last executing test programs:

4m59.520836793s ago: executing program 2 (id=44):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000000000)={[0x2000, 0x6e000, 0x2, 0x3000], 0x0, 0x25, 0x2})

4m58.283179605s ago: executing program 2 (id=50):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000005000000fd0900008500000041000000", @ANYRES32, @ANYBLOB="00238e85df"], 0x50)

4m58.042339623s ago: executing program 2 (id=51):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)=ANY=[@ANYBLOB="60000000100001040500000003000000000000", @ANYRES32=0x0, @ANYBLOB="03050000000000003800128009000100766c616e00000000280002801000048006000803050001000b00000006000100030000", @ANYRES32, @ANYBLOB], 0x60}, 0x1, 0x0, 0x0, 0x20004800}, 0x4000000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=@newtaction={0x18, 0x30, 0xffffffffffffffff, 0x0, 0xffffffff, {}, [{0x4}]}, 0x18}}, 0x0)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0xc840)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newtfilter={0x24, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xd}, {}, {0x7, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x24040084)
ioctl$TIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000300)={[{@grpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x10}}, {@nodioread_nolock}, {@test_dummy_encryption}, {@lazytime}, {@nodelalloc}, {@minixdf}, {@orlov}]}, 0x4, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x1d81ca7, 0x0, 0x82, 0x0, &(0x7f0000000080))
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000))
chdir(&(0x7f00000003c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r3 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)

4m57.139668904s ago: executing program 2 (id=55):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x10084, &(0x7f00000000c0)={[{@minixdf}, {@i_version}, {@usrquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}, {@nomblk_io_submit}, {@delalloc}, {@jqfmt_vfsold}]}, 0x1, 0x401, &(0x7f0000000540)="$eJzs209oHFUYAPBvZpNUm9bEWv+1VbcNYkBNmkSFgJeKioLgQW8eJDRpKW6a0qzYFg8qgqfixZOePOnBoxcPgnj3JHiydykEKZ5lZXZnmm2yGzfprms7vx9M+97MW9578+bbvHkzG0BpVbN/kogDEfF7REy0srcWqLb+++vGh6ezLYlG460/k2a5LF8ULT43nmem04j00ySOdqh3/fKV95ZqtZWLeX62vnphdv3ylWfPrS6dXTm7cn5h8fmT8wuLLywu9KObY1nbrt449tvaV2/+/fmJa+MvXX335WzfgbxAez/6pRrVW89lmyf7XdmQHWxLJyNDbAi7UomIbLhGm/E/EZXYHLyJeOWToTYOGKhGo9HY1/3wRw3gLpbEsFsADEfxh764tx/EffD/2cap1g3Q9v6PRJqXGd1yf9tP1Yi49M5nP2ZbDGgdAgCg3U/Z/OeZTvOfNB5qK3df/mxoMiLuj4hDEfFARByOiAcjmmUfjohHdll/dUt++/wnvb6njvUom/+92HH+W8z+YrKS5w42+z+anDlXWzmZn5PpGN2X5ed2qOPX17/9ptux9vlftmX1F3PBvB3XR7Ys0C0v1Zdup8/tNj6OONJx/pvcfBKQRMSjEXFkj3X8cKrxZbdj/97/wWp8HfFUx/HffHKX7Px8crZ5PcwWV8V2xz64sNyt/mH3Pxv//Tv3fzJpf167vvs6vp88vtHt2F6v/7Hk7WZ6LN93aalevzgXMZa8sX3//OZni3xRPuv/9FTn+D8Um2fiaDaOEfFYRDweEU/kbT8eESciYmqH/r869dpK1/7fExFDHf/vxlupXsd/94nV+Z9/6VZ/b+P/XDM1ne/p5fuv1wbu+cQBAADAHSRtvgOfpDM302k6M9N6h/9w7E9ra+v1p8+svX9+ufWu/GSMpsVK10TbeuhcvjZc5Oe35BfydeMvKvc28zOn12pdF8WA/8R4l/jP/FEZduuAgfN7LSgv8Q/lJf6hvMQ/lJf4h/IS/1BS1yriH0pM/EN5iX8oL/EPpXQ7v+uXkJC4WxPD/mYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoj38CAAD//2Gy3iA=")
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000008300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000000080)={0x50, 0x0, 0x0, {0x7, 0x29, 0x7, 0x12510421, 0x3, 0xc, 0x1, 0x56, 0x0, 0x0, 0x2, 0x9cea}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setxattr$system_posix_acl(&(0x7f0000000500)='./file0\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000a80)={{}, {0x1, 0x1}, [{0x2, 0x6}], {0x4, 0x5}, [], {0x10, 0x7}, {0x20, 0x6}}, 0x2c, 0x2)

4m56.002371372s ago: executing program 2 (id=58):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1e, 0x11, r0, 0xfffff000)

4m51.918351361s ago: executing program 2 (id=62):
pipe2$9p(&(0x7f0000000080), 0x800)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0x1, 0x1}, 0x8)

4m51.411396248s ago: executing program 32 (id=62):
pipe2$9p(&(0x7f0000000080), 0x800)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0x1, 0x1}, 0x8)

4m5.389986118s ago: executing program 4 (id=193):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)=ANY=[@ANYBLOB="60000000100001040500000003000000000000", @ANYRES32=0x0, @ANYBLOB="03050000000000003800128009000100766c616e00000000280002801000048006000803050001000b00000006000100030000", @ANYRES32, @ANYBLOB], 0x60}, 0x1, 0x0, 0x0, 0x20004800}, 0x4000000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=@newtaction={0x18, 0x30, 0xffffffffffffffff, 0x0, 0xffffffff, {}, [{0x4}]}, 0x18}}, 0x0)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0xc840)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newtfilter={0x24, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xd}, {}, {0x7, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x24040084)
ioctl$TIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000300)={[{@grpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x10}}, {@nodioread_nolock}, {@test_dummy_encryption}, {@lazytime}, {@nodelalloc}, {@minixdf}, {@orlov}]}, 0x4, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x1d81ca7, 0x0, 0x82, 0x0, &(0x7f0000000080))
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000))
chdir(&(0x7f00000003c0)='./bus\x00')
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r3 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)

4m4.486673009s ago: executing program 4 (id=195):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x77, 0x2, 0x2, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0x5, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4m3.730658055s ago: executing program 4 (id=200):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file1\x00', 0x40, &(0x7f0000000440)=ANY=[@ANYBLOB='rodir,utf8=1,shortname=lower,iocharset=cp866,codepage=852,utf8=1,check=normal,uni_xlate=0,shortname=mixed,nonumtail=0,uni_xlate=1,utf8=0,\x00'/150], 0x4, 0x35b, &(0x7f0000000640)="$eJzs3T1sW9UXAPDjPMd2K/WfDH+pgsmwIaGqKWKAhURVkSoyQJHF14KlpnzEBikWltIhbhYQI4gFCSa2DjB2RgwIsTGwUiRUQCx0olIrHnofsR3baVNEQoHfb4hOzj3n3ftenuLkKbl+eTnWz8/HhevXr0WjUYnq8unluFGJxZiLJAqXAgD4N7mRpvFrWsgTT9yu+v2jMV9EtUNZHQBwEPLX/1eOjRL1fTbutw4AuOdM/f4/29Mzs28e2LIAgAM09vpfyRMP7hqeeMxfHf5NAADwz/XsCy8+tbIaca7ZbER03+m3+q14fDS+ciFei06sxclYiFsRxYOC4mlB9vHJs6tnTjYzPy5GK+votyK6g36r+ElhJcn767EUC7FY9qfD/iTrX8r7mxFxaZDPH91KvzUfR8v5vzsaa3EqFuL/U/0RZ1fP/JamaX6AVnenfxCxHY2dk8jWfyIW4pu5/JPzkfUWx8oyW0vN5ul0dVd//3I9rwMAAAAAAAAAAAAAAAAAAAAAgINw4kitWVoc7n+Tdgf9t8+VBc3p8Xx/n2K43B9ou9gfKK3v7M7zbjK5P9Du/Xn6rWrM/a1nDgAAAAAAAAAAAAAAAAAAAPeO3mYt2p3O2kZv8+L6KKh1BkUwl2Xe+OrTL47EZM3rySgT1eJwu2rKXGxeXE8iIhtKYtieDtvTJK+ZWEbWUmQq0b58Zbji8Zr68Cym2rOgPjVUKdfU7nSOPfDDR7O6fh9lkhgONWZOUSnnHxvq/q9IzVrP7YNKb/PUHWqupmm6V/vWh9Nd0YioTn3h/orgy2uv3vdI7/ijvUp1vf15uenDQw8vPHf1g09+Xm93orw0nU5to3cr/dNzJTG6Nyrlda7MuBNmB9ujzPZGb7OdfPvL8/e/9/VEcTL7/knHM2/tPddnk5laEWTLrO3jTOdn3Pyzg5duDu/eu7+Yxz9ebl/Z+v6nnYt5p66xbxI26gAAAAAAAAAAAAAAAAAAgEMx9r/id+GxZw5uRQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+Ebv/z8WbE9l9hPcHMT0UH1to7fn5EcO9VQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgP+yMAAP//1k5zjQ==")
creat(&(0x7f0000000240)='./file0\x00', 0x81)

4m3.061745107s ago: executing program 4 (id=203):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000180)={[{@errors_remount}, {@mblk_io_submit}, {@stripe={'stripe', 0x3d, 0x7}}, {@discard}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'dummy0\x00', &(0x7f0000000400)=@ethtool_rxnfc={0x2d, 0x12, 0x6, {0x2, @sctp_ip6_spec={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, 0x4e23, 0x4e22, 0x2}, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 0x400, 0x5, [0x8, 0x6]}, @sctp_ip6_spec={@private1={0xfc, 0x1, '\x00', 0xfd}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e21, 0x4e22, 0x3}, {0x0, @broadcast, 0x80, 0x0, [0x10, 0x2]}, 0x504e, 0x11}, 0x1, [0x6bc51800]}})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x0)
listen(r1, 0xfffffbeb)
fdatasync(r0)

4m2.262622584s ago: executing program 4 (id=209):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000000c0), 0x2, 0xbd1, &(0x7f0000001340)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
socket$inet(0x2, 0x2, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

4m1.538333359s ago: executing program 4 (id=216):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc00, &(0x7f0000000000)=ANY=[@ANYBLOB='iocharset=cp869,umask=00000000000000000000002,gid=', @ANYRESOCT=0x0, @ANYRES8=0x0], 0xfe, 0x1524, &(0x7f00000037c0)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+Xw+JCRJkyQhOSXrf0342+3a3977233bd31z/67ruaz7Xc+9nvW89/u8z8HMfNdlaM3Gtao1JCL4t+DFf5IAIBYABgLAdQAQAEC5uHJxWf05JSb9exthf65HUq/2DNjVxPXP3rj+2RvXP3vj+mdvXP/sjeufvXH9szeuP2PZ2ebpBa/nJfsu/Pw/O+Pz//8hmaXHfrW29I1dAWL+2RSuf/bG9f8/K/hnVuL6Z29c/+wq9mpPgP0vwMd/dpDj7/Zw/bM3rj9j2dnVfv58tReIZO/34Gp//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ9n/BUKAC63r/a8GGOMMcYYY4wx9ufxOa72DBhjjDHGGGOMMfY/D0GABAUBxEAOiIWckAsEAFwLeeA6iMD1EAc3QF64EfJBfigABSEeCkFh0GAgBghCKAJFIQo3QTG4GYpDCSgJpcBBaUiAW6AM3Apl4TYoB7dDebgDKkBFqASV4U6oAndBVbgbqsE9UB1qQE2oBfdCbbgP6sD9UBcegHrwINSHh6ABPAwN4RFoBI9CY3gMmsDj0BSaQXNoAS3/W/kvQQ94GXpCL0iC3tAHXoG+0A/6wwAYCK/CIHgNBsPrkAxDYCi8AcPgTRgOb8EIGAmj4G0YDe/AGBgL42A8pMAEmAjvwiR4DybDFJgK0yAVpsMMeB9mwiyYDR/AHPgQ5sI8mA8LIA0+goWwCNLhY1gMn0AGLIGlsAyWwwpYCatgNayBtbAO1sMG2AibYDNsga2wDbbDDtgJn8Iu+Ax2wx7YC5/DPvjiX8w//Tf5XREQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwL+bFfJgPC2ABjMd4LIyF0aBBQsIiWASjGMViWAyLY3EsiSXRocMETMAyeCuWxbJYDstheSyPFbAiVsTKWBmrYBWsilWxGlbD6lgda2JNvBfvxd5YB+tgXayL9bDe5cdT2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2wlbYGltjW2yL7bAdtsf2mIiJ2AE7YEfsiJ2wE3bGztgFu2BX7IbdMl/KAfgyvoy9sLrojX2wD/bF5Bz9cQAOwFdxEL6Gr+HrmIxDcCi+gW/gmzgcT+EIHImjcBRWEe/gGByLJMZjCqbgRJyIk3ASTsYpOAWnYSpOxxk4A2fiLJyFH+Ac/BA/xHk4DxdgGqbhQlyE6ZiOi/E0ZuASXIrLcDmuwOW4ClfjKlyL63AtbsANuAk34RbcgttwG+7AHfgpKgD8DPfgHkzGfbgP9+N+PIAH8CAexEzMxEN4CA/jYTyCR/AoHsVjeBxP4HE8iSfxFJ7GM3gGz+E5PI8vxH/T6NMSa5JBZFFCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8oq8Ip/IJwqIAiJexIvCorAwwggSYQwAiKiIimKimCguiouSoqRwwokEkSDKiDKirCgryonbRXlxh6ggKoo2rrKoLKqItq6quFtUE9VEdVFD1BS1RC1RW9QWdUQdUVfUFfVEPVFfPCQaiN7YHx8RWZVpLIZgEzEUm4pmQl76BmslhmNr0Ua0FU+JkTgC24tWLlE8KzqIMdhR/EWMxedFZzEeu4gXRVfRTXQXL4keorXrKXqJydhb9BHTsK/oJ/qLAWIm1hAf4JycNcXrIlkMEUPFG2IBvimGi7fECDFSjBJvi9HiHTFGjBXjxHiRIiaIieJdMUm8JyaLKWKqmCZSxXQxQ7wvZopZYrb4QMwRH4q5Yp6YLxaINPGRWCgWiXTxsVgsPhEZYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih9gpPhW7xGdit9gj9orPxT7xhdgvvhQHxFfioPhaZIpvxCHxrTgsvhNHxPfiqPhBHBPHxQnxozgpfhKnxGlxRpwV58TP4rz4RVwQXoBEKaSUSgYyRuaQsTKnzCWvkbllcOndvV7GyRtkXnmjzCfzywKyoIyXhWRhqaWRVpIMZRFZVEblTbKYvFkWlyVkSVlKOllaJshbZBl5qywrb5Pl5O2yvLxDVpAVZSVZWd4pq8i7JEQubqO6rCFrylryXpkE98k68n5ZVz4g68kHZX35kGwgH5YN5SOykXxUNpaPySbycdlUNpPNZQvZUj4hW8knZWvZRraVT8l28mnZXj4jE+WzsoP0lz4iz8vO8gXZRb4ou8pusrv8RV6QXvaUvST0BtlHviL7yn6yvxwgB8pX5SD5mhwsX5fJcogcKt+Qw+Sbcrh8S46QI+Uo+bYcLd+RY+RYOU6Olylygpwo35WT5Htyspwip8ppMlVOl/0vjTRbyn+Y/+4f5A/+deub5Ga5RW6V2+R2uUPulJ/KXXKX3C13y71yr9wn98n9cr88IA/Ig/KgzJSZ8pA8JA/Lw/KIPCKPyqPymDwuz8of5Un5kzwlT8vT8qw8J8/J85feA1CohJJKqUDFqBwqVuVUudQ1Kre6VuVR16mIul7FqRtUXnWjyqfyqwKqoIpXhVRhpZVRVpEKVRFVVEXVTXjpA6NKqlLKqdIqQd3yr+SrYupmVVyV+E3+5fkl/Z35tVQtVSvVSrVWrVVb1Va1U+1Ue9VeJapE1UF1UB1VR9VJdVKdVWfVRXVRXVVX1V11Vz1UD9VT9VRJKkn1Ua+ovqqf6q8GqIHqVTVIDVKD1WCVrJLVUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVIpKURPVRDVJTVKT1WQ1VU1VqSpVzVAz1Ew1U81Ws9UcNUfNVXPVfDVfpak0tVAtVOkqXS1Wi1WGWqKWqGVqmVqhVqhVapVao9aodWqd2qA2qAy1WW1WW9VWtV1tVzvVTrVL7VK71W61V+1V+9Q+tV/tVwfUAXVQHVSZKlMdUofUYXVYHVFH1FF1VB1Tx9QJdUKdVCfVKXVKnVFn1Dl1Tp1X59UFdSHrsi8QgQhUkHWmjQlig9ggV5AryB3kDvIEeYJIEAnigrggb3BjkC/IHxQICgbxQaGgcKADE9hAXCp6NLgpKBbcHBQPSgQlg1KBC0oHCcEtQZng1qBscFtQLrg9KB/cEVQIKgaVgsrBnUGV4K6ganB3UC24J6ge1AhqBrWCe4PawX1BneD+oG7wQFAveDCoHzwUNAgeDhoGjwSNgkeDxsFjQZPg8aBp0CxoHrQIWv6p43t/Kv+TrqfupZN0b91Hv6L76n66vx6gB+pX9SD9mh6sX9fJeogeqt/Qw/Sberh+S4/QI/Uo/bYerd/RY/RYPU6P1yl6gp6o39WT9Ht6sp6ip+ppOlVP1zP0+3qmnqVn6w/0HP2hnqvn6fl6gU7TH+mFepFO1x/rxfoTnaGX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepvernfonfpTvUt/pnfrPXqv/lzv01/o/fpLfUB/pQ/qr3Wm/kYf0t/qw/o7fUR/r4/qH/QxfVyf0D/qk/onfUqf1mf0WX1O/6zP61/0Be2zLu6zTu9GGWViTIyJNbEml8llcpvcJo/JYyImYuJMnMlr8pp8Jp8pYAqYeBNvCpvCJgsZMkVMERM1UVPMFDPFTXFT0pQ0zjiTYBJMGVPGlDVlTTlTzpQ35U0FU8FUMpXMneZOc5e5y9xt7jb3mHtMDVPD1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDfNTUvT0rQyrUxr09q0NW1NO9POtDftTaJJNB1MB9PRdDSdTCfT2XQ2XUwX09V0Nd1Nd9PD9DA9TU+TZJJMH9PH9DV9TX/T3ww0A80gM8gMNoNNskk2Q81QM8wMM8PNcDPCjDSjsg4f844ZY8aacWa8STEpZqKZaCaZSWaymWymmqkm1aSaGWaGmWlmmtlmtplj5pi5Zq6Zb+abNJNmFpqFJt2km8VmsckwGWapWWqWm+VmpVlpVpvVZq1Za9bDerPRbDSbzWaz1Ww12812s9PsNLvMLrPb7DZ7zV6zz+wz+81+c8AcMAfNQZNpMs0hc8gcNofNEXPEHDVHzTFzzJwwJ8xJc9KcMqfMGXPGnDP5L50vvYm1OW0ue43Nba+1eex19m/jAragjbeFbGGrbT6b/zexsdYWtyVsSVvKOlvaJthbfhdXsBVtJVvZ3mmr2Lts1d/Fte19to6939a1D9ha9t7fxPXsg7a+fcw2QASwzWwj28I2to/ZJvZx29Q2s81tC9vOPm3b22dson3WdrDP/S5eaBfZ1XaNXWvX2d12jz1jz9rD9jt7zv5se9pedqB91Q6yr9nB9nWbbIf8Lh5l37aj7Tt2jB1rx9nxv4un2mk21U63M+z7dqad9bs4zX5k59h0O9fOs/Ptgl/jrDml24/tYvuJzbABLLXL7HK7wq60q/7/XJfZDXaj3WR32c/sVrvNbrc77M7LF8J2j91rP7f77Bf2kP3WHrBf2YP2iM203/waZ+3fEfu9PWp/sMfscXvC/mhP2p/U5eysff/R/mIvWG+BkIAkKQoohnJQLOWkXHQN5aZrKQ9dRxG6nuLoBspLN1I+yk8FqCDFUyEqTJoMWSIKqQgVpSjdRJenV5JKkaPSlEC3UBm6lcrSbVSObqfydAdVoIpUiSrTnVSF7qKqdDdVo3uoOtWgmlSL7qXadB/VofupLjxA9ehBqk8PUQN6mBrSI9SIHqXG9Bg1ocepKTWj5tSCWtIT1IqepNbUhtrSU9SOnqb29Awl0rPUgZ6jjvQX6kTPU2d6gbrQi9SVulF3eol60MvUk3pREvWmPvQK9aV+1J8G0EB6lQbRazSYXqdkGkJD6Q0aRm/ScHqLRtBIGkVv02h6h8bQWBpH4ymFJtBEepcm0Xs0mabQVJpGqTSdZtD7NJNm0Wz6gObQhzSX5tF8WkBp9BEtpEWUTh/TYvqEMmgJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQTvqUdtFntJv20F76nPbRF7SfvqQD9BUdpK8pk76hQ/QtHabv6Ah973vRD3SMjtMJ+pFO0k90ik7TGTpL5+hnOk+/0AXyBCGGIpShCoMwJswRxoY5w1zhNWHu8NowT3hdGAmvD+PCG8K84Y1hvjB/WCAsGMaHhcLCoQ5NaEMKw7BIWDSMhjeFxcKbw+JhibBkWCp0YekwIbwlLBPeGpYNbwvLhbeH5cM7wgphxfCxByqHd4ZVwrvCquHdYbXwnrB6WCOsGdYK7w1rh/eFdcL7w7rhA2HZ8MGwfvhQ2CB8OGwYPhI2Ch8NG4ePhU3Cx8OmYbOwedgibBk+EbYKnwxbh23CtuFTYbvw6bB9+EyYGD4bdgif+7X/wUV/vz8p7B32CV8JXwm9v1/Ojy6IpkU/ii6MLoqmRz+OLo5+Es2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel8rBzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qLuJlfM3eyKuxKupCvlnCvtElwL19K1dK3ck661a+PauqfcU+5p97R7xj3jnnUd3HOuo/uL6+Sed53dC+4F96Lr6rq57u4l18NNyHPxmExyfVwf19f1df1dfzfQDXSD3CA32A12yS7ZDXVD3TA3zA13w90IN8KNcqPcaDfajXFj3Dg3zqW4FDfRTXST3CQ32U12U91Ul+pS3Qw3w810M12VWRe3MtfNdfPdfJfm0txCl3XNmO4Wu8Uuw2W4pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrudbqfb5Xa53f66i4O6fW6/2+8OuAPuoPvaZbpv3CH3rTvsvnNH3PfuqPvBHXPH3Qn3ozvpfnKn3Gl3xp1159zP7rz7xV1w3qVEJkQmRt6NTIq8F5kcmRKZGpkWSY1Mj8yIvB+ZGZkVmR35IDIn8mFkbmReZH5kQSQt8lFkYWRRJD3ycWRx5JNIRmRJZGlkWWR5ZEXE+0JbQ1/EF/VRf5Mv5m/2xX0JX9KX8s6X9gn+Fl/G3+rL+tt8OX+7L+/v8BV8RV/JP+6b+ma+uW/hW/onfCv/pG/t2/i2/infzj/t2/tnfKJ/1nfwz/mO/i++k3/ed/Yv+C7+Rd/Vd/Pd/Uu+h3/Z9/S9fJLv7fv4V3xf38/39wP8QP+qH+Rf84P96z7ZD/FD/Rt+mH/TD/dv+RF+pB8V87YfffkWGcb7FD/BT/Tv+kn+PbjbT/FT/TSf6qf7Gf59P9PP8rP9B36O/9DP9fP8fL/Ap/mP/EK/yKf7j/1i/4nP8EsuP1T2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9p36X/8zv9nv8Xv+53+e/8Pv9l/6A/8of9F/7TP+NP+S/9Yf9d/6I/94f9T/4Y/64P+F/9Cf9T/6UP+3P+LP+nP/Zn/e/+Av8O2uMMcYYY/+UCVea4rc9Fx/n9/6DHPFXK/cBgGu3Fcz86/6sK8r1+S62+4n4dhEAeLZXl0cuL9WrJyUlXVo3Q0JQdB7A5f8JyhIDV+Il0BaehkRoA2X+cP79RLdz9A/Gj94OkOuvcmLhSnxl/C8BMOkPxn/iqVELy4dn4v6L8ecBFC96JScnXImXQNtfn6+0gbJ/Z/75W/2D+ef8KgWg9V/l5IYr8ZX5J8CT8Bwk/mZNxhhjjDHGGGPson6iUqfL95+Xf+Lzj+7P49WVnBxwJf5H9+eMMcYYY4wxxhi7+p7v1v2ZJxIT23T61xtV/1tZ/3SjCfxPjcyNP2x4D3D5FQUA/+aAAFkN+Z/ciy3/kW0lXzp0/rZr+VkfwP+OUv4Zjav8xcQYY4wxxhj701256P/t6+pqTYgxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/Tuxq7yNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//8BsgGO")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="f001000000010104200000000000000002000000240001801400018008000100e000000108000200000000000c0002800500010000000000240002800c00028005000100000000001400018008000100e000000108000200ac1e00010800074000000000080008400000000280000d8014000380060001004e240000060002004e240000140005000000000000000000000000000000000108000200e0000002140004000000000000000000000000000000000014000400fc00000000000000000000000000000114000400fe80000000000000000000000000002308000200ac1414bb08000100e00000022c0010800800034000000000080003400000dba30800034000000101080001400000000408000140000002004c000f80"], 0x1f0}}, 0x0)

