program:
syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp6\x00')
r0 = syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./bus\x00', 0x8c0, &(0x7f0000000100)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c460800000000000063793d661f95cadda90f756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c00"], 0x1, 0x4430, &(0x7f0000004480)="$eJzs3b9PHFceAPA3Az6Dz/aBz4VPOulWOkt3SiIErpxgKYCxMdjEkRNbUZr1AmubZGEtWKIULkhnKVWkFFEKK5HSUVkUaZ0/IU1Kp7YUF2kiRbJCtLuzmBl2xQaxEDufT8Ew7zf7nXn7phhenKjcmV/OzS/nCou58uyt5TO5j8qllYViiPdJ0/4P7V//tKcT18lBX3t/ZVfPX3znxpkQvpv74cnGxsZGqOoOTQ1t+f2Xn+/Nbj02xJk61Xabt7ZX3g8hnNw2rqquEMJ734YQhRBGk7Sx5NgbQjgW6nk37n16M7dHo3n4uHgu/2z6/vrw6am1B+ut//YohC9L/3rt9sJP/+0a/vGVPeoeAAAAAAAAAAAAAAAAAIAX3MS1q9ffHhwKj6LQvRZtf193Ijm2ej92Y8/8p/N/LAAAAAAAAAAAAAAAAAAAAPxJPX//PxedaPL+/3hyHGlRf+PNzo+Rzpl86+r4hcGhZP/3aFv+2WrSoRCejnaF/ib7vmf3fx/N1G++//v2fnbrbJTuty9E8UDqPI4HBkL4Otn4/VR0JC6Vlyuv3iqvLM7t2TBeWOn413fvT0Un2dC/3fiPZdrv/P7//9x2NVXPb+7dJfZSS8e/q2W5bz6J2or/+Uy9/Yg/u5eOf3ctrXdrgZH6BFCN/2fdO8d/PNN+p+J/PISQi6pjzaVmgOoapprear1CWjr+h2ppqakz+SBb3f+/ZuJ/IdP+Qc3/q9kvIppKx/9vtbSeVInn939/vPP9fzHT/kHEvzr+Vd//bUnH/3A9sTtVpPZJtjv/T2Ta71T8r8fJOI9HqStgLaqnt/p/daSl49+zLb/xfPV0NG5r/XcpU3+/nv8a/Tae/xrT//+j+vMfzaXj39uyXLv3/2SmXqfn/5Ha+o/dSsf/SC0tvXbuq/1sN/5TmfY7Ff/aqqSnEf/n88lvh+vpX1n/tSUd/7/XE+OtJVZrP2vrv2jn9f/lTPsHsf6rjn817myvL4t0/I+2LFeN//dtfP9fydTrfPxDGLTW37V0/I+1LFe7/3t2jv90pl6n4/+/TjYOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8AIYS459IYoHUudxPDAQwvnk/FQ4Es0U5vIzpfLsh8shjCfpuXAiul0qzxRK+fnF8lwxXyiVyrMhXEjyT4aeaLlUruQXCncvbrbVG90pFpYqM8VCJYQwkaT/OxxrtDUzX1ko3A0hXNrM+0dcXrp7p7CYn5tfemNwcHAwTG6OoT8qflwpLlbqvddzQ5jarNsXbRlcLfvy5liORh+UV5YWC6Va+pUtdUrl2UJpS53pJO/z0B9VllYWZwuVYr5Uvt3o7yCNJMfxyWvvXrsytC3/ZlQ/ju3vsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4gx4Nv/5FCKG7fhaHEEYav0TNyj98XDyXfzZ9f3349NTag/UnrcoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDv7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWGXjlEaCKIwAL8ZC7XzGFbLbme7oogWrgieQI/hYfQoXsI7pEiRNkUIJLMQNruwTVJ9X/Ngfmbeg3kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDxP793HW91EpLjaXEb8ff0vDvOXUn/ux+9fnGFGTuf5tXt4rJvy7+kovytHyzbv0vXq+zNGau93sCfDfdrr+1xPzjW1b1Pz9X1vIuUqItqS36acq2reWwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFt24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAPHAgAAAADC/K2j6NsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgVAAD//74rHxU=")
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000)
preadv(r0, &(0x7f0000000b00)=[{&(0x7f00000000c0)=""/46, 0x2e}], 0x1, 0x3ff, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x800008, &(0x7f00000005c0)=ANY=[@ANYBLOB="626172726965722c63726561746f723d518d23632c6e6c733d6b6f69382d72752c666f7263652c756d61736b3d3030303030303030303030303030303030303000000000000000066172726965722c626172726965722c756d61736b3d30303030303030303030303030303030303030303031312c6e6f6465636f6d706f73652c00a97aae168d506b23a7ec6fdeca89e880338df1aa90a48c58b1756f9de8310825746e1bc3c5973bee84a81b7f9e6e3b17ffde54ca220551ffaeb0e709073a61380b1513da1f21d1bc13dfbeea9bd82a6357b150f2c79db7f7fac060530aeaf68348abc52511d6e068418248d7f750732ee4e0087e05a2d69a948bb3fcc3c45f0a0673cb2ffd11685cfc160e222bec824a19b3ebf13b1794e815c6124ee09634d56e2ef13d9426ee84b06021fb0a54a2057a6a44656e97ee764c00160f85b341aa1f38c9f59062f0d106a20d378ef82cb64c7132234c128521c5a0dbb5050132afc53c5b78ea301291e63d1161df", @ANYRESHEX=0x0], 