806] __submit_bio+0x844/0x930 [ 2332.847035][T29806] ? do_syscall_64+0x44/0xd0 [ 2332.851465][T29806] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2332.857386][T29806] ? trace_raw_output_block_rq_remap+0x240/0x240 [ 2332.863540][T29806] submit_bio_noacct+0x89b/0xa80 [ 2332.868683][T29806] ? mempool_alloc_slab+0x1d/0x30 [ 2332.873616][T29806] ? mempool_free+0x310/0x310 [ 2332.878128][T29806] ? mempool_alloc_slab+0x1d/0x30 [ 2332.882986][T29806] ? blk_put_request+0x20/0x20 [ 2332.887590][T29806] ? memset+0x35/0x40 [ 2332.891407][T29806] ? fscrypt_set_bio_crypt_ctx+0x173/0x500 [ 2332.897049][T29806] ? mempool_resize+0x8e0/0x8e0 [ 2332.901734][T29806] ? __kasan_check_read+0x11/0x20 [ 2332.906594][T29806] submit_bio+0x2d7/0x560 [ 2332.910759][T29806] ? submit_bio_noacct+0xa80/0xa80 [ 2332.915708][T29806] ? bio_add_page+0x2cc/0x450 [ 2332.920219][T29806] ? guard_bio_eod+0xf3/0x140 [ 2332.924734][T29806] submit_bh_wbc+0x5cf/0x6b0 [ 2332.929247][T29806] block_read_full_page+0x8a6/0xa70 [ 2332.934282][T29806] ? blkdev_fallocate+0x3e0/0x3e0 [ 2332.939140][T29806] ? block_is_partially_uptodate+0x270/0x270 [ 2332.944962][T29806] ? do_read_cache_page+0x194/0xa70 [ 2332.949993][T29806] blkdev_readpage+0x1c/0x20 [ 2332.954417][T29806] do_read_cache_page+0x68b/0xa70 [ 2332.959277][T29806] read_cache_page+0x4d/0x70 [ 2332.963702][T29806] erofs_fc_fill_super+0x1eb/0x1180 [ 2332.968822][T29806] ? sb_set_blocksize+0xb7/0xf0 [ 2332.973585][T29806] get_tree_bdev+0x441/0x680 [ 2332.977935][T29806] ? erofs_release_device_info+0x90/0x90 [ 2332.983404][T29806] erofs_fc_get_tree+0x1c/0x20 [ 2332.988005][T29806] vfs_get_tree+0x88/0x290 [ 2332.992265][T29806] do_new_mount+0x289/0xad0 [ 2332.996597][T29806] ? do_move_mount_old+0x160/0x160 [ 2333.001715][T29806] ? security_capable+0xb2/0xd0 [ 2333.006411][T29806] ? ns_capable+0x8a/0xf0 [ 2333.010569][T29806] path_mount+0x60b/0x1050 [ 2333.014834][T29806] __se_sys_mount+0x2d2/0x3c0 [ 2333.019345][T29806] ? __x64_sys_mount+0xd0/0xd0 [ 2333.023971][T29806] __x64_sys_mount+0xbf/0xd0 [ 2333.028468][T29806] do_syscall_64+0x44/0xd0 [ 2333.032703][T29806] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2333.038427][T29806] RIP: 0033:0x7f2bac5fc60a [ 2333.042684][T29806] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2333.062123][T29806] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2333.070367][T29806] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2333.078177][T29806] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2333.085989][T29806] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2333.093801][T29806] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2333.101614][T29806] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2333.109432][T29806] [ 2333.114344][T29806] erofs: (device loop5): mounted with root inode @ nid 36. 04:38:09 executing program 2: timer_create(0x7, 0x0, &(0x7f00000002c0)) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x77359400}, {0x0, r0+10000000}}, 0x0) 04:38:09 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="34000000640001084461", @ANYRES32=0x0, @ANYBLOB="0700080000000e000d"], 0x34}}, 0x0) 04:38:09 executing program 3: mmap$binder(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0x11, 0xffffffffffffffff, 0xb93) 04:38:09 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) 04:38:09 executing program 1: r0 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0) sync_file_range(r2, 0x0, 0x0, 