4m0.796762124s ago: executing program 33 (id=216):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc00, &(0x7f0000000000)=ANY=[@ANYBLOB='iocharset=cp869,umask=00000000000000000000002,gid=', @ANYRESOCT=0x0, @ANYRES8=0x0], 0xfe, 0x1524, &(0x7f00000037c0)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+Xw+JCRJkyQhOSXrf0342+3a3977233bd31z/67ruaz7Xc+9nvW89/u8z8HMfNdlaM3Gtao1JCL4t+DFf5IAIBYABgLAdQAQAEC5uHJxWf05JSb9exthf65HUq/2DNjVxPXP3rj+2RvXP3vj+mdvXP/sjeufvXH9szeuP2PZ2ebpBa/nJfsu/Pw/O+Pz//8hmaXHfrW29I1dAWL+2RSuf/bG9f8/K/hnVuL6Z29c/+wq9mpPgP0vwMd/dpDj7/Zw/bM3rj9j2dnVfv58tReIZO/34Gp//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ9n/BUKAC63r/a8GGOMMcYYY4wx9ufxOa72DBhjjDHGGGOMMfY/D0GABAUBxEAOiIWckAsEAFwLeeA6iMD1EAc3QF64EfJBfigABSEeCkFh0GAgBghCKAJFIQo3QTG4GYpDCSgJpcBBaUiAW6AM3Apl4TYoB7dDebgDKkBFqASV4U6oAndBVbgbqsE9UB1qQE2oBfdCbbgP6sD9UBcegHrwINSHh6ABPAwN4RFoBI9CY3gMmsDj0BSaQXNoAS3/W/kvQQ94GXpCL0iC3tAHXoG+0A/6wwAYCK/CIHgNBsPrkAxDYCi8AcPgTRgOb8EIGAmj4G0YDe/AGBgL42A8pMAEmAjvwiR4DybDFJgK0yAVpsMMeB9mwiyYDR/AHPgQ5sI8mA8LIA0+goWwCNLhY1gMn0AGLIGlsAyWwwpYCatgNayBtbAO1sMG2AibYDNsga2wDbbDDtgJn8Iu+Ax2wx7YC5/DPvjiX8w//Tf5XREQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwL+bFfJgPC2ABjMd4LIyF0aBBQsIiWASjGMViWAyLY3EsiSXRocMETMAyeCuWxbJYDstheSyPFbAiVsTKWBmrYBWsilWxGlbD6lgda2JNvBfvxd5YB+tgXayL9bDe5cdT2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2wlbYGltjW2yL7bAdtsf2mIiJ2AE7YEfsiJ2wE3bGztgFu2BX7IbdMl/KAfgyvoy9sLrojX2wD/bF5Bz9cQAOwFdxEL6Gr+HrmIxDcCi+gW/gmzgcT+EIHImjcBRWEe/gGByLJMZjCqbgRJyIk3ASTsYpOAWnYSpOxxk4A2fiLJyFH+Ac/BA/xHk4DxdgGqbhQlyE6ZiOi/E0ZuASXIrLcDmuwOW4ClfjKlyL63AtbsANuAk34RbcgttwG+7AHfgpKgD8DPfgHkzGfbgP9+N+PIAH8CAexEzMxEN4CA/jYTyCR/AoHsVjeBxP4HE8iSfxFJ7GM3gGz+E5PI8vxH/T6NMSa5JBZFFCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8oq8Ip/IJwqIAiJexIvCorAwwggSYQwAiKiIimKimCguiouSoqRwwokEkSDKiDKirCgryonbRXlxh6ggKoo2rrKoLKqItq6quFtUE9VEdVFD1BS1RC1RW9QWdUQdUVfUFfVEPVFfPCQaiN7YHx8RWZVpLIZgEzEUm4pmQl76BmslhmNr0Ua0FU+JkTgC24tWLlE8KzqIMdhR/EWMxedFZzEeu4gXRVfRTXQXL4keorXrKXqJydhb9BHTsK/oJ/qLAWIm1hAf4JycNcXrIlkMEUPFG2IBvimGi7fECDFSjBJvi9HiHTFGjBXjxHiRIiaIieJdMUm8JyaLKWKqmCZSxXQxQ7wvZopZYrb4QMwRH4q5Yp6YLxaINPGRWCgWiXTxsVgsPhEZYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih9gpPhW7xGdit9gj9orPxT7xhdgvvhQHxFfioPhaZIpvxCHxrTgsvhNHxPfiqPhBHBPHxQnxozgpfhKnxGlxRpwV58TP4rz4RVwQXoBEKaSUSgYyRuaQsTKnzCWvkbllcOndvV7GyRtkXnmjzCfzywKyoIyXhWRhqaWRVpIMZRFZVEblTbKYvFkWlyVkSVlKOllaJshbZBl5qywrb5Pl5O2yvLxDVpAVZSVZWd4pq8i7JEQubqO6rCFrylryXpkE98k68n5ZVz4g68kHZX35kGwgH5YN5SOykXxUNpaPySbycdlUNpPNZQvZUj4hW8knZWvZRraVT8l28mnZXj4jE+WzsoP0lz4iz8vO8gXZRb4ou8pusrv8RV6QXvaUvST0BtlHviL7yn6yvxwgB8pX5SD5mhwsX5fJcogcKt+Qw+Sbcrh8S46QI+Uo+bYcLd+RY+RYOU6Olylygpwo35WT5Htyspwip8ppMlVOl/0vjTRbyn+Y/+4f5A/+deub5Ga5RW6V2+R2uUPulJ/KXXKX3C13y71yr9wn98n9cr88IA/Ig/KgzJSZ8pA8JA/Lw/KIPCKPyqPymDwuz8of5Un5kzwlT8vT8qw8J8/J85feA1CohJJKqUDFqBwqVuVUudQ1Kre6VuVR16mIul7FqRtUXnWjyqfyqwKqoIpXhVRhpZVRVpEKVRFVVEXVTXjpA6NKqlLKqdIqQd3yr+SrYupmVVyV+E3+5fkl/Z35tVQtVSvVSrVWrVVb1Va1U+1Ue9VeJapE1UF1UB1VR9VJdVKdVWfVRXVRXVVX1V11Vz1UD9VT9VRJKkn1Ua+ovqqf6q8GqIHqVTVIDVKD1WCVrJLVUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVIpKURPVRDVJTVKT1WQ1VU1VqSpVzVAz1Ew1U81Ws9UcNUfNVXPVfDVfpak0tVAtVOkqXS1Wi1WGWqKWqGVqmVqhVqhVapVao9aodWqd2qA2qAy1WW1WW9VWtV1tVzvVTrVL7VK71W61V+1V+9Q+tV/tVwfUAXVQHVSZKlMdUofUYXVYHVFH1FF1VB1Tx9QJdUKdVCfVKXVKnVFn1Dl1Tp1X59UFdSHrsi8QgQhUkHWmjQlig9ggV5AryB3kDvIEeYJIEAnigrggb3BjkC/IHxQICgbxQaGgcKADE9hAXCp6NLgpKBbcHBQPSgQlg1KBC0oHCcEtQZng1qBscFtQLrg9KB/cEVQIKgaVgsrBnUGV4K6ganB3UC24J6ge1AhqBrWCe4PawX1BneD+oG7wQFAveDCoHzwUNAgeDhoGjwSNgkeDxsFjQZPg8aBp0CxoHrQIWv6p43t/Kv+TrqfupZN0b91Hv6L76n66vx6gB+pX9SD9mh6sX9fJeogeqt/Qw/Sberh+S4/QI/Uo/bYerd/RY/RYPU6P1yl6gp6o39WT9Ht6sp6ip+ppOlVP1zP0+3qmnqVn6w/0HP2hnqvn6fl6gU7TH+mFepFO1x/rxfoTnaGX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepvernfonfpTvUt/pnfrPXqv/lzv01/o/fpLfUB/pQ/qr3Wm/kYf0t/qw/o7fUR/r4/qH/QxfVyf0D/qk/onfUqf1mf0WX1O/6zP61/0Be2zLu6zTu9GGWViTIyJNbEml8llcpvcJo/JYyImYuJMnMlr8pp8Jp8pYAqYeBNvCpvCJgsZMkVMERM1UVPMFDPFTXFT0pQ0zjiTYBJMGVPGlDVlTTlTzpQ35U0FU8FUMpXMneZOc5e5y9xt7jb3mHtMDVPD1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDfNTUvT0rQyrUxr09q0NW1NO9POtDftTaJJNB1MB9PRdDSdTCfT2XQ2XUwX09V0Nd1Nd9PD9DA9TU+TZJJMH9PH9DV9TX/T3ww0A80gM8gMNoNNskk2Q81QM8wMM8PNcDPCjDSjsg4f844ZY8aacWa8STEpZqKZaCaZSWaymWymmqkm1aSaGWaGmWlmmtlmtplj5pi5Zq6Zb+abNJNmFpqFJt2km8VmsckwGWapWWqWm+VmpVlpVpvVZq1Za9bDerPRbDSbzWaz1Ww12812s9PsNLvMLrPb7DZ7zV6zz+wz+81+c8AcMAfNQZNpMs0hc8gcNofNEXPEHDVHzTFzzJwwJ8xJc9KcMqfMGXPGnDP5L50vvYm1OW0ue43Nba+1eex19m/jAragjbeFbGGrbT6b/zexsdYWtyVsSVvKOlvaJthbfhdXsBVtJVvZ3mmr2Lts1d/Fte19to6939a1D9ha9t7fxPXsg7a+fcw2QASwzWwj28I2to/ZJvZx29Q2s81tC9vOPm3b22dson3WdrDP/S5eaBfZ1XaNXWvX2d12jz1jz9rD9jt7zv5se9pedqB91Q6yr9nB9nWbbIf8Lh5l37aj7Tt2jB1rx9nxv4un2mk21U63M+z7dqad9bs4zX5k59h0O9fOs/Ptgl/jrDml24/tYvuJzbABLLXL7HK7wq60q/7/XJfZDXaj3WR32c/sVrvNbrc77M7LF8J2j91rP7f77Bf2kP3WHrBf2YP2iM203/waZ+3fEfu9PWp/sMfscXvC/mhP2p/U5eysff/R/mIvWG+BkIAkKQoohnJQLOWkXHQN5aZrKQ9dRxG6nuLoBspLN1I+yk8FqCDFUyEqTJoMWSIKqQgVpSjdRJenV5JKkaPSlEC3UBm6lcrSbVSObqfydAdVoIpUiSrTnVSF7qKqdDdVo3uoOtWgmlSL7qXadB/VofupLjxA9ehBqk8PUQN6mBrSI9SIHqXG9Bg1ocepKTWj5tSCWtIT1IqepNbUhtrSU9SOnqb29Awl0rPUgZ6jjvQX6kTPU2d6gbrQi9SVulF3eol60MvUk3pREvWmPvQK9aV+1J8G0EB6lQbRazSYXqdkGkJD6Q0aRm/ScHqLRtBIGkVv02h6h8bQWBpH4ymFJtBEepcm0Xs0mabQVJpGqTSdZtD7NJNm0Wz6gObQhzSX5tF8WkBp9BEtpEWUTh/TYvqEMmgJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQTvqUdtFntJv20F76nPbRF7SfvqQD9BUdpK8pk76hQ/QtHabv6Ah973vRD3SMjtMJ+pFO0k90ik7TGTpL5+hnOk+/0AXyBCGGIpShCoMwJswRxoY5w1zhNWHu8NowT3hdGAmvD+PCG8K84Y1hvjB/WCAsGMaHhcLCoQ5NaEMKw7BIWDSMhjeFxcKbw+JhibBkWCp0YekwIbwlLBPeGpYNbwvLhbeH5cM7wgphxfCxByqHd4ZVwrvCquHdYbXwnrB6WCOsGdYK7w1rh/eFdcL7w7rhA2HZ8MGwfvhQ2CB8OGwYPhI2Ch8NG4ePhU3Cx8OmYbOwedgibBk+EbYKnwxbh23CtuFTYbvw6bB9+EyYGD4bdgif+7X/wUV/vz8p7B32CV8JXwm9v1/Ojy6IpkU/ii6MLoqmRz+OLo5+Es2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel8rBzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qLuJlfM3eyKuxKupCvlnCvtElwL19K1dK3ck661a+PauqfcU+5p97R7xj3jnnUd3HOuo/uL6+Sed53dC+4F96Lr6rq57u4l18NNyHPxmExyfVwf19f1df1dfzfQDXSD3CA32A12yS7ZDXVD3TA3zA13w90IN8KNcqPcaDfajXFj3Dg3zqW4FDfRTXST3CQ32U12U91Ul+pS3Qw3w810M12VWRe3MtfNdfPdfJfm0txCl3XNmO4Wu8Uuw2W4pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrudbqfb5Xa53f66i4O6fW6/2+8OuAPuoPvaZbpv3CH3rTvsvnNH3PfuqPvBHXPH3Qn3ozvpfnKn3Gl3xp1159zP7rz7xV1w3qVEJkQmRt6NTIq8F5kcmRKZGpkWSY1Mj8yIvB+ZGZkVmR35IDIn8mFkbmReZH5kQSQt8lFkYWRRJD3ycWRx5JNIRmRJZGlkWWR5ZEXE+0JbQ1/EF/VRf5Mv5m/2xX0JX9KX8s6X9gn+Fl/G3+rL+tt8OX+7L+/v8BV8RV/JP+6b+ma+uW/hW/onfCv/pG/t2/i2/infzj/t2/tnfKJ/1nfwz/mO/i++k3/ed/Yv+C7+Rd/Vd/Pd/Uu+h3/Z9/S9fJLv7fv4V3xf38/39wP8QP+qH+Rf84P96z7ZD/FD/Rt+mH/TD/dv+RF+pB8V87YfffkWGcb7FD/BT/Tv+kn+PbjbT/FT/TSf6qf7Gf59P9PP8rP9B36O/9DP9fP8fL/Ap/mP/EK/yKf7j/1i/4nP8EsuP1T2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9p36X/8zv9nv8Xv+53+e/8Pv9l/6A/8of9F/7TP+NP+S/9Yf9d/6I/94f9T/4Y/64P+F/9Cf9T/6UP+3P+LP+nP/Zn/e/+Av8O2uMMcYYY/+UCVea4rc9Fx/n9/6DHPFXK/cBgGu3Fcz86/6sK8r1+S62+4n4dhEAeLZXl0cuL9WrJyUlXVo3Q0JQdB7A5f8JyhIDV+Il0BaehkRoA2X+cP79RLdz9A/Gj94OkOuvcmLhSnxl/C8BMOkPxn/iqVELy4dn4v6L8ecBFC96JScnXImXQNtfn6+0gbJ/Z/75W/2D+ef8KgWg9V/l5IYr8ZX5J8CT8Bwk/mZNxhhjjDHGGGPson6iUqfL95+Xf+Lzj+7P49WVnBxwJf5H9+eMMcYYY4wxxhi7+p7v1v2ZJxIT23T61xtV/1tZ/3SjCfxPjcyNP2x4D3D5FQUA/+aAAFkN+Z/ciy3/kW0lXzp0/rZr+VkfwP+OUv4Zjav8xcQYY4wxxhj701256P/t6+pqTYgxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/Tuxq7yNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//8BsgGO")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="f001000000010104200000000000000002000000240001801400018008000100e000000108000200000000000c0002800500010000000000240002800c00028005000100000000001400018008000100e000000108000200ac1e00010800074000000000080008400000000280000d8014000380060001004e240000060002004e240000140005000000000000000000000000000000000108000200e0000002140004000000000000000000000000000000000014000400fc00000000000000000000000000000114000400fe80000000000000000000000000002308000200ac1414bb08000100e00000022c0010800800034000000000080003400000dba30800034000000101080001400000000408000140000002004c000f80"], 0x1f0}}, 0x0)

3m44.879191034s ago: executing program 5 (id=217):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000180)={[{@errors_remount}, {@mblk_io_submit}, {@stripe={'stripe', 0x3d, 0x7}}, {@discard}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'dummy0\x00', &(0x7f0000000400)=@ethtool_rxnfc={0x2d, 0x12, 0x6, {0x2, @sctp_ip6_spec={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, 0x4e23, 0x4e22, 0x2}, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 0x400, 0x5, [0x8, 0x6]}, @sctp_ip6_spec={@private1={0xfc, 0x1, '\x00', 0xfd}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e21, 0x4e22, 0x3}, {0x0, @broadcast, 0x80, 0x0, [0x10, 0x2]}, 0x504e, 0x11}, 0x1, [0x6bc51800]}})
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x0)
unshare(0x20000400)
fdatasync(r0)