0x1, 0x6f2, &(0x7f0000001200)="$eJzs3UtoHOcdAPD/rFarXRccOfEjLYGIGNpSUVuyUFr1UreUokMoIT30LGw5Fl7LQVKKbEqt9HEvNKee0oNuoYeS3g3tuSEXXwW9BAq55KSbyszOrGa1o92VbT2S/n5m9vtmvsd88x/NzD4wXwD/txano/4kklicfmszXd/Zjq2x7bmJvLgdEY2IqEXUO0kkq5GV3syX+Ga6Ma+fxHj1fj5cWXjn6Zc7n3fW6vmStauV2o+i0b9pK19iKiLG8rTfIWOLTw7uvqe/W4f2N6qke4RpwK4WgYu/PFev8Nz2+mzlJX8ey5L6x4OaH+W6Bc6opPPc7DMZcS4imhGdp35+d6id7OhevK3THgAAAAAcVevoTV7ajd3YjPPHMRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4usrn/0/ypZalzUimIinm/2/kZZHnz6DhEyF+NtFJnxz/YAAAAAAAAADg2L2+G7uxGeeL9b0k+83/jdJv/N+I92M9lmMtrsVmLMVGbMRazEbEZKmjxubSxsbabNYyWhcHtLwRn1a0vFEe1V7PGG8ex4EDAAAAAAAAwNnVHFJ+b7x/2+9icf/3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAuSiLFOki0Xi/xk1OoR0YyIRlpvK+LTIv8VkVRtfHLy4wAAAIDn0uxdTZojtHnpcezGZpwv1veS7DP/5ezzcjPej9XYiJXYiHYsx+38M3T6qb+2sz3X3tmeu58u/f3+5IsjDT3rMTrfPVTv+dWsRivuxEq25VrciiT2MrW8l1d3tufS9H71uD5Ix5T8ODdgNGOl/O305conWf5Pvd8i1I90iM+odmjJZFY63o3ITD62tMWFIgLVkRh6duoD9zQbte43PxcH76k65h8M3vu5A7Uqv7k5FQcjcSNq3TN0eXAkIr7zj49/dbe9eu/unfXps3NIlR4PrXEwEnOlSFz5GkViuJnsCC511xfj5/HLmI4vJt6OtViJX8dSbMTyVFG+lP89p6+TgyP12bny2tvDRpJek1Pd+1etYkxT0TOmmIqfZbmleCM7p+djJZJ4EBHL8Wb270bMdu8G+2f40ghXfW2EO23J1e9mSTdM0Tq87t9G6/JFSeN6oRTX8j13Misrb9mP0suVUSqedaM/j0rq38ozaQ+/H/h8OGkHIzFbisQrh/29dEL61730db29em/t7tJ7I+4vKaV/PFNPifQMvxzN/OAuZK9Jdk3NZGWvdJ+wvfFq5L+4dNT6yi5123Wu1F/Eg7jdc6X+IOZjPhay2pez2uN9T6y07Eq3p957eFqWvtOqd3/YKb/fehDtzvshAM6M8aqN5753rtH6b+vfrY9af2jdbb3V/OnEDydea8T4v8Z/VJ8Z+3btteTv8VH8dv/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OzWHz66t9RuL69VZ2rVRcngVkvtvWIisQF1ejJJPlXOCJWT9YeP9oZ2ODgzkQ/vGZu/yEwxW+PwylPHNoz/FPEona/m8HNRzPI0wi6SvoCnjZ95zMWe97eMn4FTeTAzNaROEiN3WJygUlH1X28xH0hVP62q8zV2SOUhN46x57vvAKfv+sb9966vP3z0/ZX7S+8uv7u8Oj4/vzCzMP/m3PU7K+3lmc5rqcGJTH4LnITy24muRkS8PrztgIlaAQAAAAAAAAAAgGN0Ev8X4rSPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhqW5yO+pNIYnbm2ky6vrM9106XIr9fsx4RtYhIfhOR/DPiZjx+ejMtmCx1lxy2nw9XFt55+uXO5/t91Yv6tYitQ9uNZitfYioixvL0RfV3a3h/jf3sREVx0o1MGrCreQqn7n8BAAD//3876Qo=")
open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000380)=[{&(0x7f0000000200)="a10100001504000000323b470c45b4560a067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffff59010300000000000000000200000000", 0x58}, {&(0x7f0000000280)="d0d7e9b9c665274688243a278bd5451190c157d66d2ac90f4ce7fc0aac24ec17bf806f001bc16d5f1c340120a7ac550fea83a6e14e82e4e12a86409bf7afde03a2ed12e8d0f75e80931fdfa78369869f0d31d8a12206e095d35f945145e16e51bae87dd938cdcc5c856a19e06cb27e7add4a09ad859a19095bdab654aad877955f3fa614f6f728eabad9212c1e9639995578593293e8503ff6348030a31e20f7c326b56e7d361f6e7388a95eba8342137074deaf0d06dd73058be2f00f32fb40c4354bc86b2daa843e4d8523871399a94b3472f58e6216271cde", 0xda}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1b, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e751d"], 0x24)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043e1f1b"], 0x22)