0x6) write$binfmt_script(r1, &(0x7f0000000000)=ANY=[@ANYRESOCT=r0, @ANYRESOCT=r2, @ANYRES8=r2, @ANYRES8=r0], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r3, 0x0) pipe(&(0x7f0000003d00)) 04:38:09 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") (fail_nth: 86) 04:38:09 executing program 3: timer_create(0x0, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) 04:38:09 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x80) 04:38:09 executing program 2: timer_create(0x0, 0x0, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_clone(0xc0000400, &(0x7f0000000000), 0x0, &(0x7f0000000100), &(0x7f0000000140), 0x0) 04:38:09 executing program 0: syz_clone(0xc1220000, 0x0, 0xd7609081091d6a88, 0x0, 0x0, 0x0) 04:38:09 executing program 3: openat$vcsu(0xffffffffffffff9c, 0xffffffffffffffff, 0x0, 0x0) [ 2337.581333][T29828] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. 04:38:09 executing program 3: r0 = socket$can_bcm(0x1d, 0x2, 0x2) sendmsg$can_bcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x48}}, 0x0) 04:38:09 executing program 2: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x23, 0x2}, &(0x7f0000000100)) 04:38:09 executing program 3: prctl$PR_CAP_AMBIENT(0x2f, 0x4, 0x11) 04:38:09 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="340000006400010844610000fddbdf250000", @ANYRES32=0x0, @ANYBLOB="0700080000000e000d000d0008000b"], 0x34}}, 0x0) [ 2337.643656][T29844] loop4: detected capacity change from 0 to 16 [ 2337.661140][T29844] erofs: (device loop4): mounted with root inode @ nid 36. [ 2337.693416][T29852] loop5: detected capacity change from 0 to 16 [ 2337.710087][T29852] FAULT_INJECTION: forcing a failure. [ 2337.710087][T29852] name failslab, interval 1, probability 0, space 0, times 0 [ 2337.729141][T29854] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2337.739817][T29852] CPU: 1 PID: 29852 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2337.749884][T29852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2337.759776][T29852] Call Trace: [ 2337.762894][T29852] [ 2337.765669][T29852] dump_stack_lvl+0x151/0x1b7 [ 2337.770182][T29852] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2337.775477][T29852] ? _raw_spin_lock+0xa3/0x1b0 [ 2337.780078][T29852] dump_stack+0x15/0x17 [ 2337.784069][T29852] should_fail+0x3c0/0x510 [ 2337.788326][T29852] __should_failslab+0x9f/0xe0 [ 2337.792924][T29852] should_failslab+0x9/0x20 [ 2337.797260][T29852] kmem_cache_alloc+0x4f/0x2f0 [ 2337.801862][T29852] ? erofs_alloc_inode+0x1b/0x50 [ 2337.806635][T29852] ? __kasan_check_write+0x14/0x20 [ 2337.811581][T29852] ? _erofs_info+0x190/0x190 [ 2337.816013][T29852] erofs_alloc_inode+0x1b/0x50 [ 2337.820702][T29852] ? _erofs_info+0x190/0x190 [ 2337.825135][T29852] new_inode_pseudo+0x64/0x220 [ 2337.829734][T29852] new_inode+0x28/0x1c0 [ 2337.833734][T29852] ? _raw_spin_unlock+0x4d/0x70 [ 2337.838409][T29852] ? erofs_shrinker_register+0xfb/0x110 [ 2337.843792][T29852] erofs_fc_fill_super+0x867/0x1180 [ 2337.848821][T29852] get_tree_bdev+0x441/0x680 [ 2337.853251][T29852] ? erofs_release_device_info+0x90/0x90 [ 2337.858739][T29852] erofs_fc_get_tree+0x1c/0x20 [ 2337.863316][T29852] vfs_get_tree+0x88/0x290 [ 2337.867578][T29852] do_new_mount+0x289/0xad0 [ 2337.871919][T29852] ? do_move_mount_old+0x160/0x160 [ 2337.876856][T29852] ? security_capable+0xb2/0xd0 [ 2337.881630][T29852] ? ns_capable+0x8a/0xf0 [ 2337.885794][T29852] path_mount+0x60b/0x1050 [ 