3m43.201865851s ago: executing program 5 (id=251):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x10, &(0x7f00000004c0)={[{@i_version}, {@nodiscard}, {@grpjquota}]}, 0x1, 0x3f7, &(0x7f0000000ac0)="$eJzs3U1vG0UfAPD/bt7atE+TSs+Bl4sFSERCJE3aApVAIuLCoT3RA0es2C1RnQYlRqJVxItA3EAC8QHgAHwEjnDgO8AZOEClCOVAys1o7V3HxHbapA6ukt9PGnlmZ+2Z9XjW68nsJIBjqxQRL0fESESci4ipfHuah3i/FbL9trc2lv7e2lhKotF47c8kknxb8VpJ/ngqf4GZNCL9KInHe5S7fuv2jXKtVl3L03P1lbfm1m/dfnZ5pXy9er16c+G58xcuXnzh0sLzAzvWzZXkk6e+ufzbZx9XPv/pj++ns/qezvM6j2NQSlFqvye7XRp0YUN2oiOejA6xIgAA7CnNr/1Hm9f/UzESOxdvU/Hpj0OtHAAAADAQjUbxCAAAABxdid/+AAAAcMQV8wC2tzaWijDE6Qj8xzYXI2K61f5389DKGW3f0zu26/7eQSpFxKsnrixkIQ7pPmwAAACA4+yHxdbCf93jf2k80rHfyYiYLNb2G6DSrnT3+E96Z8BF0mFzMeLFiLjbNf6XFrtMj+Sp/zWHCseSa8u16rmIOBMRMzE2kaXn9yjj3SdufNsvr3P878tfX5/Pys8ed/ZI74xO/Ps5lXK9/CDHzI7NDyIeG+3V/kl7zLdzncyDeGN5+6V+eVn7Z+1dhO725zA1vop4umf/31m5NNl7fda55vlgLj8rTHSX8cvprz/sV35n/89CVn7xtwAOX9b/J/du/+Y6ue31etf3X8Z3f135uV/evdu/9/l/PLnarOB4vu2dcr2+Nh8xnlzu3u7T1Fa8H8X7lbX/zJO9v/+L678k/+4/07E+9H688t7Zq/3y9P/hytq/sq/+v//Im5OPzvQr//76/4VmZYoXcf13b/fbQMOuJwAAAAAAAACDkTbn9iXpbDueprOzrXm+/4/JtLa6Xn/m2urbNyutOYDTMZYW8z+nOuaDzrduI2+nF3alz0fE2Yj4YupkMz27tFqrDPvgAQAA4Jg41ef3f+b3g9zsAQAAADycpoddAQAAAODQ+f0PAAAAR9qDrOtfq64V/yLogE8XETlYZCT/4D0s9Tl6kSGelAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIfwIAAP//keS8Nw==")
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x20000, 0x0)
getdents64(r0, 0x0, 0x0)
getdents64(r0, &(0x7f0000000fc0)=""/224, 0xe0)

3m41.700269011s ago: executing program 5 (id=257):
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0xfffff34, 0x0, [{0xf88e470f, 0xed}]})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f00000000c0)={0x14c}, 0x137)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000240)={0xfd01, 0x4, 0x7ff, 0xfffe, 0x14, "e3fde5a15b7a0080"})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000140)=0x4)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x77, 0x2, 0x2, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0x5, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m41.088455022s ago: executing program 34 (id=257):
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0xfffff34, 0x0, [{0xf88e470f, 0xed}]})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f00000000c0)={0x14c}, 0x137)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000240)={0xfd01, 0x4, 0x7ff, 0xfffe, 0x14, "e3fde5a15b7a0080"})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000140)=0x4)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x77, 0x2, 0x2, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0x5, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m36.769923089s ago: executing program 1 (id=277):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x41, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000000)={@multicast1, @multicast1}, 0xc)
ioctl$XFS_IOC_PATH_TO_FSHANDLE(r1, 0xc0385868, &(0x7f0000000600)={r0, &(0x7f0000000240)=':]\x00', 0x0, 0x0, 0xfffffffe, 0x0, 0x0})
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x3, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000040)=0xe2, 0x4)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x100, 0x5, 0x6, 0x4002, 0x5, 0x37, 0xefffffffffffffff, 0x0, 0x0, 0x2000005, 0xfffffffface6e3cd, 0x40000000001c, 0x1, 0xffffffffffffffff, 0xfd]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3m35.491693792s ago: executing program 1 (id=279):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff5644d, 0x70bd2c, 0x7fffe, {0x0, 0x0, 0x0, r5, {}, {0xf, 0xb}, {0xf, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x808, 0x20205, 0x1, 0xc}, 0xb, 0xffffffff, 0x32, 0x5, 0x7, 0x2, 0x9, 0x1, 0x1, 0x1, {0xffff1c72, 0x0, 0x7, 0xc, 0xfffffffa, 0x7583}}}}]}, 0x78}}, 0x8000)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r10 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r10, 0x11b, 0x2, 0x0, 0x0)
getsockopt$XDP_STATISTICS(r10, 0x11b, 0x7, &(0x7f00000005c0), 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r7, {0x3, 0xd}, {}, {0x3, 0xfff1}}}, 0x24}}, 0x40004)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

3m31.819344477s ago: executing program 1 (id=287):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x200, 0xfffffffd}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x0, 0xfffffffd}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
write$tcp_mem(0xffffffffffffffff, 0x0, 0x0)
bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x20000003}}}, 0x10)
bind$tipc(r2, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x1, 0x3}}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r3, &(0x7f00000000c0)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20000800}, 0x4)

3m31.594314654s ago: executing program 1 (id=288):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000180)={[{@errors_remount}, {@mblk_io_submit}, {@stripe={'stripe', 0x3d, 0x7}}, {@discard}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'dummy0\x00', &(0x7f0000000400)=@ethtool_rxnfc={0x2d, 0x12, 0x6, {0x2, @sctp_ip6_spec={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, 0x4e23, 0x4e22, 0x2}, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 0x400, 0x5, [0x8, 0x6]}, @sctp_ip6_spec={@private1={0xfc, 0x1, '\x00', 0xfd}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e21, 0x4e22, 0x3}, {0x0, @broadcast, 0x80, 0x0, [0x10, 0x2]}, 0x504e, 0x11}, 0x1, [0x6bc51800]}})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
listen(r1, 0xfffffbeb)
unshare(0x20000400)
fdatasync(r0)

3m30.865283419s ago: executing program 1 (id=290):
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0xfffff34, 0x0, [{0xf88e470f, 0xed}]})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f00000000c0)={0x14c}, 0x137)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000240)={0xfd01, 0x4, 0x7ff, 0xfffe, 0x14, "e3fde5a15b7a0080"})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000140)=0x4)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x77, 0x2, 0x2, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0x5, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m24.650310919s ago: executing program 1 (id=297):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000180)={[{@errors_remount}, {@mblk_io_submit}, {@stripe={'stripe', 0x3d, 0x7}}, {@discard}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'dummy0\x00', &(0x7f0000000400)=@ethtool_rxnfc={0x2d, 0x12, 0x6, {0x2, @sctp_ip6_spec={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, 0x4e23, 0x4e22, 0x2}, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 0x400, 0x5, [0x8, 0x6]}, @sctp_ip6_spec={@private1={0xfc, 0x1, '\x00', 0xfd}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e21, 0x4e22, 0x3}, {0x0, @broadcast, 0x80, 0x0, [0x10, 0x2]}, 0x504e, 0x11}, 0x1, [0x6bc51800]}})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
listen(r1, 0xfffffbeb)
unshare(0x20000400)
fdatasync(r0)

3m24.214912314s ago: executing program 35 (id=297):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000180)={[{@errors_remount}, {@mblk_io_submit}, {@stripe={'stripe', 0x3d, 0x7}}, {@discard}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'dummy0\x00', &(0x7f0000000400)=@ethtool_rxnfc={0x2d, 0x12, 0x6, {0x2, @sctp_ip6_spec={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, 0x4e23, 0x4e22, 0x2}, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 0x400, 0x5, [0x8, 0x6]}, @sctp_ip6_spec={@private1={0xfc, 0x1, '\x00', 0xfd}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e21, 0x4e22, 0x3}, {0x0, @broadcast, 0x80, 0x0, [0x10, 0x2]}, 0x504e, 0x11}, 0x1, [0x6bc51800]}})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
listen(r1, 0xfffffbeb)
unshare(0x20000400)
fdatasync(r0)

3m17.837034741s ago: executing program 6 (id=258):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x167)
syz_mount_image$fuse(0x0, &(0x7f0000000700)='./file2\x00', 0x102a, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000280)='./file0\x00', 0x288a0aa, &(0x7f0000000180)=ANY=[], 0x1, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x40042, 0x1ff)
llistxattr(&(0x7f00000000c0)='./file1\x00', 0x0, 0xb)

3m17.582388429s ago: executing program 6 (id=304):
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0xfffff34, 0x0, [{0xf88e470f, 0xed}]})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f00000000c0)={0x14c}, 0x137)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000240)={0xfd01, 0x4, 0x7ff, 0xfffe, 0x14, "e3fde5a15b7a0080"})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000140)=0x4)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x77, 0x2, 0x2, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0x5, 0x8d], 0xeeee8000, 0x2010d3})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x42282, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m17.118010345s ago: executing program 6 (id=306):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff5644d, 0x70bd2c, 0x7fffe, {0x0, 0x0, 0x0, r5, {}, {0xf, 0xb}, {0xf, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x808, 0x20205, 0x1, 0xc}, 0xb, 0xffffffff, 0x32, 0x5, 0x7, 0x2, 0x9, 0x1, 0x1, 0x1, {0xffff1c72, 0x0, 0x7, 0xc, 0xfffffffa, 0x7583}}}}]}, 0x78}}, 0x8000)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r8 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r10, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r11 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r11, 0x11b, 0x2, 0x0, 0x0)
getsockopt$XDP_STATISTICS(r11, 0x11b, 0x7, &(0x7f00000005c0), 0x0)
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r7, {0x3, 0xd}, {}, {0x3, 0xfff1}}}, 0x24}}, 0x40004)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

3m13.751864139s ago: executing program 6 (id=314):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@dioread_nolock}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}], [{@fowner_eq}, {@smackfstransmute={'smackfstransmute', 0x3d, '%+'}}, {@uid_lt}, {@appraise_type}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
mkdirat(0xffffffffffffff9c, 0x0, 0x14e174135c0b87af)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x300f401, 0x0, 0x2, 0x0, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8983, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000140), 0x8, &(0x7f0000000ac0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
r1 = syz_usb_connect$printer(0x0, 0x2d, 0x0, 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
syz_open_procfs(0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x2000000)
timerfd_gettime(0xffffffffffffffff, 0x0)

3m12.459280673s ago: executing program 6 (id=320):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040))
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xc0}}, 0x200000b0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x4000081, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x7, 0x0, 0x2, 0xffffffffffffffff]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x400000, 0x0, 0x2000000, 0x0, 0x1d, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x302000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m11.66227614s ago: executing program 6 (id=323):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)=ANY=[@ANYBLOB="60000000100001040500000003000000000000", @ANYRES32=0x0, @ANYBLOB="03050000000000003800128009000100766c616e00000000280002801000048006000803050001000b00000006000100030000", @ANYRES32, @ANYBLOB], 0x60}, 0x1, 0x0, 0x0, 0x20004800}, 0x4000000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=@newtaction={0x18, 0x30, 0xffffffffffffffff, 0x0, 0xffffffff, {}, [{0x4}]}, 0x18}}, 0x0)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0xc840)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newtfilter={0x24, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xd}, {}, {0x7, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x24040084)
ioctl$TIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x1d81ca7, 0x0, 0x82, 0x0, &(0x7f0000000080))
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000))
chdir(&(0x7f00000003c0)='./bus\x00')
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r3 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)

3m10.005307926s ago: executing program 36 (id=323):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)=ANY=[@ANYBLOB="60000000100001040500000003000000000000", @ANYRES32=0x0, @ANYBLOB="03050000000000003800128009000100766c616e00000000280002801000048006000803050001000b00000006000100030000", @ANYRES32, @ANYBLOB], 0x60}, 0x1, 0x0, 0x0, 0x20004800}, 0x4000000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=@newtaction={0x18, 0x30, 0xffffffffffffffff, 0x0, 0xffffffff, {}, [{0x4}]}, 0x18}}, 0x0)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0xc840)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newtfilter={0x24, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xd}, {}, {0x7, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x24040084)
ioctl$TIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x1d81ca7, 0x0, 0x82, 0x0, &(0x7f0000000080))
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000))
chdir(&(0x7f00000003c0)='./bus\x00')
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r3 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)

1m43.4757946s ago: executing program 3 (id=448):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x400, &(0x7f0000000340)=ANY=[], 0x1, 0x1fa, &(0x7f0000000640)="$eJzsmT9oE1Ecx7/v3TXXFhFcHFwcLFjR3r+odOlQQZwEoYo6BnstwWsj6QltQSS4uDiKCK7u4pAhk4Obm6sOKggOZhQchCfvTy4viYk5ErL094G8fH+/9+93L7nvDQeCII4s377++vLsyurNCwCOYQmeyf9wumM4kEefXz48/3zt6qu3n16/3z3+qNW/Hv//liU7WADwbt1BpiIhxOPewUuyedGbuwWOc0bfBoOv5R+h0EEChrtKuUCugdqCEWni36ulm1vVNAllE8kmlk3Z3kvObjcYNgHM6woFs/r3Dg7vV9I0qfeLOdHZZ6CrqBh1mKq+dY41E8v65G9w5+mThozN2SAE12cJIAJHZHQZDBtGr8KD7/vdI7Gu/5TbXd/hY1x/ccGmsg77rf8GMnNiZSqFkRhHCG+C6U13hqWy/oy8ofPMyXbrw+Cs77M+1TeFZzEMcRxlXADyzDUz5uNiml6foNSOkw92ObY/MRc4a/mTCzf3jyDbeRDsHRyuVHcq28l2shvH5cvhxTC8FAdbVQ9hoOxohP/NK39atNafswdYD5QSK2G/kmX1aB/I6lEex7q1HHejWfup5nDlfxzLZ/QarPMA8/5dDzMfrr6lWnaGFk8QBEEQBEEQBEEQBEEQBFGI02DQr0DUiyoxhPiGGv03AAD//8rha5U=")
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
unshare(0x60040000)
open(&(0x7f0000000140)='./file1\x00', 0x109cc2, 0x5c)
getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000008c0)={'nat\x00', 0x0, [0x81, 0x7, 0xffff, 0xb41, 0xfffffffd]}, 0x0)
socket(0x1e, 0x4, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x51, &(0x7f0000000100)={[{@nombcache}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x40}}, {@norecovery}, {@minixdf}, {@nolazytime}]}, 0x8, 0x5fe, &(0x7f0000000ac0)="$eJzs3c1vVFUbAPDnTD9p3/dtIW9UXEgTYyBRWlrAEGMi7AnBj52rSgtBCiW0RosklgQ3JsaNCxNXLsT/QkncunDrwo0rQ0KMYSGGyJg7vVNupzOlXzNTOr9fcuk993bueW7p03PvmXPmBtCxRrJ/ShH7I+Jqihgq7OuOfOfI0vfd//PGuWxJUS6//UeKG5+kxeKxUv51MH/xP0ORfi5F7OtaXe/cwvVLkzMz09fy8tj85atjcwvXD1+8PHlh+sL0lYlXJ04cP3b8xPiRLZ1fserTt97/cOizM+9++/XDNP7dr2dSnIxH+Tdk51X72r4t1Zz9zEaivORBcXv2cz2xxWPvFH8NVX9PHku1G9ixzue/j/+LiGdjKLoK/5tD8embbQ0OaKpyimobBXSctKn879/+QIAWq14HVO/t690Hr1Zq8lUJ0Ar3Ti11ACzlfk9EVPO/e6lvMPoj2zpwP63o50kRsbWeuSVZHT/9eOZWtkSDfjigORZvVnu5a9v/VMnN4eivlAbul1bkf6mwZNvf2mT9IzVl+Q+ts3gzIp7L2//e2FD+jxTy/71N1i//AQAAAAAAYPvcORURr9Qb/1daHv/TW2f8z2BEnNyG+p/8/l/pbr6StqE6oODeqYjXI8qpTv7nhrvy0n8r4wF60vmLM9NH8jmDh6KnLyuP1xy3OEL48Of7vmpUf3H8X7Zk9VfHAuZHuttdMxF3anJ+cqvnDUTcuxnxfGX874F8y8rxP1n7n+q0/1l+X11nHfteun220b4n5z/QLOVvIg7Wnf/z+HI7rf35HGOV64Gx6lXBai98/MX3jeqX/9A+Wfs/sHb+96Xi5/XMbez4vRFxdKG73Gj/Zq//e9M7XdXjZz6anJ+/Nh7Rm06v3j6xsZhht6rmQzVfsvw/9OLa/X/L1/+FPNwTEYvrrPOZR4O/Ndqn/Yf2yfJ/au32f3hl+7/xlYnbwz80qv/sutr/Y5U2/VC+Rf8fFK3+PI71JmhbwgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAp1wpIv4TqTS6vF4qjY5GDEbE/2OgNDM7N//y+dkPrkxl+yrP/y9Vn/Q7tFRO1ef/DxfKEzXloxGxNyK+7NpTKY+em52ZavfJAwAAAAAAAAAAAAAAAAAAwA4xWJnzX+6rnf+f+b2r3dEBTdedf5Xv0Hm6N/3Kct+2BgK03ObzH3jarT//e5oaB9B6jfP/wcNyRUvDAVrI9T90rk3mv7cLYBfQ/kOnWmefXn+z4wDaQfsPAAAAAAC7yt4Dd35JEbH42p7KkunN9xnsD7tbqd0BAG1jDC90ru7ZdkcAtIt7fCAtr/1dd7J/49H/qTkBAQAAAAAAAAAAAACrHNxv/j90qrXn/xvbD7vZGvP/6yW/jwuAXaTxoz9Sb0sDAVrOPT7wpDt98/8BAAAAAAAAAAAAYAfov35pcmZm+trcwtO38sbOCGNjK4uTOyKMbV151Jwj90TEzjjBVq9U5961MYw2/10CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACW/RsAAP//2SQnmg==")

1m41.42819896s ago: executing program 3 (id=450):
openat$tun(0xffffffffffffff9c, 0x0, 0x365003, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000000500)={'bridge0\x00', &(0x7f0000000140)=@ethtool_cmd={0xb, 0x0, 0x7ff, 0x4, 0x5, 0xd, 0x8, 0x8, 0x4, 0x4, 0xff, 0xfffffff9, 0x222, 0xd, 0xa, 0xb701, [0xcf, 0x598]}})
setns(r1, 0x24020000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x9)

1m41.207260028s ago: executing program 3 (id=451):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff5644d, 0x70bd2c, 0x7fffe, {0x0, 0x0, 0x0, r5, {}, {0xf, 0xb}, {0xf, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x808, 0x20205, 0x1, 0xc}, 0xb, 0xffffffff, 0x32, 0x5, 0x7, 0x2, 0x9, 0x1, 0x1, 0x1, {0xffff1c72, 0x0, 0x7, 0xc, 0xfffffffa, 0x7583}}}}]}, 0x78}}, 0x8000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r7 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r10 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r10, 0x11b, 0x2, 0x0, 0x0)
getsockopt$XDP_STATISTICS(r10, 0x11b, 0x7, &(0x7f00000005c0), 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r6, {0x3, 0xd}, {}, {0x3, 0xfff1}}}, 0x24}}, 0x40004)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

1m39.878131022s ago: executing program 3 (id=455):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file0\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@jqfmt_vfsv1}, {@abort}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
r0 = syz_mount_image$fuse(0x0, &(0x7f00000002c0)='./bus\x00', 0x402288a, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000140), 0x8, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
renameat(r0, &(0x7f00000000c0)='./file1\x00', r0, &(0x7f0000000400)='./bus\x00')
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000280)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@nombcache}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x60840, 0x8)
io_setup(0x2e, &(0x7f0000000200)=<r2=>0x0)
r3 = inotify_init()
inotify_add_watch(r3, &(0x7f0000000380)='./file1\x00', 0x92000005)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0xf, r1, 0x0, 0x0, 0x4000000}])

1m38.76523836s ago: executing program 3 (id=459):
openat$tun(0xffffffffffffff9c, 0x0, 0x365003, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000000500)={'bridge0\x00', &(0x7f0000000140)=@ethtool_cmd={0xb, 0x0, 0x7ff, 0x4, 0x5, 0xd, 0x8, 0x8, 0x4, 0x4, 0xff, 0xfffffff9, 0x222, 0xd, 0xa, 0xb701, [0xcf, 0x598]}})
setns(r1, 0x24020000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x9)

1m29.726096637s ago: executing program 3 (id=473):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)=ANY=[@ANYBLOB="60000000100001040500000003000000000000", @ANYRES32=0x0, @ANYBLOB="03050000000000003800128009000100766c616e00000000280002801000048006000803050001000b00000006000100030000", @ANYRES32, @ANYBLOB], 0x60}, 0x1, 0x0, 0x0, 0x20004800}, 0x4000000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=@newtaction={0x18, 0x30, 0xffffffffffffffff, 0x0, 0xffffffff, {}, [{0x4}]}, 0x18}}, 0x0)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0xc840)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newtfilter={0x24, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xd}, {}, {0x7, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x24040084)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000300)={[{@grpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x10}}, {@nodioread_nolock}, {@test_dummy_encryption}, {@lazytime}, {@nodelalloc}, {@minixdf}, {@orlov}]}, 0x4, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x1d81ca7, 0x0, 0x82, 0x0, &(0x7f0000000080))
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000))
chdir(&(0x7f00000003c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r3 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)

1m28.864140236s ago: executing program 37 (id=473):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)=ANY=[@ANYBLOB="60000000100001040500000003000000000000", @ANYRES32=0x0, @ANYBLOB="03050000000000003800128009000100766c616e00000000280002801000048006000803050001000b00000006000100030000", @ANYRES32, @ANYBLOB], 0x60}, 0x1, 0x0, 0x0, 0x20004800}, 0x4000000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=@newtaction={0x18, 0x30, 0xffffffffffffffff, 0x0, 0xffffffff, {}, [{0x4}]}, 0x18}}, 0x0)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0xc840)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newtfilter={0x24, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xd}, {}, {0x7, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x24040084)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000300)={[{@grpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x10}}, {@nodioread_nolock}, {@test_dummy_encryption}, {@lazytime}, {@nodelalloc}, {@minixdf}, {@orlov}]}, 0x4, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x1d81ca7, 0x0, 0x82, 0x0, &(0x7f0000000080))
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000))
chdir(&(0x7f00000003c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r3 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)

36.654832254s ago: executing program 7 (id=561):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x1, 0x12)
mkdirat(0xffffffffffffff9c, 0x0, 0xc0)
write$cgroup_pid(r1, &(0x7f00000004c0), 0x12)