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0xd84, &(0x7f0000000400))
landlock_create_ruleset(&(0x7f0000000180)={0x1100, 0x1, 0x3}, 0x18, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r4 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0)
ioctl$FBIOPAN_DISPLAY(r4, 0x4606, 0x0)
r5 = dup(r3)
fsmount(r5, 0x1, 0x0)
openat(r1, &(0x7f0000000080)='./bus\x00', 0x181c40, 0x54)
[ 59.457905][ T5312] Bluetooth: hci0: command tx timeout
[ 59.514904][ T5325] loop0: detected capacity change from 0 to 32768
[ 59.524241][ T5325] =======================================================
[ 59.524241][ T5325] WARNING: The mand mount option has been deprecated and
[ 59.524241][ T5325] and is ignored by this kernel. Remove the mand
[ 59.524241][ T5325] option from the mount to silence this warning.
[ 59.524241][ T5325] =======================================================
[ 59.565512][ T5325] (syz.0.0,5325,0):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "coherency=fullF�" or missing value
[ 59.578051][ T5325] (syz.0.0,5325,0):ocfs2_fill_super:1178 ERROR: status = -22
[ 59.654659][ T5325] loop0: detected capacity change from 0 to 1024
[ 59.693480][ T5312] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:585
[ 59.698874][ T5312] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5312, name: kworker/u5:2
[ 59.702669][ T5312] preempt_count: 0, expected: 0
[ 59.704432][ T5312] RCU nest depth: 1, expected: 0
[ 59.706176][ T5312] 4 locks held by kworker/u5:2/5312:
[ 59.708259][ T5312] #0: ffff88803ecad148 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[ 59.712159][ T5312] #1: ffffc9000d1bfd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[ 59.716671][ T5312] #2: ffff8880406c8078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0
[ 59.721017][ T5312] #3: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0
[ 59.725023][ T5312] CPU: 0 UID: 0 PID: 5312 Comm: kworker/u5:2 Not tainted 6.12.0-rc7-syzkaller #0
[ 59.728275][ T5312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 59.732331][ T5312] Workqueue: hci0 hci_rx_work
[ 59.734010][ T5312] Call Trace:
[ 59.735197][ T5312]
[ 59.736298][ T5312] dump_stack_lvl+0x241/0x360
[ 59.738071][ T5312] ? __pfx_dump_stack_lvl+0x10/0x10
[ 59.739964][ T5312] ? __pfx__printk+0x10/0x10
[ 59.741721][ T5312] __might_resched+0x5d4/0x780
[ 59.743431][ T5312] ? __mutex_lock+0x112/0xd70
[ 59.745284][ T5312] ? __pfx___might_resched+0x10/0x10
[ 59.747564][ T5312] __mutex_lock+0xc1/0xd70
[ 59.749343][ T5312] ? __pfx_lock_acquire+0x10/0x10
[ 59.751361][ T5312] ? hci_le_create_big_complete_evt+0x3d9/0xae0
[ 59.753506][ T5312] ? __pfx_lock_release+0x10/0x10
[ 59.755225][ T5312] ? __pfx___mutex_lock+0x10/0x10
[ 59.756896][ T5312] ? trace_contention_end+0x3c/0x120
[ 59.758624][ T5312] ? skb_pull_data+0x112/0x230
[ 59.760415][ T5312] ? hci_conn_set_handle+0x9a/0x270