2337.890051][T29852] __se_sys_mount+0x2d2/0x3c0 [ 2337.894563][T29852] ? __x64_sys_mount+0xd0/0xd0 [ 2337.899161][T29852] __x64_sys_mount+0xbf/0xd0 [ 2337.903588][T29852] do_syscall_64+0x44/0xd0 [ 2337.907838][T29852] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2337.913662][T29852] RIP: 0033:0x7f2bac5fc60a [ 2337.917924][T29852] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2337.937360][T29852] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2337.945601][T29852] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2337.953413][T29852] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2337.961226][T29852] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2337.969034][T29852] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2337.976842][T29852] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2337.984658][T29852] [ 2338.002267][T29852] ------------[ cut here ]------------ [ 2338.016974][T29852] kobject: '(null)' (ffff88815ee568e8): is not initialized, yet kobject_put() is being called. [ 2338.048902][T29852] WARNING: CPU: 1 PID: 29852 at lib/kobject.c:752 kobject_put+0x7f/0x240 [ 2338.075619][T29852] Modules linked in: [ 2338.086939][T29852] CPU: 1 PID: 29852 Comm: syz-executor.5 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2338.127994][T29852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2338.165956][T29852] RIP: 0010:kobject_put+0x7f/0x240 [ 2338.187069][T29852] Code: 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 75 fe 2d ff 49 8b 36 48 c7 c7 80 fb 88 85 4c 89 f2 31 c0 e8 51 1f bd fe <0f> 0b eb 0f e8 a8 b1 eb fe e9 58 01 00 00 e8 9e b1 eb fe 4d 8d 6e [ 2338.279050][T29852] RSP: 0018:ffffc900071d7a58 EFLAGS: 00010246 [ 2338.333421][T29852] RAX: 5f56829eeffc7500 RBX: 0000000000000000 RCX: 0000000000040000 [ 2338.361070][T29852] RDX: ffffc90002591000 RSI: 000000000000d08c RDI: 000000000000d08d [ 2338.368983][T29852] RBP: ffffc900071d7a88 R08: ffffffff815838e9 R09: ffffed103ee265e8 04:38:09 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xffdc) recvmmsg(0xffffffffffffffff, &(0x7f0000000740), 0x0, 0x40000022, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") statfs(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)=""/70) [ 2338.401090][T29852] R10: ffffed103ee265e8 R11: 1ffff1103ee265e7 R12: ffff88815ee56800 [ 2338.409077][T29852] R13: dffffc0000000000 R14: ffff88815ee568e8 R15: dffffc0000000000 [ 2338.451047][T29852] FS: 00007f2bab32c700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 2338.459817][T29852] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2338.511182][T29852] CR2: 0000000020164030 CR3: 0000000118d15000 CR4: 00000000003506a0 [ 2338.518993][T29852] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2338.533440][T29858] loop4: detected capacity change from 0 to 16 [ 2338.543677][T29858] erofs: (device loop4): mounted with root inode @ nid 36. [ 2338.591071][T29852] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2338.598883][T29852] Call Trace: [ 2338.621138][T29852] [ 2338.623917][T29852] ? kobject_put+0x88/0x240 [ 2338.628258][T29852] erofs_unregister_sysfs+0x4f/0x70 [ 2338.664278][T29852] ? erofs_free_inode+0xb0/0xb0 [ 2338.670190][T29852] erofs_put_super+0x46/0xa0 [ 2338.674723][T29852] ? erofs_free_inode+0xb0/0xb0 [ 2338.679348][T29852] generic_shutdown_super+0x14f/0x2d0 [ 2338.685983][T29852] kill_block_super+0x80/0xe0 [ 2338.690534][T29852] erofs_kill_sb+0x66/0x130 [ 2338.694905][T29852] deactivate_locked_super+0xb0/0x100 [ 2338.700087][T29852] get_tree_bdev+0x45d/0x680 [ 2338.704682][T29852] ? erofs_release_device_info+0x90/0x90 [ 2338.710179][T29852] erofs_fc_get_tree+0x1c/0x20 [ 2338.714867][T29852] vfs_get_tree+0x88/0x290 [ 2338.719145][T29852] do_new_mount+0x289/0xad0 [ 2338.730173][T29852] ? do_move_mount_old+0x160/0x160 [ 2338.735304][T29852] ? security_capable+0xb2/0xd0 [ 2338.740031][T29852] ? ns_capable+0x8a/0xf0 [ 2338.744411][T29852] path_mount+0x60b/0x1050 [ 2338.748738][T29852] __se_sys_mount+0x2d2/0x3c0 [ 2338.754165][T29852] ? __x64_sys_mount+0xd0/0xd0 [ 2338.758863][T29852] __x64_sys_mount+0xbf/0xd0 [ 2338.763875][T29852] do_syscall_64+0x44/0xd0 [ 2338.768258][T29852] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2338.774891][T29852] RIP: 0033:0x7f2bac5fc60a [ 2338.779192][T29852] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2338.798697][T29852] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2338.807048][T29852] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2338.815433][T29852] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2338.823312][T29852] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2338.831097][T29852] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2338.838906][T29852] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2338.846762][T29852] [ 2338.849572][T29852] ---[ end trace 458a40abd11b7ad4 ]--- [ 2338.856115][T29852] ------------[ cut here ]------------ [ 2338.861565][T29852] refcount_t: underflow; use-after-free. [ 2338.867093][T29852] WARNING: CPU: 1 PID: 29852 at lib/refcount.c:28 refcount_warn_saturate+0x165/0x1b0 [ 2338.876454][T29852] Modules linked in: [ 2338.880157][T29852] CPU: 1 PID: 29852 Comm: syz-executor.5 Tainted: G W 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2338.891915][T29852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2338.902470][T29852] RIP: 0010:refcount_warn_saturate+0x165/0x1b0 [ 2338.908528][T29852] Code: c7 40 5b 87 85 31 c0 e8 d9 5e e0 fe 0f 0b eb 83 e8 30 f1 0e ff c6 05 7e 76 9f 04 01 48 c7 c7 a0 5b 87 85 31 c0 e8 bb 5e e0 fe <0f> 0b e9 62 ff ff ff e8 0f f1 0e ff c6 05 5e 76 9f 04 01 48 c7 c7 [ 2338.928416][T29852] RSP: 0018:ffffc900071d7a38 EFLAGS: 00010246 [ 2338.934533][T29852] RAX: 5f56829eeffc7500 RBX: 0000000000000003 RCX: 0000000000040000 [ 2338.943092][T29852] RDX: ffffc90002591000 RSI: 000000000001c188 RDI: 000000000001c189 [ 2338.951606][T29852] RBP: ffffc900071d7a48 R08: ffffffff815838e9 R09: ffffed103ee265e8 [ 2338.959554][T29852] R10: ffffed103ee265e8 R11: 1ffff1103ee265e7 R12: ffff88815ee56800 [ 2338.968364][T29852] R13: ffff88815ee56920 R14: 0000000000000003 R15: dffffc0000000000 [ 2338.976868][T29852] FS: 00007f2bab32c700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 2338.985942][T29852] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2338.992556][T29852] CR2: 00000000202bc030 CR3: 0000000118d15000 CR4: 00000000003506b0 [ 2339.000472][T29852] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2339.009218][T29852] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2339.017931][T29852] Call Trace: [ 2339.021628][T29852] [ 2339.024512][T29852] kobject_put+0x206/0x240 [ 2339.028888][T29852] ? kobject_put+0x88/0x240 [ 2339.033611][T29852] erofs_unregister_sysfs+0x4f/0x70 [ 2339.038718][T29852] ? erofs_free_inode+0xb0/0xb0 [ 2339.044337][T29852] erofs_put_super+0x46/0xa0 [ 2339.049048][T29852] ? erofs_free_inode+0xb0/0xb0 [ 2339.054788][T29852] generic_shutdown_super+0x14f/0x2d0 [ 2339.060129][T29852] kill_block_super+0x80/0xe0 [ 2339.065688][T29852] erofs_kill_sb+0x66/0x130 [ 2339.070227][T29852] deactivate_locked_super+0xb0/0x100 [ 2339.075899][T29852] get_tree_bdev+0x45d/0x680 [ 2339.080437][T29852] ? erofs_release_device_info+0x90/0x90 [ 2339.086884][T29852] erofs_fc_get_tree+0x1c/0x20 [ 2339.092186][T29852] vfs_get_tree+0x88/0x290 [ 2339.096560][T29852] do_new_mount+0x289/0xad0 [ 2339.101246][T29852] ? do_move_mount_old+0x160/0x160 [ 2339.106289][T29852] ? security_capable+0xb2/0xd0 [ 2339.111808][T29852] ? ns_capable+0x8a/0xf0 [ 2339.116118][T29852] path_mount+0x60b/0x1050 [ 2339.120486][T29852] __se_sys_mount+0x2d2/0x3c0 [ 2339.126115][T29852] ? __x64_sys_mount+0xd0/0xd0 [ 2339.130951][T29852] __x64_sys_mount+0xbf/0xd0 [ 2339.135721][T29852] do_syscall_64+0x44/0xd0 [ 2339.140841][T29852] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2339.147248][T29852] RIP: 0033:0x7f2bac5fc60a [ 2339.152263][T29852] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2339.171838][T29852] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2339.180112][T29852] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2339.188121][T29852] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2339.195998][T29852] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2339.204804][T29852] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2339.212688][T29852] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2339.220474][T29852] [ 2339.223427][T29852] ---[ end trace 458a40abd11b7ad5 ]--- [ 2339.228735][T29852] list_add corruption. prev is NULL. [ 2339.233887][T29852] ------------[ cut here ]------------ [ 2339.239101][T29852] kernel BUG at lib/list_debug.c:24! [ 2339.244232][T29852] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 2339.250471][T29852] CPU: 1 PID: 29852 Comm: syz-executor.5 Tainted: G W 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 2339.261957][T29852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 2339.271821][T29852] RIP: 0010:__list_add_valid+0xbc/0x100 [ 2339.277200][T29852] Code: c0 74 ed 48 c7 c7 60 9e 87 85 4c 89 fe 4c 89 e2 4c 89 f1 31 c0 e8 bf 65 5b 02 0f 0b 48 c7 c7 60 9c 87 85 31 c0 e8 af 65 5b 02 <0f> 0b 48 c7 c7 00 9d 87 85 31 c0 e8 9f 65 5b 02 0f 0b 48 c7 c7 60 [ 2339.296737][T29852] RSP: 0018:ffffc900071d78e0 EFLAGS: 00010046 [ 2339.302628][T29852] RAX: 0000000000000022 RBX: 1ffff92000e3af3d RCX: 5f56829eeffc7500 [ 2339.310451][T29852] RDX: ffffc90002591000 RSI: 000000000002b96d RDI: 000000000002b96e [ 2339.318346][T29852] RBP: ffffc900071d7908 R08: ffffffff815838e9 R09: ffffed103ee24e93 [ 2339.326235][T29852] R10: ffffed103ee24e93 R11: 1ffff1103ee24e92 R12: ffffc900071d79e8 [ 2339.334049][T29852] R13: 1ffff1102bdcad2c R14: ffffc900071d79e0 R15: ffff88815ee56960 [ 2339.341866][T29852] FS: 00007f2bab32c700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 2339.350629][T29852] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2339.357057][T29852] CR2: 000000002030a030 CR3: 0000000118d15000 CR4: 00000000003506a0 [ 2339.364862][T29852] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2339.372669][T29852] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2339.380482][T29852] Call Trace: [ 2339.384203][T29852] [ 2339.386955][T29852] __prepare_to_swait+0xad/0x140 [ 2339.391720][T29852] wait_for_common+0x257/0x430 [ 2339.396321][T29852] ? exc_invalid_op+0x1b/0x50 [ 2339.400832][T29852] ? wait_for_completion+0x20/0x20 [ 