36.378344753s ago: executing program 7 (id=563):
syz_mount_image$vfat(&(0x7f0000000540), &(0x7f0000000000)='./file1\x00', 0xa18c14, &(0x7f0000000580)={[{@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp864'}}, {@numtail}, {@fat=@codepage={'codepage', 0x3d, '864'}}, {@shortname_lower}, {@uni_xlateno}, {@shortname_win95}, {@uni_xlate}, {@shortname_lower}, {@fat=@fmask={'fmask', 0x3d, 0x2c}}, {@shortname_mixed}, {@shortname_win95}, {@utf8no}, {@rodir}]}, 0x81, 0x2a6, &(0x7f0000000180)="$eJzs3U9rI2UYAPBn0kmaqpAcPInggB48ld39BBukwmJOSg560cXtgiRhoYGAfzDuybvgye/gd/ADePEbePAoeLMHcSSZmSRNpu1WYla6v99lnsz7PPP+ydsWCnnzyevj4aMnk8dPv/o12u0kGvfjfpwn0Y1GVL4JAOA2Oc/z+CMvXJebRisi8k75qrGH4QEA/4HzPD941r//AMDt8MGHH73X6/dP3s+ydsT42+kgieJatPcex2cxitO4E534KyJfKuJXHvRPIs2y6p8B06MYRIw//rl83fs9YlF/NzrR3axvlVnZQrw1nk0H857n12a8lET08qRIuRedeDUib0b5kOLy7oP+yb1suz4GrXj7zR/K8f99GsfRiV8+jScxikeLR6zqv76bZe/k3//5ZTGDQUQymw4OF3kr+cFe3hAAAAAAAAAAAAAAAAAAAAAAAF4Ix9lSd/38nOo0wOPj+vZLzwcqT/iZrZ2vcyfLsuoYn+mgGUV9Gq+lkT6/mQMAAAAAAAAAAAAAAAAAAMD/x+TzL4YPR6PTswvBT/k8OLoyZzNI1+5UH+u/vqo+GP4YcfOqZwnioBzaKNnqIqmadtDX4U2Sj+o6jcZla5iOohj8dzcf2Bu7muCVQbW7hg+TuCa5Xb9J1nZdtQ3PJkndhkwXTVtPzmuW7uDSYbR2NPfWy/+2/Kh2oeYzbi4X82JVe/5Ort1p7vgnZUOy8989AAAAAAAAAAAAAAAAAADARasP/cZvW41Pn8uQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvVt//vwyiu3lnM5iVxYs7jauTD88mNd129zxNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbrl/AgAA//9BoFPu")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)

34.953398131s ago: executing program 7 (id=564):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xa, 0x10001}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
syz_open_procfs(0x0, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10)
listen(r3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, 0x0)
write$binfmt_script(r4, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xf7, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x234a047, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002f40)='./bus\x00', 0x1020020, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

32.061656717s ago: executing program 7 (id=569):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x1c916, &(0x7f00000002c0)={[{@noload}, {@noblock_validity}, {@nombcache}, {@acl}, {@barrier_val={'barrier', 0x3d, 0xc}}, {@noacl}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@nodelalloc}, {@resgid, 0x32}]}, 0xdb, 0x4df, &(0x7f0000001700)="$eJzs3ctrXNcZAPDvXmnkl1zJtAvXUNfULpJpPSNZtS0KdVso7cpQ6i66c1VpJIRGGqEZ2ZYwrfwXFIppC111lU0gf0AgeJdtSDAk+0BCQkjsZJFF4gnzcmR5Ro94pBHS7wdXc+5j9H1nhjkz59zDvQEcWuci4nJEPK1UKhcjYqCxPW0sD09ExFr9uCeP701WlyQqlZufJpE0tlWPH173PxtPqfnTHyL+lrwYt7SyOjdRKOSXGuu58vxirrSyeml2fmImP5NfGBsbvTp+bfzK+EhH6tkfEdd/9+G///nK76+/8fM779/6ePjv1bR+1djfrEen1aueiaPrtvVGxNJuBOuCnkZ9Mt1OBACAbWn+zv9JRFyMgeip/ZoDAAAADpLKr/vjqySiAgAAABxYaW1ubJJmG/MA+iNNs9n6HN4fxPG0UCyVfzZdXF6Yqs+hHYxMOj1byI805goPRiapro/Wyt+uX96wPhYRpyLiwcCx2np2sliY6vbgBwAAABwSJzb0/78YqPf/AQAAgANmsNsJAAAAALtO/x8AAAAOvhb9/790Iw8AAABgV/zxxo3qUmne/3rq9sryXPH2pal8aS47vzyZnSwuLWZnisWZ2jX75rf6f4VicfEXsbB8N1fOl8q50srqrfni8kL51uxzt8AGAAAA9tCpHz98L4mItV8eqy1Vfd1OCtgTvTs5+IPdywPYez3dTgDomh19/wMHSqbbCQBdl2yxv+3knbc6nwsAALA7hn7Y+vx/suXYwFq6RykCu8T4Hxxezv/D4eX8PxxemegJHXk43Hb//H+lsqOEAACAjuuvLUmajaiNA/RHmmazESdrtwXIJNOzhfxIRHwvIt4dyBypro/Wnpls2WcAAAAAAAAAAAAAAAAAAAAAAAAAAOoqlSQqAAAAwIEWkX6UNO7/NTRwoX/j+EBf8uVA7TEi7vzv5n/uTpTLS6PV7Z89217+b2P75W6MYAAAAAAbNfvpzX48AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTSk8f3JpvLXsb95LcRMdgqfm8crT0ejUxEHP88id51z0sioqcD8dfuR8TpVvGTalox2MiiVfxjXYyfRsSJDsSHw+xhtf35TavPXxrnao+tP39Xay3Uy2vf/qXP2r+eNu3PyW3GOPPotVzb+PcjzvS2bn+a8ZM28c9vM/5f/7y62m5f5f8RQy2/f5LnYuXK84u50srqpdn5iZn8TH5hbGz06vi18SvjI7np2UK+8bdFhL74149ef7pZ/Y/Hg7bt72b1v7DN+n/96O7j79eLmVbxh8+3fv9Pt4mfNr77ftooV/cPNctr9fJ6Z199+2zEO2+2q/9Um9d/q/d/eJv1v3hkmwcCAHuitLI6N1Eo5Jf2R6EvuhL9pV6N6s+iffDSKey88I/9kca+LHS3XQIAADrvxT7w8zpxjh0AAAAAAAAAAAAAAAAAAADY3He6QliysyvebYy51p2qAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABs6psAAAD///ws0zo=")
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x38, 0x38, 0x4, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2}}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x20}, @var={0x2, 0x0, 0x0, 0xe, 0x3, 0x1}]}, {0x0, [0x0, 0x2e]}}, 0x0, 0x54}, 0x28)
syz_mount_image$ext4(&(0x7f00000009c0)='ext4\x00', &(0x7f0000000540)='./file0\x00', 0x800718, &(0x7f0000000080)={[{@nobh}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@usrjquota}, {@barrier}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x48f, &(0x7f0000000a00)="$eJzs289rHGUfAPDvTLJJ+/ZH8vbtq7ZWjRYhKCZNWrUHL0oFkYqCHuoxJtsSum2kiWJrsamIJ0EKehaPon+BJ0UQ9SR49eRJCkV7aespMpOZZLPd/KDZZNPu5wMz+zwzz+w8333mx7Pz7AbQsQayWRKxMyJ+j4i++ezSAgPzLzevXxy/df3ieBJzc6//leTlbly/OF4WLbfbUWQG04j0o6TYyVLT5y+cHqvVqueK/PDMmbeHp89feOrdM2OnqqeqZ0ePHj1yeOTZZ0afbkmcWVw39n8wdWDfS29eeWX8xJW3fv4mq+/OYn19HK0ykAX+91yucd3jrd5Zm+3K5735POluc2VYs66IyJqrkp//fdEVi43XFy9+2NbKARsquzf1Lr96dg64hyWx1pKVumsGcPcrb/TZ999y2oRux5Zx7fn5L0BZ3DeLaX5Nd6RFmcrC99vWG4iIE7P/fJFNsUHPIQAA6n0y/vnxnuiN9299/XLW9+hbWJPGffnrH/l8dzGG0h8R/42IPRHxv4jYGxH/j8jL3h8RD6yzPrf3f9Kr63zLFWX9v+eKsa2l/b+y9xf9XUVuVx5/JTk5WaseKj6Twaj0ZvmRFfbx/bHfPl1uXX3/L5uy/Zd9waIeV7sbHtBNjM2MRWU9US+6djlif3ez+JOFkYAkIvZFxP6FrdY0wLO7TEw+8dWB5QqtHv8KWjDONPdlFt5sFv9sNMRfSurHJydvG58c3ha16qHh8qi43S+/fvzacvtfV/wtcK06/1rX/o1F+pP68drp1u7/Do//tCd5Ix9n7inGHN8bm5k5NxLRkxzP898VzZcvH13ctsyX5bPjf/Bg8/N/T7FN9lYPRkR2ED8UEQ9HxCNF3R+NiMci4uAKMf70wurxR9qm9r8cMdH0+rdw/De0//kLp8tL4+KSFRNdp3/8drn9r639j+SpwWJJfv1bRbPqdDep8p1+bgAAAHA3SfPfwCfp0EI6TYeG5n/Dvzf+k9ampmeePDn1ztmJ+d/K90clLZ909RXPQ2uTtepIMlu8YyU5FrXqaPGsuHxeerh4bvxZ1/Y8PzQ+VZtoc+zQ6XYsc/5n/uxqd+2ADba96dLRnk2vCNAGjePo6dLspVfDxQDuVf6vDZ1rlfM/3ax6AJvP/R86V7Pz/1JD3lgA3Jvc/6FzOf+hQ6U/tLsGQBu5/0NHWvXP++1JbKtf0rNy4Z4tUueWJbZqo+SJiDKRbon6SGxQot1XJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNb4NwAA//9vGdqJ")
setxattr$trusted_overlay_origin(&(0x7f0000000180)='./file0\x00', &(0x7f0000000000), &(0x7f0000000b40), 0xfe1c, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
getpeername(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x8528c000)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, &(0x7f0000000000)='\x00')

28.922038161s ago: executing program 7 (id=575):
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1000, 0xfffffff7)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = dup(r0)
write$UHID_INPUT(r4, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b5d300987f70e06d038e7ff7fc6e5539b0d650e8b089b3f313b68090890e0878f0e1ac6e7049b3b46959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07410936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65d7a3cb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)

27.318311154s ago: executing program 7 (id=578):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x7)
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBDIACR(r2, 0x4bfb, &(0x7f0000000600)=""/171)
connect$unix(r0, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
getpgid(0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="280000001e00030903000000fedbdf2507"], 0x28}, 0x1, 0x0, 0x0, 0x2000c090}, 0x50)
recvmmsg(r3, &(0x7f00000007c0)=[{{0x0, 0x0, 0x0}, 0x2111}], 0x1, 0x40000120, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'vlan0\x00'})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000100))
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r6, r5, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)

20.441485682s ago: executing program 8 (id=587):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
statx(0xffffffffffffff9c, 0x0, 0x100, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r3, &(0x7f0000000100)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xe}}, 0x57)
sendto$inet(r3, &(0x7f00000002c0)="abc7153306", 0xffffff59, 0x4000805, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f00000008c0)=""/135, 0x87}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000980)=""/146, 0x92}, {&(0x7f0000000080)=""/43, 0x2b}, {&(0x7f0000000a80)=""/242, 0xf2}, {&(0x7f0000000b80)=""/143, 0x8f}], 0x4}, 0x2}], 0x400000000000300, 0x22, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x11, &(0x7f0000000000)=0x1, 0x4)
syz_open_dev$tty1(0xc, 0x4, 0x1)
fsopen(0x0, 0x1)

18.787033967s ago: executing program 8 (id=588):
r0 = socket(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r0, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r0, &(0x7f00000005c0)=@proc={0x10, 0x0, 0x1}, 0xc)
getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000040), 0x0)
setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000700)=0x5, 0x4)
write(r0, &(0x7f0000000000)='\"', 0x1)
recvmmsg(r0, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0)

12.157114307s ago: executing program 38 (id=578):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x7)
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBDIACR(r2, 0x4bfb, &(0x7f0000000600)=""/171)
connect$unix(r0, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
getpgid(0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="280000001e00030903000000fedbdf2507"], 0x28}, 0x1, 0x0, 0x0, 0x2000c090}, 0x50)
recvmmsg(r3, &(0x7f00000007c0)=[{{0x0, 0x0, 0x0}, 0x2111}], 0x1, 0x40000120, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'vlan0\x00'})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000100))
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r6, r5, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)

9.634053941s ago: executing program 9 (id=603):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0)
poll(&(0x7f0000000040)=[{r0, 0x2000}], 0x1, 0x3f)
write$vga_arbiter(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB='lock io'], 0xc)
write$vga_arbiter(r0, &(0x7f0000000000)=@other={'unlock', ' ', 'mem'}, 0xb)

9.368932909s ago: executing program 9 (id=604):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080)={[{@auto_da_alloc}, {@mblk_io_submit}]}, 0x1, 0x569, &(0x7f0000000a00)="$eJzs3d1rm9UfAPDvkzZ7//3WwRgqIgUvnMyla+vLBC/mtQ4Gej9D+6yMpsto0rHWgduFu5bhnQPxXrz2UvwHvPBvGOhgyCiCeBN50idZ2iZtuqUvms8HnnK+z0vPOXlyTs7JSUgAQ2s8+1OIeDkivkoiTkZEkh8bjfzg+Np5q0/vzGRbEo3GJ38kzfOyuPW/Wtcdz4OXIuLnLyPOFTbnW1temS9XKuliHk/UF25O1JZXzl9fKM+lc+mNqenpi+9MT73/3rsDq+ubV7KCjOTRqQdJXIoTedRZjxdwtzMYj/H8MSnGpQ0nTg4gs4Mk6br3hz0vBzszkrfzYmR9wMkYyVs98N/3RUQ0gCGV7Lj9/1rcnZIAe6s1DmjN7Qc0D/7XePLh2gRoc/1H194biSPNudGx1WTdzCib744NIP8sjx9/f/gg22Jw70MAbOvuvYi4MDq6uf9L8v7v+V3o45yNeej/YO/8lI1/3uo2/im0xz/RZfxzvEvbfR7bt//C4wFk01M2/vug6/i3vWg1NpJH/2uO+YrJteuVNOvb/h8RZ6N4OIu3Ws+5uPqo0etY5/gv27L8W2PBvByPRw+vv2a2XC+/SJ07PbkX8UrX8W/Svv/J2v1ft8STPR5X+szjTPrwtV7Htq//7mp8F/FG1/v/rLrJ1uuTE83nw0TrWbHZn/fP/NIr//2uf3b/j21d/7Gkc722tvM8vj3ydxrt9eT11tU/+n/+H0o+baYP5ftul+v1xcmIQ8nH7f2F1v6pZ9e24tb5Wf3Pvr51/5d06f+ORsRnfdb//unvX+117CDc/9mu9789u91w/3eeePTR59/0yr+//u/tZupsvqef/q/fAr7IYwcAAAAAAAAHTSEiTkRSKLXThUKptPb5jtNxrFCp1urnrlWXbsxG87uyY1EstFa6T3Z8HmIyXzFsxVMb4umIOBURX48cbcalmWpldr8rDwAAAAAAAAAAAAAAAAAAAAfE8R7f/8/8NrLfpQN2nZ/8huG1bfsfxC89AQeS138YXto/DK++2n9x98sB7D2v/zC8tH8YXto/DC/tH4aX9g8AAAAAAAAAAAAAAAAAAAAAAAAAAAADdeXy5WxrrD69M5PFs7eWl+art87PprX50sLSTGmmunizNFetzlXS0kx1Ybv/V6lWb05OxdLtiXpaq0/UlleuLlSXbtSvXl8oz6VXU78iBgAAAAAAAAAAAAAAAAAAAJvVllfmy5VKuigxxIm/Go3G814+ut+Fl9iVxH73TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwzD8BAAD//1hdMq0=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x8541, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r1, 0xc020662a, &(0x7f00000005c0)={0x8, 0x8000000000000000, 0x7, 0x4})