[ 59.762457][ T5312] hci_le_create_big_complete_evt+0x3d9/0xae0
[ 59.764808][ T5312] ? __copy_skb_header+0x437/0x5b0
[ 59.766674][ T5312] ? hci_le_create_big_complete_evt+0xdb/0xae0
[ 59.769118][ T5312] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[ 59.771768][ T5312] ? hci_le_meta_evt+0x366/0x580
[ 59.773675][ T5312] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[ 59.776205][ T5312] hci_event_packet+0xa55/0x1540
[ 59.778174][ T5312] ? __pfx_hci_le_meta_evt+0x10/0x10
[ 59.780305][ T5312] ? __pfx_hci_event_packet+0x10/0x10
[ 59.782379][ T5312] ? set_advertising_complete+0x450/0x6f0
[ 59.784416][ T5312] ? kcov_remote_start+0x97/0x7d0
[ 59.786345][ T5312] hci_rx_work+0x3fe/0xd80
[ 59.788015][ T5312] ? process_scheduled_works+0x976/0x1850
[ 59.790184][ T5312] process_scheduled_works+0xa63/0x1850
[ 59.792275][ T5312] ? __pfx_process_scheduled_works+0x10/0x10
[ 59.794465][ T5312] ? assign_work+0x364/0x3d0
[ 59.796282][ T5312] worker_thread+0x870/0xd30
[ 59.798121][ T5312] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 59.800448][ T5312] ? __kthread_parkme+0x169/0x1d0
[ 59.802374][ T5312] ? __pfx_worker_thread+0x10/0x10
[ 59.804336][ T5312] kthread+0x2f0/0x390
[ 59.805781][ T5312] ? __pfx_worker_thread+0x10/0x10
[ 59.807642][ T5312] ? __pfx_kthread+0x10/0x10
[ 59.809377][ T5312] ret_from_fork+0x4b/0x80
[ 59.811071][ T5312] ? __pfx_kthread+0x10/0x10
[ 59.812673][ T5312] ret_from_fork_asm+0x1a/0x30
[ 59.814343][ T5312]
[ 59.819652][ T5312]
[ 59.820598][ T5312] =============================
[ 59.822484][ T5312] [ BUG: Invalid wait context ]
[ 59.824303][ T5312] 6.12.0-rc7-syzkaller #0 Tainted: G W
[ 59.826857][ T5312] -----------------------------
[ 59.828792][ T5312] kworker/u5:2/5312 is trying to lock:
[ 59.831216][ T5312] ffffffff8fe402a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0x3d9/0xae0
[ 59.835561][ T5312] other info that might help us debug this:
[ 59.837952][ T5312] context-{4:4}
[ 59.839365][ T5312] 4 locks held by kworker/u5:2/5312:
[ 59.841454][ T5312] #0: ffff88803ecad148 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[ 59.845696][ T5312] #1: ffffc9000d1bfd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[ 59.850505][ T5312] #2: ffff8880406c8078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0
[ 59.854601][ T5312] #3: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0
[ 59.858682][ T5312] stack backtrace:
[ 59.860193][ T5312] CPU: 0 UID: 0 PID: 5312 Comm: kworker/u5:2 Tainted: G W 6.12.0-rc7-syzkaller #0
[ 59.863899][ T5312] Tainted: [W]=WARN
[ 59.865281][ T5312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 59.869020][ T5312] Workqueue: hci0 hci_rx_work
[ 59.870748][ T5312] Call Trace:
[ 59.871891][ T5312]
[ 59.872813][ T5312] dump_stack_lvl+0x241/0x360
[ 59.874509][ T5312] ? __pfx_dump_stack_lvl+0x10/0x10
[ 59.876431][ T5312] ? __pfx__printk+0x10/0x10
[ 59.878361][ T5312] __lock_acquire+0x154a/0x2050
[ 59.880323][ T5312] lock_acquire+0x1ed/0x550
[ 59.882042][ T5312] ? hci_le_create_big_complete_evt+0x3d9/0xae0
