last executing test programs: 52.417830159s ago: executing program 2 (id=501): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_io_uring_setup(0x77e8, 0x0, 0x0, 0x0) r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x541b, &(0x7f0000000340)=0x894ce9264a145486) 50.493073845s ago: executing program 2 (id=504): mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ffd000/0x3000)=nil) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) pwritev(r0, &(0x7f0000000000)=[{&(0x7f0000000c00)="3d438cfb9166a77b294815e29f236a8317292c28959d04fc6af404e915d4f6fe054b8e91d9c58bccb6c92d88d363c4bbf96c7806adf9361b44bea0178aaac830e8c671484991ad19d53251ec9adac8b71803f0b7d16914a60396b1092fe938b13af127cb295bad6ddc899a1712ace21b8da2471ed084606050c1a42f7c4ea651d357cd0d994d33968ffb0cf9342430774428b03227bf85bf606ed11edc5ded51d6316be14969cb761266662f378da51b9ca3b76fe0f595d8c446c9ac11281e10d0babee8e01f99dc7d3bd9f5eb19386ccbc6af740fcae35d4a51468dab6a0f7a93824e62ea8348f4646948e415a6e1f5209cbfd9412ebb7b38b09cb8a515a3986ff7582d3ec307a5d2891e87963e6cd6329859906044688bd3770e28fa382254a8a9d41311053903653f79f96ce20ad4b7d43b20b2d9798264f6abc7080cc6c00aadaec9d711d0c33fc3d4d53d55037c527de33cb6e72e1c41ca8562b11e833dfaab7759608c8ac5e51fb8d251d2dcab917764bb96e4788c3b89b34085c0f9e8b7f6e48f20b08b65031ae1e4b3c5213ade4a475ef06537568b1ab90ceed025b010ebc278a950f875dcf7fd5005654f0f1fbd52d5f8742cf1cad04471389681596a9b35aa6007db0d6a482f8345180e0de341d989f82ca557c259a0745d1a294958b6ceb60a7ce0ae48d548174eb24979dfea5e1d4db4700eefacad971e6c6fdc064f68a74c7a5d74c8eb7d5583fe34cbe5be3ad08032ad7ba49b2c1714f6636050a84439c1bb903a53b7c2a0cef85ff20dab25226873a544c2cd63eb8f7c524f6fa9be7bde85c8bf3f36fd42b4559e91f7f3b5525f5ad8ec1c7d0c482ea84641bfde7874a35e62576557ad25851ca19a6626d40cf66588f4b9ea09cea747d0e2f720083d8121b02e56681186a44a7bf25530fc918956cbcf23a3316c8e7cf60901509390ef9e7f0d89dd0654e7b7883eb401a293e1bef6fc0c8e012c3a3e16890047887b31a5e2087b65e8571d1bb10efcb2ba062ec1672bcf0e78acd2eb6ae265b14e73d72bc23552cf53d4988e916e7208e8f675903c411c1af424753b0420ab4acba887192a837555dce524c3880b80bdbf489de15321ba91978e7da20f0586a4a61af0190f2bb67d9018304d632e27ff1c5403a419db8b99446d0bde72f3745b0d10a6b0680aae0ab27891707273eb2f82ffaa9a000070dcefa25857ee0e885020f31566ffaa753a05a3869a7e79da196fd9b90be936cf737fa75ea8714a443a39e5123069ed3333e376b1b21b88b63341bb17fba41425022f1a936a0a86a004fad3a2591a0b93f8796ec192f84887e48c4a781ebac1d70f40b8726af582e92b5a021f6b83dc1cc56052ff16eaa80064031e60a9321d912ea56e1716046904e041dab7ba266a45b1f22c71f326492cac0f3fd90f814e500cdc41a5be3ea259348092466e061939196bfa89c44a23ddfd20c31cb30af554b9c6157ba51df3a6", 0x421}], 0x1, 0x2, 0x1) 50.053682342s ago: executing program 2 (id=507): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000080850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f00000021c0)={r2, 0x0, 0x0}, 0x10) 48.029556841s ago: executing program 2 (id=512): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@nobarrier}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c}) syz_mount_image$msdos(&(0x7f0000000940), &(0x7f0000001cc0)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000)) chdir(&(0x7f0000000140)='./file0\x00') truncate(&(0x7f0000000140)='./file2\x00', 0x7) 46.049261509s ago: executing program 2 (id=518): syz_mount_image$cramfs(&(0x7f0000000440), &(0x7f0000000000)='./file2\x00', 0x200001, &(0x7f0000000140)=ANY=[], 0xfc, 0x15e, &(0x7f0000000480)="$eJzs0U9rE0EYx/Hv7E52AyZEMELwYHIzGoT8QW8SsmIwYFxRBPEUiCsKCRED6tHg1UPAaw62vZa+haTtobQkl76KXnIr9LhldhuW9jU8n9v8nuH3JLMvnq3KisTz0fDb92A8Dj6V3vrd9ruz+bxlcgeX9LV5fH/Rgi9oFhrWEzDxYRY+fx0EVn80MOd1C1zAu3WVM8xt9nl5zURDjdDeZAdudM+CaGWc3YUPDIIGqeh8T4OXi/uqwHILHhDiOXFWA87fgA1KOUDoxkWdSvGOgl+zyt7uyevlcefxo2bwt96ePswU7AqwjafSR1byJKtl95Xf9VeNev1pulqzeHJqCvk9Rb/M/ICPCrTps4j6HAr39Xv4o+BftGu9r7LmT/y/8Ifx72iagp92CVRx1u8VUju9/G0Lu6zNNOQG84miSfIiQgghhBBCCCGEEEIIIYQQQgghROIyAAD///VXTgE=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) 42.825105745s ago: executing program 2 (id=531): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x140, 0x800, 0x3ff, 0x0, 0x0, 0x0, {0x4, 0x4}, {}, {0x0, 0x4}, {0x0, 0x0, 0x8}, 0x0, 0x3f0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x2, 0xc}) mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f00000005c0)=@mangle={'mangle\x00', 0x64, 0x6, 0x538, 0x0, 0x1b8, 0x380, 0xd0, 0x2b0, 0x468, 0x468, 0x468, 0x468, 0x468, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x6, 0x0, 0x0, 0x4a}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@hl={{0x28}, {0x3, 0x20}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0xa8, 0xd0}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x598) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)=0x14) 41.73591126s ago: executing program 32 (id=531): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x140, 0x800, 0x3ff, 0x0, 0x0, 0x0, {0x4, 0x4}, {}, {0x0, 0x4}, {0x0, 0x0, 0x8}, 0x0, 0x3f0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x2, 0xc}) mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f00000005c0)=@mangle={'mangle\x00', 0x64, 0x6, 0x538, 0x0, 0x1b8, 0x380, 0xd0, 0x2b0, 0x468, 0x468, 0x468, 0x468, 0x468, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x6, 0x0, 0x0, 0x4a}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@hl={{0x28}, {0x3, 0x20}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0xa8, 0xd0}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x598) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)=0x14) 18.863383683s ago: executing program 1 (id=582): syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000400)='./file3\x00', 0x8, &(0x7f00000000c0)=ANY=[@ANYRES8=0x0, @ANYRESDEC=0x0], 0x1, 0x1c0, &(0x7f0000000440)="$eJzslT+PEkEYxp+ZxQWMn8DGQhKxcNld1NiQQGNlYeIfYmEikYWgixjYQkiM8RPY21n4MUy09UMYtNEGq7t6L/NnlzkC3EHY45J7fwnvPrsz8/LOO8kzIAjiwvLn9+E0Pqj9LQC4ghLy+vs/az6HG/N/Ff6///HgfvPT868/81OnuCxnHJ/+/3MAvjcsROna46tL+vkYPNVPwHFT6yYYHK1fgOOp1gEYnmn9ytADMd9xOr0wcF4OwrYQrgieCL4I1cX6Zh8Z2kZ9zBgfjSevW2EYDDMUJ/Vv1uCoGfWZ5+VAVesa/fPA4WldBcMjre8hn/RGtcTY/9XcPL+1dv82drr/TpadtQFstxxgZ3L2GQsLUiQnuvd6di6QOxdlZCy+1dX5JV/iD+p9szz1FUP2hnl051N/ir8w3DD8SVnJZ3nVVKL+28poPLnV67e6QTd44/vVu+5t173jV6QRqbjG/4rSny7P8y+9kwQ2s/GuFUVDT8X03VdxmeNy6X8c5eu4JN6Fm9oLeQuGZvrH5VOosrWyeIIgiD1yDUx6svTlROjbJB2IY//hnuskCIIgCIIgCIIgCGJ7jgIAAP//nx9gWA==") r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet(0xa, 0x801, 0x84) connect$inet(r1, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4080) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f0000002200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000980)='./file0\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) chroot(&(0x7f0000000180)='./file0\x00') openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r5 = accept4(r1, 0x0, 0x0, 0x0) sendto$inet(r5, 0x0, 0x0, 0x880, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 16.452914378s ago: executing program 1 (id=588): socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2404c004}, 0x24000040) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setreuid(0xee01, 0xee01) setpriority(0x1, 0x0, 0x8000000000000001) chdir(&(0x7f0000000100)='./file1\x00') 14.82556229s ago: executing program 1 (id=590): prlimit64(0x0, 0xe, 0x0, 0x0) syz_mount_image$xfs(&(0x7f0000009800), &(0x7f0000009840)='./file1\x00', 0x0, &(0x7f0000000040)={[{@pqnoenforce}, {@noquota}, {@nouuid}, {@usrquota}, {@uquota}, {@dax_never}, {@noikeep}]}, 0x1, 0x985b, &(0x7f000001c900)="$eJzs3QW4ZXXBsP0zw9CNhYEMjUU3BqEggoCElBLSkgJKGIAIAqKApKAIKFIiSIl0d3d3d3d81zAzOo43PD7v+3wvPt73fV1n9t5rr73O2v/fWuuczTrsveIiyy40MDDJwPBGXv69Q1/+5NFbvrzQTsdef8RLix6++NEjJo81/GLI0BGXU424nHpgYGDQiOUMGj5t8JATTxo8MM7AwOBRlzvBuOMPmmBgYK0RNxcYcTn38IsJrxk531ujxSs6bDUG7Tr8a/g3HRgYGHfYlWcGZl5h1OWMWK9Z/umJSltxwUUX+bvV39yGjd+QEddH/Rpr+NeElw0MTHjpAG8fg97bZ/T2959k7wtWWvk9Xo//Fa244KKLjeY/bF8cY8S0uYft46Pvg8ZG386Hzn3HyGPQIDxw/i9pxQUXWWLgnY/zA6u+edDmb7193Bw83sDA4PEHBgZPMDAweMKBgcETDQwMnvi9dqn/u97Tja+qqqrekxZcaPaFhr3eG+33gXFG/l5Lvxeu8sZSdwwMDIw5fJ7Bc418LVhVVVVVVVVV/54tuNDsC8Pr/0ne7fX/Cae+OmOv/6uqqqqqqqr+97TYggvNPux1/Giv/yd/t9f/2z3w4oYj/vZ/7uGPevO9fRJVVVVVVVVV9a4t89W3X/+PP9rr/6Hv9vr/4fl3eXDEfCP/u8Eboyxy0Ch/T/DaKNPHGGX+V0eZPmSU6aPOP9bAwOAhI6a//vfJg8cbdt8/zz94kmHrPWL6K6NMn+Xv/3/zkGlHmT7rKNOnH2X6bCPWddj0GUaZPuco88/4r4xtVVVVVVVVVVVVVVVVVVXV/6vefOLUM//+nu8fHxjl/dv/9j7uI/4uYNBxZ1999Xu2ov8eDfrnv4fY7r1ep//bhjmPc9TQgYGNl3+vV6Xeg97rz2uo97b83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y1/cO5z//9v7/09x+Foj/5/5uQ/dfcqJRn3s+qNcH+f/6Vq/Z/2nnv8fWH/QwMAI30mGuS654DLLzTgwMDDRlLsfOsfA3+6bZ9h98082xog3SBj+NgjTDeEFbzfiU9G3GzHriGUc9/byF3vrkDEGjbYSozTpyYcdtt6KL80x+uX07/w8Bo+88oFLtlp45HtZDB5tpnfaTkcuf+RzGd15xLrPOGzdZ95io01n3nzrbT6z/kZrrLv2umtvPO/cc88z59xzzTvbzOusv+Haswz/953GbOjb/07zr4zZ5KOP2RMLjjpmoz+3dxqzoe8+Zm8vcey9Vttg5JiNvmr/1ZhN8+5jNnT9Ed9oyNAxB1Z/e2wGDQwMmXbMga2G3Zh17IGBIdONmHfyYfN+drLBAwN7/P2JDrs29t+2wUHbDZtnxUWWXejvH7v/zx+//w6fZz/W8IshI4ZkyFQjLqce/m0mGfj7pjh4yIknDR723P9hmCcYd/xBEwwMrDXi5gIjLucdce+VI+d7h89ZH21F336blV2Hf/3NY9xhV45ZeuKbRl3OOxD8T/R/9PP/n7zmGfS3gRo04mvEPMO9Flx0sb9/r7eHYYGR7wkz7GfLMJP/i4+x/y/7p/UdOs7bb3L7Tuv7Lu+LO/z5w/Y1/WPnDf2fel9cPnYs8fa/Q/+VY8fAux87xvj71b9PXfuKKUY/diz+zqv4D/vFyDEae7SZ3unYMeP+C2779rHp3Y8dS6w/4oOG/n7sGDwwMGSakceOYQeS6ccc2GPYjdmG3ZhhzIEjht2Y/e0b4w6cPezGTGtusuFag95+254Ry51l2HIXmGzQ20/+6pkXPHqMvd96a9oR6zLLaAfWEdvH0FF/Pi442fBhG/lYWu7dWwy/b/oRy531v7HckY+l5c6z2fD7Zhix3NlGW+4Y77LckY8duT8Mm/Xt/WHGQf/wh5+w/y4y2v47aORhfZSHjPwaa/jXhJeN/Gwo2F/+W8cd2n8neZf1fZfPtcLtbdi0HZa84tT/qc+1ovUd593X950+h/sd13eDcbda6n9gfQeNsr7/sJ1tOt/wbWXGEdvZnP+N7XfkY0c/jo359r3DGWb8V45jC/zTcWz7MQaPtvKj9E6/A60F8w+/PvnfljbvkWNMPHLsxxxtuf/V70AzvvtxbJL1R3vcIgcPDKIxf/jxw9Yb+78Y8zEH/vF39ZFjPvKx7zbmM/zzmA/6pzGf593H/F/9vXPGaYbfP8a7jPngnTdfcuSYj/XfHPMZ/rtjvsDAGDTmexwwfNze7Xj6TmM+8rH/OOZDBr40MDAw7Ygxn/5f2c5n+Z/ZzseD+Ydff+Bvky6Z4ozdRjnGDPrvjPn0/90xH/q37Xzat++bevDAWGMNbLXGFltsNuvwf0fenG34v3wsevr+4eP8bj9L38lo5GPfbb+Y9l8xGvo/Y/SRIf88/8gXHSNvL3/2MZP+nx6Lpv3vGQ1aZICPRadcNHzc3u33onca85GPpZ+DQ0d5/Oiv697l/SjxOQ2btt/++9w+cpEjHtb7Uf7r/cNmO/K/8a0/+kG+/lPrv/+7y99d/u7yd5e/uHc4//+39/9/eJJlHxvxInnMPedbd833en3f4/6jz/+P8P2H8/9rrjvfnsNeCo64713Pzw6f59/y/Ozcwy8mvGbkfKOfH+QVfefzszPsNdMyA/9vzs/+HzVyX/0XXsd3/HeXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/mLe4fz/yP/RnnogW/cv92IE6Fj7rvPmm+81+v7Hvcfff5/hO8/nP9/Y8199h088Lf73vX8//B5HOf/lzpw75MG/o3P/4/cVzv/X/9F+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/uHc4/7/AyL8DmGu1dXYd+fcAG8/6hR3f6/V9j/tPPf/f5/976/jvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yFzfi/P/AaB/ruHTbBQbn//939w7+X8sfs/gvkz9m8V82f8ziv1z+mMV/+fwxi//X88cs/ivkj1n8V8wfs/ivlD9m8V85f8ziv0r+mMX/G/ljFv9v5o9Z/FfNH7P4r5Y/ZvFfPX/M4r9G/pjF/1v5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvFfN3/M4r9e/pjFf/38MYv/t/PHLP4b5I9Z/DfMH7P4b5Q/ZvHfOH/M4r9J/pjFf9P8MYv/d/LHLP6b5Y9Z/DfPH7P4b5E/ZvH/bv6Yxf97+WMW/y3zxyz+W+WPWfy3zh+z+G+TP2bx/37+mMX/B/ljFv8fju6/4ub/b9fr3zSL/4/a/zGL/7b5Yxb/7fLHLP7b549Z/H+cP2bx3yF/zOL/k/wxi/+O+WMW/53yxyz+P80fs/jvnD9m8d8lf8ziv2v+mMX/Z/ljFv/d8scs/j/PH7P4/yJ/zOK/e/6YxX+P/DGL/575Yxb/X+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/X+WPWfwPyB+z+B+YP2bx/3X+mMX/N/ljFv+D8scs/r/NH7P4H5w/ZvE/JH/M4n9o/pjF/3f5Yxb/3+ePWfwPyx+z+P8hf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfz/mD9m8T8mf8zi/6f8MYv/sfljFv/j8scs/n/OH7P4H58/ZvE/IX/M4n9i/pjF/6T8MYv/yfljFv+/5I9Z/E/JH7P4/zV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+V+aPWfyvyh+z+F+dP2bxvyZ/zOJ/bf6Yxf+6/DGL//X5Yxb/G/LHLP435o9Z/G/KH7P435w/ZvG/JX/M4n9r/pjF/7b8MYv/7fljFv878scs/nfmj1n878ofs/jfnT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+D+aPWfwfyh+z+D+cP2bxfyR/zOL/aP6Yxf+x/DGL/+P5Yxb/J/LHLP5P5o9Z/J/KH7P4P50/ZvF/Jn/M4v9s/pjF/7n8MYv/8/ljFv8X8scs/i/mj1n8X8ofs/i/nD9m8X8lf8zi/2r+mMX/tfwxi//r+WMW/zfyxyz+b+aPWfzfyh+T+A8ayB+z+A/KH7P4D84fs/iPkT9m8R+SP2bxHzN/zOI/Vv6YxX/s/DGL/zj5Yxb/cfPHLP7j5Y9Z/MfPH7P4T5A/ZvGfMH/M4j9R/pjFf+L8MYv/JPljFv9J88cs/pPlj1n835c/ZvF/f/6Yxf8D+WMW/w/mj1n8P5Q/ZvGfPH/M4v/h/DGL/0fyxyz+H80fs/h/LH/M4j9F/pjF/+P5Yxb/KfPHLP5D88cs/lPlj1n8p84fs/hPkz9m8Z82f8ziP13+mMV/+vwxi/8M+WMW/xnzxyz+n8gfs/h/Mn/M4v+p/DGL/6fzxyz+n8kfs/jPlD9m8Z85f8ziP0v+mMV/1vwxi/9s+WMW/9nzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP6fzR+z+H8uf8zi//n8MYv/F/LHLP4L5I9Z/BfMH7P4L5Q/ZvFfOH/M4v/F/DGL/5fyxyz+i+SPWfwXzR+z+H85f8ziv1j+mMX/K/ljFv/F88cs/kvkj1n8v5o/ZvFfMn/M4r9U/pjFf+n8MYv/1/LHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4v/1/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4r5I/ZvH/Rv6Yxf+b+WMW/1Xzxyz+q+WPWfxXzx+z+K+RP2bx/1b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfzXzR+z+K+XP2bxXz9/zOL/7fwxi/8G+WMW/w3zxyz+G+WPWfw3zh+z+G+SP2bx3zR/zOL/nfwxi/9m+WMW/83zxyz+W+SPWfy/mz9m8f9e/pjFf8v8MYv/VvljFv+t88cs/tvkj1n8v58/ZvH/Qf6Yxf+H+WMW/x/lj1n8t80fs/hvlz9m8d8+f8zi/+P8MYv/DvljFv+f5I9Z/HfMH7P475Q/ZvH/af6YxX/n/DGL/y75Yxb/XfPHLP4/yx+z+O+WP2bx/3n+mMX/F/ljFv/d88cs/nvkj1n898wfs/j/Mn/M4r9X/pjFf+/8MYv/PvljFv9988cs/vvlj1n8988fs/j/Kn/M4n9A/pjF/8D8MYv/r/PHLP6/yR+z+B+UP2bx/23+mMX/4Pwxi/8h+WMW/0Pzxyz+v8sfs/j/Pn/M4n9Y/pjF/w/5Yxb/w/PHLP5H5I9Z/I/MH7P4H5U/ZvE/On/M4v/H/DGL/zH5Yxb/P+WPWfyPzR+z+B+XP2bx/3P+mMX/+Pwxi/8J+WMW/xPzxyz+J+WPWfxPzh+z+P8lf8zif0r+mMX/r/ljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvG/Mn/M4n9V/pjF/+r8MYv/NfljFv9r88cs/tflj1n8r88fs/jfkD9m8b8xf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+t+WPWfxvzx+z+N+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvF/MH/M4v9Q/pjF/+H8MYv/I/ljFv9H88cs/o/lj1n8H88fs/g/kT9m8X8yf8zi/1T+mMX/6fwxi/8z+WMW/2fzxyz+z+WPWfyfzx+z+L+QP2bxfzF/zOL/Uv6Yxf/l/DGL/yv5Yxb/V/PHLP6v5Y9Z/F/PH7P4v5E/ZvF/M3/M4v9W/pjE/+2r+f9zFv9B+WMW/8H5Yxb/MfLHLP5D8scs/mPmj1n8x8ofs/iPnT9m8R8nf8ziP27+mMV/vPwxi//4+WMW/wnyxyz+E+aPWfwnyh+z+E+cP2bxnyR/zOI/af6YxX+y/DGL//vyxyz+788fs/h/IH/M4v/B/DGL/4fyxyz+k+ePWfw/nD9m8f9I/pjF/6P5Yxb/j+WPWfynyB+z+H88f8ziP2X+mMV/aP6YxX+q/DGL/9T5Yxb/afLHLP7T5o9Z/KfLH7P4T58/ZvGfIX/M4j9j/pjF/xP5Yxb/T+aPWfw/lT9m8f90/pjF/zP5Yxb/mfLHLP4z549Z/GfJH7P4z5o/ZvGfLX/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMX/s/ljFv/P5Y9Z/D+fP2bx/0L+mMV/gfwxi/+C+WMW/4Xyxyz+C+ePWfy/mD9m8f9S/pjFf5H8MYv/ovljFv8v549Z/BfLH7P4fyV/zOK/eP6YxX+J/DGL/1fzxyz+S+aPWfyXyh+z+C+dP2bx/1r+mMV/mfwxi/+y+WMW/+Xyxyz+y+ePWfy/nj9m8V8hf8ziv2L+mMV/pfwxi//K+WMW/1Xyxyz+38gfs/h/M3/M4r9q/pjFf7X8MYv/6vljFv818scs/t/KH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv/18scs/uvnj1n8v50/ZvHfIH/M4r9h/pjFf6P8MYv/xvljFv9N8scs/pvmj1n8v5M/ZvHfLH/M4r95/pjFf4v8MYv/d/PHLP7fyx+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL//fzxyz+P8gfs/j/MH/M4v+j/DGL/7b5Yxb/7fLHLP7b549Z/H+cP2bx3yF/zOL/k/wxi/+O+WMW/53yxyz+P80fs/jvnD9m8d8lf8ziv2v+mMX/Z/ljFv/d8scs/j/PH7P4/yJ/zOK/e/6YxX+P/DGL/575Yxb/X+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/X+WPWfwPyB+z+B+YP2bx/3X+mMX/N/ljFv+D8scs/r/NH7P4H5w/ZvE/JH/M4n9o/pjF/3f5Yxb/3+ePWfwPyx+z+P8hf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfz/mD9m8T8mf8zi/6f8MYv/sfljFv/j8scs/n/OH7P4H58/ZvE/IX/M4n9i/pjF/6T8MYv/yfljFv+/5I9Z/E/JH7P4/zV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+V+aPWfyvyh+z+F+dP2bxvyZ/zOJ/bf6Yxf+6/DGL//X5Yxb/G/LHLP435o9Z/G/KH7P435w/ZvG/JX/M4n9r/pjF/7b8MYv/7fljFv878scs/nfmj1n878ofs/jfnT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+D+aPWfwfyh+z+D+cP2bxfyR/zOL/aP6Yxf+x/DGL/+P5Yxb/J/LHLP5P5o9Z/J/KH7P4P50/ZvF/Jn/M4v9s/pjF/7n8MYv/8/ljFv8X8scs/i/mj1n8X8ofs/i/nD9m8X8lf8zi/2r+mMX/tfwxi//r+WMW/zfyxyz+b+aPWfzfyh+T+I8xkD9m8R+UP2bxH5w/ZvEfI3/M4j8kf8ziP2b+mMV/rPwxi//Y+WMW/3Hyxyz+4+aPWfzHyx+z+I+fP2bxnyB/zOI/Yf6YxX+i/DGL/8T5Yxb/SfLHLP6T5o9Z/CfLH7P4vy9/zOL//vwxi/8H8scs/h/MH7P4fyh/zOI/ef6Yxf/D+WMW/4/kj1n8P5o/ZvH/WP6YxX+K/DGL/8fzxyz+U+aPWfyH5o9Z/KfKH7P4T50/ZvGfJn/M4j9t/pjFf7r8MYv/9PljFv8Z8scs/jPmj1n8P5E/ZvH/ZP6Yxf9T+WMW/0/nj1n8P5M/ZvGfKX/M4j9z/pjFf5b8MYv/rPljFv/Z8scs/rPnj1n858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW//nyxyz+8+ePWfw/mz9m8f9c/pjF//P5Yxb/L+SPWfwXyB+z+C+YP2bxXyh/zOK/cP6Yxf+L+WMW/y/lj1n8F8kfs/gvmj9m8f9y/pjFf7H8MYv/V/LHLP6L549Z/JfIH7P4fzV/zOK/ZP6YxX+p/DGL/9L5Yxb/r/3d/9W3hveerN6/Wxb/Zdr/MYv/svljFv/l8scs/svnj1n8v54/ZvFfIX/M4r9i/pjFf6X8MYv/yvljFv9V8scs/t/IH7P4fzN/zOK/av6YxX+1/DGL/+r5Yxb/NfLHLP7fyh+z+K+ZP2bxXyt/zOK/dv6YxX+d/DGL/7r5Yxb/9fLHLP7r549Z/L+dP2bx3yB/zOK/Yf6YxX+j/DGL/8b5Yxb/TfLHLP6b5o9Z/L+TP2bx3yx/zOK/ef6YxX+L/DGL/3fzxyz+38sfs/hvmT9m8d8qf8ziv3X+mMV/m/wxi//388cs/j/IH7P4/zB/zOL/o/wxi/+2+WMW/+3yxyz+2+ePWfx/nD9m8d8hf8zi/5P8MYv/jvljFv+d8scs/j/NH7P475w/ZvHfJX/M4r9r/pjF/2f5Yxb/3fLHLP4/zx+z+P8if8ziv3v+mMV/j/wxi/+e+WMW/1/mj1n898ofs/jvnT9m8d8nf8ziv2/+mMV/v/wxi//++WMW/1/lj1n8D8gfs/gfmD9m8f91/pjF/zf5Yxb/g/LHLP6/zR+z+B+cP2bxPyR/zOJ/aP6Yxf93+WMW/9/nj1n8D8sfs/j/IX/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8/5g/ZvE/Jn/M4v+n/DGL/7H5Yxb/4/LHLP5/zh+z+B+fP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/v+SPWfxPyR+z+P81f8zif2r+mMX/tPwxi//p+WMW/zPyxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP4X5o9Z/C/KH7P4X5w/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/hfnT9m8b8mf8zif23+mMX/uvwxi//1+WMW/xvyxyz+N+aPWfxvyh+z+N+cP2bxvyV/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP535o9Z/O/KH7P4350/ZvG/J3/M4n9v/pjF/778MYv//fljFv8H8scs/g/mj1n8H8ofs/g/nD9m8X8kf8zi/2j+mMX/sfwxi//j+WMW/yes/uO++90W/yet/v9FFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+L+WMW/5fyxyz+L+ePWfxfyR+z+L+aP2bxfy1/zOL/ev6Yxf+N/DGL/5v5Yxb/t/LHJP5DBvLHLP6D8scs/oPzxyz+Y+SPWfyH5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv/x88cs/hPkj1n8J8wfs/hPlD9m8Z84f8ziP0n+mMV/0vwxi/9k+WMW//flj1n8358/ZvH/QP6Yxf+D+WMW/w/lj1n8J88fs/h/OH/M4v+R/DGL/0fzxyz+H8sfs/hPkT9m8f94/pjFf8r8MYv/0Pwxi/9U+WMW/6nzxyz+0+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6YxX/G/DGL/yfyxyz+n8wfs/h/Kn/M4v/p/DGL/2fyxyz+M+WPWfxnzh+z+M+SP2bxnzV/zOI/W/6YxX/2/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/Z/PHLP6fyx+z+H8+f8zi/4X8MYv/AvljFv8F88cs/gvlj1n8F84fs/h/MX/M4v+l/DGL/yL5Yxb/RfPHLP5fzh+z+C+WP2bx/0r+mMV/8fwxi/8S+WMW/6/mj1n8l8wfs/gvlT9m8V86f8zi/7X8MYv/MvljFv9l88cs/svlj1n8l88fs/h/PX/M4r9C/pjFf8X8MYv/SvljFv+V88cs/qvkj1n8v5E/ZvH/Zv6YxX/V/DGL/2r5Yxb/1fPHLP5r5I9Z/L+VP2bxXzN/zOK/Vv6YxX/t/DGL/zr5Yxb/dfPHLP7r5Y9Z/NfPH7P4fzt/zOK/Qf6YxX/D/DGL/0b5Yxb/jfPHLP6b5I9Z/DfNH7P4fyd/zOK/Wf6YxX/z/DGL/xb5Yxb/7+aPWfy/lz9m8d8yf8ziv1X+mMV/6/wxi/82+WMW/+/nj1n8f5A/ZvH/Yf6Yxf9H+WMW/23zxyz+2+WPWfy3zx+z+P84f8ziv0P+mMX/J/ljFv8d88cs/jvlj1n8f5o/ZvHfOX/M4r9L/pjFf9f8MYv/z/LHLP675Y9Z/H+eP2bx/0X+mMV/9/wxi/8e+WMW/z3zxyz+v8wfs/jvlT9m8d87f8ziv0/+mMV/3/wxi/9++WMW//3zxyz+v8ofs/gfkD9m8T8wf8zi/+v8MYv/b/LHLP4H5Y9Z/H+bP2bxPzh/zOJ/SP6Yxf/Q/DGL/+/yxyz+v88fs/gflj9m8f9D/pjF//D8MYv/EfljFv8j88cs/kflj1n8j84fs/j/MX/M4n9M/pjF/0/5Yxb/Y/PHLP7H5Y9Z/P+cP2bxPz5/zOJ/Qv6Yxf/E/DGL/0n5Yxb/k/PHLP5/yR+z+J+SP2bx/2v+mMX/1Pwxi/9p+WMW/9Pzxyz+Z+SPWfzPzB+z+J+VP2bxPzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/C/MH7P4X5Q/ZvG/OH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8r8wfs/hflT9m8b86f8zif03+mMX/2vwxi/91+WMW/+vzxyz+N+SPWfxvzB+z+N+UP2bxvzl/zOJ/S/6Yxf/W/DGL/235Yxb/2/PHLP535I9Z/O/MH7P435U/ZvG/O3/M4n9P/pjF/978MYv/ffljFv/788cs/g/kj1n8H8wfs/g/lD9m8X84f8zi/0j+mMX/0fwxi/9j+WMW/8fzxyz+T+SPWfyfzB+z+D+VP2bxfzp/zOL/TP6Yxf/Z/DGL/3P5Yxb/5/PHLP4v5I9Z/F/MH7P4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljFv/X88cs/m/kj1n838wfs/i/lT8m8R9zIH/M4j8of8ziPzh/zOI/Rv6YxX9I/pjFf8z8MYv/WPljFv+x88cs/uPkj1n8x80fs/iPlz9m8R8/f8ziP0H+mMV/wvwxi/9E+WMW/4nzxyz+k+SPWfwnzR+z+E+WP2bxf1/+mMX//fljFv8P5I9Z/D+YP2bx/1D+mMV/8vwxi/+H88cs/h/JH7P4fzR/zOL/sfwxi/8U+WMW/4/nj1n8p8wfs/gPzR+z+E+VP2bxnzp/zOI/Tf6YxX/a/DGL/3T5Yxb/6fPHLP4z5I9Z/GfMH7P4fyJ/zOL/yfwxi/+n8scs/p/OH7P4fyZ/zOI/U/6YxX/m/DGL/yz5Yxb/WfPHLP6z5Y9Z/GfPH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/h/Nn/M4v+5/DGL/+fzxyz+X8gfs/gvkD9m8V8wf8ziv1D+mMV/4fwxi/8X88cs/l/KH7P4L5I/ZvFfNH/M4v/l/DGL/2L5Yxb/r+SPWfwXzx+z+C+RP2bx/2r+mMV/yfwxi/9S+WMW/6Xzxyz+X8sfs/gvkz9m8V82f8ziv1z+mMV/+fwxi//X88cs/ivkj1n8V8wfs/ivlD9m8V85f8ziv0r+mMX/G/ljFv9v5o9Z/FfNH7P4r5Y/ZvFfPX/M4r9G/pjF/1v5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvFfN3/M4r9e/pjFf/38MYv/t/PHLP4b5I9Z/DfMH7P4b5Q/ZvHfOH/M4r9J/pjFf9P8MYv/d/LHLP6b5Y9Z/DfPH7P4b5E/ZvH/bv6Yxf97+WMW/y3zxyz+W+WPWfy3zh+z+G+TP2bx/37+mMX/B/ljFv8f5o9Z/H+UP2bx3zZ/zOK/Xf6YxX/7/DGL/4/zxyz+O+SPWfx/kj9m8d8xf8ziv1P+mMX/p/ljFv+d88cs/rvkj1n8d80fs/j/LH/M4r9b/pjF/+f5Yxb/X+SPWfx3zx+z+O+RP2bx3zN/zOL/y/wxi/9e+WMW/73zxyz+++SPWfz3zR+z+O+XP2bx3z9/zOL/q/wxi/8B+WMW/wPzxyz+v84fs/j/Jn/M4n9Q/pjF/7f5Yxb/g/PHLP6H5I9Z/A/NH7P4/y5/zOL/+/wxi/9h+WMW/z/kj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8f88cs/sfkj1n8/5Q/ZvE/Nn/M4n9c/pjF/8/5Yxb/4/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4v+X/DGL/yn5Yxb/v+aPWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf/M/DGL/1n5Yxb/s/PHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF/8L8MYv/RfljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/6vzxyz+1+SPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMX/wfwxi/9D+WMW/4fzxyz+j+SPWfwfzR+z+D+WP2bxfzx/zOL/RP6Yxf/J/DGL/1P5Yxb/p/PHLP7P5I9Z/J/NH7P4P5c/ZvF/Pn/M4v9C/pjF/8X8MYv/S/ljFv+X88cs/q/kj1n8X80fs/i/lj9m8X89f8zi/0b+mMX/zfwxi/9b+WMS/7EG8scs/oPyxyz+g/PHLP5j5I9Z/Ifkj1n8x8wfs/iPlT9m8R87f8ziP07+mMV/3Pwxi/94+WMW//Hzxyz+E+SPWfwnzB+z+E+UP2bxnzh/zOI/Sf6YxX/S/DGL/2T5Yxb/9+WPWfzfnz9m8f9A/pjF/4P5Yxb/D+WPWfwnzx+z+H84f8zi/5H8MYv/R/PHLP4fyx+z+E+RP2bx/3j+mMV/yvwxi//Q/DGL/1T5Yxb/qfPHLP7T5I9Z/KfNH7P4T5c/ZvGfPn/M4j9D/pjFf8b8MYv/J/LHLP6fzB+z+H8qf8zi/+n8MYv/Z/LHLP4z5Y9Z/GfOH7P4z5I/ZvGfNX/M4j9b/pjFf/b8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz9m8Z83f8ziP1/+mMV//vwxi/9n88cs/p/LH7P4fz5/zOL/hfwxi/8C+WMW/wXzxyz+C+WPWfwXzh+z+H8xf8zi/6X8MYv/IvljFv9F88cs/l/OH7P4L5Y/ZvH/Sv6YxX/x/DGL/xL5Yxb/r+aPWfyXzB+z+C+VP2bxXzp/zOL/tfwxi/8y+WMW/2Xzxyz+y+WPWfyXzx+z+H89f8ziv0L+mMV/xfwxi/9K+WMW/5Xzxyz+q+SPWfy/kT9m8f9m/pjFf9X8MYv/avljFv/V88cs/mvkj1n8v5U/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv9188cs/uvlj1n8188fs/h/O3/M4r9B/pjFf8P8MYv/RvljFv+N88cs/pvkj1n8N80fs/h/J3/M4r9Z/pjFf/P8MYv/FvljFv/v5o9Z/L+XP2bx3zJ/zOK/Vf6YxX/r/DGL/zb5Yxb/7+ePWfx/kD9m8f9h/pjF/0f5Yxb/bfPHLP7b5Y9Z/LfPH7P4/zh/zOK/Q/6Yxf8n+WMW/x3zxyz+O+WPWfx/mj9m8d85f8ziv0v+mMV/1/wxi//P8scs/rvlj1n8f54/ZvH/Rf6YxX/3/DGL/x75Yxb/PfPHLP6/zB+z+O+VP2bx3zt/zOK/T/6YxX/f/DGL/375Yxb//fPHLP6/yh+z+B+QP2bxPzB/zOL/6/wxi/9v8scs/gflj1n8f5s/ZvE/OH/M4n9I/pjF/9D8MYv/7/LHLP6/zx+z+B+WP2bx/0P+mMX/8Pwxi/8R+WMW/yPzxyz+R+WPWfyPzh+z+P8xf8zif0z+mMX/T/ljFv9j88cs/sflj1n8/5w/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/n/JH7P4n5I/ZvH/a/6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8L8wfs/hflD9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bxvzp/zOJ/Tf6Yxf/a/DGL/3X5Yxb/6/PHLP435I9Z/G/MH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/bfljFv/b88cs/nfkj1n878wfs/jflT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+D+SPWfwfzB+z+D+UP2bxfzh/zOL/SP6Yxf/R/DGL/2P5Yxb/x/PHLP5P5I9Z/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+z+L+VPybxH3sgf8ziPyh/zOI/OH/M4j9G/pjFf0j+mMV/zPwxi/9Y+WMW/7Hzxyz+4+SPWfzHzR+z+I+XP2bxHz9/zOI/Qf6YxX/C/DGL/0T5Yxb/ifPHLP6T5I9Z/CfNH7P4T5Y/ZvF/X/6Yxf/9+WMW/w/kj1n8P5g/ZvH/UP6YxX/y/DGL/4fzxyz+H8kfs/h/NH/M4v+x/DGL/xT5Yxb/j+ePWfynzB+z+A/NH7P4T5U/ZvGfOn/M4j9N/pjFf9r8MYv/dPljFv/p88cs/jPkj1n8Z8wfs/h/In/M4v/J/DGL/6fyxyz+n84fs/h/Jn/M4j9T/pjFf+b8MYv/LPljFv9Z88cs/rPlj1n8Z88fs/jPkT9m8Z8zf8ziP1f+mMV/7vwxi/88+WMW/3nzxyz+8+WPWfznzx+z+H82f8zi/7n8MYv/5/PHLP5fyB+z+C+QP2bxXzB/zOK/UP6YxX/h/DGL/xfzxyz+X8ofs/gvkj9m8V80f8zi/+X8MYv/YvljFv+v5I9Z/BfPH7P4L5E/ZvH/av6YxX/J/DGL/1L5Yxb/pfPHLP5fyx+z+C+TP2bxXzZ/zOK/XP6YxX/5/DGL/9fzxyz+K+SPWfxXzB+z+K+UP2bxXzl/zOK/Sv6Yxf8b+WMW/2/mj1n8V80fs/ivlj9m8V89f8ziv0b+mMX/W/ljFv8188cs/mvlj1n8184fs/ivkz9m8V83f8ziv17+mMV//fwxi/+388cs/hvkj1n8N8wfs/hvlD9m8d84f8ziv0n+mMV/0/wxi/938scs/pvlj1n8N88fs/hvkT9m8f9u/pjF/3v5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvH/fv6Yxf8H+WMW/x/mj1n8f5Q/ZvHfNn/M4r9d/pjFf/v8MYv/j/PHLP475I9Z/H+SP2bx3zF/zOK/U/6Yxf+n+WMW/53zxyz+u+SPWfx3zR+z+P8sf8ziv1v+mMX/5/ljFv9f5I9Z/HfPH7P475E/ZvHfM3/M4v/L/DGL/175Yxb/vfPHLP775I9Z/PfNH7P475c/ZvHfP3/M4v+r/DGL/wH5Yxb/A/PHLP6/zh+z+P8mf8zif1D+mMX/t/ljFv+D88cs/ofkj1n8D80fs/j/Ln/M4v/7/DGL/2H5Yxb/P+SPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/x/zxyz+x+SPWfz/lD9m8T82f8zif1z+mMX/z/ljFv/j88cs/ifkj1n8T8wfs/iflD9m8T85f8zi/5f8MYv/KfljFv+/5o9Z/E/NH7P4n5Y/ZvE/PX/M4n9G/pjF/8z8MYv/WfljFv+z88cs/ufkj1n8z80fs/iflz9m8T8/f8zif0H+mMX/wvwxi/9F+WMW/4vzxyz+l+SPWfwvzR+z+F+WP2bxvzx/zOJ/Rf6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/zOL/Rv6Yxf/N/DGL/1v5YxL/cQbyxyz+g/LHLP6D88cs/mPkj1n8h+SPWfzHzB+z+I+VP2bxHzt/zOI/Tv6YxX/c/DGL/3j5Yxb/8fPHLP4T5I9Z/CfMH7P4T5Q/ZvGfOH/M4j9J/pjFf9L8MYv/ZPljFv/35Y9Z/N+fP2bx/0D+mMX/g/ljFv8P5Y9Z/CfPH7P4fzh/zOL/kfwxi/9H88cs/h/LH7P4T5E/ZvH/eP6YxX/K/DGL/9D8MYv/VPljFv+p88cs/tPkj1n8p80fs/hPlz9m8Z8+f8ziP0P+mMV/xvwxi/8n8scs/p/MH7P4fyp/zOL/6fwxi/9n8scs/jPlj1n8Z84fs/jPkj9m8Z81f8ziP1v+mMV/9vwxi/8c+WMW/znzxyz+c+WPWfznzh+z+M+TP2bxnzd/zOI/X/6YxX/+/DGL/2fzxyz+n8sfs/h/Pn/M4v+F/DGL/wL5Yxb/BfPHLP4L5Y9Z/BfOH7P4fzF/zOL/pfwxi/8i+WMW/0Xzxyz+X84fs/gvlj9m8f9K/pjFf/H8MYv/EvljFv+v5o9Z/JfMH7P4L5U/ZvFfOn/M4v+1/DGL/zL5Yxb/ZfPHLP7L5Y9Z/JfPH7P4fz1/zOK/Qv6YxX/F/DGL/0r5Yxb/lfPHLP6r5I9Z/L+RP2bx/2b+mMV/1fwxi/9q+WMW/9Xzxyz+a+SPWfy/lT9m8V8zf8ziv1b+mMV/7fwxi/86+WMW/3Xzxyz+6+WPWfzXzx+z+H87f8ziv0H+mMV/w/wxi/9G+WMW/43zxyz+m+SPWfw3zR+z+H8nf8ziv1n+mMV/8/wxi/8W+WMW/+/mj1n8v5c/ZvHfMn/M4r9V/pjFf+v8MYv/NvljFv/v549Z/H+QP2bx/2H+mMX/R/ljFv9t88cs/tvlj1n8t88fs/j/OH/M4r9D/pjF/yf5Yxb/HfPHLP475Y9Z/H+aP2bx3zl/zOK/S/6YxX/X/DGL/8/yxyz+u+WPWfx/nj9m8f9F/pjFf/f8MYv/HvljFv8988cs/r/MH7P475U/ZvHfO3/M4r9P/pjFf9/8MYv/fvljFv/988cs/r/KH7P4H5A/ZvE/MH/M4v/r/DGL/2/yxyz+B+WPWfx/mz9m8T84f8zif0j+mMX/0Pwxi//v8scs/r/PH7P4H5Y/ZvH/Q/6Yxf/w/DGL/xH5Yxb/I/PHLP5H5Y9Z/I/OH7P4/zF/zOJ/TP6Yxf9P+WMW/2Pzxyz+x+WPWfz/nD9m8T8+f8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+f8kfs/ifkj9m8f9r/pjF/9T8MYv/afljFv/T88cs/mfkj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4X5U/ZvG/On/M4n9N/pjF/9r8MYv/dfljFv/r88cs/jfkj1n8b8wfs/jflD9m8b85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+d+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/B/MH7P4P5Q/ZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5Yxb/1/PHLP5v5I9Z/N/MH7P4v5U/JvEfdyB/zOI/KH/M4j84f8ziP0b+mMV/SP6YxX/M/DGL/1j5Yxb/sfPHLP7j5I9Z/MfNH7P4j5c/ZvEfP3/M4j9B/pjFf8L8MYv/RPljFv+J88cs/pPkj1n8J80fs/hPlj9m8X9f/pjF//35Yxb/D+SPWfw/mD9m8f9Q/pjFf/L8MYv/h/PHLP4fyR+z+H80f8zi/7H8MYv/FPljFv+P549Z/KfMH7P4D80fs/hPlT9m8Z86f8ziP03+mMV/2vwxi/90+WMW/+nzxyz+M+SPWfxnzB+z+H8if8zi/8n8MYv/p/LHLP6fzh+z+H8mf8ziP1P+mMV/5vwxi/8s+WMW/1nzxyz+s+WPWfxnzx+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4fzZ/zOL/ufwxi//n88cs/l/IH7P4L5A/ZvFfMH/M4r9Q/pjFf+H8MYv/F/PHLP5fyh+z+C+SP2bxXzR/zOL/5fwxi/9i+WMW/6/8K/6D/39cr3/TLP6Lt/9jFv8l8scs/l/NH7P4L5k/ZvFfKn/M4r90/pjF/2v5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvH/ev6YxX+F/DGL/4r5Yxb/lfLHLP4r549Z/FfJH7P4fyN/zOL/zfwxi/+q+WMW/9Xyxyz+q+ePWfzXyB+z+H8rf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfzXyx+z+K+fP2bx/3b+mMV/g/wxi/+G+WMW/43yxyz+G+ePWfw3yR+z+G+aP2bx/07+mMV/s/wxi//m+WMW/y3yxyz+380fs/h/L3/M4r9l/pjFf6v8sf9Q/7epR/XfOn/sP9T/7Ub13yZ/zOL//fwxi/8P8scs/j/MH7P4/yh/zOK/bf6YxX