9.192479795s ago: executing program 0 (id=605):
syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000001480)=ANY=[@ANYBLOB='utf8,utf8,uid=', @ANYRESHEX=0xee01, @ANYBLOB=',iocharset=cp949,errors=remount-ro,utf8,errors=remount-ro,dmask=00000000000000000000003,time_offset=0x0000000000000006,gid=', @ANYRESHEX=0xee00, @ANYBLOB="2c00073bc934e6304a61a825679f7f47435e772a77a77e69b5db166a9f7745d7245b08574a58340594"], 0x1, 0x1544, &(0x7f0000001740)="$eJzs3AmcjlX7OPDrOufcY0zS0yTLcM65bp5kOSZJsiTJkiRJkmRLSJrklYTEkC1pSEKyDMkyhGSZmDT2fV8SkqRJkpBsyfl/FK/61fvW+3vfN79/ru/nc3/mXM+5r3Of+7mee+5llq86DqrWoHrlekQE/xb86UsyAMQCQD8AuAoAAgAoHV86/lx/donJ/95G2H/WA2mXegbsUuL6X964/pc3rv/ljet/eeP6X964/pc3rv/ljevP2OVsw5R8V/Ny+S7/7vN/eaHBz///P8Tn/7+QrBKjPltV4tpOADF/NIXr/5eU54+uyPX/ywr+yEpc/8sb1/8vK/s/7479s+bB/g/j4/9ykO0f9nD9L29cf8YuZ5f6+fN/f5H/tB8il8N78E/2nzHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYY+xOc9BcpALjQvtTzYowxxhhjjDHG2H+Oz3apZ8AYY4wxxhhjjLH/PgQBEhQEEAPZIBayQxwIALgScsJVEIGrIR6ugVxwLeSGPJAX8kEC5IcCoMGABYIQCkIhiMJ1UBiuhyJQFIpBcXBQAhLhBigJN0IpuAlKw81QBm6BslAOykMFuBUqwm1QCW6HynAHVIGqUA2qw51QA+6CmnA31IJ7oDbcC3XgPqgL90M9eADqw4PQAB6ChvAwNILG0ASaQrP/Vf5z0BWeh27QHZKhB/SEF6AX9IY+0Bf6wYvQH16CAfAypMBAGASvwGB4FYbAazAUhsFweB1GwBswEkbBaBgDqTAWxsGbMB7eggkwESbBZEiDKTAV3oZpMB1mwDswE96FWTAb5sBcSIf3YB7Mhwx4HxbAB5AJC2ERLIYlsBSWwXJYASthFayGNbAW1sF62AAbYRNshi2wFbbBh7AdPoIdsBN2/b1+/0r+iZ/lfwy7oRMCAgoUqFBhDMZgLMZiHMZhDsyBOTEnRjCC8RiPuTAX5sbcmBfzYgImYAEsgAYNEhIWxIIYxSgWxsJYBItgMSyGDh0mYiKWxBuxFJbC0lgay2AZLIvlsBxWwApYEStiJayElbEyVsEqWA2r4Z14J/bAmlgTa2EtrI21LzyewnpYD+tjfWyADbAhNsRG2AibYBNshs2wOTbHFtgCW2ErbI2tsQ22wSRMwrbYFtthO2yP7bEDdsCO2BE7YWfsnPVcNsDn8XnsjlVED+yJPbEXpmTrg32xL76I/fElfAlfxhQciIPwFXwFX8UheByH4jAcjsOxongDR+IoJDEGUzEVx+E4HI/jcQJOxIk4GdNwCk7FqTgNp+N0fAdn4rv4Ls7G2TgX0zEd5+F8zMAMXIAnMBMX4iJcjEtwKS7B5bgCl+MqXI2rcC2uxfW4HjfiRtyMm3ErbsUPUQHgR7gTd2IK7sbduAf34F7ci/twH2ZhFu7H/XgAD+BBPIiH8BAexiN4FI/gMTyGx/EEnsSTeBpP4xl8JuGL+h8WXZkC4hwllIgRMSJWxIo4ESdyiBwip8gpIiIi4kW8yCVyidwit8gr8ooEkSAKiALCCCNIhDEAIKIiKgqLwqKIKCKKiWLCCScSRaIoKUqKUqKUKC1uFmXELaKsKCdaugqigqgoWrlK4nZRWVQWVURVUU1UF9VFDVFD1BQ1RS1RS9QWtUUdcZ+oK3pgH3xAnKtMAzEQG4pB2Eg0FvL8EdBcDMEWoqVoJR4Tw3AothHNXZJ4UrQVI7Gd+JsYhU+LDmIMdhTPik6is+ginhNdRQvXTXQXE7CH6CkmYy/RW/QRfcU0rCrewZnZq4mXRYoYKAaJV8RcfFUMEa+JoWKYGC5eFyPEG2KkGCVGizEiVYwV48SbYrx4S0wQE8UkMVmkiSliqnhbTBPTxQzxjpgp3hWzxGwxR8wV6eI9MU/MFxnifbFAfCAyxUKxSCwWS8RSsUwsFyvESrFKrBZrxFqxTqwXG8RGsUlsFlvEVrFNfCi2i4/EDrFT7BIfi93iE7FHfCr2is/EPvG5yBJfiP3iS3FAfCUOiq/FIfGNOCyOiKPiW3FMfCeOixPipDglTovvxRnxgzgrvACJUkgplQxkjMwmY2V2GSevkDlkcP7dvVrGy2tkLnmtzC3zyLwyn0yQ+WUBqaWRVpIMZUFZSEbldbKwvF4WkUVlMVlcOllCJsobZEl5oywlb5Kl5c2yjLxFlpXlZHlZQd4qK8rbJER+2kYVWVVWk9XlnTIZ7pI15d2ylrxH1pb3yjryPllX3i/ryQdkffmgbCAfkg3lw7KRbCybyKaymXxENpePyhaypWwlH5Ot5eOyjXxCJsknZVvpz39EnpYd5DOyo3xWdpKdZRf5gzwrvewmu0voAbKnfEH2kr1lH9lX9pMvyv7yJTlAvixT5EA5SL4iB8tX5RD5mhwqh8nh8nU5Qr4hR8pRcrQcI1PlWDlOvinHy7fkBDlRTpKTZZqcIvucH2mGlL+b/+bP88+deuUUOeDHra+XG+RGuUlullvkVrlNfii3y+1yh9whd8ldcrfcLffIPXKv3Cv3yX0yS2bJ/XK/PCAPyIPyoDwkD8nD8og8Jb+Vx+R38rg8IU/IU/K0PC3PnH8PQKESSiqlAhWjsqlYlV3FqStUDnWlyqmuUhF1tYpX16hc6lqVW+VReVU+laDyqwJKK6OsIhWqgqqQiqrr8PwHRhVTxZVTJVSiuuFfyVeF1fWqiCr6i/wL80v+B/Nrppqp5qq5aqFaqFaqlWqtWqs2qo1KUkmqrWqr2ql2qr1qrzqoDqqj6qg6qU6qi+qiuqquqpvqppJVsuqpXlC9VG/VR/VV/dSLqr/qrwaoASpFpahBapAarAarIWqIGqqGquFquBqhRqiRaqQarUarVJWqxqlxarwaryaoCWqSmqTSVJqaqqaqaWqamqFmqJlqppqlZqk5ao5KV+lqnpqnMlSGWqAWqEy1UC1Ui9VitVQtVcvVcrVSrVSr1Wq1Vq1VmWqD2qA2qU1qi9qitqltarvarnaoHWqX2qV2q91qj9qj9qq9ap/ap7JUltqv9qsD6oA6qA6qQ+qQOqwOq6PqqDqmjqnj6rg6qU6q0+q0OqPOqLPqrIJAgAhEoAIVxAQxQWwQG8QFcUGOIEeQM8gZRIJIEB/EB7mCa4PcQZ4gb5AvSAjyBwUCHZjABuJ80aPBdUHh4PqgSFA0KBYUD1xQIkgMbghKBjcGpYKbgtLBzUGZ4JagbFAuKB9UCG4NKga3BZWC24PKwR1BlaBqUC2oHtwZ1AjuCmoGdwe1gnuC2sG9QZ3gvqBucH9QL3ggqB88GDQIHgoaBg8HjYLGQZOgadDsPzq+98fzPOq66e46WffQPfULupfurfvovrqfflH31y/pAfplnaIH6kH6FT1Yv6qH6Nf0UD1MD9ev6xH6DT1Sj9Kj9RidqsfqcfpNPV6/pSfoiXqSnqzT9BQ9Vb+tp+npeoZ+R8/U7+pZeraeo+fqdP2enqfn6wz9vl6gP9CZeqFepBfrJXqpXqaX6xV6pV6lV+s1eq1ep9frDXqj3qQ36y16q96mP9Tb9Ud6h96pd+mP9W79id6jP9V79Wd6n/5cZ+kv9H79pT6gv9IH9df6kP5GH9ZH9FH9rT6mv9PH9Ql9Up/Sp/X3+oz+QZ/V/tzF/bnTu1FGmRgTY2JNrIkzcSaHyWFympwmYiIm3sSbXCaXyW1ym7wmr0kwCaaAKWDOIUOmoClooiZqCpvCpogpYoqZYsYZZxJNoilpSppSppQpbUqbMqaMKWvKmvKmvLnV3GpuM7eZ283t5g5zh6lqqprqprqpYWqYmqamqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpkmpolpZpqZ5qa5aWFamFamlWltWps2po1JMkmmrWlr2pl2pr1pbzqYDqaj6Wg6mU6mi+liupquppvpZpJNsulpeppeppfpY/qYfqaf6W/6mwFmgEkxKWaQGWQGm8FmiBlihpphZvi5C1XzhhlpRpnRZoxJNalmnBlnxpvxZoKZYCaZSSbNpJmpZqqZZqaZGWaGmWlmmllmlplj5ph0k27mmXkmw2SYBWaByTSZZpFZZJaYJWaZWWZWmBVmlVll1sAas86sMxvMBrPJbDJbzBazzWwz2812s8PsMLvMLrPb7DZ7zB6z1+w1+8w+k2WyzH6z3xwwB8xBc9AcMofMYXPYHDVHzTFzzBw3x81Jc9KcNnnOny+9ibXZbZy9wuawV9qc9ir7P+O8Np9NsPltAattbpvnF7Gx1haxRW0xW9w6W8Im2ht+FZe15Wx5W8Heaiva22ylX8U17F22pr3b1rL32Or2zl/Ete29to59yNZFBLCNbX3b1DawD9mG9mHbyDa2TWxT29o+btvYJ2ySfdK2tU/9Kp5n59sVdqVdZVfbHXanPWlP2QP2K3vafm+72e62n33R9rcv2QH2ZZtiB/4qHm5ftyPsG3akHWVH2zG/iifZyTbNTrFT7dt2mp3+qzjdvmdn2gw7y862c+zcH+Nzc8qw79sF9gObaQNYZBfbJXapXWaX/32ui+1au86ut9vtR3aT3Wy32K1224ULYbvT7rIf2932E7vffmn32s/sPnvQZtkvfozP7d9B+7U9ZL+xh+0Re9R+a4/Z79SF7HP7/q39wZ613gIhAUlSFFAMZaNYyk5xdAXloCspJ11FEbqa4ukaykXXUm7KQ3kpHyVQfipAmgxZIgqpIBWiKF1HF6ZXjIqToxKUSDdQSbqRStFNVJpupjJ0C5WlclSeKtCtVJFuo0p0O1WmO6gKVaVqVJ3upBp0F9Wku6kW3UO16V6qQ/dRXbqf6tEDVJ8epAb0EDWkh6kRNaYm1JSa0SPUnB6lFtSSWtFj1Joepzb0BCXRk9SWnqJ29DdqT09TB3qGOtKz1Ik6Uxd6jrrS89SNulMy9aCe9AL1ot7Uh/pSP3qR+tNLNIBephQaSIPoFRpMr9IQeo2G0jAaTq/TCHqDRtIoGk1jKJXG0jh6k8bTWzSBJtIkmkxpNIWm0ts0jabTDHqHZtK7NItm0xyaS+n0Hs2j+ZRB79MC+oAyaSEtosW0hJbSMlpOK2glraLVtIbW0jpaTxtoI22izbSFttI2+pC200e0g3bSLvqYdtMntIc+pb30Ge2jzymLvqD99CUdoK/oIH3tu9M3dJiO0FH6lo7Rd3ScTtBJOkWn6Xs6Qz/QWfIEIYYilKEKgzAmzBbGhtnDuPCKMEd4ZZgzvCqMhFeH8eE1Ya7w2jB3mCfMG+YLE8L8YYFQhya0IYVhWDAsFEZjrgsLh9eHRcKiYbGweOjCEmFieENYMrwxLBXeFJYObw7LhLeEZcNy4UP3VAhvDSuGt4WVwtvDyuEdYZWwalgtrB7eGdYI7wprhneHtcJ7wlLhvWGd8L6wbnh/WC98IKwfPhg2CB8KG4YPh43CxmGTsGnYLHwkbB4+GrYIW4atwsfC1uHjYZvwiTApfDJsGz71Y/+98/9xf3LYI+wZvhC+EHp/t5wTnRtNj74XnRedH82Ivh9dEP0gmhldGF0UXRxdEl0aXRZdHl0RXRldFV0dXRNdG10XXR/1vno2cOiEk065wMW4bC7WZXdx7gqXw13pcrqrXMRd7eLdNS6Xu9bldnlcXpfPJbj8roDTzjjryIWuoCvkou46V9hd74q4oq6YK+6cK+ESXVPXzDVzzd2jroVr6Vq5x9xj7nH3uHvCPeGedG3dU66d+5tr7552Hdwz7hn3rOvkOrsu7jnX1Y3N+dMxmex6up6ul+vl+rg+rp/r5/q7/m6AG+BSXIob5Aa5wW6wG+KGuKFuqBvuhrsRboQb6Ua60W60S3Wpbpwb58a78W6Cm+AmuUkuzaW5qW6qm+amuYrTf9rKLDfLzXFzXLpLd/PcuWvGDLfALXCZLtMtcovcErfELXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29x2t93t8Ff9NKjb7fa4PW6v2+v2uc9dlvvC7XdfugPuK3fQfe0OuW/cYXfEHXXfumPuO3fcnXAn3Sl32n3vzrgf3FnnXWpkbGRc5M3I+MhbkQmRiZFJkcmRtMiUyNTI25FpkemRGZF3IjMj70ZmRWZH5kTmRtIj70XmReZHMiLvRxZEPohkRhZGFkUWR5ZElka8z78p9AV9IR/11/nC/npfxBf1xXxx73wJn+hv8CX9jb6Uv8mX9jf7Mv4WX9aX8+X9w76Rb+yb+Ka+mX/EN/eP+ha+pW/lH/Ot/eO+jX/CJ/knfVv/lG/n/+bb+6d9B/+M7+if9Z18Z9/FP+e7+ud9N9/dJ/sevqd/wffyvX0f39f38y/6/v4lP8C/7FP8QD/Iv+IH+1f9EP+aH+qH+eExr/sRF26RYYxP9WP9OP+mH+/f8hP8RD/JT/Zpfoqf6t/20/x0P8O/42f6d/0sP9vP8XN9un/Pz/PzfYZ/3y/wH/hMv/DCQ0m/zC/3K/xKv8qv9mv8Wr/Or/cb/Ea/yW/2W/xWv81/6Lf7j/wOv9Pv8h/73f4Tv8d/6vf6z/w+/7nP8l/4/f5Lf8B/5Q/6r/0h/40/7I/4o/5bf8x/54/7E/6kP+VP++/9Gf+DP8t/s8YYY4wx9oeMvdgUv+z56XF+j9/IET9buScAXLk5X9bP+89dUa7J/VO7t0hoHQGAJ7t3fODCUqVKcnLy+XUzJQSFZgNc+EnQOTFwMV4IreBxSIKWUPI3599bdD5NvzN+9GaAuJ/lxMLF+OL4nwJg8m+M/8hjw+eVCU/G/5PxZwMUKXQxJztcjBdCqx+fr7SEUv9g/nma/878s3+WCtDiZzk54GJ8cf6J8Cg8BUm/WJMxxhhjjDHGGPtJb1G+/YX7zwu/8flb9+cJ6mJONrgY/979OWOMMcYYY4wxxi69pzt3eeKRpKSW7f/1RqX/VdYfbjSE/9bI3PjNhvcAF15RAPBvDghwriH/zL3Y+KdsK+X8ofM/u5ac8gH83yjlbzUGXAHw+yuP/vsrl/gbE2OMMcYYY+w/7uLV/y9fV5dqQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2GXoz/jfY5d6HxljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLFL7f8FAAD//y1m/Y0=")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x2020)
open$dir(&(0x7f0000000100)='./file0\x00', 0x149800, 0x0)

8.891240975s ago: executing program 0 (id=606):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r0)
sendmsg$TIPC_NL_PUBL_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="130f000000000000f6ff06"], 0x18}}, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

8.603564905s ago: executing program 0 (id=607):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@nobarrier}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r2 = openat$cgroup_ro(r1, 0x0, 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f00000000c0)=0x40000000000000, 0x12)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFCONF(r4, 0x8912, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000002c0)='./bus\x00', 0x402280a, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000140), 0x8, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat(0xffffffffffffff9c, 0x0, 0x1c1242, 0x836d9fb164f926b1)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0)
truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd)
socket(0x10, 0x803, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xe7c)

7.094357455s ago: executing program 0 (id=608):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000900)='./file0\x00', 0x800, &(0x7f0000000940)=ANY=[@ANYBLOB='iocharset=cp932,umask=00000000000000000000006,iocharset=cp850,utf8,fmask=00000000000000000000343,namecase=1,gid=', @ANYRESHEX=0x0, @ANYBLOB="000000000096205a792fac04789d5782b0e39bd74eb67bfdd61fed50cc5ae83ced3c1cf059bbc767ed72d79670610783173f536800c89362c667a24a103c0a1d392b7a1afc37dd969c3660aaf54150656e4b11d15a929049d7a9c84042813475ffe8e76a99fdc2b0c8122bd1a712989fd85c09e8912bd1eb5396915112610a47f6992cf9979a4c772f6da1f63df85196ddb0c5316bd3057a16521a8d394bf49af96e3ec3f9", @ANYRESHEX=0x0, @ANYRES32, @ANYRESDEC, @ANYBLOB='\x00\x00'], 0x1, 0x1529, &(0x7f0000001cc0)="$eJzs3AuYTlUXOPC19t5nDIm3SS7D3nsd3uSyTZLkkiSXJEmSJLeEpEk+SZIYQpKGJCSXIYkhJJeJSeN+v18SkqRJkpDckv1/JvzVV1//79I/3/PN+j3Peez17rP22edd7+Wc7X3mm65DajWpXb0REcF/BM//kwQAsQAwAADyAkAAAOXjysdl9eeUmPSfHYT9ue5PvdwzYJcT1z974/pnb1z/7I3rn71x/bM3rn/2xvXP3rj+jGVnG6cWuoq37Lvx+n92xt///0Myy4z5YnWZa7oBxPyzKVz/7I3r/z8r+Gd24vpnb1z/7Cr2ck+A/Rfg9392kOMf9nD9szeuP2PZ2eVef77cG0T+y56DwznPF+avOn/GGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+wvcMpfogDgYvtyz4sxxhhjjDHGGGN/Hp/jD7vP8XIAY4wxxhhjjDH2vwBBgAQFAcRADoiFnJALBABcCXkgL0TgKoiDqyEfXAP5oQAUhEIQD4WhCGgwYIEghKJQDKJwLRSH66AElIRSUBoclIEEuB7Kwg1QDm6E8nATVICboSJUgspQBW6BqnArVIPboDrcDjWgJtSC2nAH1IE7oS7cBfXgbqgP90ADuBcawn3QCO6HxvAANIEHoSk8BM2gObSAltDq38p/DnrA89ATekES9IY+8AL0hX7QH16EAfASDISXYRC8AskwGIbAqzAUXoNh8DoMhxEwEt6AUfAmjIYxMBbGQQqMhwnwFkyEt2ESvAOTYQqkwlSYBu/CdJgBM+E9mAXvw2yYA3NhHqTBBzAfFkA6fAgL4SPIgEWwGJbAUlgGy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW2Abb4WPYAZ/ATtgFu+FT2AOf/Yv5J/8uvxsCAgoUqFBhDMZgLMZiLsyFuTE35sE8GMEIxmEc5sN8mB/zY0EsiPEYj0WwCBo0SEhYFItiFKNYHItjCSyBpbAUOnSYgAlYFm/AclgOy2N5rIAVsCJWwkpYBatgVayK1bAaVsfqWANrYC2shXfgHdgb62JdrIf1sD7Wv7g8hY2wETbGxtgEm2BTbIrNsBm2wBbYCltha2yNbbANtsN22B7bYwfsgImYiB2xI3bCTtgZO2MX7IJdsSt2w2fx2czncgA+j89jL6whemMf7IN9MTlHf3wRX8SXcCC+jC/jK5iMg3EIvoqv4ms4DE/gcByBI3EkVhVv4mgcgyTGYQqm4AScgBNxImZN9B2cgqk4FafhNJyOM3AGvoez8H18H+fgHJyHaZiG83EBpmM6LsSTmIGLcDEuwaW4DJfiClyJK3A1rsHVuA7X4QbcgJtwE27BLbgNt+HHqADwE9yFuzAZ9+Ae3It7cR/uw/24HzMxEw/gATyIB/EQHsLDeBiP4FE8hkfxOB7HE3gST+EpPINn8Cw+Hf9V449LrkoGkUUJJWJEjIgVsSKXyCVyi9wij8gjIiIi4kScyCfyifwivygoCop4ES+KiCLCCCNIhDEAIKIiKoqL4qKEKCFKiVLCCScSRIIoK8qKcqKcKC9uEhXEzaKiqCTauiqiiqgq2rlq4jZRXVQXNURNUUvUFrVFHVFH1BV1RT1RT9QX9UUDca9oKHpjf7xfZFWmiRiMTcUQbCaaC3nhE6y1GIZtRFvRTjwqRuBw7CBau0TxhOgoRmMn8TcxBp8SXcQ47CqeEd3Es6K7eE70EG1cT9FLTMLeoo+Ygn1FP9FfvCimY03xHs7KWUu8IpLFYDFEvCrm4WtimHhdDBcjxEjxhhgl3hSjxRgxVowTKWK8mCDeEhPF22KSeEdMFlNEqpgqpol3xXQxQ8wU74lZ4n0xW8wRc8U8kSY+EPPFApEuPhQLxUciQywSi8USsVQsE8vFCrFSrBKrxRqxVqwT68UGsVFsEpvFFrFVbBPbxcdih/hE7BS7xG7xqdgjPhN7xedin/hC7BdfikzxlTggvhYHxTfikPhWHBbfiSPiqDgmvhfHxQ/ihDgpTonT4oz4UZwVP4lzwguQKIWUUslAxsgcMlbmlLnkFTK3DC48u1fJOHm1zCevkfllAVlQFpLxsrAsIrU00kqSoSwqi8movFYWl9fJErKkLCVLSyfLyAR5vSwrb5Dl5I2yvLxJVpA3y4qykqwsq8hbZFV5q4TI+WPUkDVlLVlb3iGT4E5ZV94l68m7ZX15j2wg75UN5X2ykbxfNpYPyCbyQdlUPiSbyeayhWwpW8mHZWv5iGwj28p28lHZXj4mO8jHZaJ8QnaU/sJL5CnZRT4tu8pnZDf5rOwuf5LnpJc9ZS8JvUH2kS/IvrKf7B8LAPIlOVC+LAfJV2SyHCyHyFflUPmaHCZfl8PlCDlSviFHyTflaDlGjpXjZIocLyfIt+RE+bacJN+Rk+UUmSqnyv5ywM8jzZTy/5n/1u/kD/r56BvkRrlJbpZb5Fa5TW6XH8sdcofcKXfK3XK33CP3yL1yr9wn98n9cr/MlJnygDwgD8qD8pA8JA/Lw/KIPCpPy+/lcfmDPCFPypPytDwjz8izF54DUKiEkkqpQMWoHCpW5VS51BUqt7pS5VF5VURdpeLU1SqfukblVwVUQVVIxavCqojSyiirSIWqqCqmoupavPCCUaVUaeVUGZWgrv9X8lVxdZ0qoUr+Kv/i/JL+wfxAnT9oG9VGtVPtVHvVXnVQHVSiSlQdVUfVSXVSnVVn1UV1UV1VV9VNdVPdVXfVQ/VQPVVPlaSSVB/1guqr+qn+6kU1QL2kBqqBapAapJJVshqihqihaqgapoap4Wq4GqlGqlFqlBqtRquxaqxKUSlqgpqgJqqJapKapCarySpVpappapqarqarmWqmmqVmqdlqtpqr5qo0labmq/kqXaWrhWqhylCL1CK1RC1Ry9QytUKtUKvUKrVGrVHr1DqVoTaqjWqz2qy2qq1qu9qudqgdaqfaqXar3WqP2qP2qr1qn9qn9qv9KlNlqgPqgDqoDqpD6pA6rA6rI+qIOqaOqePquDqhTqhT6pQ6o86os+qsOqfOZV32BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJAvuCbIHxQICgaFgvigcFAk0IEJbCAuFD0aXBsUD64LSgQlg1JB6cAFZYKE4PqgbHBDUC64MSgf3BRUCG4OKgaVgspBleCWoGpwa1AtuC2oHtwe1AhqBrWC2sEdQZ3gzqBucFdQL7g7qB/cEzQI7g0aBvcFjYL7g8bBA0GT4MGgafBQ0CxoHrQIWgat/tTxvT9R4BHXU/fSSbq37qNf0H11P91fv6gH6Jf0QP2yHqRf0cl6sB6iX9VD9Wt6mH5dD9cj9Ej9hh6l39Sj9Rg9Vo/TKXq8nqDf0hP123qSfkdP1lN0qp6qp+l39XQ9Q8/U7+lZ+n09W8/Rc/U8naY/0PP1Ap2uP9QL9Uc6Qy/Si/USvVQv08v1Cr1Sr9Kr9Rq9Vq/T6/UGvVFv0pv1Fr1Vb9Pb9cd6h/5E79S79G79qd6jP9N79ed6n/5C79df6kz9lT6gv9YH9Tf6kP5WH9bf6SP6qD6mv9fH9Q/6hD6pT+nT+oz+UZ/VP+lz2mdd3Gd9vRtllIkxMSbWxJpcJpfJbXKbPCaPiZiIiTNxJp/JZ/Kb/KagKWjiTbwpYoqYLGTIFDVFTdRETXFT3JQwJUwpU8o440yCSTBlTVlTzpQz5U15U8FUMBVNRVPZVDa3mFvMreZWc5u5zdxubjc1TU1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTDPTwrQwrUwr09q0Nm1MG9POtDPtTXvTwXQwiSbRdDQdTSfTyXQ2nU0X08V0NV1NN9PNdDfdTQ/Tw/Q0PU2SSTJ9TB/T1/Q1/U1/M8AMMAPNQDPIDDLJJtkMMUPMUDPUDDPDzHAzwozMulA1b5rRZowZa8aZFJNiJpgJZqKZaCaZSWaymWxSTaqZZqaZ6Wa6mWlmmllmlpltZpu5Zq5JM2lmvplv0k26WWgWmgyTYRabxWapWWqWm+VmpVlpVpvVZi2sNevNerPRbDSbzWaz1Ww12812s8PsMDvNTrPb7DZ7zB6z1+w1+8w+s9/sN5km0xwwB8xBc9AcMofMYXPYHDFHzDFzzBw3x80Jc8KcMqfMGVPgwvelN7E2p81lr7C57ZU2j81r/z4uaAvZeFvYFrHa5rcFfhUba20JW9KWsqWts2Vsgr3+N3FFW8lWtlXsLbaqvdVW+01cx95p69q7bD17d87a9o5fxra+vcc2sA/ahogAtrltbFvaJvZB29Q+ZJvZ5raFbWnb28dsB/u4TbRP2I72yd/E8+0Cu9KusqvtGrvT7rKn7Gl70H5jz9gfbU/byw6wL9mB9mU7yL5ik+3g38Qj7Rt2lH3TjrZj7Fg77jfxZDvFptqpdpp91063M34Tp9kP7CybbmfbOXaunfdznDWndPuhXWg/shk2gMV2iV1ql9nldsXFufq8dp1dbzfYHfYTu9lusVvtNrv94oWw3WV320/tHvuZPWC/tvvsF3a/PWQz7Vc/x1nnd8h+aw/b7+wRe9Qes9/b4/YHdTE769y/tz/Zc9ZbICQgSYoCiqEcFEs5KRddQbnpSspDeSlCV1EcXU356BrKTwWoIBWieCpMRUiTIUtEIRWlYhSla+ni9EpRaXJUhhLoeipLN1A5upHK001UgW6milSJKlMVuoWq0q1UjW6j6nQ71aCaVItq0x1Uh+6kunQX1aO7qT7dQw3oXmpI91Ejup8a0wPUhB6kpvQQNaPm1IJaUit6mFrTI9SG2lI7epTa02PUgR6nRHqCOtKT1In+Rp3pKepCT1NXeoa60bPUnZ6jHvQ89aRelES9qQ+9QH2pH/WnF2kAvUQD6WUaRK9QMg2mIfQqDaXXaBi9TsNpBI2kN2gUvUmjaQyNpXGUQuNpAr1FE+ltmkTv0GSaQqk0labRuzSdZtBMeo9m0fs0m+bQXJpHafQBzacFlE4f0kL6iDJoES2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20Xb6mHbQJ7STdtFu+pT20Ge0lz6nffQF7acvKZO+ogP0NR2kb+gQfet70Xd0hI7SMfqejtMPdIJO0ik6TWfoRzpLP9E58gQhhiKUoQqDMCbMEcaGOcNc4RVh7vDKME+YN4yEV4Vx4dVhvvCaMH9YICwYFgrjw8JhkVCHJrQhhWFYNCwWRsNrw+LhdWGJsGRYKiwdurBMmBBeH5YNbwjLhTeG5cObwgrhzWHFsFL44N1VwlvCquGtYbXwtrB6eHtYI6wZ1gprh3eEdcI7w7rhXWG98O6wXHhP2CC8N2wY3hc2Cu8PG4cPhE3CB8Om4UNhs7B52CJsGbYKHw5bh4+EbcK2Ybvw0bB9+FjYIXw8TAyfCDuGT/7cf8+Cf9yfFPYO+4QvhC+E3t8l50bnRdOiH0TnRxdE06MfRhdGP4pmRBdFF0eXRJdGl0WXR1dEV0ZXRVdH10TXRtdF10c3RL2vnQMcOuGkUy5wMS6Hi3U5XS53hcvtrnR5XF4XcVe5OHe1y+eucfldAVfQFXLxrrAr4rQzzjpyoSvqirmou9YVd9e5Eq6kK+VKO+fKuATX0rVyrVxr94hr49q6du5R96h7zD3mHnePuydcR/ek6+T+5jq7p1wX97R72j3jurlnXXf3nOvhxuc5/55Mcn1cH9fX9XX9XX83wA1wA91AN8gNcsku2Q1xQ9xQN9QNc8PccDfcjXQj3Sg3yo12o91YN9aluBQ3wU1wE91EN8lNcpPdZJfqUt00N81Nd9Nd1RnnjzLbzXZz3VyX5tLcfJd1zZjuFrqFLsNluMVusVvqlrrlbrlb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uJ0+7/lB3R631+11+9w+t9996TLdV+6A+9oddN+4Q+5bd9h95464o+6Y+94ddz+4E+6kO+VOuzPuR3fW/eTOOe9SIuMjEyJvRSZG3o5MirwTmRyZEkmNTI1Mi7wbmR6ZEZkZeS8yK/J+ZHZkTmRuZF4kLfJBZH5kQSQ98mFkYeSjSEZkUWRxZElkaWRZxPvCm0Nf1BfzUX+tL+6v8yV8SV/Kl/bOl/EJ/npf1t/gy/kbfXl/k6/gb/YVfSVf2T/km/nmvoVv6Vv5h31r/4hv49v6dv5R394/5jv4x32if8J39E/6Tv5vvrN/ynfxT/uu/hnfzT/ru/vnfA//vO/pe/kk39v38S/4vr6f7+9f9AP8S36gf9kP8q/4ZD/YD/Gv+qH+NT/Mv+6H+xF+ZMwbftTFW2QY51P8eD/Bv+Un+rf9JP+On+yn+FQ/1U/z7/rpfoaf6d/zs/z7fraf4+f6eT7Nf+Dn+wU+3X/oF/qPfIZfdHFR2S/3K/xKv8qv9mv8Wr/Or/cb/Ea/yW/2W/xWv81v9x/7Hf4Tv9Pv8rv9p36P/8zv9Z///Euz/f5Ln+m/8gf81/6g/8Yf8t/6w/47f8Qf9cf89/64/8Gf8Cf9KX/an/E/+rP+J3+Of6TGGGOMMfZPGX+pKX7dc345v/fv5Ihf7NwHAK7cUijzl/1ZV5Rr859v9xPx7SMA8ESvrvdf3GrUSEpKurBvhoSg2ByAi/8TlCUGLsWLoB08BonQFsr+zkzw/7b+aPzoTQC5fpEVC5fiS+N/DoBJvzlCP/HwoyPnVwhPxf3B+HMAShS7lJMTLsWLoN3P6yttodzvzD9r/AKt6Y/nn/OLFIA2v8jJDZfiS/NPgEfgSUj81Z6MMcYYY4wxxth5/UTlzhfvPy/+4vP37s/j1aWcHHAp/uP7c8YYY4wxxhhjjP03eOrZ7o8/nJjYtvO/3qj2b2X9042m8P9rZG78bsN7gIuPKAD4DwcEyGrIv/IsNv0lx0q+8Nb5+66lp30A/x2l/DMal/mDiTHGGGOMMfanu3TR/+vH1eWaEGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlg39FX9O7HKfI2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMXa5/Z8AAAD//6grACo=")
r0 = socket$igmp(0x2, 0x3, 0x2)
write(r0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000001040), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_DEL_KEY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000811}, 0x2)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000696000/0x400000)=nil)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0x58, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x6, 0xffff}}, [@TCA_RATE={0x6, 0x5, {0x40, 0xae}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x4, 0xe, 0x7188, 0x3, 0x1, 0x4, 0x5}}, {0x4}}]}, @TCA_RATE={0x6, 0x5, {0x7, 0x4f}}]}, 0x58}}, 0x44080)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x93)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r4, 0x545c, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x8000000)