2339.405778][T29852] ? refcount_warn_saturate+0x167/0x1b0 [ 2339.411165][T29852] ? refcount_warn_saturate+0x165/0x1b0 [ 2339.416627][T29852] wait_for_completion+0x18/0x20 [ 2339.421400][T29852] erofs_unregister_sysfs+0x5e/0x70 [ 2339.426439][T29852] ? erofs_free_inode+0xb0/0xb0 [ 2339.431206][T29852] erofs_put_super+0x46/0xa0 [ 2339.435632][T29852] ? erofs_free_inode+0xb0/0xb0 [ 2339.440325][T29852] generic_shutdown_super+0x14f/0x2d0 [ 2339.445534][T29852] kill_block_super+0x80/0xe0 [ 2339.450044][T29852] erofs_kill_sb+0x66/0x130 [ 2339.454382][T29852] deactivate_locked_super+0xb0/0x100 [ 2339.459588][T29852] get_tree_bdev+0x45d/0x680 [ 2339.464016][T29852] ? erofs_release_device_info+0x90/0x90 [ 2339.469480][T29852] erofs_fc_get_tree+0x1c/0x20 [ 2339.474087][T29852] vfs_get_tree+0x88/0x290 [ 2339.478336][T29852] do_new_mount+0x289/0xad0 [ 2339.482769][T29852] ? do_move_mount_old+0x160/0x160 [ 2339.487718][T29852] ? security_capable+0xb2/0xd0 [ 2339.492409][T29852] ? ns_capable+0x8a/0xf0 [ 2339.496569][T29852] path_mount+0x60b/0x1050 [ 2339.500823][T29852] __se_sys_mount+0x2d2/0x3c0 [ 2339.505336][T29852] ? __x64_sys_mount+0xd0/0xd0 [ 2339.509936][T29852] __x64_sys_mount+0xbf/0xd0 [ 2339.514358][T29852] do_syscall_64+0x44/0xd0 [ 2339.518626][T29852] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2339.524340][T29852] RIP: 0033:0x7f2bac5fc60a [ 2339.528594][T29852] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2339.548041][T29852] RSP: 002b:00007f2bab32bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2339.556277][T29852] RAX: ffffffffffffffda RBX: 000000000000017e RCX: 00007f2bac5fc60a [ 2339.564089][T29852] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007f2bab32bfe0 [ 2339.571900][T29852] RBP: 00007f2bab32c020 R08: 00007f2bab32c020 R09: 0000000000000000 [ 2339.580492][T29852] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2339.588306][T29852] R13: 00000000200001c0 R14: 00007f2bab32bfe0 R15: 0000000020000540 [ 2339.596118][T29852] [ 2339.598981][T29852] Modules linked in: [ 2339.602717][T29852] ---[ end trace 458a40abd11b7ad6 ]--- [ 2339.608005][T29852] RIP: 0010:__list_add_valid+0xbc/0x100 [ 2339.613386][T29852] Code: c0 74 ed 48 c7 c7 60 9e 87 85 4c 89 fe 4c 89 e2 4c 89 f1 31 c0 e8 bf 65 5b 02 0f 0b 48 c7 c7 60 9c 87 85 31 c0 e8 af 65 5b 02 <0f> 0b 48 c7 c7 00 9d 87 85 31 c0 e8 9f 65 5b 02 0f 0b 48 c7 c7 60 [ 2339.632837][T29852] RSP: 0018:ffffc900071d78e0 EFLAGS: 00010046 [ 2339.638728][T29852] RAX: 0000000000000022 RBX: 1ffff92000e3af3d RCX: 5f56829eeffc7500 [ 2339.646627][T29852] RDX: ffffc90002591000 RSI: 000000000002b96d RDI: 000000000002b96e [ 2339.654614][T29852] RBP: ffffc900071d7908 R08: ffffffff815838e9 R09: ffffed103ee24e93 [ 2339.662423][T29852] R10: ffffed103ee24e93 R11: 1ffff1103ee24e92 R12: ffffc900071d79e8 [ 2339.670235][T29852] R13: 1ffff1102bdcad2c R14: ffffc900071d79e0 R15: ffff88815ee56960 [ 2339.678054][T29852] FS: 00007f2bab32c700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 2339.686811][T29852] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2339.693246][T29852] CR2: 000000002030a030 CR3: 0000000118d15000 CR4: 00000000003506a0 [ 2339.701140][T29852] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2339.708945][T29852] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2339.716756][T29852] Kernel panic - not syncing: Fatal exception [ 2339.722703][T29852] Kernel Offset: disabled [ 2339.726827][T29852] Rebooting in 86400 seconds..