+7/DGL//b5Yxb/H+ePWfx3yB+z+P8kf8ziv2P+mMV/p/wxi/9P88cs/jvnj1n8d8kfs/jvmj9m8f9Z/pjFf7f8MYv/z/PHLP6/yB+z+O+eP2bx3yN/zOK/Z/6Yxf+X+WMW/73yxyz+e+ePWfz3yR+z+O+bP2bx3y9/zOK/f/6Yxf9X7+rv3TIs/geold85i/+B+WMW/1/nj1n8f5M/ZvE/KH/M4v/b/DGL/8H5Yxb/Q/LHLP6H5o9Z/H+XP2bx/33+mMX/sPwxi/8f8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/j/ljFv9j8scs/n/KH7P4H5s/ZvE/Ln/M4v/n/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvH/S/6Yxf+U/DGL/1/zxyz+p+aPWfxPyx+z+J+eP2bxPyN/zOJ/Zv6Yxf+s/DGL/9n5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4n9h/pjF/6L8MYv/xfljFv9L8scs/pfmj1n8L8sfs/hfnj9m8b8if8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfs/i/nj9m8X8jf8zi/2b+mMX/rfwxif94A/ljFv9B+WMW/8H5Yxb/MfLHLP5D8scs/mPmj1n8x8ofs/iPnT9m8R8nf8ziP27+mMV/vPwxi//4+WMW/wnyxyz+E+aPWfwnyh+z+E+cP2bxnyR/zOI/af6YxX+y/DGL//vyxyz+788fs/h/IH/M4v/B/DGL/4fyxyz+k+ePWfw/nD9m8f9I/pjF/6P5Yxb/j+WPWfynyB+z+H88f8ziP2X+mMV/aP6YxX+q/DGL/9T5Yxb/afLHLP7T5o9Z/KfLH7P4T58/ZvGfIX/M4j9j/pjF/xP5Yxb/T+aPWfw/lT9m8f90/pjF/zP5Yxb/mfLHLP4z549Z/GfJH7P4z5o/ZvGfLX/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMX/s/ljFv/P5Y9Z/D+fP2bx/0L+mMV/gfwxi/+C+WMW/4Xyxyz+C+ePWfy/mD9m8f9S/pjFf5H8MYv/ovljFv8v549Z/BfLH7P4fyV/zOK/eP6YxX+J/DGL/1fzxyz+S+aPWfyXyh+z+C+dP2bx/1r+mMV/mfwxi/+y+WMW/+Xyxyz+y+ePWfy/nj9m8V8hf8ziv2L+mMV/pfwxi//K+WMW/1Xyxyz+38gfs/h/M3/M4r9q/pjFf7X8MYv/6vljFv818scs/t/KH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv/18scs/uvnj1n8v50/ZvHfIH/M4r9h/pjFf6P8MYv/xvljFv9N8scs/pvmj1n8v5M/ZvHfLH/M4r95/pjFf4v8MYv/d/PHLP7fyx+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL//fzxyz+P8gfs/j/MH/M4v+j/DGL/7b5Yxb/7fLHLP7b549Z/H+cP2bx3yF/zOL/k/wxi/+O+WMW/53yxyz+P80fs/jvnD9m8d8lf8ziv2v+mMX/Z/ljFv/d8scs/j/PH7P4/yJ/zOK/e/6YxX+P/DGL/575Yxb/X+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/X+WPWfwPyB+z+B+YP2bx/3X+mMX/N/ljFv+D8scs/r/NH7P4H5w/ZvE/JH/M4n9o/pjF/3f5Yxb/3+ePWfwPyx+z+P8hf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfz/mD9m8T8mf8zi/6f8MYv/sfljFv/j8scs/n/OH7P4H58/ZvE/IX/M4n9i/pjF/6T8MYv/yfljFv+/5I9Z/E/JH7P4/zV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+V+aPWfyvyh+z+F+dP2bxvyZ/zOJ/bf6Yxf+6/DGL//X5Yxb/G/LHLP435o9Z/G/KH7P435w/ZvG/JX/M4n9r/pjF/7b8MYv/7fljFv878scs/nfmj1n878ofs/jfnT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+D+aPWfwfyh+z+D+cP2bxfyR/zOL/aP6Yxf+x/DGL/+P5Yxb/J/LHLP5P5o9Z/J/KH7P4P50/ZvF/Jn/M4v9s/pjF/7n8MYv/8/ljFv8X8scs/i/mj1n8X8ofs/i/nD9m8X8lf8zi/2r+mMX/tfwxi//r+WMW/zfyxyz+b+aPWfzfyh+T+I8/kD9m8R+UP2bxH5w/ZvEfI3/M4j8kf8ziP2b+mMV/rPwxi//Y+WMW/3Hyxyz+4+aPWfzHyx+z+I+fP2bxnyB/zOI/Yf6YxX+i/DGL/8T5Yxb/SfLHLP6T5o9Z/CfLH7P4vy9/zOL//vwxi/8H8scs/h/MH7P4fyh/zOI/ef6Yxf/D+WMW/4/kj1n8P5o/ZvH/WP6YxX+K/DGL/8fzxyz+U+aPWfyH5o9Z/KfKH7P4T50/ZvGfJn/M4j9t/pjFf7r8MYv/9PljFv8Z8scs/jPmj1n8P5E/ZvH/ZP6Yxf9T+WMW/0/nj1n8P5M/ZvGfKX/M4j9z/pjFf5b8MYv/rPljFv/Z8scs/rPnj1n858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW//nyxyz+8+ePWfw/mz9m8f9c/pjF//P5Yxb/L+SPWfwXyB+z+C+YP2bxXyh/zOK/cP6Yxf+L+WMW/y/lj1n8F8kfs/gvmj9m8f9y/pjFf7H8MYv/V/LHLP6L549Z/JfIH7P4fzV/zOK/ZP6YxX+p/DGL/9L5Yxb/r+WPWfyXyR+z+C+bP2bxXy5/zOK/fP6Yxf/r+WMW/xXyxyz+K+aPWfxXyh+z+K+cP2bxXyV/zOL/jfwxi/8388cs/qvmj1n8V8sfs/ivnj9m8V8jf8zi/638MYv/mvljFv+18scs/mvnj1n818kfs/ivmz9m8V8vf8ziv37+mMX/2/ljFv8N8scs/hvmj1n8N8ofs/hvnD9m8d8kf8ziv2n+mMX/O/ljFv/N8scs/pvnj1n8t8gfs/h/N3/M4v+9/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4fz9/zOL/g/wxi/8P88cs/j/KH7P4b5s/ZvHfLn/M4r99/pjF/8f5Yxb/HfLHLP4/yR+z+O+YP2bx3yl/zOL/0/wxi//O+WMW/13yxyz+u+aPWfx/lj9m8d8tf8zi//P8MYv/L/LHLP67549Z/PfIH7P475k/ZvH/Zf6YxX+v/DGL/975Yxb/ffLHLP775o9Z/PfLH7P4758/ZvH/Vf6Yxf+A/DGL/4H5Yxb/X+ePWfx/kz9m8T8of8zi/9v8MYv/wfljFv9D8scs/ofmj1n8f5c/ZvH/ff6Yxf+w/DGL/x/yxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+P+WMW/2Pyxyz+f8ofs/gfmz9m8T8uf8zi/+f8MYv/8fljFv8T8scs/ifmj1n8T8ofs/ifnD9m8f9L/pjF/5T8MYv/X/PHLP6n5o9Z/E/LH7P4n54/ZvE/I3/M4n9m/pjF/6z8MYv/2fljFv9z8scs/ufmj1n8z8sfs/ifnz9m8b8gf8zif2H+mMX/ovwxi//F+WMW/0vyxyz+l+aPWfwvyx+z+F+eP2bxvyJ/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxi//L+WMW/1fyxyz+r+aPWfxfyx+z+L+eP2bxfyN/zOL/Zv6Yxf+t/DGJ/wQD+WMW/0H5Yxb/wfljFv8x8scs/kPyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOI/rt5/ME61+I+n9+cs/uPnj1n8J8gfs/hPmD9m8Z8of8ziP3H+mMV/kvwxi/+k+WMW/8nyxyz+78sfs/i/P3/M4v+B/DGL/wfzxyz+H8ofs/hPnj9m8f9w/pjF/yP5Yxb/j+aPWfw/lj9m8Z8if8zi//H8MYv/lPljFv+h+WMW/6nyxyz+U+ePWfynyR+z+E+bP2bxny5/zOI/ff6YxX+G/DGL/4z5Yxb/T+SPWfw/mT9m8f9U/pjF/9P5Yxb/z+SPWfxnyh+z+M+cP2bxnyV/zOI/a/6YxX+2/DGL/+z5Yxb/OfLHLP5z5o9Z/OfKH7P4z50/ZvGfJ3/M4j9v/pjFf778MYv//PljFv/P5o9Z/D+XP2bx/3z+mMX/C/ljFv8F8scs/gvmj1n8F8ofs/gvnD9m8f9i/pjF/0v5Yxb/RfLHLP6L5o9Z/L+cP2bxXyx/zOL/lfwxi//i+WMW/yXyxyz+X80fs/gvmT9m8V8qf8ziv3T+mMX/a/ljFv9l8scs/svmj1n8l8sfs/gvnz9m8f96/pjFf4X8MYv/ivljFv+V8scs/ivnj1n8V8kfs/h/I3/M4v/N/DGL/6r5Yxb/1fLHLP6r549Z/NfIH7P4fyt/zOK/Zv6YxX+t/DGL/9r5Yxb/dfLHLP7r5o9Z/NfLH7P4r58/ZvH/dv6YxX+D/DGL/4b5Yxb/jfLHLP4b549Z/DfJH7P4b5o/ZvH/Tv6YxX+z/DGL/+b5Yxb/LfLHLP7fzR+z+H8vf8ziv2X+mMV/q/wxi//W+WMW/23yxyz+388fs/j/IH/M4v/D/DGL/4/yxyz+2+aPWfy3yx+z+G+fP2bx/3H+mMV/h/wxi/9P8scs/jvmj1n8d8ofs/j/NH/M4r9z/pjFf5f8MYv/rvljFv+f5Y9Z/HfLH7P4/zx/zOL/i/wxi//u+WMW/z3yxyz+e+aPWfx/mT9m8d8rf8ziv3f+mMV/n/wxi/+++WMW//3yxyz+++ePWfx/lT9m8T8gf8zif2D+mMX/1/ljFv/f5I9Z/A/KH7P4/zZ/zOJ/cP6Yxf+Q/DGL/6H5Yxb/3+WPWfx/nz9m8T8sf8zi/4f8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8f9j/pjF/5j8MYv/n/LHLP7H5o9Z/I/LH7P4/zl/zOJ/fP7Y3/3HHfhP9j8hf8yy/5+YP2bxPyl/zOJ/cv6Yxf8v+WMW/1Pyxyz+f80fs/ifmj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J/7X/q/+f/vev2bZvE/r/0fs/ifnz9m8b8gf8zif2H+mMX/ovwxi//F+WMW/0vyxyz+l+aPWfwvyx+z+F+eP2bxvyJ/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxi//L+WMW/1fyxyz+r+aPWfxfyx+z+L+eP2bxfyN/zOL/Zv6Yxf+t/DGJ/4QD+WMW/0H5Yxb/wfljFv8x8scs/kPyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOI/bv6YxX+8/DGL//j5Yxb/CfLHLP4T5o9Z/CfKH7P4T5w/ZvGfJH/M4j9p/pjFf7L8MYv/+/LHLP7vzx+z+H8gf8zi/8H8MYv/h/LHLP6T549Z/D+cP2bx/0j+mMX/o/ljFv+P5Y9Z/KfIH7P4fzx/zOI/Zf6YxX9o/pjFf6r8MYv/1PljFv9p8scs/tPmj1n8p8sfs/hPnz9m8Z8hf8ziP2P+mMX/E/ljFv9P5o9Z/D+VP2bx/3T+mMX/M/ljFv+Z8scs/jPnj1n8Z8kfs/jPmj9m8Z8tf8ziP3v+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6Yxf+z+WMW/8/lj1n8P58/ZvH/Qv6YxX+B/DGL/4L5Yxb/hfLHLP4L549Z/L+YP2bx/1L+mMV/kfwxi/+i+WMW/y/nj1n8F8sfs/h/JX/M4r94/pjFf4n8MYv/V/PHLP5L5o9Z/JfKH7P4L50/ZvH/Wv6YxX+Z/DGL/7L5Yxb/5fLHLP7L549Z/L+eP2bxXyF/zOK/Yv6YxX+l/DGL/8r5Yxb/VfLHLP7fyB+z+H8zf8ziv2r+mMV/tfwxi//q+WMW/zXyxyz+38ofs/ivmT9m8V8rf8ziv3b+mMV/nfwxi/+6+WMW//Xyxyz+6+ePWfy/nT9m8d8gf8ziv2H+mMV/o/wxi//G+WMW/03yxyz+m+aPWfy/kz9m8d8sf8ziv3n+mMV/i/wxi/9388cs/t/LH7P4b5k/ZvHfKn/M4r91/pjFf5v8MYv/9/PHLP4/yB+z+P8wf8zi/6P8MYv/tvljFv/t8scs/tvnj1n8f5w/ZvHfIX/M4v+T/DGL/475Yxb/nfLHLP4/zR+z+O+cP2bx3yV/zOK/a/6Yxf9n+WMW/93yxyz+P88fs/j/In/M4r97/pjFf4/8MYv/nvljFv9f5o9Z/PfKH7P4750/ZvHfJ3/M4r9v/pjFf7/8MYv//vljFv9f5Y9Z/A/IH7P4H5g/ZvH/df6Yxf83+WMW/4Pyxyz+v80fs/gfnD/2n+g/aGBgu4HR/A/JH/tP9Kf9/9D8MYv/7/LHLP6/zx+z+B+WP2bx/0P+mMX/8Pwxi/8R+WMW/yPzxyz+R+WPWfyPzh+z+P8xf8zif0z+mMX/T/ljFv9j88cs/sflj1n8/5w/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/n/JH7P4n5I/ZvH/a/6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8L8wfs/hflD9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bxvzp/zOJ/Tf6Yxf/a/DGL/3X5Yxb/6/PHLP435I9Z/G/MH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/bfljFv/b88cs/nfkj1n878wfs/jflT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+D+SPWfwfzB+z+D+UP2bxfzh/zOL/SP6Yxf/R/DGL/2P5Yxb/x/PHLP5P5I9Z/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+z+L+VPybxn2ggf8ziPyh/zOI/OH/M4j9G/pjFf0j+mMV/zPwxi/9Y+WMW/7Hzxyz+4+SPWfzHzR+z+I+XP2bxHz9/zOI/Qf6YxX/C/DGL/0T5Yxb/ifPHLP6T5I9Z/CfNH7P4T5Y/ZvF/X/6Yxf/9+WMW/w/kj1n8P5g/ZvH/UP6YxX/y/DGL/4fzxyz+H8kfs/h/NH/M4v+x/DGL/xT5Yxb/j+ePWfynzB+z+A/NH7P4T5U/ZvGfOn/M4j9N/pjFf9r8MYv/dPljFv/p88cs/jPkj1n8Z8wfs/h/In/M4v/J/DGL/6fyxyz+n84fs/h/Jn/M4j9T/pjFf+b8MYv/LPljFv9Z88cs/rPlj1n8Z88fs/jPkT9m8Z8zf8ziP1f+mMV/7vwxi/88+WMW/3nzxyz+8+WPWfznzx+z+H82f8zi/7n8MYv/5/PHLP5fyB+z+C+QP2bxXzB/zOK/UP6YxX/h/DGL/xfzxyz+X8ofs/gvkj9m8V80f8zi/+X8MYv/YvljFv+v5I9Z/BfPH7P4L5E/ZvH/av6YxX/J/DGL/1L5Yxb/pfPHLP5fyx+z+C+TP2bxXzZ/zOK/XP6YxX/5/DGL/9fzxyz+K+SPWfxXzB+z+K+UP2bxXzl/zOK/Sv6Yxf8b+WMW/2/mj1n8V80fs/ivlj9m8V89f8ziv0b+mMX/W/ljFv8188cs/mvlj1n8184fs/ivkz9m8V83f8ziv17+mMV//fwxi/+388cs/hvkj1n8N8wfs/hvlD9m8d84f8ziv0n+mMV/0/wxi/938scs/pvlj1n8N88fs/hvkT9m8f9u/pjF/3v5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvH/fv6Yxf8H+WMW/x/mj1n8f5Q/ZvHfNn/M4r9d/pjFf/v8MYv/j/PHLP475I9Z/H+SP2bx3zF/zOK/U/6Yxf+n+WMW/53zxyz+u+SPWfx3zR+z+P8sf8ziv1v+mMX/5/ljFv9f5I9Z/HfPH7P475E/ZvHfM3/M4v/L/DGL/175Yxb/vfPHLP775I9Z/PfNH7P475c/ZvHfP3/M4v+r/DGL/wH5Yxb/A/PHLP6/zh+z+P8mf8zif1D+mMX/t/ljFv+D88cs/ofkj1n8D80fs/j/Ln/M4v/7/DGL/2H5Yxb/P+SPWfwPzx+z+B+RPzaa//H/qf5H5o9Z9v+j8scs/kfnj1n8/5g/ZvE/Jn/M4v+n/DGL/7H5Yxb/4/LHLP5/zh+z+B+fP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/v+SPWfxPyR+z+P81f8zif2r+mMX/tPwxi//p+WMW/zPyxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP4X5o9Z/C/KH7P4X5w/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/hfnT9m8b8mf8zif23+mMX/uvwxi//1+WMW/xvyxyz+N+aPWfxvyh+z+N+cP2bxvyV/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP535o9Z/O/KH7P4350/ZvG/J3/M4n9v/pjF/778MYv//fljFv8H8scs/g/mj1n8H8ofs/g/nD9m8X8kf8zi/2j+mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH7P4v5w/ZvF/JX/M4v9q/pjF/7X8MYv/6/ljFv838scs/m/mj1n838ofk/hPPJA/ZvEflD9m8R+cP2bxHyN/zOI/JH/M4j9m/pjFf6z8MYv/2PljFv9x8scs/uPmj1n8x8sfs/j/f+zcfbjXdX3H8S/wAckb0LlaaBiBKJoKgopk3qClHoGj3VhKgpLizQRlSoGulOzG2spZrnJtpXmTOlNLZ801HOWc00WzotpmY2zmWCtclhO3SnYdOIc4p3fn8nz57usV78fjD875/U7vX8rzunrxO1ynHfQPZem/o/6hLP130j+Upf8I/UNZ+o/UP5Sl/876h7L030X/UJb+v6F/KEv/XfUPZen/m/qHsvR/sf6hLP1fon8oS//f0j+Upf9L9Q9l6T9K/1CW/rvpH8rSf3f9Q1n6v0z/UJb+o/UPZem/h/6hLP1frn8oS/8x+oey9H+F/qEs/cfqH8rSf5z+oSz999Q/lKX/eP1DWfrvpX8oS/+99Q9l6T9B/1CW/vvoH8rSf1/9Q1n6v1L/UJb+++kfytJ/f/1DWfofoH8oS/+J+oey9J+kfyhL/wP1D2XpP1n/0Lbef9imT0dO0T+0rffvNvIg/UNZ+h+sfyhL/0P0D2XpP1X/UJb+h+ofytJ/mv6hLP1fpX8oS//D9A9l6f9q/UNZ+h+ufyhL/yP0D2Xpf6T+oSz9j9I/lKX/dP1DWfofrX8oS/9j9A9l6f8a/UNZ+r9W/1CW/sfqH8rS/zj9Q1n6H69/KEv/Dv1DWfqfoH8oS/8Z+oey9J+pfyhL/1n6h7L079Q/lKX/ifqHsvQ/Sf9Qlv6v0z+Upf/r9Q9l6f8G/UNZ+r9R/1CW/ifrH8rS/036h7L0f7P+oSz9T9E/lKX/qfqHsvSfrX8oS/+36B/K0v80/UNZ+s/RP5Sl/1z9Q1n6n65/KEv/M/QPZek/T/9Qlv5v1T+Upf+Z+oey9D9L/1CW/vP1D2Xpf7b+oSz9z9E/lKX/ufqHsvQ/T/9Qlv6/rX8oS//z9Q9l6b9A/1CW/gv1D2Xpf4H+oSz9L9Q/lKX/Iv1DWfr/jv6hLP0v0j+Upf/F+oey9F+sfyhL/7fpH8rS/+36h7L0X6J/KEv/pfqHsvS/RP9Qlv6X6h/K0v939Q9l6f8O/UNZ+r9T/1CW/pfpH8rS/3L9Q1n6L9M/lKX/u/QPZel/hf6hLP3frX8oS//36B/K0v+9+oey9H+f/qEs/a/UP5Sl//v1D2Xp/wH9Q1n6/57+oSz9f1//UJb+H9Q/lKX/h/QPZel/lf6hLP3/QP9Qlv5X6x/K0v/D+oey9P+I/qEs/a/RP5Sl/x/qH8rS/6P6h7L0/5j+oSz9P65/KEv/a/UPZen/R/qHsvT/hP6hLP3/WP9Qlv5/on8oS/9P6h/K0v9T+oey9L9O/1CW/tfrH8rS/9P6h7L0v0H/UJb+N+ofytL/Jv1DWfrfrH8oS//P6B/K0v8W/UNZ+t+qfyhL/9v0D2Xp/6f6h7L0v13/UJb+n9U/lKX/HfqHsvS/U/9Qlv536R/K0v9z+oey9P+8/qEs/e/WP5Sl/z36h7L0/zP9Q1n636t/KEv/L+gfytL/i/qHsvT/c/1DWfrfp38oS/+/0D+Upf+X9A9l6f+X+oey9F+ufyhL//v1D2Xp/1f6h7L0X6F/KEv/L+sfytL/K/qHsvR/QP9Qlv5/rX8oS/8H9Q9l6f83+oey9H9I/1CW/n+rfyhL/4f1D2Xp/4j+oSz9/07/UJb+X9U/lKX/Sv1DWfp/Tf9Qlv5/r38oS/9H9Q9l6f91/UNZ+n9D/1CW/t/UP5Sl/yr9Q1n6f0v/UJb+39Y/lKX/d/QPZen/D/qHsvT/R/1DWfr/k/6hLP0f0z+Upf939Q9l6f/P+oey9F+tfyhL/3/RP5Sl/xr9Q1n6/6v+oSz9/03/UJb+j+sfytL/e/qHsvR/Qv9Qlv7/rn8oS/+1+oey9P8P/UNZ+n9f/1CW/v+pfyhL/x/oH8rS/4f6h7L0X6d/KEv/J/UPZen/X/qHsvT/kf6hLP2f0j+Upf+P9Q9l6f8T/UNZ+j+tfyhL///WP5Sl/zP6h7L0X69/KEv/Z/UPZen/P/qHsvT/X/1DWfr/VP9Qlv4/0z+Upf/P9Q9l6f+c/qEs/TfoH0rSf+dK/1CW/oP0D2XpP1j/UJb+Q/QPZelf9A9l6T9U/1CW/sP0D2Xpv53+oSz9h+sfytL/RfqHsvTfXv9Qlv476B/K0n9H/UNZ+u+kfyhL/xH6h7L0H6l/aJvrDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABUVUfn9HVDBvV6asiWD0avnL/x40HrTzn35pu/sEvPx+4vzwhecvCWDzZs2LBh8NPVV7sfbldVVdd/287dj4f3Pe56/cunXzth06My5oZn9719ybNHv++uVbeuP+6WGbcP3fjs0OqMs89bMH/S4Koq44ZWS7seHDioqspeQ6urux5M7nqw99Dq1q4HUzY+eFG1ouvBAWdeuOCsricm1P49A4Bfdx2dy6ohvRa76vWngS33//Lp9yzr+djPS/a8Wqm69/++u3d9e5+v9fgV+9/z+uUVffd/wP+CAMAvGdj+PzCm52M/L/lL7/9nXfCxVdHXfvX+97x+GWv/AaB5wff/e2103+/79/n+f/TngM33559+zXZd+3/L+pMXdz9Vns/3/3/x+mVc3/0f3Ov7/4OqquzZ8/3/7aqqjN/K3w4ASKGj813r+nv/3//+l9363Azacv93uWPFyV37v3r7u17S/dTQAe7/nv29/z+2zz8rAPD8dHR+ekOf9/8D2P9qr+AlN+//MUsffnHX/n999ffGbPG1gez/+L77P3HxwkUTL77k0v3PWzjvnPnnzL9g2tSphx489ZBpkydu/I7Apl+38jcFALZxW/f+v9q+z82gqnpi8/0Hl49+uGv/J3/i+HO7nxo+wP3fq9/3/2O8/weAXsYOroYNq5bOW7z4ogM3/drzcPKmXzf9x4L9H8Df/4/r+SG6np8ZHFRVL91833nx+wd37f+N43Zb3v3UsAHu/9797v9RvX9WEQB4frby/f9ZfW567f/IIbdN69r/E8bvc2X3UwP9+/8J/e7/9d7/A0AdHZ3V/+ub6K79v2LHn19X77rs4+f/AKB5bez/k6PfPbbeddnX/gNA89rY//lH7nRvvevySvsPAM1rY/8f6rhmTr3rsp/9B4DmtbH/M88f/Ui967K//QeA5rWx/2MuPXNJvetygP0HgOa1sf+3n7JuTb3rMtH+A0Dz2tj/04avfqredZlk/wGgeW3s/3f2PensetflQPsPAM1rY/+/dNgBj9W7LpPtPwA0r439nzTq+pn1rssU+w8AzWtj/z9y4RE31bsuB9l/AGheG/s/atbnptS7LgfbfwBoXhv7/7bTvnZVvetyiP0HgOa1sf/PXXbUqHrXZar9B4DmtbH/Kx7aY3a963Ko/QeA5rWx/zOeuHplvesyzf4DQPPa2P+9n35yUb3r8ir7DwDNa2P/P/vtM9bWuy6H2X8AaF4b+z/i+udG1rsur7b/ANC8Nvb/vVcsurbedTnc/gNA89rY/+9fM2J8vetyhP0HgOa1sf9v/fyyu+tdlyPtPwA0r439/8bjU2bUuy5H2X8AaF4b+3/ql5d/t951mW7/AaB5bez/wY8+MK/edTna/gNA89rY//t/POuZetflGPsPAM1rY/9f9p5v7lHvurzG/gNA89rY/49/Zs4H6l2X19p/AGheG/v/0y+OO6jedTnW/gNA89rY/0UfvePGetflOPsPAM1rY/879/vJmnrX5Xj7DwDNa2P/HxzxziX1rkuH/QeA5rWx/7e9fMgj9a7LCfYfAJrXxv6PPfxDc+pdlxn2HwCa18b+L5ux6731rstM+w8AzWtj/3c475Nj612XWfYfAJrXxv6fs/Tx6+pdl077DwDNa2P/fzh74fB61+VE+w8AzWtj/3fffu6oetflJPsPAM1rY/+vnvDoVfWuy+vsPwA0r439/9m0O6fUuy6vt/8A0Lw29n/J7mNuqndd3mD/AaB5bez/txbeP7PedXmj/QeA5rWx/3NPnPRYvetysv0HgOa1sf+T53aeXe+6vMn+A0Dz2tj/+96x4ql61+XN9h8AmtfG/l/54KfurnddTrH/ANC8NvZ/x7U7j693XU61/wDQvDb2/4xnLri23nWZbf8BoHlt7P8PVq0ZWe+6vMX+A0Dz2tj/jhsuW1vvupxm/wGgeW3s/1eW/WhRvesyx/4DQPPa2P87P3zVynrXZa79B4DmtbH/4++pZte7LqfbfwBo3sWXXHr+vAUL5l/kE5/4xCebP3mh/5cJAABo2i/+0P9C/5MAAAAAAAAAAAAAAAAAAABAXm3834m90P+OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAIL8rVcYoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4CgAA///tatps") mknod$loop(&(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x6000, 0x0) link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') unlink(&(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 13.217553053s ago: executing program 4 (id=595): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff85000000710000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc00xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYRES32, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000c4764beb"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x6, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 9.121640021s ago: executing program 3 (id=603): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_switch\x00', r4}, 0xe) r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) close(r5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r7}, &(0x7f0000000000), &(0x7f0000000080)=r5}, 0x20) recvmsg$unix(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x22fe0}], 0x1}, 0x0) 9.091814621s ago: executing program 1 (id=604): syz_mount_image$nilfs2(&(0x7f0000000100), &(0x7f0000000300)='./file2\x00', 0x80, &(0x7f00000002c0)=ANY=[], 0x1, 0xac3, &(0x7f00000006c0)="$eJzs3V2MVFcBAOAzuzsLC1SWCnal2ILVtv50KcuKP0ShgZhISmN8adL4QiitRMTEmqhNE4En32zTYOKTP/GpL001JvbFkD750sSSNCZ9qj74IMG0iQ8VhWmYOWf2zmGGOzMsc3eY70vOnjn3nDvn3Nk7d+7fuScAE2uq+Xd5eaEWwvnXXz78rwf/OXd9yoF2ifnm35lCqh5CqMX0TPZ+70634qvvxxnDC8db6VZcC0vNvykdnrjcnndjCOFM2BkuhPmw/fzFl95cevzo2SPndr31yv5Lt2PZAQBg0nzzwv7lbX//671brrx638Gwrj097Z/HnfiwKe73H4w7/mn/fyp0pmuFUDSblZuJYWqus9x0l3LFeupZuZke9c9m9dd7lFsXbl7/dGFat+WGcZbW4/lQm1rsSE9NLS62jslD87h+trZ4+uSpZ56rqKHAqvvP/SGEnYVw6Fxneq2FA2ugDUOGxhpow1iGg6Or60qjpfJlHlFobK56CwTQks47tK8P5s7kZxZuTfvdZvqr//JjU93nh1Uw6vV/oPpnK64/qP93Z21xWD136tqUlit9jzbFdH4dIb9/qff3L7/S0Tk1vx5R77Odva4jjMv1hV7tnB5xO4bVq/35enGn+mqM0+fwtY7c+zu+P/n/dFz+x0B3H+Tn/wVBWNshdKTrt/JejR736wDk98010vXRKL+vL89fV5K/viR/riR/Q0n+xpJ8mGR/+OHPw4u1lfNd+TH9oOfD03m2u2L8kQHbk++HDFp/ft/voG61/vx+YljL/nTsyRNfevqpi637/2vt9f9aXN/T4cZ8/G5diAXS+cL8vHr7WGK+s56pHuXuztpzV5fyzddbO8vVtq68TyhsZ25ox0LnfJt7ldvRWW4+KzcXw/qsvfn+yYZsvrT/kbar6fOayZa3ni3HbNaOtF3ZEuO8HTCMtD72uv8/rZ8LoV575uSpE4/GdFpP/zJdX3d9+p4Rtxu4df32/1kInf1/NrWn16eK24XNK9Nrre3Ca/H9OqcvtespTC/8qKXfue9MzzXLLx7//qmnV3nZYdI995Pnv3vs1KkTP/DiJi/SXn73Ml9fAy0c8EVaoLXSHi8GfbHzdldR4UYJGIndP23tBDxy8nvHnj3x7InTe/ft27u0tO/Le5d3N/frdxf37ovOVNBaYDWt/OhX3RIAAAAAAAAAAACgXz86cvji22988Z1W//+V/n+p/3+68zf1//9Z1v8/7yef+sGnfoBbuuQ3y2QPWJ3NytVj+GjW3q1ZPduy+T4W4/Y4frH/f6ouf65ras892fR6j2T2OIEbnpcymz2DJB8v8JMxPhfj3waoUG2u++QY3+T51rUPCut6ej5FoQtvw/OBx0f6vzXXhsIjjVL/767PderSX5vxMooei1UvI9Ddvyfq+d/vrSx45W0ReoeZ0db3y8ldJxo999L7HcEGYHVUPf5nOu+Z4tN//sb66yEVu/xY5/Yyf34pDOJvb3em1/r4k7e7/nzcvlHXX/Xyj3r8z/b4d31v/7IR8+aHq/e/v7r0TqHasL3f+vPlT8+B3jpY/Vdi/WlpHgr91d/4TVZ/fkGoT//L6t/QZ/03LP+O4er/f6w/fWwPP9Bv/a0W16Y62zGXLUe6/pefN06uZsufnu15k/q/9Xy35R9yoMZrsX6YZOMyzuygsv2I9k778OP/RmdWd/zfdmOzzVp+H8YXYjptiNN9Dvl4J4O2P91fkX4HtmXvXyv5fTP+73j7SozLvg9p/N+0Ps7Hn/xCuvlZpnS9y2d7p25rYFy9O9T1v/cqv26xtsOl1mHQcPOvr779wgChMT3EfO1x4ipuf6PRqHToX+MOV6vqz7/q44Sq66/68y+Tj/+b78Pn4//m+fn4v3l+Pv5vnj8X/0O98vPxf/PPMx//N8+/J3vffHzghZL8j5fkb++e3z5sv7dk/h0l+Z8oyd/Vzj/QUSLl33fT+VfK9Xr/u0vyHyjJ/1RJ/qdL8h8syX+4kF8cAzrlf6Zk/jtd6o8yqcsPkyzvn+f7D5MjXf/p9f3fWpIPjK9fvLrn0FO///Z8q///bPt8SLqOdzCm6/H46ccxnV/3DoX09bw3YvofWf5aP98BkyR/fkb++/5QST4wvtJ9Xr7fMIFq67tPjnHZc6t67eczXj4b48/F+PMxfiTGizHeHeM9MV4aUfu4PQ699sf9L9ZWjvc3Z/n93k+e9wfqeE5UCGFvn+3Jzw8Mej97/hy/Qd1q/UN2BwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjMVPPv8vJCLYTzr798+MmjJ3dfn3KgXWK++XemkKq35wvh0RhPx/jX8cXV9184XoyvxbgWlkIt1NrTwxOX2zVtDCGcCTvDhTAftp+/+NKbS48fPXvk3K63Xtl/6fZ9AgAAAHDn+zAAAP//LlQL6Q==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x6000, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='./file1\x00', 0x143041, 0x0) pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0) syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f0000001900)=ANY=[@ANYRES8=0x0, @ANYBLOB="47dba20bfa8ba3024e971ecae1d815b1e0f0e41ee45e764939847ee48c1aafafaba0d489fdbfc17f5eeb937477653115cfdf8344ae89f8ca017a79703c924031abe29170ffed6315eec2208db5a0e2e5c65c427ab8a737af9368702c4d0e657b3305571d6b720d20b03d05550583810522b51f3d928320faa64cbd7f93b8577c4103311381145dff37294fadb0081a04facd7cc08bb059f31a96b7567fd51d73f35285c4644c794115a099a81fcf5630bf87fd6cb80663148e343428eb838a67533bbe45eea96ac0fbe7c1aecb3b6a4babadec6335e92d8c719b2e3574f9152fb088ad2b42d192a730fffd7e7d1db889bcc05d49baa28a236a27e941749ccbab749aa69690313644a78b51c31c9b0286d4092ebc78c86b8164ba5cd1ed279d6237214b56a1d66d091396db62557d38cdf9b8f62c11e1672839cd5fcbe5e65c156af3d0b290d4d3941f2a50532325c45f74dce7f25f24e19ebb5db471341fa284fe1fe614f3c04a8712daacb01887dbf0fe048459dc1c1d91a927e777fbea7f4418c9bde37eece9ec0b547be2c648d9954843a3e49aca70f0f5efcf076790aeefd8817edee4a1950dddb86c896f7d23017fd92abc1cb42a54a9c19ede9432fe110e2a6e6df573b84fc50abdd9b0cccad8ed28a86694f9abef025dad8599b592fe51ed213c41d3bd387287a5cee784410d7d4ebc56fcc570e57b38c60d826038e02cfb89de23f0380d865c2eb141b85ecdb6b4630a18f947a73cea127d2e43be4ede4ba5e0c67d49551d1821beac2f1d32bf0c01722864f6c58186e765d34537d6c049379ef2f4df5eb78d4665ed23a4f5a0de9075b0adac80de839fdc2482d40b3b17e8e27e03263036d928964a4ad08375e33eca726a0a840c91be38cbc8368790d38e82199e9b7c7d3d9c5fdd2dff4e249c0e6c6c76b7eb6684c4b874067a8477d9b3a2d2fee05fb2157c85a74975754b1bfb37861b5128754ee5b998d5f95607d6f6962f2ad4db91af16a462163721c72d6700f0156d5f9c828a509207490cdc1f3c297bf1f9e319520b5d8db3ba8dcbcdadaded9ac6d7cf29dd24a304f83560031320a37606868614e0e6dcd891f768296742e48705c742ba851a35cb1fb10875f951b482b9438ffe99ddb9998f69fbcaaedac9f30abbf14c4d96b7c15eceba6c384344ba0b26c47f0565838bcef4971d93f1417c174985a0ceba02b8ce1990477421a7e6f2540b2f46bb782609a91569d460abe9858bea93ab15bde7ad08a4c039dfa1e0731e1ae7f414b603952f4086ff9f6380c6d54add09824539436a41f44e9e40400ad615b7d8e8de3966ef615fcc13c7b39c9bbd6787b1a44ace7495312feff8d0a3640322fffd4074c6f75b8c30d3b24cbb7e027927128fe15a50ea8511e6edd90179b3186450996b9d924f7f03d7f3ece2eed2e85973ee3ca3920e4aac924e82a7a4903bb34da2c606770e8bc02fd5cdcaaf4725f37518dbea9f22d7975db59dd6cad1009436e7ffa40ddab0dc8d4b6072bca13c8332934b97e0561d07f0ae872c7c42961a341af9cedc1c77c33508b4a0865f8b8c87c5bb6cfbef21fcb6e27a8a9ea6b4510f72608584cef3518c1aee8e2f3f1ead75fe3675e7f4ba4a9adef43fa3a30c525744db1a6c14a533614397a5f5a4014dc859eeda56797725f19442df7d639042f6a5ea2fe448d26aff4cecc0e859b493fd6bb245a10649414a16eee4d375e5fdd1fc75ce4358d3fca2590354b0f5c25acac677fc56caea0e4a714ec939bb9fd804408f307eecf8f17e5ca4c568fe78d0d95613ef156b0322d5d5d44b94034f6e01bc64b1eeae0a8132aea0aa1df276f54b239b1d0d4e0521ef5aa9a85c5f5dc9558b4ffcb2cd8ad8877223fc734d5c50263d310b802c16da577f44438b0ead9a10e64dd963ae04cbf48a745ffca520babe39132f2fdf2f9766ab0e3b269b4071695f57b2d5255763e03ee741cd592cce86db92128efac745050fd4321e2dd8fb660e8d9f71b2a394148ee8af30eff1a20a18a2a9d4d84de9771c4fbe6a75a966d05428e272730c69666eac8c651e314a44ae7304c02bbdf311e63e40cc18a0700b23745b5a0bdaaaec339b7ace6620fabbb9a97d730491b39d82cd216f98ead611ce5ba63cddca8972cb38231316c4211d3e84f972733b9732be677adb1fd761ae12bd0350743716e989727009fc8b00124b8bd94620def979035104ae3ff17436bfe99379997fd8d33c1628aad586705836e5a0e737de70c561739cb08bb1acea91dbc35bff2feecd43613215746720884c89e0e8ad5a961a763219f037596d5c843f8b3dba9f5f6c3376be824c8fb5894449f7d5acbcb4197e14b113cded62b58680a0ec3fd65591658290d35bb00a8fb2a66ef68eb993429cbb64f1c60a26bd04e77ec54c9c82f12cbcd61df501312c8cc023d1936fc34be0f94a33196f41bda534f8d2b47c4a0d00746d7feac6166f42985c5014557589e0723f1edbb9773f96d315921937f3f73428c2c671e6b230ffa9b11fb303bb1db4aab686a359bbc6086e684244dd3ae31e7f50d490b3d4cc61575e099ab5822dd86d45e5eef95cfc881ace311a1c81527c5802f9709abc3aadbc405d63a7ca4a21054fe449ad8ab1e766648ce0295ccd6926dc9a285b8b03fe81f02f5e2205c3a28ff63664e369dcecfd788ff22f8d44ba214f0c662da490f8a14dd943db8fb916dbd21de015e440d940fbc55f8444273c7b87fe6f1e149fe69200cc03192dd5d5a80d9f80f5c0f1dc8c091dfa5aad1eb7fbb70a1181c860d033165ef5e3022e0067e3725d666a90843f964829f750013222c6a35fe8f61d4fb7c3f29afa825ae132939a57e62d24fde1090ef3a96a047190a22e0f7ec390e140a8eedf02ae0f46f293376fd8b70659e11b252b1c6929c9410fd4b8ee9e6a3a0c2e930037ee21225f4b697400bff741bdb16ae444a2b5c9523cac06e9b516a6058dd3c2cdba041f9ec79ae347ab8b9653f81e27ec199583451866a96acbc835e1d8d7c8785b1b35e401fb71890a9dc001d16467750b8e351298f2c165f5b568c544996deca89196becf8ffeda63647a8b1be6591caecbcf3e86a7a4516e1b26792833a4d04aa69bd92b13b01c08a57aaaed00fcf1e7703608be8207a07d0d7abd75b77890742351d1ecef637fde4d9f5c71d0fd544f35a5bfe92f0113f0aeda7c144305dd10ce16e4369391c19e7c9df0a402c9ef8be8dc7205ee4b6275dfcb6bd898c786ec06bfd6816938363bc7786006f48a62f4dbcc1d108939a00443c77cb2af95ef684a2214742943f9ab439e33dfe2104b45ee958fdf362f8a6f01909d0dc5c05acd8228087017657e284ce9bb98a60ab5c4ee2de26438809678aa344773ac21e30ace4039cbbcbf6431d4369d241db4035c7a9a86b891ae45566bf41f0b6b1ae9a2e4fb7bf886ec1e627ecf37f75eb5ee3e25e998b8402aba151020bae97e8e2366d0d01e23cf552e0256828a06095c009eb3cc7773546e3b1f06266bd94b2201b489002c3e2365707d6a0bf34c67e605d52e45a1dd531c0810d7efec36b4ac8d0d661077ddca45e553c9efd64174c849054c4a9ee2a5b1a561850e9ebca71bf6c56090ea1186e40c54526cd588d2f275a5a30176e193eb01960cfa8fbefbd78c91f442af8f6ef0a33189825dc5dca6e5f09a6ce9b8d4113a16fbfb622679dc92a52720292a371d5caf6ce399ac016e2a5e3f12cb368096280e0a8c91aa78a8b9c50be1c01ad410389cd18c506d9fc88a0cd410500e83aa5dce6be065312554a2247edae6ef2c926d3d9729a689f0b0bc9f6b373827ff6fa13408835c0ab92b70f35ec4b1339c88d545ab6418d9106aa8b9ea15e984cc3a21f737375b62ce81b81cd397ce72e5de79d9e008f8cf40c02e8fea9c981f00885b25e6304f8cba548f976bed1530db2d806c8a620ad38fd05a58dca5971f811bb30179421809e54512efa02675b193c2ba4bdc2ffc9eb9980267fb684f6c18276219cf0fe18c01626799f675ee654513ca4e36686b5fbc4f27c236b42cdf9081e0520c0596a0cabab6b4067ea27c4995afb6b4eb9f64ef69677a82992617769a923c7bd8bb3273875b301e1694346fb7d1ef876a938634da9c959128f2495375157b634e3fff028e30d52fe88579527d56a16d9ebf4741709a91ba0eb91c1eb7016fcd35376c494b7e3fc773a8508d7d97ed1ec41b02156ff05f204028eab33200807af2d8c4faf47577f923e1a544306cf52dd55c7816d2dd32b6595060212b34e5cdff1464ea2a63138b65951e0b1fead9f41d27ad42a992b58103a5555a9643918d454b8861b3372b28fbc86675af1d098404492166e6e3c5bc1799c920cee1c072470847c1bb4d8c6728a772d289a5cc24c25c4973073895de975241824d23a13d239e200b495c8ed3ae91f62476d4aa42e2460b6813bf03fea461482eeff734c552a84780e62ec80b6cabacfb82eee5a850618d25e92cfe3295f72820714ddeea16298e5ec16c91d740b7603af6a79ffdc1131ba5e87ecb4119a1598b8c94529dcfc53924d416c1b1e339f1397b676e5267e138db73aabe5292aa29e6b58ba27ab06e93abcf34fb40e05afdfbebced20cca60778d8501498749316450a1fed7d6930681cdb9f65b0d9d497df38f68cc0e74880414a7c9ce4ac38d948ead54f35d5127e1d9b29cf179333641de30dceef5a61e5cf30a6c2140127f94a197a75441df6617a21f02b75d8b8a7fa899a7c2c96a174908f04b3829ff47a7fa2dae8bfd744e169d029ea382f3c72e6e02baae0347f62ef166a239336ace1312d7774eec5aec2c507a035f297456f40ae83ad364c1f162e0834d29305bd9c4d35d9bbdf58add62f08c82237420fa3c3ceabf84475676e6de8583a345042047e11a49b3a59461ded55c9c854ae496ebee3b42483d3d33b4a28c4f995bd7fbaf8cccb7e3460d9a55c036a3c8d4e7c719e0b7a5120d0d36a36e4764c623332aae73116732204bca6205be5a31320cc383e2a7436c7696da48f2674ab16ac7b96734f4fe360146e0d24f93e69042f3131a11269b72b779543c51c911bc31a21dea74deb056e1cd6b18506881664521b8c3c40d8cd52a9e587dea7f51b911adecacabdc7e75c1ddce01746c03d79dbe1e53c7e507a3a8242291bf30b71fa6284922c4b19347f34fd058e22992cb34fbd144c32fe1fb53367b53123440bf77c33e76c3eca9ac1a6d09b21d2d0fb552d7cdab4d782ac08051d35069282260bac6617d8a5f8cfda7e67781303b145652d7fb44bdb6c48b95eca0caf2945f9b2aac2cc4dae570089be684b39ad0545a060684f7317ab16033a89abf3eed35d65dcc10e88b2e969029369c9464dbd93c06da9365a51ab165f334666f4a848a9b4ad4664e0f77f9e03b3bcfff1c0929fc94a3b8f3e39c63519de37ebb46f9513923ec1cfad09dc81523260cff0c86c4529d8ca019d643b1bd214145f89d51b209b077860965c3e56368301f2536e0db5e565a2adf3b13a98dea4ae2e3a83d3a4e9a2b53ac001bd964f5d006fb435b213153dd6a2752a0a089ed12abc3634e4bd2ddb49073db6a8423dbb94d1e7215ec9e4a0142e60f6bae731731b612a2696538b5997fc8d9fc042735cf67715208cba45382f4d07f440d8f459e1468e8d27447c120ea0d1c3505b1e58218f145f5f4881080a137ad15b9d4c98c486437e8fa84b6dfca5755cd38a6ea110a8b4cc110a9f658084cd24ab2dde79f1d7a1ae77e1e402622757feecd56f955133ccc"], 0x1, 