6.589995712s ago: executing program 0 (id=609):
syz_mount_image$f2fs(&(0x7f0000000100), &(0x7f0000010600)='./file0\x00', 0x10, &(0x7f0000000200)=ANY=[], 0x1, 0x105d6, &(0x7f0000010640)="$eJzs3E1rY1UYB/AnU+fVcRxkXnTlBREaMKFpO0VBpOoMOmCH4svClaZJGjKT5JYmfXHWuho/gltBxJ2fwY1fY3AhiAvB3YiSe29lqrNwOmlT298Pbv/nnpz75JxLNie3JIBj62Ly+2+luBBnI2IqIs5HZO1ScWQW83g+Il6MiBMPHaWi/++OUxFxLiIujIrnNUvFSwt/3H/w9Qs3X7/37f1y7edvvprcqoFJezkiemt5e6uXZ9rO83bRX9/sZNmb3ywyf6F3pzhP89xqrWQVtuo74+pZzrXz8enaxmCUq916Y5TtzmrWv9bP33Cw2d6pk11wu76enTdbK1l2BmmW7bv5vLaLvDsY5nWaRb3PsvIxHO5k3t/abuXrWbuTZaM/LPrzummztT3KzSKLt4tG2m1m81jZ820+9N7r9De2k83W+qCT9pNr1dqr1dpCpbaeNlvD1nyl3msuzCfT7e5oWGXYqvcW22na7raqjbRXTqbbjUalVkumr7dWOvV+UqtV56ozlWvlovVK8s6tj5JuM5ke5Vud/saw0x0kq+l6kl9RTmarc6+Vk5dqyQdLy8ny+zduLC1/+Mn1j2+9uXTz7WLQv6aVTM/OzM5WajOV2Vr5cK7/VFF/jOufin1Yf+nJLue48wECeGz2/8Ak2P8/zv4/2fN9PuyOyP7/13vHe/17ZvvGE/EBAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4tn46+f27WeNifv500f9M0fVcRFyNiCsRcTki/nyEqTi1q+aliCgV7UeNP/mPOfxQiqzC6JrTxXEuIhaL48Gz+30XAAAA4Oj67sfPv4iYGjWzP29MekIcpOJLmzPjqpd95fPUuKpdyoptj6na5Z2SY3ElIk5e/GVM1a5GxInzn46p2n8ytSvOPBSlPE4c5GwAAICDsXsnMLbdGwAAAIfOl5OeAJORPa8t/he/eBZ8Oo/igeDZXWcAAADA/1Bp0hMAAAAA9l22//f7fwAAAHC05b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwF/s3E+uEjEcB/Af4Aj4JxLDn6uwMi5ZcAiP4NID6G3ccQYTwjlw5xEMGDqVAOLmTXlM3vt8kplOJ/Bth4RFWygAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAt/axWi++br9+a5uz2zZR5GgAAAOCabbVapItRXX+d77/Nt95HxCwiphExiYhrY/devDxJ7MQ4nWvXXl9d9OFHREo4vKefj1cR8TEfv9/d/nMAAACAp2qzni8jeofLdPpwvOIZyJM2g1J5acrnRam0cQr7Uiht8jeyiGlEVKNfhdJmEdF98ynX/vv9GxZq7qSRXAxOik5ddAs2BgAAtMT5SKDY6A0AAIDW+XzvDnAfab02/xY/rwX36yIvCA7PagAAAEB7Xf7b/qjzuP0AAAAA7iCN///Z/y/PCjx8/7+w/x8AAAC0SL3/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALe0rVaLzXq+bJqz2zdT5mkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4w/68o0AIhEEY7F3fdxq8/7GkQVNTkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDe/+8v/ialxJpl7bSw9jyRrp8bWqbF3bhz9YXz9GgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn/uTiAEgiAM9p3/OS3mH5Y0aAwiVMHCxwzzsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX/S7X/5PTI0zydxpY+l4JFm7amxdNfYeNI4ejLd/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdife9uEgTCOw6+dRInbZIT0Fh8z0FAhGIEPCcmSZ2AAFqKhorVYBFYAAQctnSl4nub/0+mKOwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgPZ2e3viIiOzzkXnkw9Xf4XLwFfm6aQbf18w2x339c8vJdjdK+Rvj/yIiisha+A0AQPvK+6ZYLKt5J203bS9tP205ravZKx8NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwZucOWqJ4wwCAv7s6699/p44qRNChLrmpWQZeOgjeg6BuoptIa4XuQcWLnyDqtNe+Qt7qK/QFgg4leOjgoaBLEMXuzuq7pKIEM4P7+8Ez8+jCzPvuwrDPPO8sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAuBzvhUjcvhRBGB4/ylo/ftheP279/+Wm0G1/vv7sSH7N1iCSE8GSlXruV4VyKbn1z6+lCvV5bk/RDMpR+7EUZj6SwSXyVKOVzcQIA4EJJ0mh9u/yS7M63/leaDeH3m976/3qUh1Pq//3mSBKaI2P7zZGxXxsfGvG54vp/IrMZFsbQSS9UG6svquubWzdXVheWa8u1Z1NTk9N3pm/fuztZbd8rqbpjAgAAwL+ppBHX/+XZv/v//0d5OL3+H+vGw7nHj+JzDfR3/X+io6Zf3iMBAADob5ev/vh+3OrLUqUSNhYajbWJzvbw78nONoehnttQGnH9PzCb96gAAACALBzslHr6/0tRHs7Y/x9/u70XH3MghDCc9v/HF5/Xl7KbTqFl8Thx3nMEAAAgX8NpxP3/pL3+v3y45KEcQrhxrZOnPwN4pvr/8+sHPQ+tx+v/p7KbYiGVZzrvR3s/E8LgTN4jAgAA4CL7L41Wsb+X7M6v/Xw1V7H+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4w44dozQQRGEA3uxmtRIDVmrlBUQvELEQxMZDiILgCUQQDyC2lt7B0jukVrCxsEzhDeTN7qikCVjsKvk+mLxHGDIvkyb/AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMNd0/7uv4mXU9GX73vPH1UnUl5ka3u/XN2NFP+hy6H9nr+8BAAAAWBBVzvdFUbzVj4dRy3HK/3XeE5n/YaXpc56fzf25Pt29buT8f328dfl10Kg5Jz707PzidKezb/j3rc7dMUw3n569VOkHKY9u1qZ1us/B7WRysJTa5S6mBQB+YzvXtsn/h6Lu9jkYAAtj2K7iR/6vxv3OBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCFzwAAAP//9JxdmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x83)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000080)=@v2={0x2, @aes128, 0x0, '\x00', @a})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[])
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)

6.392202028s ago: executing program 8 (id=611):
r0 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
pread64(r0, &(0x7f0000002240)=""/237, 0xed, 0x4eb)

6.0402043s ago: executing program 8 (id=612):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x400, &(0x7f0000000340)=ANY=[], 0x1, 0x1fa, &(0x7f0000000640)="$eJzsmT9oE1Ecx7/v3TXXFhFcHFwcLFjR3r+odOlQQZwEoYo6BnstwWsj6QltQSS4uDiKCK7u4pAhk4Obm6sOKggOZhQchCfvTy4viYk5ErL094G8fH+/9+93L7nvDQeCII4s377++vLsyurNCwCOYQmeyf9wumM4kEefXz48/3zt6qu3n16/3z3+qNW/Hv//liU7WADwbt1BpiIhxOPewUuyedGbuwWOc0bfBoOv5R+h0EEChrtKuUCugdqCEWni36ulm1vVNAllE8kmlk3Z3kvObjcYNgHM6woFs/r3Dg7vV9I0qfeLOdHZZ6CrqBh1mKq+dY41E8v65G9w5+mThozN2SAE12cJIAJHZHQZDBtGr8KD7/vdI7Gu/5TbXd/hY1x/ccGmsg77rf8GMnNiZSqFkRhHCG+C6U13hqWy/oy8ofPMyXbrw+Cs77M+1TeFZzEMcRxlXADyzDUz5uNiml6foNSOkw92ObY/MRc4a/mTCzf3jyDbeRDsHRyuVHcq28l2shvH5cvhxTC8FAdbVQ9hoOxohP/NK39atNafswdYD5QSK2G/kmX1aB/I6lEex7q1HHejWfup5nDlfxzLZ/QarPMA8/5dDzMfrr6lWnaGFk8QBEEQBEEQBEEQBEEQBFGI02DQr0DUiyoxhPiGGv03AAD//8rha5U=")
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
unshare(0x60040000)
open(&(0x7f0000000140)='./file1\x00', 0x109cc2, 0x5c)
getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000008c0)={'nat\x00', 0x0, [0x81, 0x7, 0xffff, 0xb41, 0xfffffffd]}, 0x0)
socket(0x1e, 0x4, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x51, &(0x7f0000000100)={[{@nombcache}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x40}}, {@norecovery}, {@minixdf}, {@nolazytime}]}, 0x8, 0x5fe, &(0x7f0000000ac0)="$eJzs3c1vVFUbAPDnTD9p3/dtIW9UXEgTYyBRWlrAEGMi7AnBj52rSgtBCiW0RosklgQ3JsaNCxNXLsT/QkncunDrwo0rQ0KMYSGGyJg7vVNupzOlXzNTOr9fcuk993bueW7p03PvmXPmBtCxRrJ/ShH7I+Jqihgq7OuOfOfI0vfd//PGuWxJUS6//UeKG5+kxeKxUv51MH/xP0ORfi5F7OtaXe/cwvVLkzMz09fy8tj85atjcwvXD1+8PHlh+sL0lYlXJ04cP3b8xPiRLZ1fserTt97/cOizM+9++/XDNP7dr2dSnIxH+Tdk51X72r4t1Zz9zEaivORBcXv2cz2xxWPvFH8NVX9PHku1G9ixzue/j/+LiGdjKLoK/5tD8embbQ0OaKpyimobBXSctKn879/+QIAWq14HVO/t690Hr1Zq8lUJ0Ar3Ti11ACzlfk9EVPO/e6lvMPoj2zpwP63o50kRsbWeuSVZHT/9eOZWtkSDfjigORZvVnu5a9v/VMnN4eivlAbul1bkf6mwZNvf2mT9IzVl+Q+ts3gzIp7L2//e2FD+jxTy/71N1i//AQAAAAAAYPvcORURr9Qb/1daHv/TW2f8z2BEnNyG+p/8/l/pbr6StqE6oODeqYjXI8qpTv7nhrvy0n8r4wF60vmLM9NH8jmDh6KnLyuP1xy3OEL48Of7vmpUf3H8X7Zk9VfHAuZHuttdMxF3anJ+cqvnDUTcuxnxfGX874F8y8rxP1n7n+q0/1l+X11nHfteun220b4n5z/QLOVvIg7Wnf/z+HI7rf35HGOV64Gx6lXBai98/MX3jeqX/9A+Wfs/sHb+96Xi5/XMbez4vRFxdKG73Gj/Zq//e9M7XdXjZz6anJ+/Nh7Rm06v3j6xsZhht6rmQzVfsvw/9OLa/X/L1/+FPNwTEYvrrPOZR4O/Ndqn/Yf2yfJ/au32f3hl+7/xlYnbwz80qv/sutr/Y5U2/VC+Rf8fFK3+PI71JmhbwgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAp1wpIv4TqTS6vF4qjY5GDEbE/2OgNDM7N//y+dkPrkxl+yrP/y9Vn/Q7tFRO1ef/DxfKEzXloxGxNyK+7NpTKY+em52ZavfJAwAAAAAAAAAAAAAAAAAAwA4xWJnzX+6rnf+f+b2r3dEBTdedf5Xv0Hm6N/3Kct+2BgK03ObzH3jarT//e5oaB9B6jfP/wcNyRUvDAVrI9T90rk3mv7cLYBfQ/kOnWmefXn+z4wDaQfsPAAAAAAC7yt4Dd35JEbH42p7KkunN9xnsD7tbqd0BAG1jDC90ru7ZdkcAtIt7fCAtr/1dd7J/49H/qTkBAQAAAAAAAAAAAACrHNxv/j90qrXn/xvbD7vZGvP/6yW/jwuAXaTxoz9Sb0sDAVrOPT7wpDt98/8BAAAAAAAAAAAAYAfov35pcmZm+trcwtO38sbOCGNjK4uTOyKMbV151Jwj90TEzjjBVq9U5961MYw2/10CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACW/RsAAP//2SQnmg==")

5.773495059s ago: executing program 9 (id=613):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x1)
syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0x5}}}}}}}, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_elf64(r2, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x2, 0x57, 0x4c, 0x80, 0x5, 0x2, 0x3b, 0x7fffffff, 0x31, 0x40, 0xe9, 0x5, 0x4, 0x38, 0x1, 0x800, 0x1, 0xeea5}, [{0x7, 0x5, 0xffffffffffffffff, 0x2, 0x5, 0x3, 0x8, 0x3}]}, 0x78)
splice(r1, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@ipv6_newrule={0x30, 0x20, 0x1, 0x0, 0x25dfdbfc, {0xa, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2001f}, [@FRA_SRC={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}]}, 0x30}}, 0x40000)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0xff, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x1, 0x0, 0x0, 0xfffa}}}}}}}, 0x0)