[ 59.884453][ T5312] ? __pfx_lock_acquire+0x10/0x10
[ 59.886388][ T5312] ? __mutex_lock+0x112/0xd70
[ 59.888170][ T5312] ? __pfx___might_resched+0x10/0x10
[ 59.890222][ T5312] __mutex_lock+0x136/0xd70
[ 59.891774][ T5312] ? hci_le_create_big_complete_evt+0x3d9/0xae0
[ 59.894004][ T5312] ? __pfx_lock_acquire+0x10/0x10
[ 59.895904][ T5312] ? hci_le_create_big_complete_evt+0x3d9/0xae0
[ 59.898142][ T5312] ? __pfx_lock_release+0x10/0x10
[ 59.899992][ T5312] ? __pfx___mutex_lock+0x10/0x10
[ 59.901946][ T5312] ? trace_contention_end+0x3c/0x120
[ 59.904005][ T5312] ? skb_pull_data+0x112/0x230
[ 59.905933][ T5312] ? hci_conn_set_handle+0x9a/0x270
[ 59.907973][ T5312] hci_le_create_big_complete_evt+0x3d9/0xae0
[ 59.910304][ T5312] ? __copy_skb_header+0x437/0x5b0
[ 59.912214][ T5312] ? hci_le_create_big_complete_evt+0xdb/0xae0
[ 59.914308][ T5312] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[ 59.916564][ T5312] ? hci_le_meta_evt+0x366/0x580
[ 59.918239][ T5312] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[ 59.920702][ T5312] hci_event_packet+0xa55/0x1540
[ 59.922498][ T5312] ? __pfx_hci_le_meta_evt+0x10/0x10
[ 59.924532][ T5312] ? __pfx_hci_event_packet+0x10/0x10
[ 59.926573][ T5312] ? set_advertising_complete+0x450/0x6f0
[ 59.928837][ T5312] ? kcov_remote_start+0x97/0x7d0
[ 59.930877][ T5312] hci_rx_work+0x3fe/0xd80
[ 59.932644][ T5312] ? process_scheduled_works+0x976/0x1850
[ 59.934844][ T5312] process_scheduled_works+0xa63/0x1850
[ 59.936970][ T5312] ? __pfx_process_scheduled_works+0x10/0x10
[ 59.939344][ T5312] ? assign_work+0x364/0x3d0
[ 59.941102][ T5312] worker_thread+0x870/0xd30
[ 59.942894][ T5312] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 59.945137][ T5312] ? __kthread_parkme+0x169/0x1d0
[ 59.947181][ T5312] ? __pfx_worker_thread+0x10/0x10
[ 59.949094][ T5312] kthread+0x2f0/0x390
[ 59.950613][ T5312] ? __pfx_worker_thread+0x10/0x10
[ 59.952445][ T5312] ? __pfx_kthread+0x10/0x10
[ 59.954163][ T5312] ret_from_fork+0x4b/0x80
[ 59.955794][ T5312] ? __pfx_kthread+0x10/0x10
[ 59.957460][ T5312] ret_from_fork_asm+0x1a/0x30
[ 59.959248][ T5312]
[ 59.968365][ T5312] ==================================================================
[ 59.970686][ T5312] BUG: KASAN: slab-use-after-free in hci_le_create_big_complete_evt+0x383/0xae0
[ 59.973444][ T5312] Read of size 8 at addr ffff88804fffc000 by task kworker/u5:2/5312
[ 59.976184][ T5312]
[ 59.977053][ T5312] CPU: 0 UID: 0 PID: 5312 Comm: kworker/u5:2 Tainted: G W 6.12.0-rc7-syzkaller #0
[ 59.981065][ T5312] Tainted: [W]=WARN
[ 59.982547][ T5312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 59.986509][ T5312] Workqueue: hci0 hci_rx_work
[ 59.988140][ T5312] Call Trace:
[ 59.989416][ T5312]
[ 59.990584][ T5312] dump_stack_lvl+0x241/0x360
[ 59.992477][ T5312] ? __pfx_dump_stack_lvl+0x10/0x10
[ 59.994522][ T5312] ? __pfx__printk+0x10/0x10
[ 59.996211][ T5312] ? _printk+0xd5/0x120
[ 59.997923][ T5312] ? __virt_addr_valid+0x183/0x530
[ 59.999904][ T5312] ? __virt_addr_valid+0x183/0x530
[ 60.001871][ T5312] print_report+0x169/0x550