0xaf0, &(0x7f0000000980)="$eJzs3UuMHEfBAODq3Z21N4/fY/82WRyT2Akk4ZF1vDbmYYEd2ULCiiPEJSjiYjlOsDBGIkhAFAnbJ24kiozEiYc45RIFhEQuyMqJSyRiKULKKXDggGVEJA6JwR7kmaqZnvKM5+HdmZ2d75N6a6qruqt6tqenp7urKgBTa6b+d9++xSKEC2+8cuQfD/194cacg80c1frfuVKsEkIoYnwuW997s43w2vsvnugUFmG5/jfFw5NXmsveGUI4G3aGi6Eatl+49PJby08cO3f0/K63Xz1weXW2HgAApsvXLh7Yt+2vf75389XX7jsUNjTnp/PzaozfFc/7D8UT/3T+PxPa40VpKpvP8s3FaWahPd9sh3zlcipZvrku5c9n5Ve65NsQbl3+bGlep+2GSZb242ooZpba4jMzS0uN3+Sh/rt+vlg6c+r0s8+PqaLAivv3/SGEnaXp8Pn2eB/TN7bElQ243FDTwRVfZ+sS5irXvTaK92c9TodGV9bVWsPYt3lEU23T2A49AG3y+4U3OZtfWbg9zbXN9Vf+lcdnOi8PK2DU+/9A5c+Pufyg/N+cc8Rh5azXvSltV/oc3RXj+X2E/Pml7p+//E5H+9z8fkSlz3p2u48wKfcXutVzdsT1GFa3+uf7xXr1pRim9+HLban3t31+8v/ppPyPgc4+yK//m0ymtT2FtnjldtZVG/PxB1i78ufmaun+aJQ/15enb2jM7Jq+scfyCz3S7+iRfmePdJhmv/v+T8NLRet6V/6bftDr4ek6290x/L8B65Nfjxy0/Py530Hdbvn588Swlv3h+FMnP//M05caz/8Xzf3/etzf08+NavxsXYwZ0vXC/Lp689n/ans5M13ybcnqc3eH/PXXW9vzFVtb6wml48xN9VhsX25Te7ZWvh3t+arZ+hbitDGrb35+cke2XDr/SMfV9H7NZdtbybZjPqtHOq5sjmFeDxhG2h+7Pf+f9s/FUCmePXX65GMxnvbTP81WNtyYv2fE9QZuX7/tfxZDe/ufu5rzKzPl48Km1vyicVx4Pa6vff5ys5zS/NKXWvqe+9bsQj3/0onvnn5mhbcdpt3zP3rh28dPnz75PS+GfvGVtVGNQV6kny1rpT5eDPpi52oXMeYDE7Dqdv+4cRLw6KnvHH/u5HMnz+zdv3/v8vL+L+zdt7t+Xr+7fHZfdnYMtQVWUutLf9w1AQAAAAAAAAAAAPr1g6NHLr3z5ufebbT/b7X/S+3/05O/qf3/T7L2/3k7+dQOPrUD3NwhvZ4n62B1PstXidP/Z/XdmpWzLVvuIzFsjuMX2/+n4vJ+XVN97snmV7pEs+4EbuovZT7rgyQfL/CBGJ6P4a8DjFGx0Hl2DFv9W39Y7zWr1L918UFpX0/9U5Sa8Nb0Dzw50v+tvjeUujRK7b879uvUob02k2UULRbHvY1AZ/+cqv6//9Xa8EGX3Tjuuq/aNLsG6pBNc6Mt7+dD7hPrYKp1PUvvdwQbgJUx7vE/03XPFOb9+V55vP14mfdfCoP4yzvt8T72/84X7FZIq/yi8xBoqzz+ZT5u36jL7/P4s2rd7456/M9mR8hdjn9n/vjVjTemlC0f/zjv57lfH/7i8rulYsP2fsvPtz/1A711sPKvxvLT1jwc+iu/9qus/PyGUJ/+k5V/R5/l37T9O4Yr/7+x/PS2PfJgv+U3alzMtNdjIduOdP8vv26cXMu2P/XteYvyv/5Cp+0fcqDG67F8mGaTMs7soLLziOZJ+/Dj/0ZnV3b832Zls8Na/hzGZ2M8HYjTcw75eCeD1j89X5G+B7Zl6y96fL8Z/3eyfTGGvT4PafzftD9W41d+KV5/L1O80uG9Xa/HGphU703V/b9RTZcbP4OGW37j+OtvGmCqzQ6xXPO68pjrX6vVVveCWg9DF/7AytZjWo31n78GfieMu/xxv/+95OP/5ufw+fi/efqGHun5+L95+kL8D3VLz8f/zd/PfPzfPP2ebL35+MCLPdI/2iN9e+f05s/2e3ssv6NjeqWZ/rEey+9qph9sy5HS77vl8q183da/pUf6gz3SP94j/RM90h/qkf5IKb08BnRK/2SP5de79DU6rdsP0yxvn+fzD9Mj3f/p9vnf2iMdmFw/e23P4ad/+81qo/3/fPN6SLqPdyjGK/H30w9jPL/vHUrxG2lvxvjfsvS1fr0Dpknef0b+/f5wj3RgcqXnvHy+YQoVnZuy9NtvVbfzfCbLp2L46Rh+JoaPxnAphrtjuCeGyyOqH6vj8Ou/P/BS0fq9vylL7/d58rw9UFs/USGEvX3WJ78+MOjz7Hk/foO63fKHbA4GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNjP1v0WxWIRw4Y1Xjjx17NTuG3MONnNU63/nSrFKc7kQHovhbAx/GV9ce//FE+XwegyLsByKUDTnhyevlCsSQtgZLoZq2H7h0stvLT9x7NzR87vefvXA5dXafgAAAJgG/wsAAP//HSsRag==") 9.090371341s ago: executing program 4 (id=605): bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000050000000200000004"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/diskstats\x00', 0x0, 0x0) r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) sendfile(r4, r3, 0x0, 0x7ffff000) 7.461053855s ago: executing program 3 (id=606): syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) setrlimit(0x4, &(0x7f0000000000)={0x8, 0x5}) add_key(0x0, 0x0, &(0x7f0000000100), 0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000d, 0x40010, 0xffffffffffffffff, 0x80590000) r1 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x16fa, 0x800, 0x4, 0x8}, &(0x7f0000000340)=0x0, &(0x7f0000000140)) readv(0xffffffffffffffff, &(0x7f0000001580)=[{0x0}, {&(0x7f00000000c0)=""/4096, 0x1000}], 0x2) r3 = syz_open_dev$video4linux(&(0x7f00000002c0), 0x10000, 0x0) ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r3, 0xc0305616, &(0x7f0000000240)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000010c0)=ANY=[@ANYBLOB="4400000010000000000000000400002e00000040", @ANYRES64=r2, @ANYRES8=r3], 0x44}}, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(0xffffffffffffffff) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x3}}, 0x0) write$binfmt_misc(r4, &(0x7f0000000000), 0xfffffecc) r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000021c0)={0x20, r6, 0x1, 0x300, 0x0, {0x3, 0x2, 0x2}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x40030000000000}, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, 0x0, 0x0, 0x4) io_uring_enter(r1, 0x3516, 0x0, 0x4, 0x0, 0x0) 7.319339477s ago: executing program 4 (id=607): socket$nl_generic(0x10, 0x3, 0x10) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000020c0)=ANY=[], 0x1, 0x1f0, &(0x7f00000022c0)="$eJzsmb9rFEEUx78z++NiEMHGwsbCgBHN3u6ehjQpIlgKQhS1PMwaopucXFZIAmKCjY2lhWBrY2lhYWXhX2CrhQqChSnthJF5O7s73u0dpxyemPeBe/fdt29n5s0x32IPDMMcWD5/+v7x8YWFK2cBHMYMGib/1alqpFX/4em9M08WLz57+f75240j91/3jicAKDX6/D6AN0sOMgg3z/z69AzFXUsDVyFx2uhrEAhIuT8UkecTCNwwNbct3TlkRJoENzvpyq21NAl1iHSIdWjZ8+tF7e8JrACYotUpJaz7m9s7d9ppmnR7haeKefpu/a4Ytn+0viWJRRS7p5T+va4/erinrwOTDyHL/YsgERndgsCy0QtoIAiCakus/o+71fjOKP1PVrwgcXTub01anJF/off/WHhjGUf0ZvSBLjPH9gsPtGu+TKDleW8845BxAei79W46TS/lGfXgD86yX7NRpaj8STv7KcufXLilfzSz9bvNze2dubX19mqymmzEcWs+PBeG5+MmGVEeh/jfFPnTtDW+N6DWFz622lnWjbaArBuV13EeLcddftX5Rs9I8j+J2ZN0SZ5KbTfq5xDmI+lbq1mnvnJ3YE8MwzAMwzAMwzAMwzAMwzD1nIBA/k+YEuaFaB3xZXpD+TMAAP//eRpmJg==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) userfaultfd(0x80001) r2 = socket(0x2b, 0x80801, 0x1) setsockopt$IPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x41, &(0x7f0000000440)={'security\x00', 0x4, [{}, {}, {}, {}]}, 0x68) openat(0xffffffffffffff9c, 0x0, 0x101042, 0x35) 5.987482926s ago: executing program 0 (id=608): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000240)='./file1\x00', 0x1008400, &(0x7f0000000080)=ANY=[], 0x85, 0x677, &(0x7f0000002100)="$eJzs3c1vHGcdB/DvrNdONpTUbZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+Mit0LUvF97yB9QDr5xQEjcI8qFC9x69bESgksvmNOimZ1db/y6bhOvHT6favw8M888z/ye387szu422gD/t65dSPNhily78MZyub62OtNeW52526snOZakkTS7RYr/dDqdj5Or6S55udxYD1fsdJwHC7NvffLZ2qfdtWa9VPs3xnbpN5yVesm5JGN1+bjGu77XeMf3Gq7oZ6ZM2Ple4mDUxpN0Kv960N3yk789028Z0Nqu955nPnAEFN3XzS0mkxP1hV7eB3RfFbs3AkfayqgDAAAAgAPw7HrWs5yTo44DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjpL69/+Lemn06udS9H7/f6Lelrp+uJzd3+4Pn1QcAAAAAAAAAHCAzq5nPcs52VvvFNV3/q9WK6eqv1/Ku7mf+SzmYpYzl6UsZTHTSSYHBppYnltaWpzu9+z9nwFbe17etuflPQI9VpetxzFrAAAAAAAAAHjq/DLXNr7/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAw6BIxrpFtZzq1SfTaCY5nmSi3G8l+UevfpQ9HHUAAAAA8AV0htzv2fWsZzkn+/2K6j3/i9X7/uN5N/eylIUspZ353Kg+C+i+62+src6011Zn7pbL1nG/++99hVuNmO5nD9sf+Uy1Rys3s1BtuZjreTtFcSONqmfpTC+e7eP6RRlT8XrX+JCR3ajLcuYf1uUWH+xrsjvZ54cpk1VGxvsZmapjK7Px3O6Z2Oejs/lI02n0gz216UibJvFIzl8f8ngn6rKcz293yvlIbM7E5YGz78Xdc5587c9/+PHt9r07t2/ev3B4pjScsbrsPq+0tmZiZiATLz3NmdhiqsrE6f76tfwgP8qFnMubWcxCfpq5LGU+5/L9qjZXn8/FwCW/Q6auPrL25l6RTNRnaPfBejSm7BHTq1Xfk1nID/N2bmQ+r1X/Xc50vpUruZLZgUf49BDPtI0drvrOl7cN/vzX60orye/qsnKrudfEn7Ayr88N5HXwOXeyahvcspGl5/fxetTL0h93D6X5lbpSHuNXdXk4bM7E9EAmXtg9E7+vnlbut+/dWbw9985wh3v+w7pSXke/OVSvEuX58nz5YFVrj54dZdsLddt4tWzka6L+xqXbr7Gl7XS/rXulrux4pU7U93BbR7pctb20bdtM1XZmoG3z/Va7fz/0NHz5A/DUOvGNExOtf7b+3vqo9evW7dYbx7937NvHXpnI+F/Hv9OcGvtq45XiT/koP994/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHx+9997/85cuz2/uKnS6XQ+2KHpKFd6P2d2gAd9+ZlkVFOeSHI4Mv/fTqdTbykOQzy7VzqlY+l8zu5/STLczs0k2zWdHX0SRvzEBDxxl5buvnPp/nvvf3Ph7tyt+Vvz92avXJmdmr3y2sylmwvt+anu31FHCTwJGy/6o44EAAAAAAAAAAAAGNZB/HOCnY9+/CCnCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABxR1y6k+TBFpqcuTpXra6sz7XLp1Tf2bCZpJCl+lhQfJ1fTXTI5MFyx03EeLMy+9clna59ujNXs7d/Yrd9wVuol55KM1eXjGu/6Fx6v6M+wTNj5XuJg1P4XAAD//wBtBiI=") r0 = syz_open_dev$sndpcmp(&(0x7f0000001540), 0x1, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r0, 0x4142, 0x0) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000008c0)}, 0x20000000) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x1008002, &(0x7f0000000080)=ANY=[], 0x1, 0x2ee, &(0x7f00000006c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1") r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) ftruncate(r2, 0xd010) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) writev(r3, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x69000}], 0x1) 5.789330848s ago: executing program 3 (id=609): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) memfd_secret(0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000139209"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@my=0x1}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f00000001c0)={{@host}, @host, 0x0, 0x0, 0x2449, 0xfffffffffffffffd}) 5.570889691s ago: executing program 1 (id=610): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) symlink(&(0x7f00000002c0)='./file0\x00', 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xe, 0x7fff0000}]}) socketpair$unix(0x1, 0x1, 0x0, 0x0) r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x20001, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000000)=0x1) ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {}, {}, 0x20000, 0x1, {0x0}}) close_range(r3, 0xffffffffffffffff, 0x0) 5.570074721s ago: executing program 4 (id=611): ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) write$sndseq(r0, 0x0, 0x0) syz_mount_image$jfs(&(0x7f0000000140), &(0x7f0000000080)='./file0\x00', 0x4000, &(0x7f00000000c0)=ANY=[@ANYRES64=0x0], 0x1, 0x5ee7, &(0x7f0000006580)="$eJzs3cuOHFcZB/CvL9NzSeJYEYqMxWLiQEgI8d2GcIvDggUsQEJZY2syiQwOINsgEll4Ii8QG+ARYJMNi7wCD5BnQDwAluyssiAUqplz7Jpyj3sGz3R1z/n9pHHVV6dr+pT/U1PdU1V9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIH/7gp2d6EXH5t2nB0YinYxDRj1iu69WoZy7lxw8j4lhsNsfzETFYjKjX3/zn2YjzEfHJkYh792+t1YvP7rIfF07fvP75j77/zz/8+c6xn7/9s4/a7T/5wrmP/3g74uiPX//489v7s+0AAABQiqqqql56m388vb/vd90pAGAq8vG/SvJytVqtVu9r/af+Xh7/9FNd91d9SOumarzbzSIiNprr1K8ZnI4HgDmzEZ913QU6JP+iDSPiqa47Acy0Xtcd4EDcu39rrZfy7TWPB6tb7fnvlNvy3+g9uL9jp+kk7WtMpvXzdScG8dwO/VmeUh9mSc6/387/8lb7KD3uoPOflp3yH23d+lScnP+gnX/Ltvz/EhFzm39/bP6lyvkP95L/xmCO93/5AwAAAABw+OW//x/t+Pzv4pNvyq487vzv6pT6AAAAAAAAAAD77UnH/3vA+H8AAAAws+r36rW/Hnm4bKfPYquXv9WLeKb1eKAwq40PBwQAAAAAAAAAAAAApmMYsZKu61+IiGdWVqqqqr+a2vVePen686707YeSdf1LHgAAtnxypHUvfy9iKSLeSp/1t7CyslJVS8sr1Uq1vJhfz44Wl6rlxvvaPK2XLY528YJ4OKrqb7bUWK9p0vvlSe3t71c/16ga7KJj09Fh4AAQEVtHo3uOSIdMVT0bXb/KYT7Y/w8f+z+70fXPKQAAAHDwqqqqeunjvI+nc/79rjsFAExFPv63zwuo1Wp1MfWnWwtnpj9q9QHWTdV4t5tFRGw016lfMxiOHwDmzEZ81nUX6JD8izaMiGNddwKYab2uO8CBuHf/1lov5dtrHg9Wt9rztSDb8t/oba6X1x83naR9jcm0fr7uxCCe26E/z0+pD7Mk599v5395qz0P8X/Q+U/LTvnX23m0g/50Lec/aOffcnjy74/Nv1Q5/+Ge8h/IHwAAAAAAZlj++/9R53/zJgMAAAAAAADA3Ll3/9Zavu81n///0pjH9Zpz7v88NHL+vV3n7/7fwyTn32/n37ogZ9CYv/vmw/w/vX9r7aOb//5ins58/guDUf3cC73+YJiu+akW3omrcS3W4/Qjjx9uaz/zSPvCtvazE9rPPdI+qtuXc/vJWItfxbV4+0H74oQLo5YmtFcT2nP+A/t/kXL+w8ZXnf9Kau+1prW7H/Yf2e+b03HPc+nv/3np0b1r+u7E4MG2NdXbd6KD/mz+nzw1it/cWL9+8ndXbt68fibSZNvSs5Em+yznv5C+cv4vv7jVnn/vN/fXux+O9pz/rLgTwx3zf7ExX2/vK1PuWxdy/qP0lfPPR6Dx+/8857/z/v9qB/0BAAAAAAAAAAAAAACAx6mqavMW0UsRcTHd/9PVvZkAwHTl43+V5OVqtVqtVqsPX91UjfdGs4iIfzTXqV8z/H7cNwMAZtl/I+JfXXeCzsi/YPnz/urpl7vuDDBVN97/4BdXrl1bv36j654AAAAAAAAAAP+vPP7namP8583rgFrjRm8b//XNWJ3b8T/7o8HmWOdpg16Ix4//fSIeP/73cMLzLUxoH01oX5zQvjShfeyNHg05/xdSxjn/42nDShr/9eUO+tO1nP+JNNZzzv+rrcc186/+Ns/597flf+rme78+deP9D167+t6Vd9ffXf/lmdMXz5+7cP7chQun3rl6bf301r8d9vhg5fzz2NeuAy1Lzj9nLv+y5Py/kmr5lyXn/1Kq5V+WnH9+vSf/suT883sf+Zcl5/9KquVflpz/11It/7Lk/F9NtfzLkvP/eqrlX5ac/2upln9Zcv4nUy3/suT8T6Va/mXJ+eczXPIvS84/X9kg/7Lk/M+mWv5lyfmfS7X8y5LzP59q+Zcl538h1fIvS87/YqrlX5ac/zdSLf+y5Py/mWr5lyXn/3qq5V+WnP+3Ui3/suT8v51q+Zcl5/+dVMu/LDn/76Za/mXJ+X8v1fIvS87/jVTLvywPP//fzJ5nVmajG2bM7P9M17+ZAAAAAAAAAAAAAIC2aVxO3PU2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYW9e4uRq77vAH72Zq8NATfciQO2uRlY2F3fwCEGk4SUkl4oCWnTkhrHXhsnvtW7JoBQ2RTaEgWpSO0DfWiaRGkUqa1AVaSmEo2QGql9a54a8RK1Uh5cCSoHJZVSBTY6c/7/v2dmZ2fWa6/3zDmfD7J/3p0zM/85c2Z2vou+MwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLONH536s4Esy/I/jb/WZdnF+b/XZLvzL2d3rPQKAQAAgHP1buPvv780fWP3Is7UtM2/Xfcf35mbm5vLPvfOqff+Ym4unbAhy4ZWZ1njtOjff/6zueZtguez0YHBpq8He1z9UI/Th3ucPtLj9FU9Tl/d4/TRHqfP2wHzrCl+H9O4sBsb/1xX7NLs8mykcdqNHc71/MDqwcH4u5yGgcZ55kYOZIeyw9lUNjHvPAON/7Ls9Y35dT2YxesabLqu9VmWnf7Js/viGgbCPr4xa7myhub77u37sw3v/OTZfd+aeeuaTrPnbpi30izbvClf5wtZdubXVdlAtjrtk7jOwaZ1ru+wzqGWdQ40zpf/u32dpxe5zni7R8M6f9BlnevD9566Icuy2WzBbdo9nw1ma9uuNe3v0eKIyC8jvyvfnw2f1XGycRHHSX6eH9/Qepy0H5Nx/28M+2R4gTU03x1vf2nVvP2+1OMkv9VlOFbzy344v9LR0eZfrbYcq/k2z9608DHQ8b7rcAykY7npGNjU6xgYXDXUOAYGz6x5U8sxMDnvPIPZQOO6Tt3U/RgYnzlyfHz66WfuOHRk78Gpg1NHJyd2bNu6fdvW7dvHDxw6PDVR/H12u7SPrM0G0zG4KTzXxGPwlrZtmw/Jua+fv8fBaEkeB/lt/9TN+YIuHswWOMbzbV7YfO6Pg/Rzv+lxMNz0OOj4nNrhcTC8iMdBvs3pzYv7mTnc9KfTGpbruXBd0zGwkj8P8+t87NaFnwvXh3W9eNvZ/jwcmncMxJs1EB57+XfS673Ru8N+mX9cXJufcNGq7OT01Ik7n9o7M3NiMgvjgris6b5qP17WNt2mbN7xMnjWx8vuv/vFzdd2+P66sK9Gb+9+X+XbbBvrfl81nt0778+W727JwjjPLvT+7PTTLN+fKUt02Z/5Ni/cce6vBVMuaXr+G+n1/Dc0Mlw8/w2lvTHS8vw3/64Zaqwsy07fsbjnv5Hw50I//11ekue/fF89dmf3YyDf5sXxsz0Ghrs+/90Q5kBYz60hMYw25f73GqfPFodp033Z87gZHh4Jx81wvMbW42brvPPkl5Zf9+aJpR03m29ova9aXrdU8LjJ99VfTnQ/bvJt3pg89+eONfGfTc8dq3odAyNDq/L1jqSDoHi+m1sTj4E7s33Zsexwtj+dJ7+X8+sa27K4Y2BV+HOhnzuuLskxkO+rV7Z0Pwbybb6/9fy+dtocvpO2aXrt1P77hYUy/7XDZy6vfbed78yfr/Nj27r/bijf5q1tZ5szuu+n28N3Luqwn9ofPwsd0/uzC7Ofrg7rPLy9+++m8m0u37HI42l3lmVvTr7Z+H1X+P3uP578z++0/N630++U35x886HxR354NusHAGDp3mv8PbuqeK3Z9H+sF/P//wEAAIC+EHP/YJiJ/A8AAACVEXP/UJiJ/A8AAACVEXP/cJhJTfL/E3fvfPXd57L0boBzQTw97oaH7y22ix3v2fD1hrkz8u9/5Jsjr375ucVd92CWZb946AMdt3/i3riuwvG4zg+1fn+eq69f1PU//uiZ7ZrfP+H0zuLy4+1Z7GEQu8qvj29pXO6Gpycb842HssZ8ZPbF54vLL76O25/aWmz/1+FNS3YfGGg5/+awnhvD3BDeU+bh3Wf2Qz7j+V5df92/XvbpM9cXzzew6ZLGzXzlj4rLje8R9fJlxfbxdi+0/n/5yrdfzbd/6qbO639usPP6T4XL/XGYP99VbN+8z7/ctP4/CeuP1xfPd+c3vtdx/a9dVWz/WjguvhZm+/rv//MPvtvp/orXs/ue4nzx+if+b1vjfPHy4uW3r3/0ucmW/dF++W+8U1zOrid/OtS8ffx+vJ7o8Xtaj++BcP+29MizLPv2n2Yt+zn7cHG+f25bf7y84/d0Xv/tbes8PnB94/xnbs+6ltv11b/d0vH2xvXs/od1Lbfn5QfC/ntn/Pv55Z56JByP4fT//0Fxee3vZfraA63PN3H7r60rHrfx8sbb1v9y2/pnr8/3Xe/1P/hOsf7X7lvdsv7dHw/H04PF7LX+g39zacv5v/6t4v448cWxo8emTx7a37RXmx/Hq0fXrL3o4vddcml4Lm3/es+xmSemTmyY2DCRZRv68C0Dl3v93wjzf4sxe/6vofDDnxbH3UufKH5u3fKz4uuXw/cfD/dn/Pn41b8aaTle2+/32fuKea7rvy2sY7Gu+sp/X7+oDU999vWT//THb7W/Loi35/gVo43b98rGKxunDbxRnN7+fNXLf13R+rj+0fBEY3437Ne58M7Mm64srq/98uN7k7z0yeLxG1/JxfNnbe8nsm6o9Xac6/p/FF7HfO/q1ue/eHx897m2d3Nelw3kS5gNzw/ZbHF63Cru75dOX9nx+uL78GSz15zNMhc0/fT0+OFDR08+NT4zNT0zPv30M3uOHDt5dGZP471L93y+1/nPPL7XNh7f+6d2bMsaj/ZjxVhmK73+44/u23/XxM37pw7sPXlg5tHjUycO7pue3je1f/rmvQcOTH2x1/kP7d81uWXn1ru2jB08tH/X3Tt3bt05dujosXwZxaJ62DHxhbGjJ/Y0zjK9a9vOye3bt02MHTm2f2rXXRMTYyd7nb/xs2ksP/eTYyemDu+dOXRkamz60DNTuyZ37tixpee7Px45fmB6w/iJk0fHT05PnRgvbsuGmca38599vc5PPUwfC893bQbCq/PP3L4jvT9u7ptfWvCiik1aX55mb4f3goo/33p9HXP/SJhJTfI/AAAA1EHM/eGN/8+cIP8DAABAZcTcvzrMRP4HAACAyoi5fzTMpCb5X/9f/1//X/9f/1//fznp/+v/d6P/r//fz+vX/9f/p7ey9f9j7l+TZbXM/wAAAFAHMfevDTOR/wEAAKAyYu6/KMxE/gcAAIDKiLn/4jCTeuT/kfZ/6v/r/+v/N/f/47b6/5n+v/7/Eun/6/93o/+v/9/P6y9h/3+N/j9lU7b+f8z97wszqUf+BwAAgFqIuf+SMBP5HwAAACoj5v5Lw0zkfwAAAKiMmPvXhZnUJP/7/H/9f/1/n/+v/6//v5z0//X/u9H/1//v5/WXsP/v8/8pnbL1/2Pu/5Uwk5rkfwAAAKiDmPvfH2Yi/wMAAEBlxNx/WZiJ/A8AAACVEXP/5WEmNcn/+v/6//r/+v/6//r/y0n/vw/6/526lvr/i6L/r/+v/6//T3dl6//H3H9FmElN8j8AAADUQcz9V4aZyP8AAABQGTH3XxVmIv8DAABAZcTcf3WYSU3yv/6//r/+v/6//r/+/3LS/++D/n8n+v+Lov+v/6//r/9Pd2Xr/8fcf02YSU3yPwAAANRBzP3XhpnI/wAAAFAZMfd/IMxE/gcAAIDKiLl/fZhJTfK//r/+v/5/tfr/g/r/+v8l01/9/8EFT9H/L+j/t9L/1//X/9f/p7uy9f9j7v9gmElN8j8AAADUQcz914WZyP8AAABQGTH3Xx9mIv8DAABAZcTcvyHMpCb5X/9f/1//v1r9f5//r/9fNv3V/1+Y/n9B/7+V/r/+v/6//j/dla3/H3P/xjCTmuR/AAAAqIOY+zeFmcj/AAAAUBkx998QZiL/AwAAQGXE3H9jmElN8r/+v/6//r/+v/6//v9y0v/X/+9G/1//v5/Xr/+/uP7/ql4XRKWVrf8fc/9NYSY1yf8AAABQBzH33xxmIv8DAABAZcTcf0uYifwPAAAAlRFz/+Ywk5rkf/1//X/9f/1//X/9/+Wk/7/o/v+apaxL/7+g/780K92f7/f16//7/H96K1v/P+b+W8NMapL/AQAAoA5i7r8tzET+BwAAgMqIuf/2MBP5HwAAACoj5v6xMJOa5H/9f/1//X/9f/1//f/lVNX+f3oe9fn/+v/6//r/+v/6/yyobP3/mPvvCDOpSf4HAACAOoi5/84wE/kfAAAAKiPm/vEwE/kfAAAAKiPm/okwk5rk/9T//x/9/0z/X/9f/1//X///vKtq/38ZPv9/SevX/y/o/y/NSvfn+339+v/6//RWtv5/zP2TYSY1yf8AAABQBzH3bwkzkf8BAACgMmLu3xpmIv8DAABAZcTcvy3MpCb53+f/6//r/+v/6//r/y8n/X/9/270//X/+3n9+v/6/7Qa7PC9svX/Y+7fHmZSk/wPAAAAdRBz/44wE/kfAAAAKiPm/rvCTOR/AAAAqIyY++8OM6lJ/tf/1//X/9f/L2//v/X69f/1/zvR/9f/z/T/l2yl+/P9vn79f/1/eju//f9Lz7n/H3P/zjCTmuR/AAAAqIOY+z8UZiL/AwAAQGXE3H9PmIn8DwAAAH2l0+cQRjH3fzjMpCb5X/+/6v3/udX6//r//dv/b92f+v/6/53o/+v/Z/r/S7bS/fl+X7/+v/4/vZ3f/v+8l6dn3f+PuX9XmElN8j8AAADUQcz994aZyP8AAABQGTH33xdmIv8DAABAZcTcvzvMpCb5X/+/6v3/8n3+/0Cm/6//X9D/1/8/H/T/9f8z/f8lW2p/Prxs0f8vUf8/P4b0/ymjsvX/Y+6/P8ykJvkfAAAA6iDm/o+Emcj/AAAAUBkx9380zET+BwAAgMqIuf9jYSY1yf/6//r/Pv9f/1//X/9/Oen/6/93o//fn/3/SP+/PP1/n/9PWZWt/x9z/wNhJjXJ/wAAAFAHMfd/PMxE/gcAAIDKiLn/V8NM5H8AAACojJj7HwwzqUn+1//X/9f/1//X/9f/X076//r/3ej/6//38/r1//X/6a1s/f+Y+38tzKQm+R8AAADqIOb+h8JM5H8AAACojJj7PxFmIv8DAABAZcTc/+thJjXJ//r/F6b/P5guX/9f/1//X/9f//980v/X/8/0/5dspfvz/b5+/X/9f3orW/8/5v7fCDOpSf4HAACAOoi5/zfDTOR/AAAAqIyY+38rzET+BwAAgMqIuf/hMJOa5H/9f5//r/+v/1/a/v9w6/7U/9f/70T/X/8/0/9fspXuz/f7+vX/9f/prWz9/5j7fzvMpCb5HwAAAOog5v5HwkzkfwAAAKiMmPs/GWYi/wMAAEBlxNz/qTCTmuR//X/9f/1//f/S9v/b9qf+v/5/J/r/+v+Z/v+SrXR/vt/Xr/+v/09vZev/x9z/aJhJTfI/AAAA1EHM/Z8OM5H/AQAAoDJi7v+dMBP5HwAAACoj5v7fDTOpSf7X/9f/1//X/9f/1/9fTvr/8/v/+XPYSvb/Vy1mQ/3/RdH/1//X/9f/p7uy9f9j7v9MmElN8j8AAADUQcz9vxdmIv8DAABAZcTc//thJvI/AAAAVEbM/Y+FmdQk/+v/6//r/+v/6//r/y8n/X+f/9+N/r/+fz+vX/9f/5/eytb/j7n/s2EmNcn/AAAAUAcx9/9BmIn8DwAAAJURc/+eMBP5HwAAACoj5v7Hw0xqkv/1//X/9f/1//X/9f+Xk/6//n83+v/6//28fv1//X96K1v/P+b+vWEmNcn/AAAAUAcx938uzET+BwAAgMqIuX9fmIn8DwAAAJURc//+MJOa5H/9f/1//X/9f/1//f/lpP+v/9+N/r/+fz+vX/9f/5/eytb/j7l/KsykJvkfAAAA6iDm/gNhJvI/AAAAVEbM/QfDTOR/AAAAqIyY+58IM6lJ/tf/1//X/9f/1//X/19O+v/6/93o/+v/9/P69f/1/+mtbP3/mPsPhZnUJP8DAABAHcTc//kwE/kfAAAAKiPm/i+Emcj/AAAAUBkx9x8OM6lJ/tf/1//X/69g/39Y/z/T/y8N/X/9/270//X/+3n9+v/6//RWjv7/bPo65v4jYSY1yf8AAABQBzH3Hw0zkf8BAACgMmLuPxZmIv8DAABAZcTcfzzMpCb5X/9f/1//v4L9f5//36D/Xw76//r/3ej/6//38/r1//X/6a0c/f8zX8fc/4dhJjXJ/wAAAFAHMfefCDOR/wEAAKAyYu6fDjOR/wEAAKAyYu6fCTOpSf7X/9f/1//X/9f/1/9fTvr/+v/d6P/r//fz+vX/9f/prWz9/5j7T4aZ1CT/AwAAQB3E3P9kmIn8DwAA/JK9+8zR5Kz6OPzMa70YhBBrYQUsgTXwhS2QczQ555yTyTnnnHPOGQwmg0Eywn3OGfD0VPWMn6Lvus91fTmyMcytaWnQX9ZPBUwjd/894xb7HwAAAKaRu/9ecUuT/a//1//r/4fp/086P/2//l//f0X0//r/g/7/qp13P7/39+v/9f+sG63/z91/77ilyf4HAACADnL33ydusf8BAABgGrn77xu32P8AAAAwjdz994tbmux//b/+X/8/TP/v+//5c52x/79w8ZfV/x+X/l//f9D/X7Xz7uf3/n79v/6fdaP1/7n77x+3NNn/AAAA0EHu/gfELfY/AAAATCN3/wPjFvsfAAAAppG7/0FxS5P9r//X/+v/9f/6f9//35L+X/+/RP+v/9/z+/X/+n/Wjdb/5+5/cNzSZP8DAABAB7n7HxK32P8AAAAwjdz9D41b7H8AAACYRu7+h8UtTfa//l//r//X/+v/9f9b0v/r/5fo//X/e36//l//z7rR+v/c/Q+PW5rsfwAAAOggd/8j4hb7HwAAAKaRu/+RcYv9DwAAANPI3f+ouKXJ/tf/6//1//p//b/+f0v6f/3/Ev2//n/P75+3/79e/8/RbN7/3+26W+5Z+//c/dfFLU32PwAAAHSQu//RcYv9DwAAANPI3f+YuMX+BwAAgGnk7n9s3NJk/5/S/19z0P837f9vvqD/1/+P2f/fFH/K6P/1/5fS/+v/D/r/q3b5fv5svxP6/1n7f9//53g27/9Xev9b/3Xu/sfFLU32PwAAAHSQu//xcYv9DwAAANPI3f+EuMX+BwAAgGnk7n9i3NJk//v+v/7/mN//z/9d/f8J/b/v/+v/9f/6/2Ub9v/3yN/MM/T/tzvo/33//8j9/13P8H79Px2M1v/n7n9S3NJk/wMAAEAHufufHLfY/wAAADCN3P1PiVvsfwAAAJhG7v6nxi1N9r/+X/9/zP6/zff/73Dy39f///d79P/6/9Po//X/S3z/X/+/5/f7/r/+n3Wj9f+5+58WtzTZ/wAAANBB7v6nxy32PwAAAEwjd/8z4hb7HwAAAKaRu/+ZcUuT/a//1//r/33//zb1/9fo//X/y/T/+v8l+n/9/57fr//X/7NutP4/d/+z4pYm+x8AAAA6yN3/7LjF/gcAAIBp5O5/Ttxi/wMAAMA0cvc/N25psv/1//p//b/+3/f/9f9b0v9P1/9f0P9fpP/X/+v/9f8sG63/z93/vLilyf4HAACADnL3Pz9usf8BAABgGrn7XxC32P8AAAAwjdz9L4xbmux//b/+X/+v/9f/6/+3pP+frv/3/f//oP/X/+v/9f8sG63/z93/orilyf4HAACADnL3vzhusf8BAABgGrn7XxK32P8AAAAwjdz9L41bmux//b/+X/+v/9f/6/+3pP/X/y+Zuv+/9R9uh7P3/7e/zK+n/x/r/cfp//Onr/9nTqP1/7n7Xxa3NNn/AAAA0EHu/pfHLfY/AAAATCN3/yviFvsfAAAAppG7/5VxS5P9f7n+/8Y7nvzn+v+z0f+f/n79v/5f/6//1//r/5dM3f/7/v9R3jjy+33/X//PutH6/9z9r4pbmux/AAAA6CB3/6vjFvsfAAAAppG7/zVxi/0PAAAA08jd/9q4pcn+9/1//b/+X/+v/9f/b0n/r/9fsqP+/9rT/qb+X/+v/9f/s2y0/j93//VxS5P9DwAAAB3k7n9d3GL/AwAAwDRy978+brH/AQAAYBq5+98QtzTZ//p//f+59///p/9P+v/4uer/9f9XQP+v/z/4/v9VO+9+fu/v1//r/1k3Wv+fu/+NcUuT/Q8AAAAd5O5/U9xi/wMAAMA0cve/OW6x/wEAAGAaufvfErc02f/6f/3/uff/vv9f9P/xc9X/6/+vgP5f/3/Q/1+18+7n9/5+/b/+n3Wj9f+5+98atzTZ/wAAANBB7v63xS32PwAAAEwjd//b4xb7HwAAAKaRu/8dcUuT/a//1//r//X/+n/9/5b0//r/Jfp//f+e36//1/+zbrT+P3f/O+OWJvsfAAAAOsjd/664xf4HAACAaeTuf3fcYv8DAADANHL3vyduabL/9f977//vfkO8QP+v/9f/6/+HpP/X/y/R/+v/9/x+/b/+n3Wj9f+5+98btzTZ/wAAANBB7v73xS32PwAAAEwjd//74xb7HwAAAKaRu/8DcUuT/d+j////S/6xefp/3//X/+v/9f9j0//r/5fo//X/e36//l//z7rR+v/c/R+MW5rsfwAAAOggd/+H4hb7HwAAAKaRu//DcYv9DwAAANPI3f+RuKXJ/u/R/19K/3/i6P3/zXfW/+v/i/5f/3/Q/+v/V+j/9f97fv/U/f+Fg/6foxit/8/d/9G4pcn+BwAAgA5y938sbrH/AQAAYAa3jP3c/R+/+LdO2P8AAAAwjdz9n4gb7nKn83vS/5T+X//v+//6f/2//n9L+n/9/xL9v/5/z++fuv/3/X+OZLT+P3f/J+MW//4fAAAAppG7/1Nxi/0PAAAA08jd/+m4xf4HAACAaeTu/0zc0mT/6//1//p//b/+X/+/Jf2//n+J/l//v+f36//1/6wbrf/P3f/ZuKXJ/gcAAIAOcvd/Lm6x/wEAAGAaufs/H7fY/wAAADCN3P1fiFua7H/9v/5f/6//1//r/7ek/9f/L9H/6//3/H79v/6fdaP1/7n7vxi3NNn/AAAA0EHu/i/FLfY/AAAATCN3/5fjFvsfAAAAppG7/ytxS5P9r//X/+v/9f/6f/3/lvT/+v8l+n/9/57fr//X/7NutP4/d/9X45Ym+x8AAAA6yN3/tbjF/gcAAIBp5O7/etxi/wMAAMA0cvd/I25psv9n7v+X/jH9/wn9v/7/oP/X/29M/6//X6L/1//v+f36f/0/60br/3P3fzNuabL/AQAAoIPc/d+KW+x/AAAAmEbu/m/HLfY/AAAATCN3/3filib7f+b+f4n+/4T+X/9/0P/r/zem/9f/L9H/6//3/H79v/6fdaP1/7n7vxu3NNn/AAAA0EHu/u/FLfY/AAAATCN3//fjFvsfAAAAppG7/wdxS5P9r//X/+v/9f/6/w37//wL/b/+X/9/Kv2//n/P79f/6/9ZN1r/n7v/h3FLk/0PAAAAHeTu/1HcYv8DAADANHL3/zhusf8BAABgGrn7fxK3NNn/+n/9v/5f/6//9/3/Len/9f9L9P/6/z2/X/+v/2fdaP1/7v6fxi1N9j8AAAB0kLv/Z3GL/Q8AAADTyN3/87jF/gcAAIBp5O7/RdzSZP/fpv7/Wv1/0v+f/n79v/5f/6//b9v///v/VvX/q/T/+v89v1//r/9n3Wj9f+7+X8YtTfY/AAAAdJC7/1dxi/0PAAAA08jd/+u4xf4HAACAaeTu/03c0mT/+/6//l//r//X/+v/t9S2//f9/zPR/+v/9/x+/b/+n3Wj9f+5+2+IW5rsfwAAAOggd/9v4xb7HwAAAKaRu/93cYv9DwAAANPI3X9j3NJk/+v/9f9T9v/X6v/1//r/Uej/9f9L9P/6/z2/X/+v/2fdaP1/7v7fxy1N9j8AAAB0kLv/D3GL/Q8AAADTyN3/x7jF/gcAAIBp5O7/U9zSZP/r//X/U/b/vv+v/9f/D0P/r/9fov/X/+/5/fp//T/rRuv/c/f/OW5psv8BAACgg9z9f4lb7H8AAACYRu7+v8Yt9j8AAABMI3f/3+KWJvtf/6//1//r//X/+v8t6f/1/0v0//r/Pb9f/6//Z91o/X/u/r/HLU32PwAAAHSQu/+muMX+BwAAgGnk7v9H3GL/AwAAwDRy9/8zbmmy//X/+n/9v/5f/6//35L+X/+/RP+v/9/z+/X/+n/Wjdb/5+7/VwAAAP//byMklQ==") r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x42, 0x30) truncate(&(0x7f0000000040)='./file2\x00', 0x80003) write$FUSE_WRITE(r1, &(0x7f00000000c0)={0x18}, 0xfffffdef) r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x47) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r2, 0xc0185879, &(0x7f0000000000)={@desc={0x1, 0x0, @desc2}}) write$sndseq(r0, 0x0, 0x0) write$sndseq(r0, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0xc0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x10008095, 0x0, 0x0) write$sndseq(r0, 0x0, 0x0) 4.719888543s ago: executing program 3 (id=612): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) ppoll(&(0x7f00000001c0)=[{0xffffffffffffffff, 0x40}], 0x1, &(0x7f0000000240)={0x0, 0x989680}, 0x0, 0x0) ioctl$NS_GET_OWNER_UID(r4, 0xb704, &(0x7f0000000280)=0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0xc018937b, &(0x7f0000000300)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r5}}, './file0\x00'}) r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r6, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x9, 0x0, &(0x7f0000000040), 0x0, 0x0}}) quotactl$Q_GETINFO(0xffffffff80000500, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$tipc(0x1e, 0x5, 0x0) 4.436056587s ago: executing program 0 (id=613): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x24, 0x1, 0x4, 0x5, 0x0, 0x0, {0x3}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_FLAGS={0x6}]}, 0x24}}, 0x80) 2.784005341s ago: executing program 0 (id=614): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="640000000206010200000000000000000000fdff140007800800134001a576ea08000640000000010500010006000000050005000a00000005000400000000000900020073797a310000000016000300686173683a6e65742c706f7274"], 0x64}, 0x1, 0x0, 0x0, 0x24000000}, 0x0) 2.531757634s ago: executing program 0 (id=615): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_switch\x00', r4}, 0xe) r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) close(r5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r7}, &(0x7f0000000000), &(0x7f0000000080)=r5}, 0x20) recvmsg$unix(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x22fe0}], 0x1}, 0x0) 1.460055499s ago: executing program 0 (id=616): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000400070001"], 0x50) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket$inet_udp(0x2, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_sctp(0xa, 0x5, 0x84) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_route(0x10, 0x3, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) setsockopt$IP_VS_SO_SET_EDIT(0xffffffffffffffff, 0x0, 0x483, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) socket$inet_icmp(0x2, 0x2, 0x1) socket$alg(0x26, 0x5, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000000200000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) socket$nl_route(0x10, 0x3, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES64=r1], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 1.366517151s ago: executing program 5 (id=532): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df}) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) syz_mount_image$hfsplus(&(0x7f0000000240), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@umask}, {}, {@nls={'nls', 0x3d, 'cp865'}}, {@uid}, {@nobarrier}, {@uid}]}, 0x20, 0x6de, &(0x7f0000000f40)="$eJzs3U9sW3cdAPDvsx0n7qTMG+1WEFKjVVSwQpvEjBYJiYIQymGCSlx2DW26RnWyKslQWiHqAYMjnFAPOwyhcNgJcUAa4oAYZyQk7r1X4sCt4oDRe34vsZ3Esds4abvPR3p+v+f3+/N9X//es/3SygF8ai28FROtSGLh/Jub6faDrUbzwVZjpShHxGRElCIqnVUkqxHJJxFXorPEZ9Mn8+6S/cZ54+HHH5y7/1Gjs1XJl6x+aVC7He0BI7TyJWYiopyvR1TZr79re/R3b6Suk+2404SdLRIHx629S2uU5kOct8DT7l5EeWKP5+sRJyJiKv8cEPnVoXTE4R26ka5yAAAA8HQqH1ThxUfxKDZj+mjCAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdD0vnNwCRfSkV5JpL89/+/n1fLVKvHG+4BvnzA/vdvHFEgAAAAAAAAAHD4JnaKZx7Fo9iM6WK7nWR/838t2ziZPb4Q78Z6LMVaXIjNWIyN2Ii1mIuYmO7qs7q5uLGxNre75W8ibdlut+/lLecjor6r5fyYjxkAAAAAAAAAnm8/jYWYPu4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgWxJR7qyy5WRRrkepEhFTEVFN67Ui/lKUn2V/Pe4AAAAAYPxq+Xo6+V+n0E6y7/yvZN/7p+LdWI2NWI6NaMZSXM/uBXS+9Zf+2Wo0H2w1VtJld8ff+vdIcWQ9RkQ53ttn5NmsxqntFgvx3fhBnI+ZuBprsRw/isXYiKWYiVp6ELEYSdRrnbsX9SLO3njLeVdXekK52h/bmb7t01kktbgRy1lsF+JateitlNVI4nTXaH+qRvRl6L00O8k3c0Pm6HrX6/Xr/L5Mrv3ikH2MRz078ontjMymuc+z8dLeuS+MOE/6R5qL0vY9qJM7o6Sb/SMVOf/hKDk/ka/TXP+iN+eHbcRbaf2ZmI9SPvsiXunN+e0v3H+5t/GX/vW3qzdLq7du3lg/P8ZDGquJotCfiUZXJl4dPPvyTDTTTLSGz8RE/xNTT3Ach6iaZ6NzYRvuavmdrLQYr3VNwXfieizFpZiNubgcs/H1mI9Gzww71ZPXSmOlNyfZuVbafX2rDQj+7Be7Kv3ygMpHK83LS1157b7S1bN9+TNXfhWzXVl6efDse5x3gcrn8kI6xs+233GeBj2ZyK/NRXTFG9Q+mfhtO31cb67eWru5eHvI8c7l6/S0fb/32vy7Jz6YJ5LOl/SKW8m2spzUivmS7vvMdrS9+armf3HptCvt2ndqe189pmM5vrfvmVrNP8Pt7qmz79U99zWyfae79vV8yol3opl9CukzczRZBWBoJ14/Ua09rP2j9mHt57WbtTenvj15efLz1Zj4e+XP5T+Ufl/6RvJ6fBg/ienjjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4H63fu3lpsNpfWxlioPuZYUTqwztYLw3UY9YjBYyV5oTrubDwFhf9MDcxGLcY0+h8jYkCd6hMPkYx/PqcT+VA6LH44LXumXR6heaVotXedSqxP7fcKTu687lG/tdj8b7unTi26ThngOXdxY+X2xfU7d7+yvLL49tLbS6vzly9dvtT42txXL95Ybi7Ndh6PO0pgHNbv3C0fdwwAAAAAAAAAAADAaPJ//b/x2P+ZoXJAnera+t4jnznqQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeUQtvxUQrkpibvTCbbj/YajTTpSjv1KxERCkikh9HJJ9EXInOEvWu7pL9xnnj4ccfnLv/UWOnr0pRvzSo3XBa+RIzEVHO1web3KOb3f1d6+qv9VjhJdtHmCbsbJE4OG7/DwAA//9tSfWT") syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000006, 0x4132, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r5, &(0x7f0000001fc0)=""/184, 0xb8) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000080)={0x3, 0x1, 0x3, 0x2, 0x5, 0x81, 0x6, 0x152, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f0000000500)={0x800080, 0x856, 0xb, 0x9, 0x40, 0x558}) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x0}, 0x20) 1.313606232s ago: executing program 3 (id=617): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000001000)={[{@iocharset={'iocharset', 0x3d, 