4.692459595s ago: executing program 9 (id=614):
syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000001480)=ANY=[@ANYBLOB='utf8,utf8,uid=', @ANYRESHEX=0xee01, @ANYBLOB=',iocharset=cp949,errors=remount-ro,utf8,errors=remount-ro,dmask=00000000000000000000003,time_offset=0x0000000000000006,gid=', @ANYRESHEX=0xee00, @ANYBLOB="2c00073bc934e6304a61a825679f7f47435e772a77a77e69b5db166a9f7745d7245b08574a58340594"], 0x1, 0x1544, &(0x7f0000001740)="$eJzs3AmcjlX7OPDrOufcY0zS0yTLcM65bp5kOSZJsiTJkiRJkmRLSJrklYTEkC1pSEKyDMkyhGSZmDT2fV8SkqRJkpBsyfl/FK/61fvW+3vfN79/ru/nc3/mXM+5r3Of+7mee+5llq86DqrWoHrlekQE/xb86UsyAMQCQD8AuAoAAgAoHV86/lx/donJ/95G2H/WA2mXegbsUuL6X964/pc3rv/ljet/eeP6X964/pc3rv/ljevP2OVsw5R8V/Ny+S7/7vN/eaHBz///P8Tn/7+QrBKjPltV4tpOADF/NIXr/5eU54+uyPX/ywr+yEpc/8sb1/8vK/s/7479s+bB/g/j4/9ykO0f9nD9L29cf8YuZ5f6+fN/f5H/tB8il8N78E/2nzHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYY+xOc9BcpALjQvtTzYowxxhhjjDHG2H+Oz3apZ8AYY4wxxhhjjLH/PgQBEhQEEAPZIBayQxwIALgScsJVEIGrIR6ugVxwLeSGPJAX8kEC5IcCoMGABYIQCkIhiMJ1UBiuhyJQFIpBcXBQAhLhBigJN0IpuAlKw81QBm6BslAOykMFuBUqwm1QCW6HynAHVIGqUA2qw51QA+6CmnA31IJ7oDbcC3XgPqgL90M9eADqw4PQAB6ChvAwNILG0ASaQrP/Vf5z0BWeh27QHZKhB/SEF6AX9IY+0Bf6wYvQH16CAfAypMBAGASvwGB4FYbAazAUhsFweB1GwBswEkbBaBgDqTAWxsGbMB7eggkwESbBZEiDKTAV3oZpMB1mwDswE96FWTAb5sBcSIf3YB7Mhwx4HxbAB5AJC2ERLIYlsBSWwXJYASthFayGNbAW1sF62AAbYRNshi2wFbbBh7AdPoIdsBN2/b1+/0r+iZ/lfwy7oRMCAgoUqFBhDMZgLMZiHMZhDsyBOTEnRjCC8RiPuTAX5sbcmBfzYgImYAEsgAYNEhIWxIIYxSgWxsJYBItgMSyGDh0mYiKWxBuxFJbC0lgay2AZLIvlsBxWwApYEStiJayElbEyVsEqWA2r4Z14J/bAmlgTa2EtrI21LzyewnpYD+tjfWyADbAhNsRG2AibYBNshs2wOTbHFtgCW2ErbI2tsQ22wSRMwrbYFtthO2yP7bEDdsCO2BE7YWfsnPVcNsDn8XnsjlVED+yJPbEXpmTrg32xL76I/fElfAlfxhQciIPwFXwFX8UheByH4jAcjsOxongDR+IoJDEGUzEVx+E4HI/jcQJOxIk4GdNwCk7FqTgNp+N0fAdn4rv4Ls7G2TgX0zEd5+F8zMAMXIAnMBMX4iJcjEtwKS7B5bgCl+MqXI2rcC2uxfW4HjfiRtyMm3ErbsUPUQHgR7gTd2IK7sbduAf34F7ci/twH2ZhFu7H/XgAD+BBPIiH8BAexiN4FI/gMTyGx/EEnsSTeBpP4xl8JuGL+h8WXZkC4hwllIgRMSJWxIo4ESdyiBwip8gpIiIi4kW8yCVyidwit8gr8ooEkSAKiALCCCNIhDEAIKIiKgqLwqKIKCKKiWLCCScSRaIoKUqKUqKUKC1uFmXELaKsKCdaugqigqgoWrlK4nZRWVQWVURVUU1UF9VFDVFD1BQ1RS1RS9QWtUUdcZ+oK3pgH3xAnKtMAzEQG4pB2Eg0FvL8EdBcDMEWoqVoJR4Tw3AothHNXZJ4UrQVI7Gd+JsYhU+LDmIMdhTPik6is+ginhNdRQvXTXQXE7CH6CkmYy/RW/QRfcU0rCrewZnZq4mXRYoYKAaJV8RcfFUMEa+JoWKYGC5eFyPEG2KkGCVGizEiVYwV48SbYrx4S0wQE8UkMVmkiSliqnhbTBPTxQzxjpgp3hWzxGwxR8wV6eI9MU/MFxnifbFAfCAyxUKxSCwWS8RSsUwsFyvESrFKrBZrxFqxTqwXG8RGsUlsFlvEVrFNfCi2i4/EDrFT7BIfi93iE7FHfCr2is/EPvG5yBJfiP3iS3FAfCUOiq/FIfGNOCyOiKPiW3FMfCeOixPipDglTovvxRnxgzgrvACJUkgplQxkjMwmY2V2GSevkDlkcP7dvVrGy2tkLnmtzC3zyLwyn0yQ+WUBqaWRVpIMZUFZSEbldbKwvF4WkUVlMVlcOllCJsobZEl5oywlb5Kl5c2yjLxFlpXlZHlZQd4qK8rbJER+2kYVWVVWk9XlnTIZ7pI15d2ylrxH1pb3yjryPllX3i/ryQdkffmgbCAfkg3lw7KRbCybyKaymXxENpePyhaypWwlH5Ot5eOyjXxCJsknZVvpz39EnpYd5DOyo3xWdpKdZRf5gzwrvewmu0voAbKnfEH2kr1lH9lX9pMvyv7yJTlAvixT5EA5SL4iB8tX5RD5mhwqh8nh8nU5Qr4hR8pRcrQcI1PlWDlOvinHy7fkBDlRTpKTZZqcIvucH2mGlL+b/+bP88+deuUUOeDHra+XG+RGuUlullvkVrlNfii3y+1yh9whd8ldcrfcLffIPXKv3Cv3yX0yS2bJ/XK/PCAPyIPyoDwkD8nD8og8Jb+Vx+R38rg8IU/IU/K0PC3PnH8PQKESSiqlAhWjsqlYlV3FqStUDnWlyqmuUhF1tYpX16hc6lqVW+VReVU+laDyqwJKK6OsIhWqgqqQiqrr8PwHRhVTxZVTJVSiuuFfyVeF1fWqiCr6i/wL80v+B/Nrppqp5qq5aqFaqFaqlWqtWqs2qo1KUkmqrWqr2ql2qr1qrzqoDqqj6qg6qU6qi+qiuqquqpvqppJVsuqpXlC9VG/VR/VV/dSLqr/qrwaoASpFpahBapAarAarIWqIGqqGquFquBqhRqiRaqQarUarVJWqxqlxarwaryaoCWqSmqTSVJqaqqaqaWqamqFmqJlqppqlZqk5ao5KV+lqnpqnMlSGWqAWqEy1UC1Ui9VitVQtVcvVcrVSrVSr1Wq1Vq1VmWqD2qA2qU1qi9qitqltarvarnaoHWqX2qV2q91qj9qj9qq9ap/ap7JUltqv9qsD6oA6qA6qQ+qQOqwOq6PqqDqmjqnj6rg6qU6q0+q0OqPOqLPqrIJAgAhEoAIVxAQxQWwQG8QFcUGOIEeQM8gZRIJIEB/EB7mCa4PcQZ4gb5AvSAjyBwUCHZjABuJ80aPBdUHh4PqgSFA0KBYUD1xQIkgMbghKBjcGpYKbgtLBzUGZ4JagbFAuKB9UCG4NKga3BZWC24PKwR1BlaBqUC2oHtwZ1AjuCmoGdwe1gnuC2sG9QZ3gvqBucH9QL3ggqB88GDQIHgoaBg8HjYLGQZOgadDsPzq+98fzPOq66e46WffQPfULupfurfvovrqfflH31y/pAfplnaIH6kH6FT1Yv6qH6Nf0UD1MD9ev6xH6DT1Sj9Kj9RidqsfqcfpNPV6/pSfoiXqSnqzT9BQ9Vb+tp+npeoZ+R8/U7+pZeraeo+fqdP2enqfn6wz9vl6gP9CZeqFepBfrJXqpXqaX6xV6pV6lV+s1eq1ep9frDXqj3qQ36y16q96mP9Tb9Ud6h96pd+mP9W79id6jP9V79Wd6n/5cZ+kv9H79pT6gv9IH9df6kP5GH9ZH9FH9rT6mv9PH9Ql9Up/Sp/X3+oz+QZ/V/tzF/bnTu1FGmRgTY2JNrIkzcSaHyWFympwmYiIm3sSbXCaXyW1ym7wmr0kwCaaAKWDOIUOmoClooiZqCpvCpogpYoqZYsYZZxJNoilpSppSppQpbUqbMqaMKWvKmvKmvLnV3GpuM7eZ283t5g5zh6lqqprqprqpYWqYmqamqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpkmpolpZpqZ5qa5aWFamFamlWltWps2po1JMkmmrWlr2pl2pr1pbzqYDqaj6Wg6mU6mi+liupquppvpZpJNsulpeppeppfpY/qYfqaf6W/6mwFmgEkxKWaQGWQGm8FmiBlihpphZvi5C1XzhhlpRpnRZoxJNalmnBlnxpvxZoKZYCaZSSbNpJmpZqqZZqaZGWaGmWlmmllmlplj5ph0k27mmXkmw2SYBWaByTSZZpFZZJaYJWaZWWZWmBVmlVll1sAas86sMxvMBrPJbDJbzBazzWwz2812s8PsMLvMLrPb7DZ7zB6z1+w1+8w+k2WyzH6z3xwwB8xBc9AcMofMYXPYHDVHzTFzzBw3x81Jc9KcNnnOny+9ibXZbZy9wuawV9qc9ir7P+O8Np9NsPltAattbpvnF7Gx1haxRW0xW9w6W8Im2ht+FZe15Wx5W8Heaiva22ylX8U17F22pr3b1rL32Or2zl/Ete29to59yNZFBLCNbX3b1DawD9mG9mHbyDa2TWxT29o+btvYJ2ySfdK2tU/9Kp5n59sVdqVdZVfbHXanPWlP2QP2K3vafm+72e62n33R9rcv2QH2ZZtiB/4qHm5ftyPsG3akHWVH2zG/iifZyTbNTrFT7dt2mp3+qzjdvmdn2gw7y862c+zcH+Nzc8qw79sF9gObaQNYZBfbJXapXWaX/32ui+1au86ut9vtR3aT3Wy32K1224ULYbvT7rIf2932E7vffmn32s/sPnvQZtkvfozP7d9B+7U9ZL+xh+0Re9R+a4/Z79SF7HP7/q39wZ613gIhAUlSFFAMZaNYyk5xdAXloCspJ11FEbqa4ukaykXXUm7KQ3kpHyVQfipAmgxZIgqpIBWiKF1HF6ZXjIqToxKUSDdQSbqRStFNVJpupjJ0C5WlclSeKtCtVJFuo0p0O1WmO6gKVaVqVJ3upBp0F9Wku6kW3UO16V6qQ/dRXbqf6tEDVJ8epAb0EDWkh6kRNaYm1JSa0SPUnB6lFtSSWtFj1Joepzb0BCXRk9SWnqJ29DdqT09TB3qGOtKz1Ik6Uxd6jrrS89SNulMy9aCe9AL1ot7Uh/pSP3qR+tNLNIBephQaSIPoFRpMr9IQeo2G0jAaTq/TCHqDRtIoGk1jKJXG0jh6k8bTWzSBJtIkmkxpNIWm0ts0jabTDHqHZtK7NItm0xyaS+n0Hs2j+ZRB79MC+oAyaSEtosW0hJbSMlpOK2glraLVtIbW0jpaTxtoI22izbSFttI2+pC200e0g3bSLvqYdtMntIc+pb30Ge2jzymLvqD99CUdoK/oIH3tu9M3dJiO0FH6lo7Rd3ScTtBJOkWn6Xs6Qz/QWfIEIYYilKEKgzAmzBbGhtnDuPCKMEd4ZZgzvCqMhFeH8eE1Ya7w2jB3mCfMG+YLE8L8YYFQhya0IYVhWDAsFEZjrgsLh9eHRcKiYbGweOjCEmFieENYMrwxLBXeFJYObw7LhLeEZcNy4UP3VAhvDSuGt4WVwtvDyuEdYZWwalgtrB7eGdYI7wprhneHtcJ7wlLhvWGd8L6wbnh/WC98IKwfPhg2CB8KG4YPh43CxmGTsGnYLHwkbB4+GrYIW4atwsfC1uHjYZvwiTApfDJsGz71Y/+98/9xf3LYI+wZvhC+EHp/t5wTnRtNj74XnRedH82Ivh9dEP0gmhldGF0UXRxdEl0aXRZdHl0RXRldFV0dXRNdG10XXR/1vno2cOiEk065wMW4bC7WZXdx7gqXw13pcrqrXMRd7eLdNS6Xu9bldnlcXpfPJbj8roDTzjjryIWuoCvkou46V9hd74q4oq6YK+6cK+ESXVPXzDVzzd2jroVr6Vq5x9xj7nH3uHvCPeGedG3dU66d+5tr7552Hdwz7hn3rOvkOrsu7jnX1Y3N+dMxmex6up6ul+vl+rg+rp/r5/q7/m6AG+BSXIob5Aa5wW6wG+KGuKFuqBvuhrsRboQb6Ua60W60S3Wpbpwb58a78W6Cm+AmuUkuzaW5qW6qm+amuYrTf9rKLDfLzXFzXLpLd/PcuWvGDLfALXCZLtMtcovcErfELXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29x2t93t8Ff9NKjb7fa4PW6v2+v2uc9dlvvC7XdfugPuK3fQfe0OuW/cYXfEHXXfumPuO3fcnXAn3Sl32n3vzrgf3FnnXWpkbGRc5M3I+MhbkQmRiZFJkcmRtMiUyNTI25FpkemRGZF3IjMj70ZmRWZH5kTmRtIj70XmReZHMiLvRxZEPohkRhZGFkUWR5ZElka8z78p9AV9IR/11/nC/npfxBf1xXxx73wJn+hv8CX9jb6Uv8mX9jf7Mv4WX9aX8+X9w76Rb+yb+Ka+mX/EN/eP+ha+pW/lH/Ot/eO+jX/CJ/knfVv/lG/n/+bb+6d9B/+M7+if9Z18Z9/FP+e7+ud9N9/dJ/sevqd/wffyvX0f39f38y/6/v4lP8C/7FP8QD/Iv+IH+1f9EP+aH+qH+eExr/sRF26RYYxP9WP9OP+mH+/f8hP8RD/JT/Zpfoqf6t/20/x0P8O/42f6d/0sP9vP8XN9un/Pz/PzfYZ/3y/wH/hMv/DCQ0m/zC/3K/xKv8qv9mv8Wr/Or/cb/Ea/yW/2W/xWv81/6Lf7j/wOv9Pv8h/73f4Tv8d/6vf6z/w+/7nP8l/4/f5Lf8B/5Q/6r/0h/40/7I/4o/5bf8x/54/7E/6kP+VP++/9Gf+DP8t/s8YYY4wx9oeMvdgUv+z56XF+j9/IET9buScAXLk5X9bP+89dUa7J/VO7t0hoHQGAJ7t3fODCUqVKcnLy+XUzJQSFZgNc+EnQOTFwMV4IreBxSIKWUPI3599bdD5NvzN+9GaAuJ/lxMLF+OL4nwJg8m+M/8hjw+eVCU/G/5PxZwMUKXQxJztcjBdCqx+fr7SEUv9g/nma/878s3+WCtDiZzk54GJ8cf6J8Cg8BUm/WJMxxhhjjDHGGPtJb1G+/YX7zwu/8flb9+cJ6mJONrgY/979OWOMMcYYY4wxxi69pzt3eeKRpKSW7f/1RqX/VdYfbjSE/9bI3PjNhvcAF15RAPBvDghwriH/zL3Y+KdsK+X8ofM/u5ac8gH83yjlbzUGXAHw+yuP/vsrl/gbE2OMMcYYY+w/7uLV/y9fV5dqQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2GXoz/jfY5d6HxljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLFL7f8FAAD//y1m/Y0=")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x2020)
open$dir(&(0x7f0000000100)='./file0\x00', 0x149800, 0x0)

1.245060839s ago: executing program 8 (id=615):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r0)
sendmsg$TIPC_NL_PUBL_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="130f000000000000f6ff06"], 0x18}}, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

1.244901019s ago: executing program 9 (id=616):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r1, &(0x7f0000000180)={@val={0x70}, @void, @eth={@broadcast, @multicast, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x30, 0x0, 0x4000, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x4, 0x0}, @multicast1, {[@rr={0x7, 0xb, 0x5, [@multicast1, @multicast2]}]}}, {0x3a00, 0x6558, 0x10, 0x0, @gue={{0x2, 0x0, 0x2, 0xc5}}}}}}}}, 0x42)

1.240782839s ago: executing program 0 (id=622):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000016c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x10, 0x803, 0x0)
io_setup(0x800, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0xd, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x2d516fb6, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x43, 0x0, 0x0, 0x0, 0x4, 0x2, 0x1}})
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001a40)={0x1c, r0, 0x1, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x4cc}]}, 0x1c}, 0x1, 0x0, 0x0, 0x45}, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r6, 0x0)
madvise(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4)

991.860408ms ago: executing program 8 (id=617):
r0 = syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080)={[{@auto_da_alloc}, {@mblk_io_submit}]}, 0x1, 0x569, &(0x7f0000000a00)="$eJzs3d1rm9UfAPDvkzZ7//3WwRgqIgUvnMyla+vLBC/mtQ4Gej9D+6yMpsto0rHWgduFu5bhnQPxXrz2UvwHvPBvGOhgyCiCeBN50idZ2iZtuqUvms8HnnK+z0vPOXlyTs7JSUgAQ2s8+1OIeDkivkoiTkZEkh8bjfzg+Np5q0/vzGRbEo3GJ38kzfOyuPW/Wtcdz4OXIuLnLyPOFTbnW1temS9XKuliHk/UF25O1JZXzl9fKM+lc+mNqenpi+9MT73/3rsDq+ubV7KCjOTRqQdJXIoTedRZjxdwtzMYj/H8MSnGpQ0nTg4gs4Mk6br3hz0vBzszkrfzYmR9wMkYyVs98N/3RUQ0gCGV7Lj9/1rcnZIAe6s1DmjN7Qc0D/7XePLh2gRoc/1H194biSPNudGx1WTdzCib744NIP8sjx9/f/gg22Jw70MAbOvuvYi4MDq6uf9L8v7v+V3o45yNeej/YO/8lI1/3uo2/im0xz/RZfxzvEvbfR7bt//C4wFk01M2/vug6/i3vWg1NpJH/2uO+YrJteuVNOvb/h8RZ6N4OIu3Ws+5uPqo0etY5/gv27L8W2PBvByPRw+vv2a2XC+/SJ07PbkX8UrX8W/Svv/J2v1ft8STPR5X+szjTPrwtV7Htq//7mp8F/FG1/v/rLrJ1uuTE83nw0TrWbHZn/fP/NIr//2uf3b/j21d/7Gkc722tvM8vj3ydxrt9eT11tU/+n/+H0o+baYP5ftul+v1xcmIQ8nH7f2F1v6pZ9e24tb5Wf3Pvr51/5d06f+ORsRnfdb//unvX+117CDc/9mu9789u91w/3eeePTR59/0yr+//u/tZupsvqef/q/fAr7IYwcAAAAAAAAHTSEiTkRSKLXThUKptPb5jtNxrFCp1urnrlWXbsxG87uyY1EstFa6T3Z8HmIyXzFsxVMb4umIOBURX48cbcalmWpldr8rDwAAAAAAAAAAAAAAAAAAAAfE8R7f/8/8NrLfpQN2nZ/8huG1bfsfxC89AQeS138YXto/DK++2n9x98sB7D2v/zC8tH8YXto/DC/tH4aX9g8AAAAAAAAAAAAAAAAAAAAAAAAAAAADdeXy5WxrrD69M5PFs7eWl+art87PprX50sLSTGmmunizNFetzlXS0kx1Ybv/V6lWb05OxdLtiXpaq0/UlleuLlSXbtSvXl8oz6VXU78iBgAAAAAAAAAAAAAAAAAAAJvVllfmy5VKuigxxIm/Go3G814+ut+Fl9iVxH73TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwzD8BAAD//1hdMq0=")
setxattr$incfs_metadata(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280), &(0x7f00000002c0)="30573472b621739991c336124406e8a5c812ca847e3bf9b837c91d46ab", 0x1d, 0x1)
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f0000000380)=ANY=[], 0x361, 0x0)
pwritev2(r0, &(0x7f0000001f80)=[{&(0x7f0000000840)="05b4", 0x2}, {&(0x7f0000000100)}], 0x2, 0x5, 0x6, 0xe)
setxattr$trusted_overlay_upper(&(0x7f0000000340)='./file1\x00', &(0x7f0000000400), 0x0, 0x0, 0x2)
lsetxattr$trusted_overlay_upper(&(0x7f0000000040)='./file1\x00', &(0x7f0000000300), &(0x7f0000000800)=ANY=[], 0xfe37, 0x0)