[ 60.003581][ T5312] ? __virt_addr_valid+0x183/0x530
[ 60.005551][ T5312] ? __virt_addr_valid+0x183/0x530
[ 60.007549][ T5312] ? __virt_addr_valid+0x45f/0x530
[ 60.009461][ T5312] ? __phys_addr+0xba/0x170
[ 60.011060][ T5312] ? hci_le_create_big_complete_evt+0x383/0xae0
[ 60.013397][ T5312] kasan_report+0x143/0x180
[ 60.015049][ T5312] ? hci_le_create_big_complete_evt+0x383/0xae0
[ 60.017276][ T5312] hci_le_create_big_complete_evt+0x383/0xae0
[ 60.019406][ T5312] ? __copy_skb_header+0x437/0x5b0
[ 60.021086][ T5312] ? hci_le_create_big_complete_evt+0xdb/0xae0
[ 60.023289][ T5312] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[ 60.025537][ T5312] ? hci_le_meta_evt+0x366/0x580
[ 60.027297][ T5312] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[ 60.029644][ T5312] hci_event_packet+0xa55/0x1540
[ 60.031493][ T5312] ? __pfx_hci_le_meta_evt+0x10/0x10
[ 60.033636][ T5312] ? __pfx_hci_event_packet+0x10/0x10
[ 60.035826][ T5312] ? set_advertising_complete+0x450/0x6f0
[ 60.038040][ T5312] ? kcov_remote_start+0x97/0x7d0
[ 60.039983][ T5312] hci_rx_work+0x3fe/0xd80
[ 60.041698][ T5312] ? process_scheduled_works+0x976/0x1850
[ 60.043990][ T5312] process_scheduled_works+0xa63/0x1850
[ 60.046223][ T5312] ? __pfx_process_scheduled_works+0x10/0x10
[ 60.048551][ T5312] ? assign_work+0x364/0x3d0
[ 60.050330][ T5312] worker_thread+0x870/0xd30
[ 60.051993][ T5312] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 60.054286][ T5312] ? __kthread_parkme+0x169/0x1d0
[ 60.056180][ T5312] ? __pfx_worker_thread+0x10/0x10
[ 60.058063][ T5312] kthread+0x2f0/0x390
[ 60.059312][ T5312] ? __pfx_worker_thread+0x10/0x10
[ 60.061147][ T5312] ? __pfx_kthread+0x10/0x10
[ 60.062933][ T5312] ret_from_fork+0x4b/0x80
[ 60.064791][ T5312] ? __pfx_kthread+0x10/0x10
[ 60.066763][ T5312] ret_from_fork_asm+0x1a/0x30
[ 60.068714][ T5312]
[ 60.069950][ T5312]
[ 60.070917][ T5312] Allocated by task 5312:
[ 60.072628][ T5312] kasan_save_track+0x3f/0x80
[ 60.074517][ T5312] __kasan_kmalloc+0x98/0xb0
[ 60.076354][ T5312] __kmalloc_cache_noprof+0x19c/0x2c0
[ 60.078554][ T5312] __hci_conn_add+0x2f9/0x1850
[ 60.080348][ T5312] hci_le_big_sync_established_evt+0x414/0xc20
[ 60.082678][ T5312] hci_event_packet+0xa55/0x1540
[ 60.084503][ T5312] hci_rx_work+0x3fe/0xd80
[ 60.086177][ T5312] process_scheduled_works+0xa63/0x1850
[ 60.088109][ T5312] worker_thread+0x870/0xd30
[ 60.089709][ T5312] kthread+0x2f0/0x390
[ 60.091287][ T5312] ret_from_fork+0x4b/0x80
[ 60.092918][ T5312] ret_from_fork_asm+0x1a/0x30
[ 60.094713][ T5312]
[ 60.095537][ T5312] Freed by task 5312:
[ 60.096823][ T5312] kasan_save_track+0x3f/0x80
[ 60.098481][ T5312] kasan_save_free_info+0x40/0x50
[ 60.100190][ T5312] __kasan_slab_free+0x59/0x70
[ 60.102005][ T5312] kfree+0x1a0/0x440
[ 60.103461][ T5312] device_release+0x99/0x1c0
[ 60.105278][ T5312] kobject_put+0x22f/0x480
[ 60.106983][ T5312] hci_conn_del+0x8c4/0xc40
[ 60.108748][ T5312] hci_le_create_big_complete_evt+0x619/0xae0
[ 60.111082][ T5312] hci_event_packet+0xa55/0x1540
[ 60.112920][ T5312] hci_rx_work+0x3fe/0xd80