'macromanian'}}, {}, {@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@utf8}, {@errors_remount}, {@sys_tz}, {@umask={'umask', 0x3d, 0x400}}, {@discard}, {@utf8}, {@errors_continue}]}, 0x1, 0x1527, &(0x7f0000001f80)="$eJzs3AuYTtUaOPD3XWvtMSbxNcllWGu9my+5LJMkuSTJJUkqSZJbQpLkSELFEJI0JCG5DEkMIblMTBr3+/0akqRJktxyS9b/mfB3Op3z71z65zxn3t/z7GfWO3uvtd/9vd/+vrX3fPN912VwzUa1qjUgIviP4IUfSQAQCwD9ASAPAAQAUC6+XHzW+pwSk/6znbA/1kOpVzoDdiVx/bM3rn/2xvXP3rj+2RvXP3vj+mdvXP/sjevPWHa2YUrBa3jJvgvf/8/O+P3/f0hm6dFfrSp9XVeAmH+2C9c/e+P6/88K/pmNuP7ZG9c/u4q90gmw/wJ8/mcHOf7hGq5/9sb1Zyw7u9L3n6/0ApH/ssfgcM4Lhfmzjp8xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGPsTnPaXKQC41L7SeTHGGGOMMcYYY+yP43Nc6QwYY4wxxhhjjDH2/x+CAAkKAoiBHBALOSEOBABcDbkhD0TgGoiHayEvXAf5ID8UgIKQAIWgMGgwYIEghCJQFKJwPRSDG6A4lICSUAoclIZEuBHKwE1QFm6GcnALlIdboQJUhEpQGW6DKnA7VIU7oBrcCdWhBtSEWnAX1Ia7oQ7cA3XhXqgH98H98ADUhwehATwEDeFhaASPQGN4FJpAU2gGzaHFv9X/BXgRXoIe0BOSoBf0hpehD/SFfvAK9IdXYQC8BgPhdUiGQTAY3oAh8CYMhbdgGAyHEfA2jIR3YBSMhjEwFlJgHIyHd2ECvAcT4X2YBJMhFabAVPgApsF0mAEfwkz4CGbBbJgDcyENPoZ5MB/S4RNYAJ9CBiyERbAYlsBSWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBtthB3wGO2EX7IbPYQ988S/2P/U3/bsiIKBAgQoVxmAMxmIsxmEc5sJcmBtzYwQjGI/xmBfzYj7MhwWwACZgAhbGwmjQICFhESyCUYxiMSyGxbE4lsSS6NBhIiZiGbwJy2JZLIflsDyWxwpYEStiZayMVbAKVsWqWA2rYXWsjjWxJt6Fd2EvrIN1sC7WxXpY79LtKWyADbAhNsRG2AgbY2Nsgk2wGTbDFtgCW2JLbIWtsA22wbbYNnLpid0BO2BH7IidsBN2xs7YBbtgV+yG3TJfyAH4Er6EPbG66IW9sTf2weQc/fAVfAVfxQH4Gr6Gr2MyDsLB+Aa+gW/iUDyJw3A4jsARWEW8g6NwNJIYiymYguNxPE7ACZi10/dxMqbiFJyKU3EaTsfp+CHOxI/wI5yNs3EupmEazsP5mI7puABPYQYuxEW4GJfgUlyCy3EFLsdVuBpX4Vpci+txPW7EjbgZN+NW3IrbUQHgZ7gLd2Ey7sE9uBf34j7ch/txP2ZiJh7AA3gQD+IhPISH8TAewaN4DI/iCTyBJ/EUnsbTeBbP4jl8LuGbhttLrEwGkUUJJWJEjIgVsSJOxIlcIpfILXKLiIiIeBEv8oq8Ip/IJwqIAiJBJIjCorAwwggSYQwAiKiIimKimCguiouSoqRwwolEkSjKiDKirCgryolbRHlxq6ggKorWrrKoLKqINq6quENUE9VEdVFD1BS1RC1RW9QWdUQdUVfUFfVEPXG/eEDUF72wHz4ksirTSAzCxmIwNhFNhbxY6JZiKLYSrUUb8YQYjsOwnWjp2ounRQcxCjuKv4jR+KzoLMZiF/G86Cq6ie7iBfGiaOV6iJ5iIvYSvcVk7CP6in7iFTENa4gPcWbOmuJ1kSwGicHiDTEX3xRDxVtimBguRoi3xUjxjhglRosxYqxIEePEePGumCDeExPF+2KSmCxSxRQxVXwgponpYob4UMwUH4lZYraYI+aKNPGxmCfmi3TxiVggPhUZYqFYJBaLJWKpWCaWixVipVglVos1Yq1YJ9aLDWKj2CRiYYvYKraJ7WKH+EzsFLvEbvG52CO+EHvFl2Kf+ErsF1+LTPGNOCC+FQfFd+KQ+F4cFj+II+KoOCaOixPiR3FSnBKnxRlxVvwkzomfxXnhBUiUQkqpZCBjZA4ZK3PKOHmVzCWDi4/uNTJeXivzyutkPplfFpAFZYIsJAtLLY20kmQoi8iiMiqvl8XkDbK4LCFLylLSydIyUd4oy8ibZFl5sywnb5Hl5a2ygqwoK8nK8jZZRd4u4eK5Wl3WkDVlLXmXTIK7ZR15j6wr75X15H3yfvmArC8flA3kQ7KhfFg2ko/IxvJR2UQ2lc1kc9lCPiZbysdlK9latpFPyLbySdlOPiXby6dlB+kvPkWelZ3lc7KLfF52ld1kd/mzPC+97CF7SugFsrd8WfaRfWW/WACQr8oB8jU5UL4uk+UgOVi+IYfIN+VQ+ZYcJofLEfJtOVK+I0fJ0XKMHCtT5Dg5Xr4rJ8j35ET5vpwkJ8tUOUX2k/1/GWmGlL/b/92/6e/xQtaD5Hq5QW6Um+RmuUVuldvkdrlD7pA75U65W+6We+QeuVfulfvkPrlf7peZMlMekAfkQXlQHpKH5GF5WB7JeVSekcflCfmjPClPyVPyjDwrz8pzFx8DUKiEkkqpQMWoHCpW5VRx6iqVS12tcqs8KqKuUfHqWpVXXafyqfyqgCqoElQhVVhpZZRVpEJVRBVVUXX9xaxBlVSllFOlVaK68V/pr4qpG1RxVeJX/S/ll/QP8muhWqiWqqVqpVqpNqqNaqvaqnaqnWqv2qsOqoPqqDqqTqqT6qw6qy6qi+qquqrupU5e/MBjD5WkklRv9bLqo/qqfuoV1V+9qgaoAWqgGqiSVbIarAarIWqIGqqGqmFqmBqhRqiRaqQapUapMWqMSlEparwaryaoCWqimqgmqUkqVaWqqWqqmqamqRlqhpqpZqpZapaao+aoNJWm5ql5Kl2lqwVqgcpQC9VCtVgtVkvVUrVcLVcr1Uq1Wq1Wa9ValaE2qA1qk9qktqgtapvapnaoHWqn2Kl2q91qj9qj9qq9ap/ap/ar/SpTZaoD6oA6qA6qQ+qQOqwOqyPqiDqmjqkT6oQ6qU6q0+q0OqvOqnPqnDqvzmdN+wIRiEAFKogJYoLYIDaIC+KCXEGuIHeQO4gEkSA+iA/yBtcF+YL8QYGgYJAQFAoKBzowgQ3ExaJHg+uDYsENQfGgRFAyKBW4oHSQGNwYlAluCsoGNwflgluC8sGtQYWgYlApqBzcFlQJbg+qBncE1YI7g+pBjaBmUCu4K6gd3B3UCe4J6gb3BvWC+4L7gweC+sGDQYPgoaBh8HDQKHgkaBw8GjQJmgbNguZBiz90fO9P5n/c9dA9dZLupXvrl3Uf3Vf306/o/vpVPUC/pgfq13WyHqQH6zf0EP2mHqrf0sP0cD1Cv61H6nf0KD1aj9FjdYoep8frd/UE/Z6eqN/Xk/Rknaqn6Kn6Az1NT9cz9Id6pv5Iz9Kz9Rw9V6fpj/U8PV+n60/0Av2pztAL9SK9WC/RS/UyvVyv0Cv1Kr1ar9Fr9Tq9Xm/QG/UmvVlv0Vv1Nr1d79Cf6Z16l96tP9d79Bd6r/5S79Nf6f36a52pv9EH9Lf6oP5OH9Lf68P6B31EH9XH9HF9Qv+oT+pT+rQ+o8/qn/Q5/bM+r33W5D7r7d0oo0yMiTGxJtbEmTiTy+QyuU1uEzERE2/iTV6T1+Qz+UwBU8AkmART2BQ2WciQKWKKmKiJmmKmmCluipuSpqRxxplEk2jKmDKmrClryplyprwpbyqYCqaSqWRuM7eZ283t5g5zh7nT3GlqmBqmlqllapvapo6pY+qauqaeqWfuN/eb+qa+aWAamIamoWlkGpnGprFpYpqYZqaZaWFamJampWllWpk2po1pa9qadqadaW/amw6mg+loOppOppPpbDqbLqaL6Wq6mu6mu3nRvGh6mB4mySSZ3qa36WP6mH6mn+lv+psBZoAZaAaaZJNsBpvBZogZYoaaoWaYGW5GZE1UzTtmlBltxpixJsWkmPFmvJlgJpiJZqKZZCaZVJNqppqpZpqZZmaYGWammWlmmVlmjplj0kyamWfmmXSTbhaYBSbDZJhFZpFZYpaYZWaZWWFWmFVmlVkDa8w6s85sMBvMJrPJbDFbzDazzewwO8xOs9PsNrvNHrPH7DV7zT6zz+w3+02myTQHzAFz0Bw0h8whc9gcNkfMEXPMHDMnzAlz0pw0p81pc9bkv/h+6U2szWnj7FU2l73a5rZ57N/GBWxBm2AL2cJW23w2/69iY60tbkvYkraUdba0TbQ3/iauYCvaSrayvc1Wsbfbqr+Ja9u7bR17j61r77W17F2/iuvZ+2zW7KQ+IoBtahva5raRfcQ2to/aJrapbWab27b2SdvOPmXb26dtB/vMb+J5dr5dYVfaVXa13Wl32dP2jD1ov7Nn7U+2h+1p+9tX7QD7mh1oX7fJdtBv4hH2bTvSvmNH2dF2jB37m3iSnWxT7RQ71X5gp9npv4nT7Md2pk23s+xsO8fO/SXOyindfmIX2E9thg1gkV1sl9ildpldfilXn8eutevservDfmY32c12i91qt12aCNtddrf93O6xX9gD9lu7z35l99tDNtN+80ucdXyH7Pf2sP3BHrFH7TF73J6wP6pLvbOO/bj92Z633gIhAUlSFFAM5aBYyklxdBXloqspN+WhCF1D8XQt5aXrKB/lpwJUkBKoEBUmTYYsEYVUhIpSlK6nS+mVpFLkqDQl0o1Uhm6isnQzlaNbqDzdShWoIlWiynQbVaHbqSrdQdXoTqpONagm1aK7qDbdTXXoHqpL91I9uo/upweoPj1IDeghakgPUyN6hBrTo9SEmlIzak4t6DFqSY9TK2pNbegJaktPUjt6itrT09SBnqGO9BfqRM9SZ3qOutDz1JW6UXd6gV6kl6gH9aQk6kW96WXqQ32pH71C/elVGkCv0UB6nZJpEA2mN2gIvUlD6S0aRsNpBL1NI+kdGkWjaQyNpRQaR+PpXZpA79FEep8m0WRKpSk0lT6gaTSdZtCHNJM+olk0m+bQXEqjj2kezad0+oQW0KeUQQtpES2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/RTtpFu+lz2kNfENKXtI++ov30NWXSN3SAvqWD9B0dou99T/qBjtBROkbH6QT9SCfpFJ2mM3SWfqJz9DOdJ08QYihCGaowCGPCHGFsmDOMC68Kc4VXh7nDPGEkvCaMD68N84bXhfnC/GGBsGCYEBYKC4c6NKENKQzDImHRMBpeHxYLbwiLhyXCkmGp0IWlw8TwxrBMeFNYNrw5LBfeEpYPbw0rhBXDR+6tHN4WVglvD6uGd4TVwjvD6mGNsGZYK7wrrB3eHdYJ7wnrhveGZcP7wvvDB8L64YNhg/ChsGH4cNgofCRsHD4aNgmbhs3C5mGL8LGwZfh42CpsHbYJnwjbhk+G7cKnwvbh02GH8Jlf1t83/x+vTwp7hb3Dl8OXQ+/vkXOic6Np0Y+j86Lzo+nRT6ILop9GM6ILo4uii6NLokujy6LLoyuiK6Oroquja6Jro+ui66Pe18oBDp1w0ikXuBiXw8W6nC7OXeVyuatdbpfHRdw1Lt5d6/K661w+l98VcAVdgivkCjvtjLOOXOiKuKIu6q53xdwNrrgr4Uq6Us650i7RNXctXAvX0j3uWrnWro17wj3hnnRPuqfcU+5p18E94zq6v7hO7lnX2T3nnnPPu66um+vuXnAvunG5L5yTSa636+36uD6un+vn+rv+boAb4Aa6gS7ZJbvBbrAb4oa4oW6oG+aGuRFuhBvpRrpRbpQb48a4FJfixrvxboKb4Ca6iW6Sm+RSXaqb6qa6aW6aqzL9wl5muVlujpvj0lyam+ey5ozpboFb4DJchlvkFrklbolb5pa5FW6FW+VWuTVujVvn1rkNboPb5Da5LW6L2+a2uR1uh9vp81wY1O1xe91et8/tc/vd1y7TfeMOuG/dQfedO+S+d4fdD+6IO+qOuePuhPvRnXSn3Gl3xp11P7lz7md33nmXEhkXGR95NzIh8l5kYuT9yKTI5EhqZEpkauSDyLTI9MiMyIc5L754ReZE5kbSIh9H5kXmR9Ijn0QWRD6NZEQWRhZFFkeWRJZGvC+0KfRFfFEf9df7Yv4GX9yX8CV9Ke98aZ/ob/Rl/E2+rL/Zl/O3+PL+Vl/BV/SV/KO+iW/qm/nmvoV/zLf0j/tWvrVv45/wbf2Tvp1/yrf3T/sO/hnf0f/Fd/LP+s7+Od/FP++7+m6+u3/Bv+hf8j18T5/ke/ne/mXfx/f1/fwrvr9/1Q/wr/mB/nWf7Af5wf4NP8S/6Yf6t/wwP9yPiHnbj7x0iQxjfYof58f7d/0E/56f6N/3k/xkn+qn+Kn+Az/NT/cz/Id+pv/Iz/Kz/Rw/16f5j/08P9+n+0/8Av+pz/ALL91U9sv8cr/Cr/Sr/Gq/xq/16/x6v8Fv9Jv8Zr/Fb/Xb/Ha/w3/md/pdfrf/3O/xX/i9/ku/z3/l9/uvfab/xh/w3/qD/jt/yH/vD/sf/BF/1B/zx/0J/6M/6U/50/6MP+t/8uf8z/48/88aY4wxxtg/Zdzlpvj1mgu383v9nT7irzbuDQBXby6Y+dfrs2aUa/JdaPcVCb/8Qfbpnl0eurRUr56UlHRx2wwJQdHZWfPry/1j4HK8ENrAk9AeWkOZv5t/X9HtLP3O+NFbAOL+qk8sXI4vj/8lACb9nfEfe2LEvPLh6fj/x/izAYoXvdwn65LhUrwQ2vxyf6U1lP0H+edv+Tv55/wqBaDVX/XJBZfjy/knwuPwDLT/1ZaMMcYYY4wxxtgFfUWlTpeuPy994vPvXZ8nqMt9csDl+PeuzxljjDHGGGOMMXblPdut+1OPtW/futO/3qj6+9uof2/kXxqN4d9NjBv/VsN7gP9bOAD4DwcEyGrIP/MoNv4p+0q+eOr87aolZ3wA/x2l/CMaV/iFiTHGGGOMMfaHuzzp//Xv1ZVKiDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYy4b+0+94g3/iW/qu9DEyxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjV9r/CQAA//8OCvjj") openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0) r3 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) add_key$user(0x0, 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd) keyctl$read(0xb, r3, &(0x7f0000000240)=""/112, 0x349b7f55) 1.057126135s ago: executing program 4 (id=618): syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) setrlimit(0x4, &(0x7f0000000000)={0x8, 0x5}) add_key(0x0, 0x0, &(0x7f0000000100), 0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000d, 0x40010, 0xffffffffffffffff, 0x80590000) r1 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x16fa, 0x800, 0x4, 0x8}, &(0x7f0000000340)=0x0, &(0x7f0000000140)) readv(0xffffffffffffffff, &(0x7f0000001580)=[{0x0}, {&(0x7f00000000c0)=""/4096, 0x1000}], 0x2) r3 = syz_open_dev$video4linux(&(0x7f00000002c0), 0x10000, 0x0) ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r3, 0xc0305616, &(0x7f0000000240)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000010c0)=ANY=[@ANYBLOB="4400000010000000000000000400002e00000040", @ANYRES64=r2, @ANYRES8=r3], 0x44}}, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(0xffffffffffffffff) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x3}}, 0x0) write$binfmt_misc(r4, &(0x7f0000000000), 0xfffffecc) r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000021c0)={0x20, 0x0, 0x1, 0x300, 0x0, {0x3, 0x2, 0x2}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x40030000000000}, 0x0) splice(r5, 0x0, 0xffffffffffffffff, 0x0, 0x4ffe2, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, 0x0, 0x0, 0x4) io_uring_enter(r1, 0x3516, 0x0, 0x4, 0x0, 0x0) 934.970897ms ago: executing program 0 (id=619): ioprio_set$pid(0x1, 0x0, 0x6000) add_key(&(0x7f00000018c0)='big_key\x00', &(0x7f0000001900)={'syz', 0x1}, &(0x7f0000001940)='\f', 0xfffff, 0xfffffffffffffffe) rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x400000000, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x987c, 0x2000, 0x3, "0062ba7d82000000000000000000f7ffffff00"}) syz_open_pts(r0, 0x0) connect$rxrpc(0xffffffffffffffff, &(0x7f0000000140)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x4e24, @multicast2}}, 0x24) sendmmsg(0xffffffffffffffff, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYRES16], 0x18}}], 0x1, 0x0) r1 = syz_open_dev$midi(&(0x7f00000001c0), 0x2, 0x40c01) r2 = socket(0x840000000002, 0x3, 0xff) mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1) select(0x2a, 0x0, &(0x7f0000000340), &(0x7f0000001900), &(0x7f0000000440)) read(r1, &(0x7f0000000300)=""/65, 0x41) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x2) bind$tipc(r2, &(0x7f0000000400)=@nameseq={0x1e, 0x1, 0x1, {0x40, 0x3, 0x4}}, 0x10) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000003c0), 0x2, 0x1}}, 0x20) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]}) socket(0xa, 0x2, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) 0s ago: executing program 5 (id=620): socket$nl_generic(0x10, 0x3, 0x10) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000020c0)=ANY=[], 0x1, 0x1f0, &(0x7f00000022c0)="$eJzsmb9rFEEUx78z++NiEMHGwsbCgBHN3u6ehjQpIlgKQhS1PMwaopucXFZIAmKCjY2lhWBrY2lhYWXhX2CrhQqChSnthJF5O7s73u0dpxyemPeBe/fdt29n5s0x32IPDMMcWD5/+v7x8YWFK2cBHMYMGib/1alqpFX/4em9M08WLz57+f75240j91/3jicAKDX6/D6AN0sOMgg3z/z69AzFXUsDVyFx2uhrEAhIuT8UkecTCNwwNbct3TlkRJoENzvpyq21NAl1iHSIdWjZ8+tF7e8JrACYotUpJaz7m9s7d9ppmnR7haeKefpu/a4Ytn+0viWJRRS7p5T+va4/erinrwOTDyHL/YsgERndgsCy0QtoIAiCakus/o+71fjOKP1PVrwgcXTub01anJF/off/WHhjGUf0ZvSBLjPH9gsPtGu+TKDleW8845BxAei79W46TS/lGfXgD86yX7NRpaj8STv7KcufXLilfzSz9bvNze2dubX19mqymmzEcWs+PBeG5+MmGVEeh/jfFPnTtDW+N6DWFz622lnWjbaArBuV13EeLcddftX5Rs9I8j+J2ZN0SZ5KbTfq5xDmI+lbq1mnvnJ3YE8MwzAMwzAMwzAMwzAMwzD1nIBA/k+YEuaFaB3xZXpD+TMAAP//eRpmJg==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) userfaultfd(0x80001) r2 = socket(0x2b, 0x80801, 0x1) setsockopt$IPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x41, &(0x7f0000000440)={'security\x00', 0x4, [{}, {}, {}, {}]}, 0x68) openat(0xffffffffffffff9c, 0x0, 0x101042, 0x35) kernel console output (not intermixed with test programs): ize (512) [ 113.242936][ T4705] loop2: detected capacity change from 0 to 40427 [ 113.250485][ T4727] loop3: detected capacity change from 0 to 64 [ 113.464751][ T4705] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 113.464856][ T4705] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 113.478557][ T4705] F2FS-fs (loop2): invalid crc value [ 114.667485][ T4705] F2FS-fs (loop2): Found nat_bits in checkpoint [ 114.988058][ T4744] netlink: 16 bytes leftover after parsing attributes in process `syz.3.127'. [ 114.996955][ T4744] netlink: 4 bytes leftover after parsing attributes in process `syz.3.127'. [ 115.616956][ T4705] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 115.949151][ T4705] F2FS-fs (loop2): Start checkpoint disabled! [ 117.039501][ T26] audit: type=1326 audit(1747474272.852:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4745 comm="syz.4.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca023f969 code=0x7ffc0000 [ 117.211071][ T26] audit: type=1326 audit(1747474272.852:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4745 comm="syz.4.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca023f969 code=0x7ffc0000 [ 117.265876][ T4768] netlink: 'syz.0.138': attribute type 1 has an invalid length. [ 117.744047][ T4184] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 117.753778][ T4184] CPU: 1 PID: 4184 Comm: kworker/u5:5 Not tainted 5.15.182-syzkaller #0 [ 117.762107][ T4184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 117.772188][ T4184] Workqueue: hci4 hci_rx_work [ 117.776866][ T4184] Call Trace: [ 117.780146][ T4184] [ 117.783070][ T4184] dump_stack_lvl+0x168/0x230 [ 117.787748][ T4184] ? show_regs_print_info+0x20/0x20 [ 117.792942][ T4184] ? load_image+0x3b0/0x3b0 [ 117.797449][ T4184] sysfs_create_dir_ns+0x252/0x280 [ 117.802554][ T4184] ? __lock_acquire+0x7c60/0x7c60 [ 117.807584][ T4184] ? sysfs_warn_dup+0xa0/0xa0 [ 117.812266][ T4184] ? le_conn_complete_evt+0xcbc/0x1590 [ 117.817745][ T4184] ? hci_event_packet+0xe05/0x12f0 [ 117.822851][ T4184] ? process_one_work+0x863/0x1000 [ 117.827963][ T4184] ? do_raw_spin_unlock+0x11d/0x230 [ 117.833177][ T4184] kobject_add_internal+0x662/0xd00 [ 117.838375][ T4184] kobject_add+0x152/0x210 [ 117.842793][ T4184] ? kobject_init+0x1d0/0x1d0 [ 117.847505][ T4184] ? klist_children_get+0x50/0x50 [ 117.852551][ T4184] ? get_device_parent+0x121/0x3f0 [ 117.857669][ T4184] device_add+0x483/0xfb0 [ 117.862012][ T4184] hci_conn_add_sysfs+0xd1/0x1e0 [ 117.866947][ T4184] le_conn_complete_evt+0xcbc/0x1590 [ 117.872242][ T4184] ? cs_le_create_conn+0x5e0/0x5e0 [ 117.877355][ T4184] ? __mutex_trylock_common+0x14f/0x250 [ 117.882900][ T4184] hci_le_meta_evt+0x289/0x3b80 [ 117.887744][ T4184] ? hci_event_packet+0x36d/0x12f0 [ 117.892846][ T4184] ? hci_event_packet+0x2e2/0x12f0 [ 117.897946][ T4184] ? __lock_acquire+0x7c60/0x7c60 [ 117.902974][ T4184] ? hci_remote_host_features_evt+0x280/0x280 [ 117.909120][ T4184] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 117.914746][ T4184] ? mark_lock+0x94/0x320 [ 117.919071][ T4184] ? mutex_unlock+0x10/0x10 [ 117.923564][ T4184] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 117.929539][ T4184] ? lock_chain_count+0x20/0x20 [ 117.934387][ T4184] ? __rwlock_init+0x140/0x140 [ 117.939144][ T4184] hci_event_packet+0xe05/0x12f0 [ 117.944109][ T4184] ? lockdep_hardirqs_on+0x94/0x140 [ 117.949310][ T4184] ? rcu_lock_release+0x20/0x20 [ 117.954155][ T4184] ? hci_send_to_monitor+0x9c/0x4a0 [ 117.959348][ T4184] hci_rx_work+0x255/0xa10 [ 117.963778][ T4184] process_one_work+0x863/0x1000 [ 117.968739][ T4184] ? worker_detach_from_pool+0x240/0x240 [ 117.974378][ T4184] ? lockdep_hardirqs_off+0x70/0x100 [ 117.979659][ T4184] ? _raw_spin_lock_irq+0xab/0xe0 [ 117.984677][ T4184] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 117.990043][ T4184] ? wq_worker_running+0x97/0x170 [ 117.995059][ T4184] worker_thread+0xaa8/0x12a0 [ 117.999839][ T4184] kthread+0x436/0x520 [ 118.003898][ T4184] ? rcu_lock_release+0x20/0x20 [ 118.008736][ T4184] ? kthread_blkcg+0xd0/0xd0 [ 118.013319][ T4184] ret_from_fork+0x1f/0x30 [ 118.017735][ T4184] [ 118.027827][ T4184] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 118.041565][ T4184] Bluetooth: hci4: failed to register connection device [ 118.072831][ T26] audit: type=1326 audit(1747474272.852:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4745 comm="syz.4.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7fcca023f969 code=0x7ffc0000 [ 118.399540][ T26] audit: type=1326 audit(1747474272.852:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4745 comm="syz.4.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca023f969 code=0x7ffc0000 [ 119.245565][ T4784] loop0: detected capacity change from 0 to 64 [ 119.281065][ T26] audit: type=1326 audit(1747474272.852:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4745 comm="syz.4.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca023f969 code=0x7ffc0000 [ 119.305872][ T26] audit: type=1326 audit(1747474272.852:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4745 comm="syz.4.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7fcca023f969 code=0x7ffc0000 [ 119.333091][ T26] audit: type=1326 audit(1747474272.852:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4745 comm="syz.4.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca023f969 code=0x7ffc0000 [ 119.355440][ T26] audit: type=1326 audit(1747474272.852:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4745 comm="syz.4.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca023f969 code=0x7ffc0000 [ 119.483029][ T4788] loop3: detected capacity change from 0 to 512 [ 120.203926][ T4788] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 120.298683][ T4793] netlink: 16 bytes leftover after parsing attributes in process `syz.0.143'. [ 120.307746][ T4793] netlink: 4 bytes leftover after parsing attributes in process `syz.0.143'. [ 120.672470][ T4788] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 120.774572][ T4788] EXT4-fs (loop3): 1 truncate cleaned up [ 120.827792][ T4788] EXT4-fs (loop3): mounted filesystem without journal. Opts: quota,,errors=continue. Quota mode: writeback. [ 120.832840][ T4778] loop2: detected capacity change from 0 to 32768 [ 123.223041][ T4778] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 124.189868][ T4169] (syz-executor,4169,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 76 [ 124.208263][ T4169] ocfs2: Unmounting device (7,2) on (node local) [ 124.322034][ T4831] input: syz1 as /devices/virtual/input/input5 [ 124.422319][ T4832] loop1: detected capacity change from 0 to 1024 [ 124.542931][ T4827] loop0: detected capacity change from 0 to 40427 [ 124.588782][ T4827] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 124.588984][ T4832] EXT4-fs (loop1): inline encryption not supported [ 124.596550][ T4827] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 124.607925][ T4827] F2FS-fs (loop0): invalid crc value [ 124.637938][ T4832] EXT4-fs (loop1): Ignoring removed bh option [ 124.644065][ T4832] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 124.689074][ T4827] F2FS-fs (loop0): Found nat_bits in checkpoint [ 124.734763][ T4827] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 124.742615][ T4827] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 124.896011][ T4839] loop2: detected capacity change from 0 to 1024 [ 125.014827][ T4832] EXT4-fs (loop1): mounted filesystem without journal. Opts: inlinecrypt,errors=remount-ro,barrier=0x0000000000000002,errors=remount-ro,data_err=ignore,quota,nodelalloc,grpquota,noload,nouid32,bh,dioread_nolock,. Quota mode: writeback. [ 125.026314][ T4845] loop3: detected capacity change from 0 to 16 [ 125.937154][ T13] Bluetooth: hci4: command 0x0406 tx timeout [ 125.972285][ T4845] erofs: (device loop3): mounted with root inode @ nid 36. [ 126.471937][ T4849] erofs: (device loop3): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 127.127334][ T26] audit: type=1800 audit(1747474283.012:10): pid=4849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.158" name="file3" dev="loop3" ino=89 res=0 errno=0 [ 127.228571][ T4182] erofs: (device loop3): z_erofs_lz4_decompress: failed to decompress 6887 in[4096, 0] out[8192] [ 127.315748][ T9] hfsplus: b-tree write err: -5, ino 4 [ 128.848071][ T4862] loop1: detected capacity change from 0 to 8 [ 129.162023][ T26] audit: type=1800 audit(1747474285.051:11): pid=4861 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.163" name="file1" dev="loop1" ino=5 res=0 errno=0 [ 130.808185][ T26] audit: type=1326 audit(1747474286.701:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4863 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7609d0f969 code=0x7ffc0000 [ 131.147457][ T26] audit: type=1326 audit(1747474286.701:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4863 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7609d0f969 code=0x7ffc0000 [ 131.213629][ T26] audit: type=1326 audit(1747474286.701:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4863 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f7609d0f969 code=0x7ffc0000 [ 131.330282][ T4884] loop2: detected capacity change from 0 to 32768 [ 131.373134][ T4884] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.169 (4884) [ 131.392481][ T26] audit: type=1326 audit(1747474286.701:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4863 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7609d0f969 code=0x7ffc0000 [ 131.450922][ T26] audit: type=1326 audit(1747474286.701:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4863 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7609d0f969 code=0x7ffc0000 [ 131.484465][ T26] audit: type=1326 audit(1747474286.721:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4863 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f7609d0f969 code=0x7ffc0000 [ 131.588570][ T4884] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 131.597364][ T4884] BTRFS info (device loop2): setting nodatacow, compression disabled [ 131.605865][ T4884] BTRFS info (device loop2): enabling auto defrag [ 131.608657][ T4889] netlink: 'syz.0.171': attribute type 10 has an invalid length. [ 131.612441][ T4884] BTRFS info (device loop2): max_inline at 0 [ 131.627104][ T4884] BTRFS info (device loop2): using free space tree [ 131.633705][ T4884] BTRFS info (device loop2): has skinny extents [ 132.077636][ T26] audit: type=1326 audit(1747474286.721:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4863 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7609d0f969 code=0x7ffc0000 [ 133.182075][ T1427] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.189850][ T1427] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.605177][ T4889] team0: Port device syz_tun added [ 133.646683][ T26] audit: type=1326 audit(1747474286.721:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4863 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7609d0f969 code=0x7ffc0000 [ 133.725004][ T4748] BTRFS info (device loop2): space_info 5 has 139264 free, is not full [ 133.733787][ T4748] BTRFS info (device loop2): space_info total=3276800, used=53248, pinned=0, reserved=16384, may_use=3067904, readonly=0 zone_unusable=0 [ 133.747950][ T4748] BTRFS info (device loop2): global_block_rsv: size 851968 reserved 851968 [ 133.757125][ T4748] BTRFS info (device loop2): trans_block_rsv: size 0 reserved 0 [ 133.764834][ T4748] BTRFS info (device loop2): chunk_block_rsv: size 0 reserved 0 [ 133.773115][ T4748] BTRFS info (device loop2): delayed_block_rsv: size 0 reserved 0 [ 133.781205][ T4748] BTRFS info (device loop2): delayed_refs_rsv: size 524288 reserved 389120 [ 133.792275][ T4919] BTRFS info (device loop2): space_info 5 has 139264 free, is not full [ 133.801114][ T4919] BTRFS info (device loop2): space_info total=3276800, used=53248, pinned=0, reserved=16384, may_use=3067904, readonly=0 zone_unusable=0 [ 133.815330][ T4919] BTRFS info (device loop2): global_block_rsv: size 851968 reserved 851968 [ 133.824406][ T4919] BTRFS info (device loop2): trans_block_rsv: size 0 reserved 0 [ 133.832113][ T4919] BTRFS info (device loop2): chunk_block_rsv: size 0 reserved 0 [ 133.839868][ T4919] BTRFS info (device loop2): delayed_block_rsv: size 0 reserved 0 [ 133.847753][ T4919] BTRFS info (device loop2): delayed_refs_rsv: size 524288 reserved 389120 [ 134.055922][ T4929] loop4: detected capacity change from 0 to 64 [ 134.168129][ T1109] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 134.382338][ T4934] netlink: 16 bytes leftover after parsing attributes in process `syz.4.177'. [ 134.391436][ T4934] netlink: 4 bytes leftover after parsing attributes in process `syz.4.177'. [ 134.689256][ T1109] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 135.338447][ T1109] usb 2-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 135.391990][ T1109] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.521732][ T1109] usb 2-1: Product: syz [ 135.527695][ T1109] usb 2-1: Manufacturer: syz [ 135.560302][ T1109] usb 2-1: SerialNumber: syz [ 135.732536][ T1109] usb 2-1: config 0 descriptor?? [ 136.971487][ T4962] loop0: detected capacity change from 0 to 1024 [ 137.749880][ T4923] udc-core: couldn't find an available UDC or it's busy [ 137.756911][ T4923] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 137.787930][ T4217] usb 2-1: USB disconnect, device number 2 [ 137.869709][ T26] audit: type=1326 audit(1747474293.761:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 138.048000][ T26] audit: type=1326 audit(1747474293.761:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 138.086180][ T26] audit: type=1326 audit(1747474293.781:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 138.634830][ T26] audit: type=1326 audit(1747474293.781:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 138.673361][ T4400] hfsplus: b-tree write err: -5, ino 4 [ 138.715387][ T26] audit: type=1326 audit(1747474293.781:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 138.744988][ T26] audit: type=1326 audit(1747474293.781:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 138.768760][ T26] audit: type=1326 audit(1747474293.781:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 138.820520][ T26] audit: type=1326 audit(1747474293.781:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 139.015491][ T26] audit: type=1326 audit(1747474293.781:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 139.028946][ T4980] loop0: detected capacity change from 0 to 8 [ 139.070081][ T26] audit: type=1326 audit(1747474293.781:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 139.098081][ T26] audit: type=1326 audit(1747474293.781:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 139.127368][ T4982] loop1: detected capacity change from 0 to 64 [ 139.147142][ T4217] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 139.208243][ T26] audit: type=1326 audit(1747474293.781:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 139.244215][ T26] audit: type=1326 audit(1747474293.931:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 139.564376][ T4986] netlink: 16 bytes leftover after parsing attributes in process `syz.1.193'. [ 139.573395][ T4986] netlink: 4 bytes leftover after parsing attributes in process `syz.1.193'. [ 140.284232][ T26] audit: type=1326 audit(1747474293.931:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 140.342948][ T4989] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 140.359247][ T4217] usb 3-1: Using ep0 maxpacket: 16 [ 140.507916][ T4217] usb 3-1: config 0 descriptor has 1 excess byte, ignoring [ 140.526680][ T4217] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 65516, setting to 1024 [ 140.567207][ T4217] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024 [ 140.754732][ T4217] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 6 [ 140.978327][ T4217] usb 3-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47 [ 141.058345][ T4217] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.237404][ T4217] usb 3-1: Product: syz [ 141.383997][ T4217] usb 3-1: Manufacturer: syz [ 141.546049][ T4217] usb 3-1: SerialNumber: syz [ 141.617645][ T4217] usb 3-1: config 0 descriptor?? [ 141.648243][ T4977] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 141.669574][ T4977] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 141.736451][ T4217] mcba_usb 3-1:0.0: Microchip CAN BUS Analyzer connected [ 141.758477][ C0] mcba_usb 3-1:0.0 can0: Tx URB aborted (-71) [ 141.765057][ C0] mcba_usb 3-1:0.0 can0: Tx URB aborted (-71) [ 141.831868][ T4217] usb 3-1: USB disconnect, device number 2 [ 141.871326][ T4217] mcba_usb 3-1:0.0 can0: device disconnected [ 141.974484][ T5013] netlink: 28 bytes leftover after parsing attributes in process `syz.2.203'. [ 141.997267][ T5013] netlink: 'syz.2.203': attribute type 7 has an invalid length. [ 142.017088][ T5013] netlink: 4 bytes leftover after parsing attributes in process `syz.2.203'. [ 142.054715][ T5003] loop4: detected capacity change from 0 to 32768 [ 142.196458][ T4995] loop0: detected capacity change from 0 to 32768 [ 142.255101][ T4995] (syz.0.196,4995,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 142.351235][ T5003] XFS (loop4): Mounting V5 Filesystem [ 142.432130][ T4995] (syz.0.196,4995,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 142.476355][ T5026] loop1: detected capacity change from 0 to 4096 [ 142.666383][ T5026] ntfs3: Unknown parameter 'windows_names' [ 143.207987][ T4995] JBD2: Ignoring recovery information on journal [ 143.363895][ T5003] XFS (loop4): Ending clean mount [ 143.410425][ T5003] XFS (loop4): Quotacheck needed: Please wait. [ 143.448756][ T4995] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 143.871413][ T4172] ocfs2: Unmounting device (7,0) on (node local) [ 143.883312][ T5003] XFS (loop4): Quotacheck: Done. [ 144.034201][ T5048] loop1: detected capacity change from 0 to 64 [ 144.138591][ T4170] XFS (loop4): Unmounting Filesystem [ 144.145552][ T5007] loop3: detected capacity change from 0 to 40427 [ 144.219467][ T5007] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 144.258443][ T5007] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 144.350804][ T5007] F2FS-fs (loop3): Found nat_bits in checkpoint [ 144.731643][ T5059] loop0: detected capacity change from 0 to 32768 [ 144.821918][ T5059] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.209 (5059) [ 144.917745][ T5059] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 144.926535][ T5059] BTRFS info (device loop0): setting nodatacow, compression disabled [ 144.935419][ T5059] BTRFS info (device loop0): enabling auto defrag [ 144.941942][ T5059] BTRFS info (device loop0): max_inline at 0 [ 144.948025][ T5059] BTRFS info (device loop0): using free space tree [ 144.954550][ T5059] BTRFS info (device loop0): has skinny extents [ 145.484779][ T5091] tmpfs: Bad value for 'mpol' [ 145.528342][ T4440] BTRFS info (device loop0): space_info 5 has 139264 free, is not full [ 145.536769][ T4440] BTRFS info (device loop0): space_info total=3276800, used=53248, pinned=0, reserved=16384, may_use=3067904, readonly=0 zone_unusable=0 [ 145.551518][ T4440] BTRFS info (device loop0): global_block_rsv: size 851968 reserved 851968 [ 145.560347][ T4440] BTRFS info (device loop0): trans_block_rsv: size 0 reserved 0 [ 145.568048][ T4440] BTRFS info (device loop0): chunk_block_rsv: size 0 reserved 0 [ 145.575749][ T4440] BTRFS info (device loop0): delayed_block_rsv: size 0 reserved 0 [ 145.583638][ T4440] BTRFS info (device loop0): delayed_refs_rsv: size 524288 reserved 389120 [ 145.670633][ T5095] BTRFS info (device loop0): space_info 5 has 139264 free, is not full [ 145.679015][ T5095] BTRFS info (device loop0): space_info total=3276800, used=53248, pinned=0, reserved=16384, may_use=3067904, readonly=0 zone_unusable=0 [ 145.693364][ T5095] BTRFS info (device loop0): global_block_rsv: size 851968 reserved 851968 [ 145.702043][ T5095] BTRFS info (device loop0): trans_block_rsv: size 0 reserved 0 [ 145.709742][ T5095] BTRFS info (device loop0): chunk_block_rsv: size 0 reserved 0 [ 145.717408][ T5095] BTRFS info (device loop0): delayed_block_rsv: size 0 reserved 0 [ 145.725313][ T5095] BTRFS info (device loop0): delayed_refs_rsv: size 524288 reserved 389120 [ 146.887867][ T5113] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 146.916084][ T5113] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 147.660893][ T5118] loop1: detected capacity change from 0 to 256 [ 147.697637][ T5119] netlink: 12 bytes leftover after parsing attributes in process `syz.4.219'. [ 147.800430][ T5119] netlink: 12 bytes leftover after parsing attributes in process `syz.4.219'. [ 147.914351][ T5119] netlink: 12 bytes leftover after parsing attributes in process `syz.4.219'. [ 147.986704][ T5119] Zero length message leads to an empty skb [ 150.121309][ T5140] loop0: detected capacity change from 0 to 4096 [ 150.219388][ T5140] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 150.392055][ T5151] loop4: detected capacity change from 0 to 512 [ 150.471364][ T5140] syz.0.221 (5140) used greatest stack depth: 19040 bytes left [ 150.887077][ T5151] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 150.900440][ T5151] EXT4-fs warning (device loop4): dx_probe:881: Enable large directory feature to access it [ 150.911019][ T5151] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.226: Corrupt directory, running e2fsck is recommended [ 150.946152][ T5151] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 150.954503][ T5151] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2228: inode #15: comm syz.4.226: corrupted in-inode xattr [ 150.986953][ T5151] EXT4-fs (loop4): Remounting filesystem read-only [ 150.993741][ T5151] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.226: couldn't read orphan inode 15 (err -117) [ 151.007603][ T5151] EXT4-fs (loop4): Remounting filesystem read-only [ 151.014173][ T5151] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,abort,init_itable,dax=inode,grpjquota=.i_version,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 151.127731][ T5135] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 151.622431][ T5160] loop0: detected capacity change from 0 to 8 [ 151.638712][ T26] kauditd_printk_skb: 5 callbacks suppressed [ 151.638723][ T26] audit: type=1800 audit(1747474307.531:39): pid=5160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.227" name="file1" dev="loop0" ino=5 res=0 errno=0 [ 151.922584][ T5168] netlink: 8 bytes leftover after parsing attributes in process `syz.4.230'. [ 152.168413][ T5135] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 152.213907][ T5135] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 152.250007][ T5135] usb 3-1: Product: syz [ 152.296197][ T5135] usb 3-1: Manufacturer: syz [ 152.302281][ T5135] usb 3-1: SerialNumber: syz [ 152.436217][ T5135] usb 3-1: config 0 descriptor?? [ 152.880162][ T5135] usb 3-1: USB disconnect, device number 3 [ 153.200462][ T5178] loop4: detected capacity change from 0 to 32768 [ 153.462924][ T5169] loop0: detected capacity change from 0 to 32768 [ 153.649412][ T5178] XFS: attr2 mount option is deprecated. [ 153.687411][ T5169] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.232 (5169) [ 154.278110][ T5178] XFS (loop4): Mounting V5 Filesystem [ 154.341563][ T5169] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 154.422104][ T5169] BTRFS info (device loop0): setting nodatacow, compression disabled [ 154.445867][ T5178] XFS (loop4): Ending clean mount [ 154.491371][ T5178] XFS (loop4): Quotacheck needed: Please wait. [ 155.539661][ T5169] BTRFS info (device loop0): turning on sync discard [ 155.549536][ T5169] BTRFS info (device loop0): setting datacow [ 155.567027][ T5185] delete_channel: no stack [ 155.582809][ T5169] BTRFS info (device loop0): doing ref verification [ 155.621090][ T5178] XFS (loop4): Quotacheck: Done. [ 155.633667][ T5169] BTRFS info (device loop0): turning off barriers [ 155.667657][ T5169] BTRFS info (device loop0): enabling ssd optimizations [ 155.728837][ T4176] XFS (loop4): Metadata CRC error detected at xfs_refcountbt_read_verify+0x3a/0xd0, xfs_refcountbt block 0x28 [ 155.752267][ T4176] XFS (loop4): Unmount and run xfs_repair [ 155.758135][ T4176] XFS (loop4): First 128 bytes of corrupted metadata buffer: [ 155.770968][ T4176] 00000000: 52 ff ff ff 7f 00 00 00 ff ff ff ff ff ff ff ff R............... [ 155.781192][ T4176] 00000010: 00 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00 .......(........ [ 155.798056][ T5169] BTRFS info (device loop0): using spread ssd allocation scheme [ 155.821947][ T5169] BTRFS info (device loop0): turning on barriers [ 155.849217][ T5169] BTRFS info (device loop0): not using ssd optimizations [ 155.856495][ T4176] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 155.967593][ T5169] BTRFS info (device loop0): not using spread ssd allocation scheme [ 155.978387][ T4176] 00000030: 00 00 00 00 bd e7 de 5d 00 00 00 00 00 00 00 00 .......]........ [ 156.002642][ T5169] BTRFS info (device loop0): using free space tree [ 156.013297][ T4176] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 156.068699][ T5214] netlink: 4 bytes leftover after parsing attributes in process `syz.3.241'. [ 156.085189][ T5214] netlink: 8 bytes leftover after parsing attributes in process `syz.3.241'. [ 156.112936][ T5169] BTRFS info (device loop0): has skinny extents [ 156.251376][ T4176] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 156.390868][ T4176] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 156.482110][ T4176] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 156.639844][ T5178] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x1d3/0x2c0" at daddr 0x28 len 8 error 74 [ 156.696118][ T5169] BTRFS error (device loop0): open_ctree failed: -12 [ 156.704173][ T5178] XFS (loop4): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x1556/0x1b60 (fs/xfs/libxfs/xfs_defer.c:504). Shutting down filesystem. [ 156.720315][ T5178] XFS (loop4): Please unmount the filesystem and rectify the problem(s) [ 157.010447][ T5239] loop2: detected capacity change from 0 to 8 [ 157.281684][ T5239] Page size > filesystem block size (5). This is currently not supported! [ 157.368453][ T4170] XFS (loop4): Unmounting Filesystem [ 157.902522][ T4190] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by udevd (4190) [ 157.922688][ T4182] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 157.932914][ T4182] CPU: 0 PID: 4182 Comm: kworker/u5:3 Not tainted 5.15.182-syzkaller #0 [ 157.941275][ T4182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 157.951355][ T4182] Workqueue: hci4 hci_rx_work [ 157.956072][ T4182] Call Trace: [ 157.959361][ T4182] [ 157.962303][ T4182] dump_stack_lvl+0x168/0x230 [ 157.967011][ T4182] ? show_regs_print_info+0x20/0x20 [ 157.972228][ T4182] ? load_image+0x3b0/0x3b0 [ 157.976846][ T4182] sysfs_create_dir_ns+0x252/0x280 [ 157.981976][ T4182] ? __lock_acquire+0x7c60/0x7c60 [ 157.987019][ T4182] ? sysfs_warn_dup+0xa0/0xa0 [ 157.991711][ T4182] ? le_conn_complete_evt+0xcbc/0x1590 [ 157.997175][ T4182] ? hci_event_packet+0xe05/0x12f0 [ 158.002320][ T4182] ? process_one_work+0x863/0x1000 [ 158.007433][ T4182] ? do_raw_spin_unlock+0x11d/0x230 [ 158.012630][ T4182] kobject_add_internal+0x662/0xd00 [ 158.017830][ T4182] kobject_add+0x152/0x210 [ 158.022243][ T4182] ? kobject_init+0x1d0/0x1d0 [ 158.026918][ T4182] ? klist_children_get+0x50/0x50 [ 158.031936][ T4182] ? get_device_parent+0x121/0x3f0 [ 158.037056][ T4182] device_add+0x483/0xfb0 [ 158.041388][ T4182] hci_conn_add_sysfs+0xd1/0x1e0 [ 158.046333][ T4182] le_conn_complete_evt+0xcbc/0x1590 [ 158.051663][ T4182] ? cs_le_create_conn+0x5e0/0x5e0 [ 158.056795][ T4182] ? __mutex_trylock_common+0x14f/0x250 [ 158.062344][ T4182] hci_le_meta_evt+0x289/0x3b80 [ 158.067192][ T4182] ? hci_event_packet+0x36d/0x12f0 [ 158.072297][ T4182] ? hci_event_packet+0x2e2/0x12f0 [ 158.077417][ T4182] ? __lock_acquire+0x7c60/0x7c60 [ 158.082453][ T4182] ? hci_remote_host_features_evt+0x280/0x280 [ 158.088549][ T4182] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 158.094186][ T4182] ? mark_lock+0x94/0x320 [ 158.098526][ T4182] ? mutex_unlock+0x10/0x10 [ 158.103042][ T4182] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 158.109116][ T4182] ? lock_chain_count+0x20/0x20 [ 158.113984][ T4182] ? __rwlock_init+0x140/0x140 [ 158.118742][ T4182] hci_event_packet+0xe05/0x12f0 [ 158.123673][ T4182] ? lockdep_hardirqs_on+0x94/0x140 [ 158.128890][ T4182] ? rcu_lock_release+0x20/0x20 [ 158.133734][ T4182] ? hci_send_to_monitor+0x9c/0x4a0 [ 158.138923][ T4182] hci_rx_work+0x255/0xa10 [ 158.143383][ T4182] process_one_work+0x863/0x1000 [ 158.148328][ T4182] ? worker_detach_from_pool+0x240/0x240 [ 158.153961][ T4182] ? lockdep_hardirqs_off+0x70/0x100 [ 158.159242][ T4182] ? _raw_spin_lock_irq+0xab/0xe0 [ 158.164258][ T4182] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 158.169630][ T4182] ? wq_worker_running+0x97/0x170 [ 158.174649][ T4182] worker_thread+0xaa8/0x12a0 [ 158.179344][ T4182] kthread+0x436/0x520 [ 158.183407][ T4182] ? rcu_lock_release+0x20/0x20 [ 158.188248][ T4182] ? kthread_blkcg+0xd0/0xd0 [ 158.192826][ T4182] ret_from_fork+0x1f/0x30 [ 158.197247][ T4182] [ 158.202284][ T4217] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 158.210040][ T4182] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 158.223352][ T4182] Bluetooth: hci4: failed to register connection device [ 158.587781][ T4217] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 158.707898][ T5243] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 158.777872][ T4217] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 158.824718][ T4217] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.879010][ T4217] usb 3-1: Product: syz [ 158.915937][ T4217] usb 3-1: Manufacturer: syz [ 159.027658][ T4217] usb 3-1: SerialNumber: syz [ 159.109817][ T5243] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 159.127322][ T5243] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.136692][ T5259] loop1: detected capacity change from 0 to 256 [ 159.358284][ T5263] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.381038][ T5263] mmap: syz.3.252 (5263) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 159.580470][ T5243] usb 1-1: config 0 descriptor?? [ 159.592198][ T4217] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 159.837769][ T5243] [drm] vendor descriptor length:6 data:06 5f 2c 00 00 00 00 00 00 00 00 [ 159.866952][ T5248] udc-core: couldn't find an available UDC or it's busy [ 159.876668][ T5243] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 160.007623][ T5248] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 160.050097][ T5248] input: syz1 as /devices/virtual/input/input6 [ 160.140510][ T5243] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 160.276098][ T4217] usb 3-1: USB disconnect, device number 4 [ 160.505587][ T4217] usblp0: removed [ 160.762092][ T5243] [drm] Initialized udl on minor 2 [ 160.877959][ T5243] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err 0 [ 160.888250][ T5243] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 161.074952][ T4217] usb 1-1: USB disconnect, device number 3 [ 161.105564][ T21] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 161.128987][ T21] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffed [ 161.142694][ T21] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 163.696016][ T4184] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 163.706866][ T4184] CPU: 1 PID: 4184 Comm: kworker/u5:5 Not tainted 5.15.182-syzkaller #0 [ 163.715468][ T4184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 163.725532][ T4184] Workqueue: hci2 hci_rx_work [ 163.730320][ T4184] Call Trace: [ 163.733598][ T4184] [ 163.736523][ T4184] dump_stack_lvl+0x168/0x230 [ 163.741200][ T4184] ? show_regs_print_info+0x20/0x20 [ 163.746395][ T4184] ? load_image+0x3b0/0x3b0 [ 163.750922][ T4184] sysfs_create_dir_ns+0x252/0x280 [ 163.756030][ T4184] ? __lock_acquire+0x7c60/0x7c60 [ 163.761054][ T4184] ? sysfs_warn_dup+0xa0/0xa0 [ 163.765718][ T4184] ? le_conn_complete_evt+0xcbc/0x1590 [ 163.771170][ T4184] ? hci_event_packet+0xe05/0x12f0 [ 163.776286][ T4184] ? process_one_work+0x863/0x1000 [ 163.781388][ T4184] ? do_raw_spin_unlock+0x11d/0x230 [ 163.786579][ T4184] kobject_add_internal+0x662/0xd00 [ 163.791787][ T4184] kobject_add+0x152/0x210 [ 163.796211][ T4184] ? kobject_init+0x1d0/0x1d0 [ 163.800882][ T4184] ? klist_children_get+0x50/0x50 [ 163.805901][ T4184] ? get_device_parent+0x121/0x3f0 [ 163.811159][ T4184] device_add+0x483/0xfb0 [ 163.815500][ T4184] hci_conn_add_sysfs+0xd1/0x1e0 [ 163.820439][ T4184] le_conn_complete_evt+0xcbc/0x1590 [ 163.825931][ T4184] ? cs_le_create_conn+0x5e0/0x5e0 [ 163.831058][ T4184] ? __mutex_trylock_common+0x14f/0x250 [ 163.836613][ T4184] hci_le_meta_evt+0x289/0x3b80 [ 163.841476][ T4184] ? hci_event_packet+0x36d/0x12f0 [ 163.846601][ T4184] ? hci_event_packet+0x2e2/0x12f0 [ 163.851723][ T4184] ? __lock_acquire+0x7c60/0x7c60 [ 163.856790][ T4184] ? hci_remote_host_features_evt+0x280/0x280 [ 163.862863][ T4184] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 163.868593][ T4184] ? mark_lock+0x94/0x320 [ 163.872921][ T4184] ? mutex_unlock+0x10/0x10 [ 163.877425][ T4184] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 163.883408][ T4184] ? lock_chain_count+0x20/0x20 [ 163.888261][ T4184] ? __rwlock_init+0x140/0x140 [ 163.893024][ T4184] hci_event_packet+0xe05/0x12f0 [ 163.897970][ T4184] ? lockdep_hardirqs_on+0x94/0x140 [ 163.903188][ T4184] ? rcu_lock_release+0x20/0x20 [ 163.908035][ T4184] ? hci_send_to_monitor+0x9c/0x4a0 [ 163.913228][ T4184] hci_rx_work+0x255/0xa10 [ 163.917646][ T4184] process_one_work+0x863/0x1000 [ 163.922588][ T4184] ? worker_detach_from_pool+0x240/0x240 [ 163.928210][ T4184] ? lockdep_hardirqs_off+0x70/0x100 [ 163.933502][ T4184] ? _raw_spin_lock_irq+0xab/0xe0 [ 163.938541][ T4184] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 163.943911][ T4184] ? wq_worker_running+0x97/0x170 [ 163.948936][ T4184] worker_thread+0xaa8/0x12a0 [ 163.953629][ T4184] kthread+0x436/0x520 [ 163.957687][ T4184] ? rcu_lock_release+0x20/0x20 [ 163.962527][ T4184] ? kthread_blkcg+0xd0/0xd0 [ 163.967110][ T4184] ret_from_fork+0x1f/0x30 [ 163.971528][ T4184] [ 163.979665][ T4184] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 163.994271][ T4184] Bluetooth: hci2: failed to register connection device [ 164.060851][ T5302] loop4: detected capacity change from 0 to 1764 [ 164.395744][ T21] Bluetooth: hci4: command 0x0406 tx timeout [ 164.772251][ T5309] loop4: detected capacity change from 0 to 4096 [ 164.886869][ T5309] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512) [ 165.220206][ T21] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 165.492321][ T5313] loop2: detected capacity change from 0 to 7 [ 165.644495][ T21] usb 3-1: Using ep0 maxpacket: 16 [ 165.661571][ T5313] Dev loop2: unable to read RDB block 7 [ 165.678381][ T5313] loop2: unable to read partition table [ 165.689489][ T5313] loop2: partition table beyond EOD, truncated [ 165.727770][ T5313] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 165.898824][ T21] usb 3-1: config 1 interface 0 has no altsetting 0 [ 166.169074][ T21] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 166.178472][ T21] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.187399][ T21] usb 3-1: Product: syz [ 166.192501][ T21] usb 3-1: Manufacturer: syz [ 166.197248][ T21] usb 3-1: SerialNumber: syz [ 166.376573][ T5322] fuse: Bad value for 'fd' [ 166.756005][ T21] cdc_ether: probe of 3-1:1.0 failed with error -71 [ 166.951781][ T21] usb 3-1: USB disconnect, device number 5 [ 167.192407][ T5331] loop3: detected capacity change from 0 to 4096 [ 168.282702][ T5342] netlink: 'syz.1.273': attribute type 1 has an invalid length. [ 168.402746][ T4184] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 168.412913][ T4184] CPU: 1 PID: 4184 Comm: kworker/u5:5 Not tainted 5.15.182-syzkaller #0 [ 168.421251][ T4184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 168.431304][ T4184] Workqueue: hci1 hci_rx_work [ 168.436007][ T4184] Call Trace: [ 168.439273][ T4184] [ 168.442192][ T4184] dump_stack_lvl+0x168/0x230 [ 168.446870][ T4184] ? show_regs_print_info+0x20/0x20 [ 168.452153][ T4184] ? load_image+0x3b0/0x3b0 [ 168.456660][ T4184] sysfs_create_dir_ns+0x252/0x280 [ 168.461765][ T4184] ? __lock_acquire+0x7c60/0x7c60 [ 168.466846][ T4184] ? sysfs_warn_dup+0xa0/0xa0 [ 168.471510][ T4184] ? le_conn_complete_evt+0xcbc/0x1590 [ 168.476967][ T4184] ? hci_event_packet+0xe05/0x12f0 [ 168.482065][ T4184] ? process_one_work+0x863/0x1000 [ 168.487173][ T4184] ? do_raw_spin_unlock+0x11d/0x230 [ 168.492374][ T4184] kobject_add_internal+0x662/0xd00 [ 168.497606][ T4184] kobject_add+0x152/0x210 [ 168.502024][ T4184] ? kobject_init+0x1d0/0x1d0 [ 168.506693][ T4184] ? klist_children_get+0x50/0x50 [ 168.511710][ T4184] ? get_device_parent+0x121/0x3f0 [ 168.516821][ T4184] device_add+0x483/0xfb0 [ 168.521149][ T4184] hci_conn_add_sysfs+0xd1/0x1e0 [ 168.526090][ T4184] le_conn_complete_evt+0xcbc/0x1590 [ 168.531387][ T4184] ? cs_le_create_conn+0x5e0/0x5e0 [ 168.536498][ T4184] ? __mutex_trylock_common+0x14f/0x250 [ 168.542037][ T4184] hci_le_meta_evt+0x289/0x3b80 [ 168.546968][ T4184] ? hci_event_packet+0x36d/0x12f0 [ 168.552069][ T4184] ? hci_event_packet+0x2e2/0x12f0 [ 168.557258][ T4184] ? __lock_acquire+0x7c60/0x7c60 [ 168.562280][ T4184] ? hci_remote_host_features_evt+0x280/0x280 [ 168.568345][ T4184] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 168.573994][ T4184] ? mark_lock+0x94/0x320 [ 168.578316][ T4184] ? mutex_unlock+0x10/0x10 [ 168.582823][ T4184] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 168.588807][ T4184] ? lock_chain_count+0x20/0x20 [ 168.593653][ T4184] ? __rwlock_init+0x140/0x140 [ 168.598407][ T4184] hci_event_packet+0xe05/0x12f0 [ 168.603333][ T4184] ? lockdep_hardirqs_on+0x94/0x140 [ 168.608609][ T4184] ? rcu_lock_release+0x20/0x20 [ 168.613473][ T4184] ? hci_send_to_monitor+0x9c/0x4a0 [ 168.618681][ T4184] hci_rx_work+0x255/0xa10 [ 168.623103][ T4184] process_one_work+0x863/0x1000 [ 168.628056][ T4184] ? worker_detach_from_pool+0x240/0x240 [ 168.633680][ T4184] ? lockdep_hardirqs_off+0x70/0x100 [ 168.638959][ T4184] ? _raw_spin_lock_irq+0xab/0xe0 [ 168.643978][ T4184] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 168.649352][ T4184] ? wq_worker_running+0x97/0x170 [ 168.654387][ T4184] worker_thread+0xaa8/0x12a0 [ 168.659076][ T4184] kthread+0x436/0x520 [ 168.663155][ T4184] ? rcu_lock_release+0x20/0x20 [ 168.667993][ T4184] ? kthread_blkcg+0xd0/0xd0 [ 168.672571][ T4184] ret_from_fork+0x1f/0x30 [ 168.676989][ T4184] [ 168.682944][ T4184] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 168.697996][ T4184] Bluetooth: hci1: failed to register connection device [ 168.996445][ T5356] loop0: detected capacity change from 0 to 256 [ 169.155664][ T5358] fuse: Bad value for 'fd' [ 169.403476][ T5361] loop3: detected capacity change from 0 to 64 [ 169.817049][ T5364] loop3: detected capacity change from 0 to 16 [ 169.967965][ T5364] erofs: (device loop3): mounted with root inode @ nid 36. [ 170.231783][ T5127] Bluetooth: hci2: command 0x0406 tx timeout [ 170.799802][ T5354] loop4: detected capacity change from 0 to 262144 [ 171.036560][ T5127] Bluetooth: hci4: command 0x0405 tx timeout [ 171.197384][ T5366] loop1: detected capacity change from 0 to 4096 [ 171.358010][ T5366] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 171.421209][ T5354] F2FS-fs (loop4): Found nat_bits in checkpoint [ 171.448696][ T5374] loop3: detected capacity change from 0 to 512 [ 171.486684][ T5354] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 171.528984][ T5374] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 171.540703][ T5374] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it [ 171.550852][ T5374] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.285: Corrupt directory, running e2fsck is recommended [ 171.574869][ T5374] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 171.588411][ T5374] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2228: inode #15: comm syz.3.285: corrupted in-inode xattr [ 171.603518][ T5374] EXT4-fs (loop3): Remounting filesystem read-only [ 171.610236][ T5374] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.285: couldn't read orphan inode 15 (err -117) [ 171.623911][ T5374] EXT4-fs (loop3): Remounting filesystem read-only [ 171.630511][ T5374] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,abort,init_itable,dax=inode,grpjquota=.i_version,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 172.414495][ T5366] ntfs3: loop1: failed to convert "076c" to cp932 [ 172.791285][ T5389] netlink: 'syz.0.288': attribute type 1 has an invalid length. [ 172.863074][ T4184] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 172.872789][ T4184] CPU: 1 PID: 4184 Comm: kworker/u5:5 Not tainted 5.15.182-syzkaller #0 [ 172.881146][ T4184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 172.891226][ T4184] Workqueue: hci4 hci_rx_work [ 172.895936][ T4184] Call Trace: [ 172.899223][ T4184] [ 172.902165][ T4184] dump_stack_lvl+0x168/0x230 [ 172.908967][ T4184] ? show_regs_print_info+0x20/0x20 [ 172.914187][ T4184] ? load_image+0x3b0/0x3b0 [ 172.918732][ T4184] sysfs_create_dir_ns+0x252/0x280 [ 172.923872][ T4184] ? __lock_acquire+0x7c60/0x7c60 [ 172.929052][ T4184] ? sysfs_warn_dup+0xa0/0xa0 [ 172.933747][ T4184] ? le_conn_complete_evt+0xcbc/0x1590 [ 172.939223][ T4184] ? hci_event_packet+0xe05/0x12f0 [ 172.944347][ T4184] ? process_one_work+0x863/0x1000 [ 172.949475][ T4184] ? do_raw_spin_unlock+0x11d/0x230 [ 172.954693][ T4184] kobject_add_internal+0x662/0xd00 [ 172.959923][ T4184] kobject_add+0x152/0x210 [ 172.964359][ T4184] ? kobject_init+0x1d0/0x1d0 [ 172.969059][ T4184] ? klist_children_get+0x50/0x50 [ 172.974102][ T4184] ? get_device_parent+0x121/0x3f0 [ 172.979233][ T4184] device_add+0x483/0xfb0 [ 172.983590][ T4184] hci_conn_add_sysfs+0xd1/0x1e0 [ 172.988555][ T4184] le_conn_complete_evt+0xcbc/0x1590 [ 172.993882][ T4184] ? cs_le_create_conn+0x5e0/0x5e0 [ 172.999017][ T4184] ? __mutex_trylock_common+0x14f/0x250 [ 173.004684][ T4184] hci_le_meta_evt+0x289/0x3b80 [ 173.009554][ T4184] ? hci_event_packet+0x36d/0x12f0 [ 173.014680][ T4184] ? hci_event_packet+0x2e2/0x12f0 [ 173.019806][ T4184] ? __lock_acquire+0x7c60/0x7c60 [ 173.024863][ T4184] ? hci_remote_host_features_evt+0x280/0x280 [ 173.030948][ T4184] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 173.036598][ T4184] ? mark_lock+0x94/0x320 [ 173.040947][ T4184] ? mutex_unlock+0x10/0x10 [ 173.045465][ T4184] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 173.051466][ T4184] ? lock_chain_count+0x20/0x20 [ 173.056335][ T4184] ? __rwlock_init+0x140/0x140 [ 173.061118][ T4184] hci_event_packet+0xe05/0x12f0 [ 173.066070][ T4184] ? lockdep_hardirqs_on+0x94/0x140 [ 173.071297][ T4184] ? rcu_lock_release+0x20/0x20 [ 173.076173][ T4184] ? hci_send_to_monitor+0x9c/0x4a0 [ 173.081406][ T4184] hci_rx_work+0x255/0xa10 [ 173.085855][ T4184] process_one_work+0x863/0x1000 [ 173.090827][ T4184] ? worker_detach_from_pool+0x240/0x240 [ 173.096479][ T4184] ? lockdep_hardirqs_off+0x70/0x100 [ 173.101873][ T4184] ? _raw_spin_lock_irq+0xab/0xe0 [ 173.106917][ T4184] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 173.112312][ T4184] ? wq_worker_running+0x97/0x170 [ 173.117358][ T4184] worker_thread+0xaa8/0x12a0 [ 173.122082][ T4184] kthread+0x436/0x520 [ 173.126166][ T4184] ? rcu_lock_release+0x20/0x20 [ 173.131036][ T4184] ? kthread_blkcg+0xd0/0xd0 [ 173.135642][ T4184] ret_from_fork+0x1f/0x30 [ 173.140093][ T4184] [ 173.160470][ T4184] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 173.174670][ T4184] Bluetooth: hci4: failed to register connection device [ 174.055434][ T5397] fuse: Bad value for 'fd' [ 174.111034][ T5400] loop0: detected capacity change from 0 to 64 [ 174.444156][ T5400] netlink: 16 bytes leftover after parsing attributes in process `syz.0.293'. [ 174.453234][ T5400] netlink: 4 bytes leftover after parsing attributes in process `syz.0.293'. [ 174.847879][ T5130] Bluetooth: hci1: command 0x0406 tx timeout [ 174.886556][ T5410] loop0: detected capacity change from 0 to 1024 [ 176.076056][ T26] audit: type=1800 audit(1747474331.956:40): pid=5420 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.295" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 176.254691][ T5414] loop2: detected capacity change from 0 to 32768 [ 176.283574][ T5414] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.296 (5414) [ 176.323312][ T5414] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 176.347747][ T5414] BTRFS info (device loop2): max_inline at 0 [ 176.378967][ T5414] BTRFS info (device loop2): using free space tree [ 176.397573][ T5414] BTRFS info (device loop2): has skinny extents [ 176.595884][ T5433] loop0: detected capacity change from 0 to 64 [ 176.958879][ T5436] loop1: detected capacity change from 0 to 256 [ 176.966933][ T144] BTRFS warning (device loop2): checksum verify failed on 5287936 wanted 0xba2f3320fe4f0dfed931d5a5c7a64dbbccc1fca522c14bbe02198145e0728966 found 0xaea0b93ff8b9f6433912e38f162da9ba9a2285b03982857774919a6affe476dc level 0 [ 177.128946][ T5414] BTRFS warning (device loop2): failed to read root (objectid=7): -5 [ 177.586740][ T5449] loop0: detected capacity change from 0 to 8 [ 178.450967][ T5414] BTRFS error (device loop2): open_ctree failed: -22 [ 178.562522][ T5457] netlink: 'syz.0.303': attribute type 1 has an invalid length. [ 178.634133][ T4182] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 178.643908][ T4182] CPU: 1 PID: 4182 Comm: kworker/u5:3 Not tainted 5.15.182-syzkaller #0 [ 178.652260][ T4182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 178.662335][ T4182] Workqueue: hci4 hci_rx_work [ 178.667044][ T4182] Call Trace: [ 178.670376][ T4182] [ 178.673317][ T4182] dump_stack_lvl+0x168/0x230 [ 178.678018][ T4182] ? show_regs_print_info+0x20/0x20 [ 178.683238][ T4182] ? load_image+0x3b0/0x3b0 [ 178.687773][ T4182] sysfs_create_dir_ns+0x252/0x280 [ 178.692912][ T4182] ? __lock_acquire+0x7c60/0x7c60 [ 178.697957][ T4182] ? sysfs_warn_dup+0xa0/0xa0 [ 178.702646][ T4182] ? le_conn_complete_evt+0xcbc/0x1590 [ 178.708119][ T4182] ? hci_event_packet+0xe05/0x12f0 [ 178.713335][ T4182] ? process_one_work+0x863/0x1000 [ 178.718466][ T4182] ? do_raw_spin_unlock+0x11d/0x230 [ 178.723709][ T4182] kobject_add_internal+0x662/0xd00 [ 178.728945][ T4182] kobject_add+0x152/0x210 [ 178.733387][ T4182] ? kobject_init+0x1d0/0x1d0 [ 178.738086][ T4182] ? klist_children_get+0x50/0x50 [ 178.743123][ T4182] ? get_device_parent+0x121/0x3f0 [ 178.748253][ T4182] device_add+0x483/0xfb0 [ 178.752606][ T4182] hci_conn_add_sysfs+0xd1/0x1e0 [ 178.757565][ T4182] le_conn_complete_evt+0xcbc/0x1590 [ 178.762885][ T4182] ? cs_le_create_conn+0x5e0/0x5e0 [ 178.768034][ T4182] ? __schedule+0x11c0/0x43b0 [ 178.772729][ T4182] ? __mutex_trylock_common+0x14f/0x250 [ 178.778300][ T4182] hci_le_meta_evt+0x289/0x3b80 [ 178.783173][ T4182] ? hci_event_packet+0x36d/0x12f0 [ 178.788300][ T4182] ? hci_event_packet+0x2e2/0x12f0 [ 178.793427][ T4182] ? __lock_acquire+0x7c60/0x7c60 [ 178.798474][ T4182] ? release_firmware_map_entry+0x190/0x190 [ 178.804388][ T4182] ? hci_remote_host_features_evt+0x280/0x280 [ 178.810478][ T4182] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 178.816132][ T4182] ? mark_lock+0x94/0x320 [ 178.820479][ T4182] ? mutex_unlock+0x10/0x10 [ 178.824998][ T4182] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 178.831011][ T4182] ? lock_chain_count+0x20/0x20 [ 178.835891][ T4182] ? __rwlock_init+0x140/0x140 [ 178.840678][ T4182] hci_event_packet+0xe05/0x12f0 [ 178.845637][ T4182] ? lockdep_hardirqs_on+0x94/0x140 [ 178.850862][ T4182] ? rcu_lock_release+0x20/0x20 [ 178.855731][ T4182] ? lock_acquire+0x1f2/0x3f0 [ 178.860444][ T4182] ? hci_send_to_monitor+0x9c/0x4a0 [ 178.865667][ T4182] hci_rx_work+0x255/0xa10 [ 178.870114][ T4182] process_one_work+0x863/0x1000 [ 178.875087][ T4182] ? worker_detach_from_pool+0x240/0x240 [ 178.880739][ T4182] ? lockdep_hardirqs_off+0x70/0x100 [ 178.886052][ T4182] ? _raw_spin_lock_irq+0xab/0xe0 [ 178.891094][ T4182] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 178.896493][ T4182] ? wq_worker_running+0x97/0x170 [ 178.901540][ T4182] worker_thread+0xaa8/0x12a0 [ 178.906271][ T4182] kthread+0x436/0x520 [ 178.910440][ T4182] ? rcu_lock_release+0x20/0x20 [ 178.915303][ T4182] ? kthread_blkcg+0xd0/0xd0 [ 178.919907][ T4182] ret_from_fork+0x1f/0x30 [ 178.924355][ T4182] [ 178.958740][ T4182] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 178.972780][ T4182] Bluetooth: hci4: failed to register connection device [ 179.328258][ T21] Bluetooth: hci4: command 0x0406 tx timeout [ 179.521073][ T5463] loop4: detected capacity change from 0 to 64 [ 179.826847][ T5463] netlink: 16 bytes leftover after parsing attributes in process `syz.4.305'. [ 179.835936][ T5463] netlink: 4 bytes leftover after parsing attributes in process `syz.4.305'. [ 180.386563][ T5476] loop3: detected capacity change from 0 to 1024 [ 180.547308][ T5476] EXT4-fs (loop3): Ignoring removed orlov option [ 180.718729][ T5483] loop2: detected capacity change from 0 to 64 [ 180.752105][ T5476] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,quota,noauto_da_alloc,debug_want_extra_isize=0x0000000000000080,lazytime,noauto_da_alloc,stripe=0x0000000000000005,orlov,,errors=continue. Quota mode: writeback. [ 182.985222][ T4222] Bluetooth: hci2: command 0x0406 tx timeout [ 183.775704][ T5499] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.205611][ T4222] Bluetooth: hci3: command 0x0406 tx timeout [ 184.607043][ T4222] Bluetooth: hci0: command 0x0406 tx timeout [ 184.614501][ T4222] Bluetooth: hci1: command 0x0406 tx timeout [ 184.621213][ T4222] Bluetooth: hci4: command 0x0406 tx timeout [ 185.084770][ T5509] loop3: detected capacity change from 0 to 40427 [ 185.114293][ T5509] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 185.122178][ T5509] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 185.146894][ T5509] F2FS-fs (loop3): invalid crc value [ 185.251495][ T5509] F2FS-fs (loop3): Found nat_bits in checkpoint [ 185.527783][ T5509] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 185.534921][ T5509] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 186.915996][ T5130] Bluetooth: hci4: command 0x0406 tx timeout [ 187.461664][ T5525] netlink: 8 bytes leftover after parsing attributes in process `syz.0.321'. [ 188.622379][ T5535] loop0: detected capacity change from 0 to 8 [ 188.635223][ T5533] loop4: detected capacity change from 0 to 16 [ 188.717973][ T4956] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 188.945696][ T5533] erofs: (device loop4): mounted with root inode @ nid 36. [ 189.121230][ T5534] loop1: detected capacity change from 0 to 1764 [ 189.147798][ T4956] usb 3-1: Using ep0 maxpacket: 16 [ 189.405532][ T5538] device syzkaller1 entered promiscuous mode [ 190.037706][ T4956] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 190.872252][ T4956] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 191.166361][ T4956] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 191.181759][ T5551] loop4: detected capacity change from 0 to 256 [ 191.230246][ T5551] exfat: Deprecated parameter 'utf8' [ 191.258552][ T4956] usb 3-1: Product: syz [ 191.262767][ T4956] usb 3-1: Manufacturer: syz [ 191.293524][ T4956] usb 3-1: SerialNumber: syz [ 191.320751][ T4956] usb 3-1: config 0 descriptor?? [ 191.334935][ T5551] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 191.467278][ T4956] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 191.563345][ T5559] netlink: 'syz.0.330': attribute type 5 has an invalid length. [ 192.313924][ T4956] em28xx 3-1:0.0: DVB interface 0 found: bulk [ 192.589055][ T5566] netlink: 8 bytes leftover after parsing attributes in process `syz.0.333'. [ 193.314559][ T5561] loop2: detected capacity change from 0 to 4096 [ 193.467654][ T4956] em28xx 3-1:0.0: unknown em28xx chip ID (0) [ 193.479901][ T5561] ntfs3: Unknown parameter '0xffffffffffffffff' [ 193.907834][ T4956] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 193.975975][ T4956] em28xx 3-1:0.0: board has no eeprom [ 194.148026][ T1427] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.154393][ T1427] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.032062][ T4956] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 195.060367][ T4956] em28xx 3-1:0.0: dvb set to bulk mode. [ 195.316178][ T4956] usb 3-1: USB disconnect, device number 6 [ 195.359595][ T4956] em28xx 3-1:0.0: Disconnecting em28xx [ 195.379389][ T4959] em28xx 3-1:0.0: Binding DVB extension [ 195.463733][ T4959] em28xx 3-1:0.0: Registering input extension [ 195.510318][ T4956] em28xx 3-1:0.0: Closing input extension [ 195.573898][ T5584] loop2: detected capacity change from 0 to 4096 [ 195.641426][ T5587] loop4: detected capacity change from 0 to 1764 [ 195.660437][ T4956] em28xx 3-1:0.0: Freeing device [ 195.767040][ T5589] loop3: detected capacity change from 0 to 256 [ 195.844745][ T5592] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 195.960602][ T5596] loop1: detected capacity change from 0 to 8 [ 198.140652][ T26] audit: type=1800 audit(1747474354.026:41): pid=5584 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.338" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 199.675140][ T5620] netlink: 8 bytes leftover after parsing attributes in process `syz.4.346'. [ 202.019418][ T5625] netlink: 12 bytes leftover after parsing attributes in process `syz.2.347'. [ 202.328376][ T5633] xfs: Unexpected value for 'discard' [ 202.342990][ T5632] loop1: detected capacity change from 0 to 1024 [ 202.430371][ T26] audit: type=1326 audit(1747474358.316:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5631 comm="syz.1.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 202.452474][ C0] vkms_vblank_simulate: vblank timer overrun [ 202.607603][ T26] audit: type=1326 audit(1747474358.316:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5631 comm="syz.1.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 203.438751][ T26] audit: type=1326 audit(1747474358.316:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5631 comm="syz.1.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 203.480106][ T9] hfsplus: b-tree write err: -5, ino 4 [ 203.653712][ T26] audit: type=1326 audit(1747474358.316:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5631 comm="syz.1.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 203.843969][ T26] audit: type=1326 audit(1747474358.316:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5631 comm="syz.1.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 203.877336][ T5643] netlink: 'syz.2.354': attribute type 16 has an invalid length. [ 203.885325][ T5643] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.354'. [ 204.027901][ T26] audit: type=1326 audit(1747474358.316:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5631 comm="syz.1.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 204.100887][ T26] audit: type=1326 audit(1747474358.316:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5631 comm="syz.1.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 204.248080][ T26] audit: type=1326 audit(1747474358.316:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5631 comm="syz.1.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 204.480656][ T26] audit: type=1326 audit(1747474358.316:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5631 comm="syz.1.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 204.502762][ C0] vkms_vblank_simulate: vblank timer overrun [ 204.564189][ T5659] loop0: detected capacity change from 0 to 1024 [ 204.791944][ T26] audit: type=1326 audit(1747474358.316:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5631 comm="syz.1.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 204.970657][ T26] audit: type=1326 audit(1747474358.316:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5631 comm="syz.1.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 205.037595][ T21] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 205.120566][ T26] audit: type=1326 audit(1747474358.356:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5631 comm="syz.1.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 205.240766][ T5672] loop2: detected capacity change from 0 to 8 [ 205.277717][ T21] usb 4-1: Using ep0 maxpacket: 32 [ 205.402943][ T21] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 205.441218][ T21] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.508938][ T21] usb 4-1: config 0 descriptor?? [ 205.551475][ T21] gspca_main: sunplus-2.14.0 probing 041e:400b [ 205.730436][ T5681] loop1: detected capacity change from 0 to 1024 [ 206.796239][ T4748] hfsplus: b-tree write err: -5, ino 4 [ 206.817600][ T21] gspca_sunplus: reg_w_riv err -71 [ 206.822821][ T21] sunplus: probe of 4-1:0.0 failed with error -71 [ 206.831131][ T21] usb 4-1: USB disconnect, device number 2 [ 208.029406][ T5692] loop3: detected capacity change from 0 to 4096 [ 208.102435][ T5692] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 208.316805][ T5692] EXT4-fs error (device loop3): ext4_do_update_inode:5203: inode #15: comm syz.3.368: corrupted inode contents [ 209.429713][ T5692] EXT4-fs error (device loop3): ext4_dirty_inode:6039: inode #15: comm syz.3.368: mark_inode_dirty error [ 209.444433][ T5708] loop1: detected capacity change from 0 to 256 [ 209.520387][ T5685] loop0: detected capacity change from 0 to 256 [ 209.558446][ T5692] EXT4-fs error (device loop3): ext4_do_update_inode:5203: inode #15: comm syz.3.368: corrupted inode contents [ 209.575092][ T5708] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 209.588892][ T5692] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #15: comm syz.3.368: mark_inode_dirty error [ 209.630541][ T5692] EXT4-fs error (device loop3): ext4_do_update_inode:5203: inode #15: comm syz.3.368: corrupted inode contents [ 209.687552][ T5692] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #15: comm syz.3.368: mark_inode_dirty error [ 209.711451][ T5712] loop2: detected capacity change from 0 to 1024 [ 209.743412][ T5692] EXT4-fs error (device loop3): ext4_do_update_inode:5203: inode #15: comm syz.3.368: corrupted inode contents [ 209.783647][ T5692] EXT4-fs error (device loop3): ext4_truncate:4273: inode #15: comm syz.3.368: mark_inode_dirty error [ 209.817373][ T5692] EXT4-fs error (device loop3) in ext4_setattr:5607: Corrupt filesystem [ 210.793934][ T5726] loop2: detected capacity change from 0 to 1024 [ 210.858603][ T5729] binder: 5728:5729 unknown command 0 [ 210.864690][ T5729] binder: 5728:5729 ioctl c0306201 2000000003c0 returned -22 [ 211.030432][ T4959] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 211.155667][ T5736] loop1: detected capacity change from 0 to 8 [ 211.163916][ T26] kauditd_printk_skb: 25 callbacks suppressed [ 211.163930][ T26] audit: type=1326 audit(1747474366.866:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5725 comm="syz.2.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ceda0c969 code=0x7ffc0000 [ 212.179377][ T4748] hfsplus: b-tree write err: -5, ino 4 [ 212.315980][ T26] audit: type=1326 audit(1747474366.866:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5725 comm="syz.2.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ceda0c969 code=0x7ffc0000 [ 212.377543][ T4959] usb 4-1: Using ep0 maxpacket: 32 [ 212.515151][ T4959] usb 4-1: config 0 has an invalid interface number: 35 but max is 0 [ 212.551885][ T26] audit: type=1326 audit(1747474366.866:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5725 comm="syz.2.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ceda0c969 code=0x7ffc0000 [ 212.568925][ T4959] usb 4-1: config 0 has no interface number 0 [ 212.574395][ T26] audit: type=1326 audit(1747474366.866:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5725 comm="syz.2.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ceda0c969 code=0x7ffc0000 [ 212.642954][ T26] audit: type=1326 audit(1747474366.866:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5725 comm="syz.2.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ceda0c969 code=0x7ffc0000 [ 213.119258][ T26] audit: type=1326 audit(1747474366.866:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5725 comm="syz.2.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2ceda0c969 code=0x7ffc0000 [ 213.428925][ T26] audit: type=1326 audit(1747474366.866:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5725 comm="syz.2.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ceda0c969 code=0x7ffc0000 [ 213.577526][ T26] audit: type=1326 audit(1747474366.866:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5725 comm="syz.2.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ceda0c969 code=0x7ffc0000 [ 213.687653][ T4959] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 213.864606][ T4959] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.875332][ T26] audit: type=1326 audit(1747474366.866:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5725 comm="syz.2.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f2ceda0c969 code=0x7ffc0000 [ 213.920559][ T26] audit: type=1326 audit(1747474366.866:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5725 comm="syz.2.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ceda0c969 code=0x7ffc0000 [ 213.963376][ T4959] usb 4-1: config 0 descriptor?? [ 213.966257][ T5757] loop1: detected capacity change from 0 to 1024 [ 213.977529][ T5755] loop3: detected capacity change from 0 to 1764 [ 214.007764][ T4959] usb 4-1: can't set config #0, error -71 [ 214.030732][ T4959] usb 4-1: USB disconnect, device number 3 [ 214.361203][ T5758] loop3: detected capacity change from 0 to 4096 [ 214.553171][ T5758] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512) [ 214.580268][ T5758] ntfs3: loop3: failed to replay log file. Can't mount rw! [ 214.896289][ T5769] loop1: detected capacity change from 0 to 16 [ 215.661166][ T5769] erofs: (device loop1): mounted with root inode @ nid 36. [ 216.776825][ T5782] loop1: detected capacity change from 0 to 1024 [ 217.172505][ T26] kauditd_printk_skb: 8 callbacks suppressed [ 217.172521][ T26] audit: type=1326 audit(1747474373.056:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5780 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 217.200722][ C0] vkms_vblank_simulate: vblank timer overrun [ 218.699748][ T26] audit: type=1326 audit(1747474373.056:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5780 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 218.876248][ T1197] hfsplus: b-tree write err: -5, ino 4 [ 218.897738][ T26] audit: type=1326 audit(1747474373.056:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5780 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 218.919862][ C0] vkms_vblank_simulate: vblank timer overrun [ 218.995588][ T26] audit: type=1326 audit(1747474373.056:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5780 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 219.047604][ T26] audit: type=1326 audit(1747474373.056:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5780 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 219.107785][ T26] audit: type=1326 audit(1747474373.056:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5780 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 219.197155][ T5800] loop3: detected capacity change from 0 to 4096 [ 219.229788][ T26] audit: type=1326 audit(1747474373.056:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5780 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 219.236825][ T5802] loop1: detected capacity change from 0 to 1764 [ 219.303652][ T26] audit: type=1326 audit(1747474373.056:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5780 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 219.343664][ T5800] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 219.370160][ T5800] UDF-fs: Scanning with blocksize 512 failed [ 219.411419][ T26] audit: type=1326 audit(1747474373.056:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5780 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 219.457559][ T26] audit: type=1326 audit(1747474373.056:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5780 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7484af4969 code=0x7ffc0000 [ 219.512849][ T5800] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 219.732020][ T5803] loop1: detected capacity change from 0 to 4096 [ 219.743482][ T5803] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 219.777788][ T5803] ntfs3: loop1: failed to replay log file. Can't mount rw! [ 219.947754][ T5808] loop0: detected capacity change from 0 to 16 [ 219.965562][ T5808] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 220.041159][ T5793] loop4: detected capacity change from 0 to 256 [ 220.731141][ T5815] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 221.440672][ T5817] loop1: detected capacity change from 0 to 16 [ 221.540838][ T5817] erofs: (device loop1): mounted with root inode @ nid 36. [ 224.484021][ T5836] loop0: detected capacity change from 0 to 2048 [ 224.744301][ T5836] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 225.639858][ T5848] netlink: 'syz.3.412': attribute type 1 has an invalid length. [ 225.845730][ T4180] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 225.855597][ T4180] CPU: 1 PID: 4180 Comm: kworker/u5:2 Not tainted 5.15.182-syzkaller #0 [ 225.864036][ T4180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 225.874114][ T4180] Workqueue: hci3 hci_rx_work [ 225.878854][ T4180] Call Trace: [ 225.882154][ T4180] [ 225.885104][ T4180] dump_stack_lvl+0x168/0x230 [ 225.889815][ T4180] ? show_regs_print_info+0x20/0x20 [ 225.895045][ T4180] ? load_image+0x3b0/0x3b0 [ 225.899574][ T4180] sysfs_create_dir_ns+0x252/0x280 [ 225.904683][ T4180] ? __lock_acquire+0x7c60/0x7c60 [ 225.909797][ T4180] ? sysfs_warn_dup+0xa0/0xa0 [ 225.914492][ T4180] ? le_conn_complete_evt+0xcbc/0x1590 [ 225.919980][ T4180] ? hci_event_packet+0xe05/0x12f0 [ 225.925112][ T4180] ? process_one_work+0x863/0x1000 [ 225.930230][ T4180] ? do_raw_spin_unlock+0x11d/0x230 [ 225.935462][ T4180] kobject_add_internal+0x662/0xd00 [ 225.940674][ T4180] kobject_add+0x152/0x210 [ 225.945090][ T4180] ? kobject_init+0x1d0/0x1d0 [ 225.949852][ T4180] ? klist_children_get+0x50/0x50 [ 225.954872][ T4180] ? get_device_parent+0x121/0x3f0 [ 225.959978][ T4180] device_add+0x483/0xfb0 [ 225.964308][ T4180] hci_conn_add_sysfs+0xd1/0x1e0 [ 225.969244][ T4180] le_conn_complete_evt+0xcbc/0x1590 [ 225.974549][ T4180] ? cs_le_create_conn+0x5e0/0x5e0 [ 225.979659][ T4180] ? __mutex_trylock_common+0x14f/0x250 [ 225.985211][ T4180] hci_le_meta_evt+0x289/0x3b80 [ 225.990056][ T4180] ? hci_event_packet+0x36d/0x12f0 [ 225.995165][ T4180] ? hci_event_packet+0x2e2/0x12f0 [ 226.000277][ T4180] ? __lock_acquire+0x7c60/0x7c60 [ 226.005304][ T4180] ? hci_remote_host_features_evt+0x280/0x280 [ 226.011454][ T4180] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 226.017096][ T4180] ? mark_lock+0x94/0x320 [ 226.021438][ T4180] ? mutex_unlock+0x10/0x10 [ 226.025963][ T4180] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 226.031953][ T4180] ? lock_chain_count+0x20/0x20 [ 226.036812][ T4180] ? __rwlock_init+0x140/0x140 [ 226.041574][ T4180] hci_event_packet+0xe05/0x12f0 [ 226.046513][ T4180] ? lockdep_hardirqs_on+0x94/0x140 [ 226.051713][ T4180] ? rcu_lock_release+0x20/0x20 [ 226.056565][ T4180] ? hci_send_to_monitor+0x9c/0x4a0 [ 226.061765][ T4180] hci_rx_work+0x255/0xa10 [ 226.066196][ T4180] process_one_work+0x863/0x1000 [ 226.071140][ T4180] ? worker_detach_from_pool+0x240/0x240 [ 226.076767][ T4180] ? lockdep_hardirqs_off+0x70/0x100 [ 226.082053][ T4180] ? _raw_spin_lock_irq+0xab/0xe0 [ 226.087077][ T4180] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 