[ 60.114774][ T5312] process_scheduled_works+0xa63/0x1850
[ 60.116435][ T5312] worker_thread+0x870/0xd30
[ 60.117861][ T5312] kthread+0x2f0/0x390
[ 60.119311][ T5312] ret_from_fork+0x4b/0x80
[ 60.121024][ T5312] ret_from_fork_asm+0x1a/0x30
[ 60.122871][ T5312]
[ 60.123809][ T5312] The buggy address belongs to the object at ffff88804fffc000
[ 60.123809][ T5312] which belongs to the cache kmalloc-8k of size 8192
[ 60.128859][ T5312] The buggy address is located 0 bytes inside of
[ 60.128859][ T5312] freed 8192-byte region [ffff88804fffc000, ffff88804fffe000)
[ 60.133618][ T5312]
[ 60.134511][ T5312] The buggy address belongs to the physical page:
[ 60.136913][ T5312] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4fff8
[ 60.140098][ T5312] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 60.143172][ T5312] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[ 60.145896][ T5312] page_type: f5(slab)
[ 60.147376][ T5312] raw: 04fff00000000040 ffff88801ac42280 dead000000000122 0000000000000000
[ 60.150433][ T5312] raw: 0000000000000000 0000000000020002 00000001f5000000 0000000000000000
[ 60.153438][ T5312] head: 04fff00000000040 ffff88801ac42280 dead000000000122 0000000000000000
[ 60.156499][ T5312] head: 0000000000000000 0000000000020002 00000001f5000000 0000000000000000
[ 60.159664][ T5312] head: 04fff00000000003 ffffea00013ffe01 ffffffffffffffff 0000000000000000
[ 60.162753][ T5312] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 60.165623][ T5312] page dumped because: kasan: bad access detected
[ 60.167930][ T5312] page_owner tracks the page as allocated
[ 60.169960][ T5312] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 72, tgid 72 (kworker/u4:4), ts 57925430027, free_ts 0
[ 60.177039][ T5312] post_alloc_hook+0x1f3/0x230
[ 60.178865][ T5312] get_page_from_freelist+0x3649/0x3790
[ 60.180927][ T5312] __alloc_pages_noprof+0x292/0x710
[ 60.182927][ T5312] alloc_pages_mpol_noprof+0x3e8/0x680
[ 60.185018][ T5312] alloc_slab_page+0x6a/0x140
[ 60.186686][ T5312] allocate_slab+0x5a/0x2f0
[ 60.188419][ T5312] ___slab_alloc+0xcd1/0x14b0
[ 60.190081][ T5312] __slab_alloc+0x58/0xa0
[ 60.191608][ T5312] __kmalloc_noprof+0x25a/0x400
[ 60.193501][ T5312] __sta_info_alloc+0xbcb/0x1ea0
[ 60.195340][ T5312] ieee80211_ibss_add_sta+0x5ad/0x860
[ 60.197337][ T5312] ieee80211_ibss_rx_queued_mgmt+0x15c0/0x2d70
[ 60.199756][ T5312] ieee80211_iface_work+0x8a5/0xf20
[ 60.201743][ T5312] cfg80211_wiphy_work+0x2db/0x490
[ 60.203686][ T5312] process_scheduled_works+0xa63/0x1850
[ 60.205783][ T5312] worker_thread+0x870/0xd30
[ 60.207526][ T5312] page_owner free stack trace missing
[ 60.209552][ T5312]
[ 60.210494][ T5312] Memory state around the buggy address:
[ 60.212551][ T5312] ffff88804fffbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 60.215555][ T5312] ffff88804fffbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 60.218383][ T5312] >ffff88804fffc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 60.221280][ T5312] ^