226.092448][ T4180] ? wq_worker_running+0x97/0x170 [ 226.097487][ T4180] worker_thread+0xaa8/0x12a0 [ 226.102195][ T4180] kthread+0x436/0x520 [ 226.106259][ T4180] ? rcu_lock_release+0x20/0x20 [ 226.111101][ T4180] ? kthread_blkcg+0xd0/0xd0 [ 226.115686][ T4180] ret_from_fork+0x1f/0x30 [ 226.120158][ T4180] [ 226.404024][ T4180] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 226.420531][ T4180] Bluetooth: hci3: failed to register connection device [ 227.068673][ T5853] loop1: detected capacity change from 0 to 2048 [ 227.187713][ T5856] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 227.235179][ T26] kauditd_printk_skb: 55 callbacks suppressed [ 227.235194][ T26] audit: type=1800 audit(1747474383.126:162): pid=5853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.413" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 227.534870][ T5864] loop4: detected capacity change from 0 to 16 [ 227.780434][ T5864] erofs: (device loop4): mounted with root inode @ nid 36. [ 229.415994][ T5891] loop3: detected capacity change from 0 to 512 [ 231.023903][ T5891] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 231.736240][ T5891] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2825: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 231.849008][ T5909] netlink: 'syz.4.425': attribute type 1 has an invalid length. [ 231.921726][ T4180] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 231.932129][ T4180] CPU: 1 PID: 4180 Comm: kworker/u5:2 Not tainted 5.15.182-syzkaller #0 [ 231.940483][ T4180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 231.950553][ T4180] Workqueue: hci0 hci_rx_work [ 231.955298][ T4180] Call Trace: [ 231.958589][ T4180] [ 231.961531][ T4180] dump_stack_lvl+0x168/0x230 [ 231.966234][ T4180] ? show_regs_print_info+0x20/0x20 [ 231.971545][ T4180] ? load_image+0x3b0/0x3b0 [ 231.976097][ T4180] sysfs_create_dir_ns+0x252/0x280 [ 231.981227][ T4180] ? __lock_acquire+0x7c60/0x7c60 [ 231.986271][ T4180] ? sysfs_warn_dup+0xa0/0xa0 [ 231.990960][ T4180] ? le_conn_complete_evt+0xcbc/0x1590 [ 231.996439][ T4180] ? hci_event_packet+0xe05/0x12f0 [ 232.001564][ T4180] ? process_one_work+0x863/0x1000 [ 232.006692][ T4180] ? do_raw_spin_unlock+0x11d/0x230 [ 232.011914][ T4180] kobject_add_internal+0x662/0xd00 [ 232.017139][ T4180] kobject_add+0x152/0x210 [ 232.021575][ T4180] ? kobject_init+0x1d0/0x1d0 [ 232.026273][ T4180] ? klist_children_get+0x50/0x50 [ 232.031314][ T4180] ? get_device_parent+0x121/0x3f0 [ 232.036439][ T4180] device_add+0x483/0xfb0 [ 232.040811][ T4180] hci_conn_add_sysfs+0xd1/0x1e0 [ 232.045774][ T4180] le_conn_complete_evt+0xcbc/0x1590 [ 232.051096][ T4180] ? cs_le_create_conn+0x5e0/0x5e0 [ 232.056236][ T4180] ? __schedule+0x11c0/0x43b0 [ 232.060927][ T4180] ? __mutex_trylock_common+0x14f/0x250 [ 232.066498][ T4180] hci_le_meta_evt+0x289/0x3b80 [ 232.071381][ T4180] ? hci_event_packet+0x36d/0x12f0 [ 232.076504][ T4180] ? hci_event_packet+0x2e2/0x12f0 [ 232.081630][ T4180] ? __lock_acquire+0x7c60/0x7c60 [ 232.086676][ T4180] ? release_firmware_map_entry+0x190/0x190 [ 232.092592][ T4180] ? hci_remote_host_features_evt+0x280/0x280 [ 232.098674][ T4180] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 232.104320][ T4180] ? mark_lock+0x94/0x320 [ 232.108670][ T4180] ? mutex_unlock+0x10/0x10 [ 232.113191][ T4180] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 232.119192][ T4180] ? lock_chain_count+0x20/0x20 [ 232.124068][ T4180] ? __rwlock_init+0x140/0x140 [ 232.128853][ T4180] hci_event_packet+0xe05/0x12f0 [ 232.133809][ T4180] ? lockdep_hardirqs_on+0x94/0x140 [ 232.139038][ T4180] ? rcu_lock_release+0x20/0x20 [ 232.143910][ T4180] ? lock_acquire+0x1f2/0x3f0 [ 232.148624][ T4180] ? hci_send_to_monitor+0x9c/0x4a0 [ 232.153851][ T4180] hci_rx_work+0x255/0xa10 [ 232.158300][ T4180] process_one_work+0x863/0x1000 [ 232.163267][ T4180] ? worker_detach_from_pool+0x240/0x240 [ 232.169000][ T4180] ? lockdep_hardirqs_off+0x70/0x100 [ 232.174317][ T4180] ? _raw_spin_lock_irq+0xab/0xe0 [ 232.179362][ T4180] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 232.184758][ T4180] ? wq_worker_running+0x97/0x170 [ 232.189804][ T4180] worker_thread+0xaa8/0x12a0 [ 232.194529][ T4180] kthread+0x436/0x520 [ 232.198610][ T4180] ? rcu_lock_release+0x20/0x20 [ 232.203479][ T4180] ? kthread_blkcg+0xd0/0xd0 [ 232.208092][ T4180] ret_from_fork+0x1f/0x30 [ 232.212543][ T4180] [ 232.248509][ T4180] kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 232.263444][ T4180] Bluetooth: hci0: failed to register connection device [ 232.393223][ T5891] EXT4-fs (loop3): 1 truncate cleaned up [ 232.505866][ T5891] EXT4-fs (loop3): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,nombcache,quota,,errors=continue. Quota mode: writeback. [ 232.715559][ T5912] loop0: detected capacity change from 0 to 1764 [ 233.840966][ T5130] Bluetooth: hci3: command 0x0406 tx timeout [ 235.154078][ T5929] loop0: detected capacity change from 0 to 4096 [ 235.644038][ T5929] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 235.716705][ T5931] loop4: detected capacity change from 0 to 16 [ 235.760822][ T5931] erofs: (device loop4): mounted with root inode @ nid 36. [ 235.777753][ T5922] loop2: detected capacity change from 0 to 32768 [ 237.052835][ T5939] capability: warning: `syz.3.433' uses deprecated v2 capabilities in a way that may be insecure [ 239.434370][ T5958] netlink: 'syz.2.438': attribute type 1 has an invalid length. [ 239.508316][ T4180] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 239.518163][ T4180] CPU: 0 PID: 4180 Comm: kworker/u5:2 Not tainted 5.15.182-syzkaller #0 [ 239.526669][ T4180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 239.536746][ T4180] Workqueue: hci2 hci_rx_work [ 239.541460][ T4180] Call Trace: [ 239.544753][ T4180] [ 239.547696][ T4180] dump_stack_lvl+0x168/0x230 [ 239.552402][ T4180] ? show_regs_print_info+0x20/0x20 [ 239.557703][ T4180] ? load_image+0x3b0/0x3b0 [ 239.562233][ T4180] sysfs_create_dir_ns+0x252/0x280 [ 239.567406][ T4180] ? __lock_acquire+0x7c60/0x7c60 [ 239.572452][ T4180] ? sysfs_warn_dup+0xa0/0xa0 [ 239.577144][ T4180] ? do_raw_spin_unlock+0x11d/0x230 [ 239.582379][ T4180] kobject_add_internal+0x662/0xd00 [ 239.587610][ T4180] kobject_add+0x152/0x210 [ 239.592044][ T4180] ? kobject_init+0x1d0/0x1d0 [ 239.596742][ T4180] ? klist_children_get+0x50/0x50 [ 239.601790][ T4180] ? get_device_parent+0x121/0x3f0 [ 239.606924][ T4180] device_add+0x483/0xfb0 [ 239.611305][ T4180] hci_conn_add_sysfs+0xd1/0x1e0 [ 239.616262][ T4180] le_conn_complete_evt+0xcbc/0x1590 [ 239.621578][ T4180] ? cs_le_create_conn+0x5e0/0x5e0 [ 239.626713][ T4180] ? __schedule+0x11c0/0x43b0 [ 239.631401][ T4180] ? __mutex_trylock_common+0x14f/0x250 [ 239.636965][ T4180] hci_le_meta_evt+0x289/0x3b80 [ 239.641920][ T4180] ? hci_event_packet+0x36d/0x12f0 [ 239.647042][ T4180] ? hci_event_packet+0x2e2/0x12f0 [ 239.652169][ T4180] ? __lock_acquire+0x7c60/0x7c60 [ 239.657250][ T4180] ? release_firmware_map_entry+0x190/0x190 [ 239.663164][ T4180] ? hci_remote_host_features_evt+0x280/0x280 [ 239.669247][ T4180] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 239.674894][ T4180] ? mark_lock+0x94/0x320 [ 239.679246][ T4180] ? mutex_unlock+0x10/0x10 [ 239.683769][ T4180] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 239.689770][ T4180] ? lock_chain_count+0x20/0x20 [ 239.694636][ T4180] ? __rwlock_init+0x140/0x140 [ 239.699413][ T4180] hci_event_packet+0xe05/0x12f0 [ 239.704364][ T4180] ? lockdep_hardirqs_on+0x94/0x140 [ 239.709596][ T4180] ? rcu_lock_release+0x20/0x20 [ 239.714459][ T4180] ? lock_acquire+0x1f2/0x3f0 [ 239.719159][ T4180] ? hci_send_to_monitor+0x9c/0x4a0 [ 239.724377][ T4180] hci_rx_work+0x255/0xa10 [ 239.728822][ T4180] process_one_work+0x863/0x1000 [ 239.733787][ T4180] ? worker_detach_from_pool+0x240/0x240 [ 239.739428][ T4180] ? lockdep_hardirqs_off+0x70/0x100 [ 239.744733][ T4180] ? _raw_spin_lock_irq+0xab/0xe0 [ 239.749773][ T4180] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 239.755164][ T4180] ? wq_worker_running+0x97/0x170 [ 239.760203][ T4180] worker_thread+0xaa8/0x12a0 [ 239.764941][ T4180] kthread+0x436/0x520 [ 239.769016][ T4180] ? rcu_lock_release+0x20/0x20 [ 239.771313][ T5127] Bluetooth: hci0: command 0x0406 tx timeout [ 239.773872][ T4180] ? kthread_blkcg+0xd0/0xd0 [ 239.784468][ T4180] ret_from_fork+0x1f/0x30 [ 239.788915][ T4180] [ 239.817775][ T4180] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 239.831875][ T4180] Bluetooth: hci2: failed to register connection device [ 241.144422][ T5964] ubi31: attaching mtd0 [ 241.286136][ T5964] ubi31: scanning is finished [ 241.298066][ T5964] ubi31: empty MTD device detected [ 241.630350][ T5976] ALSA: mixer_oss: invalid OSS volume 'MONITO' [ 242.250945][ T5978] loop4: detected capacity change from 0 to 16 [ 242.356925][ T5978] erofs: (device loop4): mounted with root inode @ nid 36. [ 242.433460][ T5981] loop1: detected capacity change from 0 to 1764 [ 243.232028][ T5964] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4 [ 243.287038][ T5972] loop2: detected capacity change from 0 to 256 [ 244.889375][ T6000] sp0: Synchronizing with TNC [ 245.973968][ T7] Bluetooth: hci2: command 0x0406 tx timeout [ 247.175087][ T6018] netlink: 'syz.3.454': attribute type 1 has an invalid length. [ 247.247369][ T4182] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 247.257416][ T4182] CPU: 0 PID: 4182 Comm: kworker/u5:3 Not tainted 5.15.182-syzkaller #0 [ 247.265778][ T4182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 247.275863][ T4182] Workqueue: hci3 hci_rx_work [ 247.280584][ T4182] Call Trace: [ 247.283872][ T4182] [ 247.286900][ T4182] dump_stack_lvl+0x168/0x230 [ 247.291776][ T4182] ? show_regs_print_info+0x20/0x20 [ 247.297002][ T4182] ? load_image+0x3b0/0x3b0 [ 247.301528][ T4182] sysfs_create_dir_ns+0x252/0x280 [ 247.306657][ T4182] ? __lock_acquire+0x7c60/0x7c60 [ 247.311718][ T4182] ? sysfs_warn_dup+0xa0/0xa0 [ 247.316408][ T4182] ? le_conn_complete_evt+0xcbc/0x1590 [ 247.321881][ T4182] ? hci_event_packet+0xe05/0x12f0 [ 247.327005][ T4182] ? process_one_work+0x863/0x1000 [ 247.332140][ T4182] ? do_raw_spin_unlock+0x11d/0x230 [ 247.337629][ T4182] kobject_add_internal+0x662/0xd00 [ 247.342860][ T4182] kobject_add+0x152/0x210 [ 247.347302][ T4182] ? kobject_init+0x1d0/0x1d0 [ 247.352006][ T4182] ? klist_children_get+0x50/0x50 [ 247.357048][ T4182] ? get_device_parent+0x121/0x3f0 [ 247.362178][ T4182] device_add+0x483/0xfb0 [ 247.366534][ T4182] hci_conn_add_sysfs+0xd1/0x1e0 [ 247.371496][ T4182] le_conn_complete_evt+0xcbc/0x1590 [ 247.376814][ T4182] ? cs_le_create_conn+0x5e0/0x5e0 [ 247.381950][ T4182] ? __schedule+0x11c0/0x43b0 [ 247.386641][ T4182] ? __mutex_trylock_common+0x14f/0x250 [ 247.392232][ T4182] hci_le_meta_evt+0x289/0x3b80 [ 247.397099][ T4182] ? hci_event_packet+0x36d/0x12f0 [ 247.402226][ T4182] ? hci_event_packet+0x2e2/0x12f0 [ 247.407433][ T4182] ? __lock_acquire+0x7c60/0x7c60 [ 247.412477][ T4182] ? release_firmware_map_entry+0x190/0x190 [ 247.418401][ T4182] ? hci_remote_host_features_evt+0x280/0x280 [ 247.424484][ T4182] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 247.430146][ T4182] ? mark_lock+0x94/0x320 [ 247.434491][ T4182] ? mutex_unlock+0x10/0x10 [ 247.439017][ T4182] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 247.445040][ T4182] ? lock_chain_count+0x20/0x20 [ 247.449921][ T4182] ? __rwlock_init+0x140/0x140 [ 247.454701][ T4182] hci_event_packet+0xe05/0x12f0 [ 247.459795][ T4182] ? lockdep_hardirqs_on+0x94/0x140 [ 247.465022][ T4182] ? rcu_lock_release+0x20/0x20 [ 247.469887][ T4182] ? lock_acquire+0x1f2/0x3f0 [ 247.474594][ T4182] ? hci_send_to_monitor+0x9c/0x4a0 [ 247.479809][ T4182] hci_rx_work+0x255/0xa10 [ 247.484255][ T4182] process_one_work+0x863/0x1000 [ 247.489224][ T4182] ? worker_detach_from_pool+0x240/0x240 [ 247.494882][ T4182] ? lockdep_hardirqs_off+0x70/0x100 [ 247.500192][ T4182] ? _raw_spin_lock_irq+0xab/0xe0 [ 247.505236][ T4182] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 247.510629][ T4182] ? wq_worker_running+0x97/0x170 [ 247.515672][ T4182] worker_thread+0xaa8/0x12a0 [ 247.520405][ T4182] kthread+0x436/0x520 [ 247.524599][ T4182] ? rcu_lock_release+0x20/0x20 [ 247.529459][ T4182] ? kthread_blkcg+0xd0/0xd0 [ 247.534084][ T4182] ret_from_fork+0x1f/0x30 [ 247.538534][ T4182] [ 247.563215][ T4182] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 247.576955][ T4182] Bluetooth: hci3: failed to register connection device [ 247.693383][ T6024] loop1: detected capacity change from 0 to 16 [ 247.764812][ T6024] erofs: (device loop1): mounted with root inode @ nid 36. [ 247.947602][ T5243] usb 4-1: new full-speed USB device number 4 using dummy_hcd [ 248.317910][ T5243] usb 4-1: unable to get BOS descriptor or descriptor too short [ 248.477980][ T5243] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 248.537568][ T5243] usb 4-1: can't read configurations, error -71 [ 248.876992][ T6034] loop1: detected capacity change from 0 to 1764 [ 249.750793][ T6047] loop0: detected capacity change from 0 to 8 [ 249.813707][ T6046] loop1: detected capacity change from 0 to 4096 [ 249.861209][ T6046] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 249.875430][ T6046] ntfs3: loop1: failed to replay log file. Can't mount rw! [ 251.407548][ T6060] netlink: 'syz.3.468': attribute type 1 has an invalid length. [ 252.150932][ T4182] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 252.160526][ T4182] CPU: 1 PID: 4182 Comm: kworker/u5:3 Not tainted 5.15.182-syzkaller #0 [ 252.168869][ T4182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 252.178947][ T4182] Workqueue: hci3 hci_rx_work [ 252.183648][ T4182] Call Trace: [ 252.186936][ T4182] [ 252.189875][ T4182] dump_stack_lvl+0x168/0x230 [ 252.194579][ T4182] ? show_regs_print_info+0x20/0x20 [ 252.199959][ T4182] ? load_image+0x3b0/0x3b0 [ 252.204505][ T4182] sysfs_create_dir_ns+0x252/0x280 [ 252.210086][ T4182] ? __lock_acquire+0x7c60/0x7c60 [ 252.215137][ T4182] ? sysfs_warn_dup+0xa0/0xa0 [ 252.219822][ T4182] ? le_conn_complete_evt+0xcbc/0x1590 [ 252.225303][ T4182] ? hci_event_packet+0xe05/0x12f0 [ 252.230427][ T4182] ? process_one_work+0x863/0x1000 [ 252.235549][ T4182] ? do_raw_spin_unlock+0x11d/0x230 [ 252.240763][ T4182] kobject_add_internal+0x662/0xd00 [ 252.245979][ T4182] kobject_add+0x152/0x210 [ 252.250419][ T4182] ? kobject_init+0x1d0/0x1d0 [ 252.255113][ T4182] ? klist_children_get+0x50/0x50 [ 252.260147][ T4182] ? get_device_parent+0x121/0x3f0 [ 252.265360][ T4182] device_add+0x483/0xfb0 [ 252.269720][ T4182] hci_conn_add_sysfs+0xd1/0x1e0 [ 252.274672][ T4182] le_conn_complete_evt+0xcbc/0x1590 [ 252.279980][ T4182] ? cs_le_create_conn+0x5e0/0x5e0 [ 252.285123][ T4182] ? __mutex_trylock_common+0x14f/0x250 [ 252.290693][ T4182] hci_le_meta_evt+0x289/0x3b80 [ 252.295646][ T4182] ? hci_event_packet+0x36d/0x12f0 [ 252.300766][ T4182] ? hci_event_packet+0x2e2/0x12f0 [ 252.305888][ T4182] ? __lock_acquire+0x7c60/0x7c60 [ 252.310940][ T4182] ? hci_remote_host_features_evt+0x280/0x280 [ 252.317036][ T4182] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 252.322682][ T4182] ? mark_lock+0x94/0x320 [ 252.327033][ T4182] ? mutex_unlock+0x10/0x10 [ 252.331552][ T4182] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 252.337547][ T4182] ? lock_chain_count+0x20/0x20 [ 252.342417][ T4182] ? __rwlock_init+0x140/0x140 [ 252.347191][ T4182] hci_event_packet+0xe05/0x12f0 [ 252.352141][ T4182] ? lockdep_hardirqs_on+0x94/0x140 [ 252.357379][ T4182] ? rcu_lock_release+0x20/0x20 [ 252.362253][ T4182] ? hci_send_to_monitor+0x9c/0x4a0 [ 252.367468][ T4182] hci_rx_work+0x255/0xa10 [ 252.371921][ T4182] process_one_work+0x863/0x1000 [ 252.376880][ T4182] ? worker_detach_from_pool+0x240/0x240 [ 252.382530][ T4182] ? lockdep_hardirqs_off+0x70/0x100 [ 252.387872][ T4182] ? _raw_spin_lock_irq+0xab/0xe0 [ 252.392927][ T4182] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 252.398333][ T4182] ? wq_worker_running+0x97/0x170 [ 252.403380][ T4182] worker_thread+0xaa8/0x12a0 [ 252.408121][ T4182] kthread+0x436/0x520 [ 252.412219][ T4182] ? rcu_lock_release+0x20/0x20 [ 252.417084][ T4182] ? kthread_blkcg+0xd0/0xd0 [ 252.421699][ T4182] ret_from_fork+0x1f/0x30 [ 252.426160][ T4182] [ 252.484315][ T4182] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 252.498153][ T4182] Bluetooth: hci3: failed to register connection device [ 254.517709][ T5243] Bluetooth: hci3: command 0x0406 tx timeout [ 254.784071][ T6089] loop2: detected capacity change from 0 to 8 [ 254.862218][ T6093] netlink: 256 bytes leftover after parsing attributes in process `syz.1.478'. [ 255.620061][ T1427] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.636017][ T1427] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.160987][ T6097] loop2: detected capacity change from 0 to 2048 [ 257.041058][ T6097] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 257.084594][ T4190] udevd[4190]: incorrect nilfs2 checksum on /dev/loop2 [ 257.105941][ T6103] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 257.270537][ T6109] netlink: 'syz.3.482': attribute type 1 has an invalid length. [ 257.340400][ T4182] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 257.350431][ T4182] CPU: 0 PID: 4182 Comm: kworker/u5:3 Not tainted 5.15.182-syzkaller #0 [ 257.358870][ T4182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 257.368937][ T4182] Workqueue: hci3 hci_rx_work [ 257.373641][ T4182] Call Trace: [ 257.376926][ T4182] [ 257.379997][ T4182] dump_stack_lvl+0x168/0x230 [ 257.384702][ T4182] ? show_regs_print_info+0x20/0x20 [ 257.389921][ T4182] ? load_image+0x3b0/0x3b0 [ 257.394450][ T4182] sysfs_create_dir_ns+0x252/0x280 [ 257.399587][ T4182] ? __lock_acquire+0x7c60/0x7c60 [ 257.404629][ T4182] ? sysfs_warn_dup+0xa0/0xa0 [ 257.409315][ T4182] ? preempt_schedule_irq+0xd0/0x150 [ 257.414631][ T4182] ? mark_lock+0x94/0x320 [ 257.418976][ T4182] ? do_raw_spin_unlock+0x11d/0x230 [ 257.424192][ T4182] kobject_add_internal+0x662/0xd00 [ 257.429425][ T4182] kobject_add+0x152/0x210 [ 257.433865][ T4182] ? asm_sysvec_reschedule_ipi+0x16/0x20 [ 257.439526][ T4182] ? kobject_init+0x1d0/0x1d0 [ 257.444220][ T4182] ? get_device_parent+0x121/0x3f0 [ 257.449347][ T4182] ? get_device_parent+0x3ca/0x3f0 [ 257.454483][ T4182] device_add+0x483/0xfb0 [ 257.458831][ T4182] hci_conn_add_sysfs+0xd1/0x1e0 [ 257.463787][ T4182] le_conn_complete_evt+0xcbc/0x1590 [ 257.469114][ T4182] ? cs_le_create_conn+0x5e0/0x5e0 [ 257.474248][ T4182] ? mark_lock+0x94/0x320 [ 257.478684][ T4182] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 257.484683][ T4182] hci_le_meta_evt+0x289/0x3b80 [ 257.489553][ T4182] ? asm_sysvec_reschedule_ipi+0x16/0x20 [ 257.495195][ T4182] ? lockdep_hardirqs_on+0x94/0x140 [ 257.500409][ T4182] ? asm_sysvec_reschedule_ipi+0x16/0x20 [ 257.506062][ T4182] ? hci_remote_host_features_evt+0x280/0x280 [ 257.512141][ T4182] ? __mutex_unlock_slowpath+0x11e/0x6a0 [ 257.517789][ T4182] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 257.523437][ T4182] ? mark_lock+0x94/0x320 [ 257.527780][ T4182] ? mutex_unlock+0x10/0x10 [ 257.532313][ T4182] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 257.538312][ T4182] ? lock_chain_count+0x20/0x20 [ 257.543178][ T4182] ? __rwlock_init+0x140/0x140 [ 257.547957][ T4182] hci_event_packet+0xe05/0x12f0 [ 257.552911][ T4182] ? lockdep_hardirqs_on+0x94/0x140 [ 257.558121][ T4182] ? rcu_lock_release+0x20/0x20 [ 257.562994][ T4182] ? hci_send_to_monitor+0x9c/0x4a0 [ 257.568209][ T4182] hci_rx_work+0x255/0xa10 [ 257.572659][ T4182] process_one_work+0x863/0x1000 [ 257.577724][ T4182] ? worker_detach_from_pool+0x240/0x240 [ 257.583367][ T4182] ? lockdep_hardirqs_off+0x70/0x100 [ 257.588665][ T4182] ? _raw_spin_lock_irq+0xab/0xe0 [ 257.593701][ T4182] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 257.599088][ T4182] ? wq_worker_running+0x97/0x170 [ 257.604124][ T4182] worker_thread+0xaa8/0x12a0 [ 257.608842][ T4182] kthread+0x436/0x520 [ 257.612926][ T4182] ? rcu_lock_release+0x20/0x20 [ 257.617786][ T4182] ? kthread_blkcg+0xd0/0xd0 [ 257.622400][ T4182] ret_from_fork+0x1f/0x30 [ 257.626858][ T4182] [ 257.629968][ C0] vkms_vblank_simulate: vblank timer overrun [ 257.677403][ T4182] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 257.691876][ T4182] Bluetooth: hci3: failed to register connection device [ 258.034509][ T6115] loop4: detected capacity change from 0 to 1024 [ 258.119381][ T26] audit: type=1800 audit(1747474414.013:163): pid=6115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.485" name="file1" dev="loop4" ino=20 res=0 errno=0 [ 258.883218][ T6097] syz.2.480 (6097) used greatest stack depth: 18312 bytes left [ 259.943967][ T6133] loop4: detected capacity change from 0 to 8 [ 261.640967][ T7] Bluetooth: hci4: command 0x0405 tx timeout [ 263.849224][ T6156] loop4: detected capacity change from 0 to 16 [ 263.938605][ T6156] erofs: (device loop4): mounted with root inode @ nid 36. [ 264.217092][ T4220] Bluetooth: hci3: command 0x0406 tx timeout [ 264.810845][ T6165] loop3: detected capacity change from 0 to 1024 [ 264.934023][ T26] audit: type=1800 audit(1747474420.823:164): pid=6165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.500" name="file1" dev="loop3" ino=20 res=0 errno=0 [ 265.390306][ T26] audit: type=1326 audit(1747474421.263:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 265.390679][ T26] audit: type=1326 audit(1747474421.263:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 265.414779][ T26] audit: type=1326 audit(1747474421.263:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 265.415140][ T26] audit: type=1326 audit(1747474421.263:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 265.415367][ T26] audit: type=1326 audit(1747474421.263:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 265.415622][ T26] audit: type=1326 audit(1747474421.263:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 265.415826][ T26] audit: type=1326 audit(1747474421.263:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 265.416126][ T26] audit: type=1326 audit(1747474421.263:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bf90a5969 code=0x7ffc0000 [ 266.997840][ C1] vkms_vblank_simulate: vblank timer overrun [ 267.332832][ C1] vkms_vblank_simulate: vblank timer overrun [ 270.187311][ T6205] loop2: detected capacity change from 0 to 1024 [ 270.355368][ T6207] loop1: detected capacity change from 0 to 1024 [ 270.447114][ T6205] EXT4-fs (loop2): mounted filesystem without journal. Opts: noinit_itable,nobarrier,nolazytime,abort,dax=inode,lazytime,noload,bsddf,noauto_da_alloc,,errors=continue. Quota mode: none. [ 270.613553][ T26] audit: type=1800 audit(1747474426.503:173): pid=6207 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.513" name="file1" dev="loop1" ino=20 res=0 errno=0 [ 270.662317][ T6214] EXT4-fs error (device loop2): ext4_remount:5855: comm syz.2.512: Abort forced by user [ 270.707542][ T6214] EXT4-fs (loop2): Remounting filesystem read-only [ 270.739584][ T6214] EXT4-fs (loop2): re-mounted. Opts: . Quota mode: none. [ 270.883935][ T6217] loop3: detected capacity change from 0 to 16 [ 271.398386][ T6217] erofs: (device loop3): mounted with root inode @ nid 36. [ 271.619499][ T6224] netlink: 'syz.0.517': attribute type 1 has an invalid length. [ 271.681186][ T6229] loop4: detected capacity change from 0 to 1024 [ 272.179627][ T4180] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 272.310328][ T4180] CPU: 1 PID: 4180 Comm: kworker/u5:2 Not tainted 5.15.182-syzkaller #0 [ 272.318709][ T4180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 272.328765][ T4180] Workqueue: hci4 hci_rx_work [ 272.333448][ T4180] Call Trace: [ 272.336720][ T4180] [ 272.339640][ T4180] dump_stack_lvl+0x168/0x230 [ 272.344315][ T4180] ? show_regs_print_info+0x20/0x20 [ 272.349506][ T4180] ? load_image+0x3b0/0x3b0 [ 272.354014][ T4180] sysfs_create_dir_ns+0x252/0x280 [ 272.359137][ T4180] ? __lock_acquire+0x7c60/0x7c60 [ 272.364172][ T4180] ? sysfs_warn_dup+0xa0/0xa0 [ 272.368875][ T4180] ? le_conn_complete_evt+0xcbc/0x1590 [ 272.374357][ T4180] ? hci_event_packet+0xe05/0x12f0 [ 272.379459][ T4180] ? process_one_work+0x863/0x1000 [ 272.384570][ T4180] ? do_raw_spin_unlock+0x11d/0x230 [ 272.389761][ T4180] kobject_add_internal+0x662/0xd00 [ 272.394958][ T4180] kobject_add+0x152/0x210 [ 272.399364][ T4180] ? kobject_init+0x1d0/0x1d0 [ 272.404043][ T4180] ? klist_children_get+0x50/0x50 [ 272.409074][ T4180] ? get_device_parent+0x121/0x3f0 [ 272.414188][ T4180] device_add+0x483/0xfb0 [ 272.418529][ T4180] hci_conn_add_sysfs+0xd1/0x1e0 [ 272.423471][ T4180] le_conn_complete_evt+0xcbc/0x1590 [ 272.428791][ T4180] ? cs_le_create_conn+0x5e0/0x5e0 [ 272.433929][ T4180] ? __mutex_trylock_common+0x14f/0x250 [ 272.439521][ T4180] hci_le_meta_evt+0x289/0x3b80 [ 272.444373][ T4180] ? hci_event_packet+0x36d/0x12f0 [ 272.449563][ T4180] ? hci_event_packet+0x2e2/0x12f0 [ 272.454676][ T4180] ? __lock_acquire+0x7c60/0x7c60 [ 272.459785][ T4180] ? hci_remote_host_features_evt+0x280/0x280 [ 272.465842][ T4180] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 272.471469][ T4180] ? mark_lock+0x94/0x320 [ 272.475821][ T4180] ? mutex_unlock+0x10/0x10 [ 272.480323][ T4180] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 272.486349][ T4180] ? lock_chain_count+0x20/0x20 [ 272.491219][ T4180] ? __rwlock_init+0x140/0x140 [ 272.496018][ T4180] hci_event_packet+0xe05/0x12f0 [ 272.500966][ T4180] ? lockdep_hardirqs_on+0x94/0x140 [ 272.506177][ T4180] ? rcu_lock_release+0x20/0x20 [ 272.511038][ T4180] ? hci_send_to_monitor+0x9c/0x4a0 [ 272.516329][ T4180] hci_rx_work+0x255/0xa10 [ 272.520748][ T4180] process_one_work+0x863/0x1000 [ 272.525695][ T4180] ? worker_detach_from_pool+0x240/0x240 [ 272.531320][ T4180] ? lockdep_hardirqs_off+0x70/0x100 [ 272.536614][ T4180] ? _raw_spin_lock_irq+0xab/0xe0 [ 272.541629][ T4180] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 272.546994][ T4180] ? wq_worker_running+0x97/0x170 [ 272.552016][ T4180] worker_thread+0xaa8/0x12a0 [ 272.556723][ T4180] kthread+0x436/0x520 [ 272.560795][ T4180] ? rcu_lock_release+0x20/0x20 [ 272.565650][ T4180] ? kthread_blkcg+0xd0/0xd0 [ 272.570243][ T4180] ret_from_fork+0x1f/0x30 [ 272.574661][ T4180] [ 272.653755][ T4180] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 272.667394][ T4180] Bluetooth: hci4: failed to register connection device [ 272.691758][ T4169] EXT4-fs error (device loop2): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11 [ 272.711102][ T4169] EXT4-fs error (device loop2): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11 [ 272.804646][ T6229] EXT4-fs (loop4): mounted filesystem without journal. Opts: user_xattr,nodioread_nolock,,errors=continue. Quota mode: none. [ 272.875089][ T6240] netlink: 'syz.1.522': attribute type 2 has an invalid length. [ 272.883114][ T6229] ext4 filesystem being mounted at /98/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 273.003394][ T6246] block device autoloading is deprecated. It will be removed in Linux 5.19 [ 273.579821][ T6253] EXT4-fs error (device loop4): ext4_map_blocks:739: inode #15: block 3: comm syz.4.519: lblock 3 mapped to illegal pblock 3 (length 1) [ 274.337247][ T6253] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117 [ 274.349884][ T6253] EXT4-fs (loop4): This should not happen!! Data will be lost [ 274.349884][ T6253] [ 274.381307][ T6255] netlink: 8 bytes leftover after parsing attributes in process `syz.1.526'. [ 274.953201][ T6265] loop4: detected capacity change from 0 to 8 [ 275.424287][ T26] audit: type=1800 audit(1747474431.313:174): pid=6264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.528" name="file1" dev="loop4" ino=5 res=0 errno=0 [ 275.636262][ T144] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 275.781256][ T6274] loop1: detected capacity change from 0 to 1024 [ 276.197548][ T6274] EXT4-fs (loop1): error: journal path ./file0 is not a block device [ 276.225707][ T4180] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 276.235275][ T4180] CPU: 1 PID: 4180 Comm: kworker/u5:2 Not tainted 5.15.182-syzkaller #0 [ 276.243617][ T4180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 276.253682][ T4180] Workqueue: hci0 hci_rx_work [ 276.258380][ T4180] Call Trace: [ 276.261680][ T4180] [ 276.264648][ T4180] dump_stack_lvl+0x168/0x230 [ 276.269366][ T4180] ? show_regs_print_info+0x20/0x20 [ 276.274595][ T4180] ? load_image+0x3b0/0x3b0 [ 276.279124][ T4180] sysfs_create_dir_ns+0x252/0x280 [ 276.284249][ T4180] ? __lock_acquire+0x7c60/0x7c60 [ 276.289386][ T4180] ? sysfs_warn_dup+0xa0/0xa0 [ 276.294072][ T4180] ? le_conn_complete_evt+0xcbc/0x1590 [ 276.299555][ T4180] ? hci_event_packet+0xe05/0x12f0 [ 276.304673][ T4180] ? process_one_work+0x863/0x1000 [ 276.309782][ T4180] ? do_raw_spin_unlock+0x11d/0x230 [ 276.314979][ T4180] kobject_add_internal+0x662/0xd00 [ 276.320177][ T4180] kobject_add+0x152/0x210 [ 276.324590][ T4180] ? kobject_init+0x1d0/0x1d0 [ 276.329296][ T4180] ? klist_children_get+0x50/0x50 [ 276.334311][ T4180] ? get_device_parent+0x121/0x3f0 [ 276.339445][ T4180] device_add+0x483/0xfb0 [ 276.343770][ T4180] hci_conn_add_sysfs+0xd1/0x1e0 [ 276.348705][ T4180] le_conn_complete_evt+0xcbc/0x1590 [ 276.353996][ T4180] ? cs_le_create_conn+0x5e0/0x5e0 [ 276.359116][ T4180] ? __mutex_trylock_common+0x14f/0x250 [ 276.364659][ T4180] hci_le_meta_evt+0x289/0x3b80 [ 276.369525][ T4180] ? hci_event_packet+0x36d/0x12f0 [ 276.374630][ T4180] ? hci_event_packet+0x2e2/0x12f0 [ 276.379731][ T4180] ? __lock_acquire+0x7c60/0x7c60 [ 276.384758][ T4180] ? hci_remote_host_features_evt+0x280/0x280 [ 276.390825][ T4180] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 276.396480][ T4180] ? mark_lock+0x94/0x320 [ 276.400819][ T4180] ? mutex_unlock+0x10/0x10 [ 276.405327][ T4180] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 276.411318][ T4180] ? lock_chain_count+0x20/0x20 [ 276.416180][ T4180] ? __rwlock_init+0x140/0x140 [ 276.420949][ T4180] hci_event_packet+0xe05/0x12f0 [ 276.425893][ T4180] ? lockdep_hardirqs_on+0x94/0x140 [ 276.431103][ T4180] ? rcu_lock_release+0x20/0x20 [ 276.435962][ T4180] ? hci_send_to_monitor+0x9c/0x4a0 [ 276.441171][ T4180] hci_rx_work+0x255/0xa10 [ 276.445621][ T4180] process_one_work+0x863/0x1000 [ 276.450571][ T4180] ? worker_detach_from_pool+0x240/0x240 [ 276.456204][ T4180] ? lockdep_hardirqs_off+0x70/0x100 [ 276.461493][ T4180] ? _raw_spin_lock_irq+0xab/0xe0 [ 276.466523][ T4180] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 276.471898][ T4180] ? wq_worker_running+0x97/0x170 [ 276.476918][ T4180] worker_thread+0xaa8/0x12a0 [ 276.481719][ T4180] kthread+0x436/0x520 [ 276.485784][ T4180] ? rcu_lock_release+0x20/0x20 [ 276.490641][ T4180] ? kthread_blkcg+0xd0/0xd0 [ 276.495231][ T4180] ret_from_fork+0x1f/0x30 [ 276.499661][ T4180] [ 276.505749][ T4180] kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 276.519880][ T4180] Bluetooth: hci0: failed to register connection device [ 277.344662][ T144] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 278.135671][ T144] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 278.488233][ T6291] loop3: detected capacity change from 0 to 4096 [ 278.539956][ T6291] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 278.626831][ T6291] ntfs3: loop3: Failed to load $Extend. [ 278.860382][ T4220] Bluetooth: hci2: command 0x0409 tx timeout [ 279.157195][ T4220] Bluetooth: hci4: command 0x0406 tx timeout [ 279.438215][ T6284] loop1: detected capacity change from 0 to 32768 [ 279.446284][ T6300] loop3: detected capacity change from 0 to 16 [ 279.518911][ T6284] XFS (loop1): Mounting V5 Filesystem [ 279.542224][ T6300] erofs: (device loop3): mounted with root inode @ nid 36. [ 280.409129][ T6278] chnl_net:caif_netlink_parms(): no params data found [ 280.456637][ T6284] XFS (loop1): Ending clean mount [ 280.478657][ T6284] XFS (loop1): Quotacheck needed: Please wait. [ 281.523842][ T4222] Bluetooth: hci2: command 0x041b tx timeout [ 281.595104][ T6284] XFS (loop1): Quotacheck: Done. [ 281.680618][ T4171] XFS (loop1): Unmounting Filesystem [ 282.614201][ T6341] loop4: detected capacity change from 0 to 128 [ 282.683042][ T6341] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 282.689655][ T5243] Bluetooth: hci0: command 0x0406 tx timeout [ 282.732994][ T6278] bridge0: port 1(bridge_slave_0) entered blocking state [ 282.781244][ T6347] ieee802154 phy0 wpan0: encryption failed: -22 [ 282.791291][ T6278] bridge0: port 1(bridge_slave_0) entered disabled state [ 282.818958][ T6278] device bridge_slave_0 entered promiscuous mode [ 282.852494][ T6278] bridge0: port 2(bridge_slave_1) entered blocking state [ 282.877635][ T6278] bridge0: port 2(bridge_slave_1) entered disabled state [ 282.885852][ T6278] device bridge_slave_1 entered promiscuous mode [ 282.917407][ T6350] loop3: detected capacity change from 0 to 16 [ 282.965511][ T6350] erofs: (device loop3): mounted with root inode @ nid 36. [ 283.920692][ T6352] loop4: detected capacity change from 0 to 131072 [ 283.932591][ T4220] Bluetooth: hci2: command 0x040f tx timeout [ 284.084278][ T6352] F2FS-fs (loop4): Found nat_bits in checkpoint [ 284.125290][ T6278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 284.180145][ T6352] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 284.256107][ T6366] loop3: detected capacity change from 0 to 8 [ 284.707415][ T6278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 285.555639][ T6370] F2FS-fs (loop4): sanity_check_inode: inode (ino=4) has corrupted i_extra_isize: 6, max: 36 [ 285.760721][ T26] audit: type=1800 audit(1747474441.653:175): pid=6362 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.552" name="file1" dev="loop3" ino=5 res=0 errno=0 [ 285.780213][ C1] vkms_vblank_simulate: vblank timer overrun [ 285.957903][ T4220] Bluetooth: hci2: command 0x0419 tx timeout [ 286.093180][ T6278] team0: Port device team_slave_0 added [ 287.048652][ T6278] team0: Port device team_slave_1 added [ 287.641554][ T6278] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 287.695572][ T6278] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 287.951535][ T6278] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 287.992950][ T6395] loop1: detected capacity change from 0 to 1024 [ 288.016272][ T6278] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 288.023682][ T6278] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.054058][ T5243] Bluetooth: hci2: command 0x0405 tx timeout [ 288.204301][ T26] audit: type=1800 audit(1747474444.093:176): pid=6395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.559" name="file1" dev="loop1" ino=20 res=0 errno=0 [ 288.276136][ T6278] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 289.062381][ T6278] device hsr_slave_0 entered promiscuous mode [ 289.267279][ T6278] device hsr_slave_1 entered promiscuous mode [ 289.302868][ T6278] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 289.315809][ T6415] loop3: detected capacity change from 0 to 16 [ 289.328779][ T6278] Cannot create hsr debugfs directory [ 289.355780][ T6415] erofs: (device loop3): mounted with root inode @ nid 36. [ 292.259670][ T6428] loop0: detected capacity change from 0 to 64 [ 292.743364][ T6439] loop3: detected capacity change from 0 to 8 [ 293.034622][ T6428] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing [ 293.074382][ T26] audit: type=1800 audit(1747474448.963:177): pid=6435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.564" name="file1" dev="loop3" ino=5 res=0 errno=0 [ 293.103143][ T6444] loop1: detected capacity change from 0 to 512 [ 293.228227][ T6444] EXT4-fs (loop1): Ignoring removed oldalloc option [ 293.601715][ T6444] EXT4-fs (loop1): orphan cleanup on readonly fs [ 293.845858][ T6452] loop3: detected capacity change from 0 to 16 [ 293.900470][ T144] device hsr_slave_0 left promiscuous mode [ 293.929871][ T6444] Quota error (device loop1): find_tree_dqentry: Getting block too big (196613 >= 6) [ 293.960095][ T144] device hsr_slave_1 left promiscuous mode [ 293.996575][ T6444] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 294.006161][ T6444] EXT4-fs error (device loop1): ext4_acquire_dquot:6204: comm syz.1.567: Failed to acquire dquot type 1 [ 294.029113][ T6444] EXT4-fs (loop1): 1 truncate cleaned up [ 294.038257][ T6452] erofs: (device loop3): mounted with root inode @ nid 36. [ 294.038267][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 294.058679][ T6444] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,nodiscard,oldalloc,grpjquota=,nobarrier,noquota,abort,nodiscard,nodiscard,,errors=continue. Quota mode: writeback. [ 294.097602][ T144] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 294.128681][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 294.136129][ T144] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 294.263012][ T6455] EXT4-fs error (device loop1): ext4_lookup:1862: inode #2: comm syz.1.567: deleted inode referenced: 12 [ 294.349215][ T144] device bridge_slave_1 left promiscuous mode [ 294.368893][ T144] bridge0: port 2(bridge_slave_1) entered disabled state [ 295.331622][ T144] device bridge_slave_0 left promiscuous mode [ 295.356707][ T144] bridge0: port 1(bridge_slave_0) entered disabled state [ 295.418849][ T144] device veth1_macvtap left promiscuous mode [ 295.427412][ T144] device veth0_macvtap left promiscuous mode [ 295.434325][ T144] device veth1_vlan left promiscuous mode [ 295.446671][ T144] device veth0_vlan left promiscuous mode [ 295.471576][ T6478] loop3: detected capacity change from 0 to 16 [ 295.590150][ T6478] erofs: (device loop3): mounted with root inode @ nid 36. [ 296.418337][ T144] team0 (unregistering): Port device team_slave_1 removed [ 296.483633][ T6488] loop3: detected capacity change from 0 to 2048 [ 296.494489][ T144] team0 (unregistering): Port device team_slave_0 removed [ 296.557155][ T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 296.573515][ T6489] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 296.607359][ T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 297.789167][ T144] bond0 (unregistering): Released all slaves [ 298.066857][ T6495] netlink: 28 bytes leftover after parsing attributes in process `syz.1.577'. [ 298.156353][ T6278] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 298.234018][ T6278] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 298.246624][ T6278] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 298.365037][ T6278] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 298.555507][ T6509] netlink: 8 bytes leftover after parsing attributes in process `syz.4.578'. [ 299.243677][ T6517] loop1: detected capacity change from 0 to 16 [ 299.392962][ T6517] erofs: (device loop1): mounted with root inode @ nid 36. [ 299.416452][ T6522] loop4: detected capacity change from 0 to 16 [ 299.502926][ T6278] 8021q: adding VLAN 0 to HW filter on device bond0 [ 299.524355][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 299.553777][ T6522] erofs: (device loop4): mounted with root inode @ nid 36. [ 299.606687][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 300.135982][ T6278] 8021q: adding VLAN 0 to HW filter on device team0 [ 300.191351][ T4748] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 300.219774][ T4748] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 301.108528][ T4748] bridge0: port 1(bridge_slave_0) entered blocking state [ 301.115656][ T4748] bridge0: port 1(bridge_slave_0) entered forwarding state [ 301.163697][ T4748] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 301.172550][ T4748] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 301.181117][ T4748] bridge0: port 2(bridge_slave_1) entered blocking state [ 301.188209][ T4748] bridge0: port 2(bridge_slave_1) entered forwarding state [ 301.277964][ T4748] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 301.286317][ T4748] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 301.365691][ T4748] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 301.395898][ T4748] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 302.383397][ T4748] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 302.535960][ T4748] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 302.611679][ T4748] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 302.648457][ T4748] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 302.768139][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 302.777846][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 302.826308][ T6278] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 302.862550][ T6278] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 302.898142][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 302.907158][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 304.125227][ T6570] netlink: 8 bytes leftover after parsing attributes in process `syz.0.593'. [ 305.003728][ T6579] loop0: detected capacity change from 0 to 16 [ 305.074490][ T6278] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 305.159568][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 305.195558][ T6579] erofs: (device loop0): mounted with root inode @ nid 36. [ 305.258209][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 308.419811][ T4241] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 308.442380][ T4241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 308.510297][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 309.949764][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 310.181542][ T6624] loop1: detected capacity change from 0 to 2048 [ 310.324219][ T6278] device veth0_vlan entered promiscuous mode [ 310.364999][ T6631] loop4: detected capacity change from 0 to 16 [ 311.072987][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 311.088113][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 311.196425][ T6631] erofs: (device loop4): mounted with root inode @ nid 36. [ 311.409602][ T6624] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 311.480852][ T6624] NILFS (loop1): error -4 creating segctord thread [ 311.633522][ T6278] device veth1_vlan entered promiscuous mode [ 311.729725][ T4190] udevd[4190]: incorrect nilfs2 checksum on /dev/loop1 [ 311.743559][ T6640] loop0: detected capacity change from 0 to 1024 [ 311.887373][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 311.907121][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 312.043194][ T6278] device veth0_macvtap entered promiscuous mode [ 312.374110][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 312.641429][ T6278] device veth1_macvtap entered promiscuous mode [ 312.730547][ T26] audit: type=1800 audit(1747474468.623:178): pid=6640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.608" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 312.962387][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 313.044244][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 313.118506][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 313.171482][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 313.230399][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 313.291331][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 313.342772][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 313.382019][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 313.435632][ T6278] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 313.476636][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 313.539236][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 313.584726][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 313.628141][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 313.666928][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 313.704246][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 313.757581][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 313.798629][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 313.808643][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 313.819609][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 313.830780][ T6278] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 313.843714][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 313.931067][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 314.012769][ T6649] loop4: detected capacity change from 0 to 32768 [ 314.053706][ T6278] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.140628][ T6278] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.225644][ T6278] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.284547][ T6278] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.779919][ T4819] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 314.807385][ T4819] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 314.899019][ T4748] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 314.919333][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 314.938165][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 315.120520][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 315.153183][ T6671] ERROR: (device loop4): dbAdjCtl: the maximum free buddy is not the old root [ 315.153183][ T6671] [ 315.504967][ T6671] ERROR: (device loop4): remounting filesystem as read-only [ 316.186880][ T6686] loop3: detected capacity change from 0 to 256 [ 316.228936][ T6684] loop5: detected capacity change from 0 to 1024 [ 316.236282][ T6682] netlink: 'syz.0.616': attribute type 24 has an invalid length. [ 316.268296][ T6686] exfat: Deprecated parameter 'utf8' [ 316.273692][ T6686] exfat: Unknown parameter 'sys_tz' [ 316.444437][ T26] audit: type=1326 audit(1747474472.333:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.5.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2c09dc969 code=0x7ffc0000 [ 316.673056][ T6692] trusted_key: encrypted_key: key user:syz not found [ 317.359897][ T4170] ------------[ cut here ]------------ [ 317.393746][ T1427] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.400110][ T1427] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.429555][ T4400] hfsplus: b-tree write err: -5, ino 4 [ 317.438194][ T4170] kernel BUG at fs/jfs/inode.c:169! [ 317.479032][ T4170] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 317.485138][ T4170] CPU: 1 PID: 4170 Comm: syz-executor Not tainted 5.15.182-syzkaller #0 [ 317.493475][ T4170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 317.503542][ T4170] RIP: 0010:jfs_evict_inode+0x42d/0x430 [ 317.509101][ T4170] Code: f6 fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 17 fe ff ff 4c 89 f7 e8 cd 1e f6 fe e9 0a fe ff ff e8 a3 ab b0 fe <0f> 0b 90 41 57 41 56 41 54 53 48 89 fb 49 bc 00 00 00 00 00 fc ff [ 317.528811][ T4170] RSP: 0018:ffffc90002dbfb40 EFLAGS: 00010293 [ 317.534898][ T4170] RAX: ffffffff82c7126d RBX: ffff88805e303bb0 RCX: ffff88807ab55940 [ 317.542877][ T4170] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88805e303bb0 [ 317.550856][ T4170] RBP: 0000000000000002 R08: dffffc0000000000 R09: fffffbfff1ff3451 [ 317.558843][ T4170] R10: fffffbfff1ff3451 R11: 1ffffffff1ff3450 R12: dffffc0000000000 [ 317.566827][ T4170] R13: dffffc0000000000 R14: ffff88805e303838 R15: ffff88805e303d80 [ 317.574811][ T4170] FS: 0000555556513500(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000 [ 317.583757][ T4170] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 317.590360][ T4170] CR2: 000055966430d950 CR3: 00000000619a5000 CR4: 00000000003506e0 [ 317.598341][ T4170] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 317.606321][ T4170] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 317.614314][ T4170] Call Trace: [ 317.617647][ T4170] [ 317.620602][ T4170] ? evict+0x47f/0x870 [ 317.624687][ T4170] ? jfs_write_inode+0x220/0x220 [ 317.629640][ T4170] evict+0x485/0x870 [ 317.633538][ T4170] ? proc_nr_inodes+0x320/0x320 [ 317.638379][ T4170] ? do_raw_spin_lock+0x11d/0x280 [ 317.643402][ T4170] ? preempt_schedule_thunk+0x16/0x18 [ 317.648776][ T4170] evict_inodes+0x463/0x690 [ 317.653279][ T4170] ? __dentry_kill+0x530/0x650 [ 317.658036][ T4170] ? clear_inode+0x150/0x150 [ 317.662638][ T4170] ? sync_filesystem+0x103/0x220 [ 317.667573][ T4170] generic_shutdown_super+0x93/0x300 [ 317.672871][ T4170] kill_block_super+0x7c/0xe0 [ 317.677900][ T4170] deactivate_locked_super+0x93/0xf0 [ 317.683176][ T4170] cleanup_mnt+0x418/0x4d0 [ 317.687777][ T4170] ? lockdep_hardirqs_on+0x94/0x140 [ 317.692978][ T4170] task_work_run+0x125/0x1a0 [ 317.697568][ T4170] exit_to_user_mode_loop+0x10f/0x130 [ 317.702936][ T4170] exit_to_user_mode_prepare+0xb1/0x140 [ 317.708499][ T4170] syscall_exit_to_user_mode+0x16/0x40 [ 317.714041][ T4170] do_syscall_64+0x58/0xa0 [ 317.718448][ T4170] ? clear_bhb_loop+0x15/0x70 [ 317.723139][ T4170] ? clear_bhb_loop+0x15/0x70 [ 317.727812][ T4170] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 317.733702][ T4170] RIP: 0033:0x7fcca0240c97 [ 317.738114][ T4170] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 317.757812][ T4170] RSP: 002b:00007ffdb7a122c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 317.766220][ T4170] RAX: 0000000000000000 RBX: 00007fcca02c189d RCX: 00007fcca0240c97 [ 317.774183][ T4170] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdb7a12380 [ 317.782148][ T4170] RBP: 00007ffdb7a12380 R08: 0000000000000000 R09: 0000000000000000 [ 317.790112][ T4170] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdb7a13410 [ 317.798185][ T4170] R13: 00007fcca02c189d R14: 000000000004d2ee R15: 00007ffdb7a13450 [ 317.806174][ T4170] [ 317.809214][ T4170] Modules linked in: [ 317.884795][ T6699] loop5: detected capacity change from 0 to 16 [ 317.887097][ T26] audit: type=1326 audit(1747474472.333:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.5.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2c09dc969 code=0x7ffc0000 [ 317.944611][ T26] audit: type=1326 audit(1747474472.363:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.5.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe2c09dc969 code=0x7ffc0000 [ 317.971212][ T6699] erofs: (device loop5): mounted with root inode @ nid 36. [ 318.061291][ T26] audit: type=1326 audit(1747474472.363:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.5.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2c09dc969 code=0x7ffc0000 [ 318.120499][ T26] audit: type=1326 audit(1747474472.363:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.5.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2c09dc969 code=0x7ffc0000 [ 318.139149][ T4170] ---[ end trace bcd6918270d7d947 ]--- [ 318.153232][ T4170] RIP: 0010:jfs_evict_inode+0x42d/0x430 [ 318.158955][ T4170] Code: f6 fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 17 fe ff ff 4c 89 f7 e8 cd 1e f6 fe e9 0a fe ff ff e8 a3 ab b0 fe <0f> 0b 90 41 57 41 56 41 54 53 48 89 fb 49 bc 00 00 00 00 00 fc ff [ 318.164484][ T26] audit: type=1326 audit(1747474472.363:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.5.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe2c09dc969 code=0x7ffc0000 [ 318.180357][ T4170] RSP: 0018:ffffc90002dbfb40 EFLAGS: 00010293 [ 318.234890][ T26] audit: type=1326 audit(1747474472.363:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.5.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2c09dc969 code=0x7ffc0000 [ 318.244602][ T4170] RAX: ffffffff82c7126d RBX: ffff88805e303bb0 RCX: ffff88807ab55940 [ 318.257305][ T26] audit: type=1326 audit(1747474472.363:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.5.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2c09dc969 code=0x7ffc0000 [ 318.287870][ T26] audit: type=1326 audit(1747474472.363:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.5.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe2c09dc969 code=0x7ffc0000 [ 318.313156][ T26] audit: type=1326 audit(1747474472.363:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.5.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2c09dc969 code=0x7ffc0000 [ 318.337700][ T26] audit: type=1326 audit(1747474472.363:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6683 comm="syz.5.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2c09dc969 code=0x7ffc0000 [ 318.364417][ T4170] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88805e303bb0 [ 318.372927][ T4170] RBP: 0000000000000002 R08: dffffc0000000000 R09: fffffbfff1ff3451 [ 318.383538][ T4170] R10: fffffbfff1ff3451 R11: 1ffffffff1ff3450 R12: dffffc0000000000 [ 318.391691][ T4170] R13: dffffc0000000000 R14: ffff88805e303838 R15: ffff88805e303d80 [ 318.401498][ T4170] FS: 0000555556513500(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 318.411138][ T4170] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 318.418112][ T4170] CR2: 00005619956dc950 CR3: 00000000619a5000 CR4: 00000000003506f0 [ 318.426284][ T4170] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 318.437175][ T4170] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 318.445845][ T4170] Kernel panic - not syncing: Fatal exception [ 318.452017][ T4170] Kernel Offset: disabled [ 318.456347][ T4170] Rebooting in 86400 seconds..