[ 60.222592][ T5312] ffff88804fffc080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 60.225300][ T5312] ffff88804fffc100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 60.228159][ T5312] ==================================================================
[ 60.238422][ T5312] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 60.240877][ T5312] CPU: 0 UID: 0 PID: 5312 Comm: kworker/u5:2 Tainted: G W 6.12.0-rc7-syzkaller #0
[ 60.244635][ T5312] Tainted: [W]=WARN
[ 60.246030][ T5312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 60.249823][ T5312] Workqueue: hci0 hci_rx_work
[ 60.251697][ T5312] Call Trace:
[ 60.253036][ T5312]
[ 60.254234][ T5312] dump_stack_lvl+0x241/0x360
[ 60.256003][ T5312] ? __pfx_dump_stack_lvl+0x10/0x10
[ 60.257989][ T5312] ? __pfx__printk+0x10/0x10
[ 60.259830][ T5312] ? rcu_is_watching+0x15/0xb0
[ 60.261474][ T5312] ? preempt_schedule+0xe1/0xf0
[ 60.263007][ T5312] ? vscnprintf+0x5d/0x90
[ 60.264415][ T5312] panic+0x349/0x880
[ 60.265841][ T5312] ? check_panic_on_warn+0x21/0xb0
[ 60.267796][ T5312] ? __pfx_panic+0x10/0x10
[ 60.269493][ T5312] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 60.271744][ T5312] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 60.274181][ T5312] ? print_report+0x502/0x550
[ 60.276162][ T5312] check_panic_on_warn+0x86/0xb0
[ 60.278040][ T5312] ? hci_le_create_big_complete_evt+0x383/0xae0
[ 60.280373][ T5312] end_report+0x77/0x160
[ 60.281975][ T5312] kasan_report+0x154/0x180
[ 60.283766][ T5312] ? hci_le_create_big_complete_evt+0x383/0xae0
[ 60.286223][ T5312] hci_le_create_big_complete_evt+0x383/0xae0
[ 60.288499][ T5312] ? __copy_skb_header+0x437/0x5b0
[ 60.290430][ T5312] ? hci_le_create_big_complete_evt+0xdb/0xae0
[ 60.292712][ T5312] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[ 60.294983][ T5312] ? hci_le_meta_evt+0x366/0x580
[ 60.296662][ T5312] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[ 60.299006][ T5312] hci_event_packet+0xa55/0x1540
[ 60.300764][ T5312] ? __pfx_hci_le_meta_evt+0x10/0x10
[ 60.302634][ T5312] ? __pfx_hci_event_packet+0x10/0x10
[ 60.304543][ T5312] ? set_advertising_complete+0x450/0x6f0
[ 60.306518][ T5312] ? kcov_remote_start+0x97/0x7d0
[ 60.308332][ T5312] hci_rx_work+0x3fe/0xd80
[ 60.310671][ T5312] ? process_scheduled_works+0x976/0x1850
[ 60.312909][ T5312] process_scheduled_works+0xa63/0x1850
[ 60.315040][ T5312] ? __pfx_process_scheduled_works+0x10/0x10
[ 60.317332][ T5312] ? assign_work+0x364/0x3d0
[ 60.319072][ T5312] worker_thread+0x870/0xd30
[ 60.320763][ T5312] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 60.324750][ T5312] ? __kthread_parkme+0x169/0x1d0
[ 60.326547][ T5312] ? __pfx_worker_thread+0x10/0x10
[ 60.328393][ T5312] kthread+0x2f0/0x390
[ 60.329672][ T5312] ? __pfx_worker_thread+0x10/0x10
[ 60.331232][ T5312] ? __pfx_kthread+0x10/0x10
[ 60.332854][ T5312] ret_from_fork+0x4b/0x80
[ 60.334460][ T5312] ? __pfx_kthread+0x10/0x10
[ 60.336217][ T5312] ret_from_fork_asm+0x1a/0x30
[ 60.338048][ T5312]
[ 60.339477][ T5312] Kernel Offset: disabled
[ 60.341129][ T5312] Rebooting in 86400 seconds..