0s ago: executing program 9 (id=618):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xa, 0x10001}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10)
listen(r3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, 0x0)
write$binfmt_script(r4, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xf7, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x234a047, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002f40)='./bus\x00', 0x1020020, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

kernel console output (not intermixed with test programs):

e 2 family 0 port 6081 - 0
[  119.402421][ T2951] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.536041][ T2951] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.616399][ T6064] loop1: detected capacity change from 0 to 40427
[  119.659225][ T6064] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  119.703486][ T6064] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  119.746911][ T6064] F2FS-fs (loop1): invalid crc value
[  119.813321][ T6064] F2FS-fs (loop1): Found nat_bits in checkpoint
[  120.069668][ T6064] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  120.076809][ T6064] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  120.191558][ T6064] syz.1.59: attempt to access beyond end of device
[  120.191558][ T6064] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  120.325997][ T5786] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  120.338413][ T5786] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  120.346918][ T5786] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  120.385819][ T5786] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  120.401298][ T5786] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  120.409068][ T5786] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  122.473113][ T5082] Bluetooth: hci3: command tx timeout
[  122.683779][ T6086] loop3: detected capacity change from 0 to 40427
[  122.983553][ T6093] chnl_net:caif_netlink_parms(): no params data found
[  124.963090][ T5082] Bluetooth: hci3: command tx timeout
[  125.599746][ T6093] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.626613][ T6093] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.648853][ T6093] bridge_slave_0: entered allmulticast mode
[  125.651145][ T6144] overlayfs: failed to clone upperpath
[  125.666287][ T6093] bridge_slave_0: entered promiscuous mode
[  125.848296][ T6093] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.866164][ T6093] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.904200][ T6093] bridge_slave_1: entered allmulticast mode
[  125.939882][ T6093] bridge_slave_1: entered promiscuous mode
[  126.071745][ T2951] hsr_slave_0: left promiscuous mode
[  126.110970][ T2951] hsr_slave_1: left promiscuous mode
[  126.122845][ T2951] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  126.138030][ T2951] batman_adv: batadv0: Removing interface: batadv_slave_0
[  126.173235][ T2951] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  126.190434][ T2951] batman_adv: batadv0: Removing interface: batadv_slave_1
[  126.222990][ T2951] bridge_slave_1: left allmulticast mode
[  126.236948][ T2951] bridge_slave_1: left promiscuous mode
[  126.244892][   T27] audit: type=1326 audit(2000000019.370:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6147 comm="syz.0.80" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3cb1f9c819 code=0x0
[  126.269479][ T2951] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.333878][ T2951] bridge_slave_0: left allmulticast mode
[  126.361863][ T2951] bridge_slave_0: left promiscuous mode
[  126.368850][ T2951] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.554823][ T2951] veth1_macvtap: left promiscuous mode
[  126.613394][ T2951] veth0_macvtap: left promiscuous mode
[  126.619312][ T2951] veth1_vlan: left promiscuous mode
[  126.625890][ T2951] veth0_vlan: left promiscuous mode
[  127.029265][ T5082] Bluetooth: hci3: command tx timeout
[  128.283244][ T6140] loop3: detected capacity change from 0 to 131072
[  128.313230][ T2951] team0 (unregistering): Port device team_slave_1 removed
[  128.320703][ T6140] F2FS-fs (loop3): invalid crc value
[  128.364808][ T6140] F2FS-fs (loop3): Found nat_bits in checkpoint
[  128.406597][ T2951] team0 (unregistering): Port device team_slave_0 removed
[  128.468096][ T6140] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  128.505411][ T2951] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  128.623955][ T2951] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  128.751520][ T6163] loop1: detected capacity change from 0 to 4096
[  128.767364][ T6163] EXT4-fs: inline encryption not supported
[  128.803971][ T6163] EXT4-fs (loop1): Test dummy encryption mode enabled
[  128.818420][ T6163] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c01d, mo2=0003]
[  128.829077][ T6163] System zones: 0-5
[  128.851681][ T6163] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.037324][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.119221][ T5082] Bluetooth: hci3: command tx timeout
[  129.273894][ T6167] loop1: detected capacity change from 0 to 256
[  129.378430][ T6167] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d)
[  129.480034][ T6167] 9pnet_fd: p9_fd_create_unix (6167): problem connecting socket: ./file0: -13
[  129.744277][ T6171] loop1: detected capacity change from 0 to 256
[  129.804530][ T2951] bond0 (unregistering): Released all slaves
[  129.868806][ T6171] FAT-fs (loop1): Directory bread(block 64) failed
[  129.875414][ T6171] FAT-fs (loop1): Directory bread(block 65) failed
[  129.888993][ T6171] FAT-fs (loop1): Directory bread(block 66) failed
[  129.895620][ T6171] FAT-fs (loop1): Directory bread(block 67) failed
[  129.911216][ T6171] FAT-fs (loop1): Directory bread(block 68) failed
[  129.926088][ T6171] FAT-fs (loop1): Directory bread(block 69) failed
[  129.937533][ T6171] FAT-fs (loop1): Directory bread(block 70) failed
[  129.944705][ T6171] FAT-fs (loop1): Directory bread(block 71) failed
[  129.951758][ T6171] FAT-fs (loop1): Directory bread(block 72) failed
[  129.970837][ T6171] FAT-fs (loop1): Directory bread(block 73) failed
[  130.034210][ T6093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  130.095923][ T6093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  130.251417][ T6093] team0: Port device team_slave_0 added
[  130.269098][ T2974] kworker/u4:10: attempt to access beyond end of device
[  130.269098][ T2974] loop1: rw=1, sector=1224, nr_sectors = 4 limit=256
[  130.292762][ T6093] team0: Port device team_slave_1 added
[  130.430183][ T6093] batman_adv: batadv0: Adding interface: batadv_slave_0
[  130.447895][ T6093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.511861][ T6093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  130.551150][ T6093] batman_adv: batadv0: Adding interface: batadv_slave_1
[  130.558175][ T6093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.593706][ T6093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  130.818321][ T6093] hsr_slave_0: entered promiscuous mode
[  130.834989][ T6093] hsr_slave_1: entered promiscuous mode
[  130.844048][ T6093] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  130.855995][ T6093] Cannot create hsr debugfs directory
[  131.157153][ T6190] loop1: detected capacity change from 0 to 8192
[  131.197658][   T27] audit: type=1800 audit(2000000024.310:6): pid=6190 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.89" name="file2" dev="loop1" ino=1048605 res=0 errno=0
[  131.203654][ T6190] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[  131.771659][ T6190] FAT-fs (loop1): Filesystem has been set read-only
[  133.116310][ T6203] loop3: detected capacity change from 0 to 512
[  133.218112][ T6203] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  133.258210][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  133.268254][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  133.311128][ T6203] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  133.358577][ T6203] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  133.421987][ T6203] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  133.485609][ T6203] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e02c, mo2=0000]
[  133.525617][ T6093] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  133.544645][ T6203] EXT4-fs (loop3): orphan cleanup on readonly fs
[  133.565287][ T6203] EXT4-fs warning (device loop3): ext4_enable_quotas:7184: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  133.587473][ T6203] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  133.598187][ T6093] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  133.614693][ T6203] EXT4-fs (loop3): 1 truncate cleaned up
[  133.627837][ T6093] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  133.650146][ T6203] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  133.653502][ T6093] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  133.690522][ T6203] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.925927][ T6093] 8021q: adding VLAN 0 to HW filter on device bond0
[  134.039089][ T6093] 8021q: adding VLAN 0 to HW filter on device team0
[  134.071573][ T6209] loop1: detected capacity change from 0 to 128
[  134.140095][ T6209] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  134.162301][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.169570][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state
[  134.184177][ T6209] ext4 filesystem being mounted at /23/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  134.252184][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.259412][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state
[  134.324589][ T5772] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  134.421930][ T6093] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  134.718974][ T5814] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  134.883429][ T6093] 8021q: adding VLAN 0 to HW filter on device batadv0
[  134.925363][ T5814] usb 4-1: unable to get BOS descriptor or descriptor too short
[  134.949065][ T5814] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7
[  134.983381][ T5814] usb 4-1: New USB device found, idVendor=1235, idProduct=4661, bcdDevice= 0.40
[  135.003469][ T5814] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.037291][ T5814] usb 4-1: Product: syz
[  135.048605][ T5814] usb 4-1: Manufacturer: syz
[  135.053286][ T5814] usb 4-1: SerialNumber: syz
[  135.305566][   T27] audit: type=1326 audit(2000000028.420:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6210 comm="syz.3.91" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb61b99c819 code=0x0
[  135.770276][ T6093] veth0_vlan: entered promiscuous mode
[  135.803952][ T6093] veth1_vlan: entered promiscuous mode
[  135.872759][ T6093] veth0_macvtap: entered promiscuous mode
[  135.893076][ T6093] veth1_macvtap: entered promiscuous mode
[  135.950304][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.982943][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.022916][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.041191][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.068735][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.089487][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.120291][ T6093] batman_adv: batadv0: Interface activated: batadv_slave_0
[  136.160567][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.184150][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.206979][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.232406][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.253813][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.281985][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.309340][ T6093] batman_adv: batadv0: Interface activated: batadv_slave_1
[  136.331808][ T6093] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  136.358555][ T6093] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  136.367355][ T6093] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  136.388756][ T6093] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  136.602185][ T2951] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  136.623455][ T2951] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.702310][ T2951] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  136.721354][ T2951] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.106069][ T6271] loop4: detected capacity change from 0 to 256
[  137.226365][ T6271] FAT-fs (loop4): Directory bread(block 64) failed
[  137.250767][ T6271] FAT-fs (loop4): Directory bread(block 65) failed
[  137.285825][ T6271] FAT-fs (loop4): Directory bread(block 66) failed
[  137.307585][ T6271] FAT-fs (loop4): Directory bread(block 67) failed
[  137.324979][ T6271] FAT-fs (loop4): Directory bread(block 68) failed
[  137.342821][ T6271] FAT-fs (loop4): Directory bread(block 69) failed
[  137.362044][ T6271] FAT-fs (loop4): Directory bread(block 70) failed
[  137.370908][ T6271] FAT-fs (loop4): Directory bread(block 71) failed
[  137.378404][ T6271] FAT-fs (loop4): Directory bread(block 72) failed
[  137.386467][ T6271] FAT-fs (loop4): Directory bread(block 73) failed
[  137.761873][ T2951] kworker/u4:9: attempt to access beyond end of device
[  137.761873][ T2951] loop4: rw=1, sector=1224, nr_sectors = 4 limit=256
[  137.889069][ T5814] usb 4-1: unit 236 not found!
[  137.893992][ T5814] usb 4-1: unit 58 not found!
[  137.973398][ T6289] loop4: detected capacity change from 0 to 128
[  138.027810][ T6289] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  138.055670][ T5814] usb 4-1: USB disconnect, device number 3
[  138.136742][ T6289] ext4 filesystem being mounted at /2/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  138.216534][ T5784] udevd[5784]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  138.371753][ T6093] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  138.744241][ T6304] loop3: detected capacity change from 0 to 512
[  138.800150][ T6304] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  138.840745][ T6304] EXT4-fs (loop3): can't mount with data_err=abort, fs mounted w/o journal
[  139.769358][ T6326] syz.3.104 (6326) used greatest stack depth: 17392 bytes left
[  140.063282][ T6335] loop4: detected capacity change from 0 to 2048
[  140.140681][ T6335] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.239798][ T6335] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.525344][ T6093] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.978618][ T6261] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  141.168917][ T6261] usb 5-1: Using ep0 maxpacket: 8
[  141.190543][ T6261] usb 5-1: config 1 interface 2 altsetting 1 has an invalid endpoint with address 0x78, skipping
[  141.220382][ T6261] usb 5-1: New USB device found, idVendor=0582, idProduct=0025, bcdDevice= 0.40
[  141.248619][ T6261] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.277437][ T6261] usb 5-1: Product: syz
[  141.287436][ T6261] usb 5-1: Manufacturer: syz
[  141.302738][ T6261] usb 5-1: SerialNumber: syz
[  141.559298][ T6261] usb 5-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[  141.588781][ T6261] usb 5-1: clock source 0 is not valid, cannot use
[  141.599802][ T6261] usb 5-1: 1:1: cannot get freq (v2/v3): err -71
[  141.628672][ T6261] usb 5-1: 1:1: cannot set freq 44100 (v2/v3): err -71
[  141.647680][ T6261] snd-usb-audio: probe of 5-1:1.0 failed with error -22
[  141.689974][ T6261] snd-usb-audio: probe of 5-1:1.1 failed with error -22
[  141.855568][ T6261] snd-usb-audio: probe of 5-1:1.2 failed with error -22
[  141.893872][ T6261] usb 5-1: USB disconnect, device number 2
[  141.943325][ T5788] udevd[5788]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  143.224182][ T6379] loop4: detected capacity change from 0 to 256
[  145.180982][ T6391] overlay: filesystem on ./bus is read-only
[  145.471634][ T6399] loop1: detected capacity change from 0 to 256
[  145.479743][ T6399] exfat: Deprecated parameter 'utf8'
[  145.485112][ T6399] exfat: Deprecated parameter 'utf8'
[  145.512496][ T6399] exfat: Deprecated parameter 'utf8'
[  145.547851][ T6399] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  146.438760][ T6413] loop3: detected capacity change from 0 to 512
[  146.533955][ T6413] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.125: inode has both inline data and extents flags
[  146.595549][ T6413] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.125: couldn't read orphan inode 15 (err -117)
[  146.683384][ T6413] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.911266][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.132741][ T6418] loop3: detected capacity change from 0 to 1024
[  147.159770][ T6418] EXT4-fs: Ignoring removed oldalloc option
[  147.200009][ T6418] EXT4-fs: Ignoring removed bh option
[  147.220190][ T6418] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  147.306504][ T6418] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.533288][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.713682][ T6428] loop3: detected capacity change from 0 to 128
[  147.743347][ T6428] FAT-fs (loop3): Unrecognized mount option "ÿÿÿÿ" or missing value
[  150.213001][ T6440] loop3: detected capacity change from 0 to 40427
[  150.285680][ T6440] F2FS-fs (loop3): Unrecognized mount option "whint_mode=user-based" or missing value
[  151.828872][ T6261] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  151.851552][ T6476] 9pnet_fd: Insufficient options for proto=fd
[  152.022335][ T6261] usb 2-1: Using ep0 maxpacket: 32
[  152.033676][ T6261] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 127, changing to 10
[  152.047824][ T6261] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  152.068699][ T6261] usb 2-1: New USB device found, idVendor=044f, idProduct=b651, bcdDevice= 0.00
[  152.078132][ T6261] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.096810][ T6261] usb 2-1: config 0 descriptor??
[  152.158834][ T5814] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  152.246059][   T27] audit: type=1326 audit(2000000045.360:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb61b99c819 code=0x7ffc0000
[  152.290928][   T27] audit: type=1326 audit(2000000045.360:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb61b99c819 code=0x7ffc0000
[  152.339836][   T27] audit: type=1326 audit(2000000045.390:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb61b93db99 code=0x7ffc0000
[  152.368280][   T27] audit: type=1326 audit(2000000045.390:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb61b93db99 code=0x7ffc0000
[  152.397458][ T5814] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  152.416485][ T5814] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  152.423717][   T27] audit: type=1326 audit(2000000045.390:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb61b93db99 code=0x7ffc0000
[  152.426288][ T5814] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  152.426343][ T5814] usb 5-1: Product: syz
[  152.426358][ T5814] usb 5-1: SerialNumber: syz
[  152.486417][   T27] audit: type=1326 audit(2000000045.390:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb61b93db99 code=0x7ffc0000
[  152.519887][   T27] audit: type=1326 audit(2000000045.390:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb61b93db99 code=0x7ffc0000
[  152.559945][   T27] audit: type=1326 audit(2000000045.390:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb61b93db99 code=0x7ffc0000
[  152.583126][ T6261] thrustmaster 0003:044F:B651.0001: unknown main item tag 0x3
[  152.591172][ T6261] thrustmaster 0003:044F:B651.0001: unknown main item tag 0x3
[  152.598833][ T6261] thrustmaster 0003:044F:B651.0001: unknown main item tag 0x4
[  152.606681][ T6261] thrustmaster 0003:044F:B651.0001: unknown main item tag 0x1
[  152.614654][ T6261] thrustmaster 0003:044F:B651.0001: unknown main item tag 0x4
[  152.622433][ T6261] thrustmaster 0003:044F:B651.0001: bogus close delimiter
[  152.630412][ T6261] thrustmaster 0003:044F:B651.0001: item 0 0 2 10 parsing failed
[  152.639710][ T6261] thrustmaster 0003:044F:B651.0001: parse failed
[  152.646332][ T6261] thrustmaster: probe of 0003:044F:B651.0001 failed with error -22
[  152.678312][   T27] audit: type=1326 audit(2000000045.390:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb61b93db99 code=0x7ffc0000
[  152.706663][   T27] audit: type=1326 audit(2000000045.390:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb61b93db99 code=0x7ffc0000
[  152.760335][ T5815] usb 2-1: USB disconnect, device number 3
[  153.228528][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  153.477638][ T5814] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[  153.552997][ T5814] cdc_ncm 5-1:1.0: setting tx_max = 48
[  154.349201][ T6492] overlay: filesystem on ./bus is read-only
[  154.363709][ T5814] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  154.433425][ T5814] usb 5-1: USB disconnect, device number 3
[  154.469736][ T5814] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM (NO ZLP)
[  154.490098][ T6493] loop1: detected capacity change from 0 to 1024
[  154.517862][ T6493] EXT4-fs: Ignoring removed bh option
[  154.679378][ T6493] EXT4-fs: Ignoring removed oldalloc option
[  154.696163][ T6493] EXT4-fs: Ignoring removed nobh option
[  154.705861][ T6493] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  154.759946][ T6493] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.862460][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.214598][ T6544] loop3: detected capacity change from 0 to 128
[  156.296719][ T6547] netlink: 20 bytes leftover after parsing attributes in process `syz.1.157'.
[  156.339592][ T6544] syz.3.154: attempt to access beyond end of device
[  156.339592][ T6544] loop3: rw=2049, sector=145, nr_sectors = 5 limit=128
[  156.419564][ T6544] syz.3.154: attempt to access beyond end of device
[  156.419564][ T6544] loop3: rw=34817, sector=102, nr_sectors = 27 limit=128
[  156.495260][ T6544] syz.3.154: attempt to access beyond end of device
[  156.495260][ T6544] loop3: rw=34817, sector=145, nr_sectors = 5 limit=128
[  157.238607][ T5608] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  157.428867][ T5608] usb 4-1: Using ep0 maxpacket: 16
[  157.438732][ T5608] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  157.463042][ T5608] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  157.483369][ T5608] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  157.501996][ T5608] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.519666][ T5608] usb 4-1: Product: syz
[  157.532832][ T5608] usb 4-1: Manufacturer: syz
[  157.548220][ T5608] usb 4-1: SerialNumber: syz
[  157.775231][ T5608] usb 4-1: 0:2 : does not exist
[  157.796509][ T5608] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  157.886848][ T5608] usb 4-1: USB disconnect, device number 4
[  157.967130][ T5782] udevd[5782]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  157.989509][ T6579] loop4: detected capacity change from 0 to 512
[  158.048379][ T6359] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  158.793184][ T6601] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  160.940309][ T6641] loop4: detected capacity change from 0 to 16
[  160.992258][ T6641] erofs: (device loop4): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  162.036373][ T6651] loop4: detected capacity change from 0 to 1024
[  162.200256][ T6651] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  162.210585][ T6651] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  162.234230][ T6651] EXT4-fs (loop4): invalid journal inode
[  162.240490][ T6651] EXT4-fs (loop4): can't get journal size
[  162.293822][ T6651] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 17104912: comm syz.4.181: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  162.314010][ T6651] EXT4-fs (loop4): failed to initialize system zone (-117)
[  162.321952][ T6651] EXT4-fs (loop4): mount failed
[  162.427101][ T6261] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  163.353817][ T6659] loop1: detected capacity change from 0 to 4096
[  163.409744][ T6659] EXT4-fs: inline encryption not supported
[  163.461134][ T6659] ext4: Unknown parameter 'nouser_xattr'
[  163.818877][ T6261] usb 4-1: Using ep0 maxpacket: 16
[  163.826106][ T6261] usb 4-1: config 1 has an invalid interface number: 105 but max is 0
[  163.847284][ T6261] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  163.898580][ T6261] usb 4-1: config 1 has no interface number 0
[  163.904820][ T6261] usb 4-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  163.967526][ T6664] loop1: detected capacity change from 0 to 256
[  163.971336][ T6261] usb 4-1: config 1 interface 105 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  164.019242][ T6261] usb 4-1: config 1 interface 105 has no altsetting 0
[  164.047465][ T6668] loop4: detected capacity change from 0 to 1024
[  164.054938][ T6261] usb 4-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  164.077685][ T6664] FAT-fs (loop1): Directory bread(block 64) failed
[  164.078738][ T6261] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  164.116417][ T6664] FAT-fs (loop1): Directory bread(block 65) failed
[  164.119634][ T6668] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  164.139571][ T6261] usb 4-1: Product: syz
[  164.149196][ T6261] usb 4-1: Manufacturer: syz
[  164.153917][ T6261] usb 4-1: SerialNumber: syz
[  164.170612][ T6664] FAT-fs (loop1): Directory bread(block 66) failed
[  164.209182][ T6668] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  164.215093][ T6664] FAT-fs (loop1): Directory bread(block 67) failed
[  164.239059][ T6668] EXT4-fs (loop4): orphan cleanup on readonly fs
[  164.247634][ T6668] EXT4-fs error (device loop4): ext4_free_blocks:6694: comm syz.4.186: Freeing blocks not in datazone - block = 0, count = 4096
[  164.268811][ T6664] FAT-fs (loop1): Directory bread(block 68) failed
[  164.275488][ T6664] FAT-fs (loop1): Directory bread(block 69) failed
[  164.282735][ T6664] FAT-fs (loop1): Directory bread(block 70) failed
[  164.289478][ T6664] FAT-fs (loop1): Directory bread(block 71) failed
[  164.296267][ T6664] FAT-fs (loop1): Directory bread(block 72) failed
[  164.303228][ T6664] FAT-fs (loop1): Directory bread(block 73) failed
[  164.322506][ T6261] usb 4-1: can't set config #1, error -71
[  164.332698][ T6261] usb 4-1: USB disconnect, device number 5
[  164.367302][ T6668] EXT4-fs (loop4): Remounting filesystem read-only
[  164.411738][ T6668] EXT4-fs (loop4): 1 orphan inode deleted
[  164.459639][ T6668] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  164.650836][ T6677] netlink: 64 bytes leftover after parsing attributes in process `syz.0.196'.
[  164.685564][ T6093] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.809497][ T6680] loop1: detected capacity change from 0 to 512
[  164.873552][ T6680] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.047913][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.347009][ T6697] netlink: 64 bytes leftover after parsing attributes in process `syz.4.193'.
[  165.461147][   T23] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  165.545171][ T6697] loop4: detected capacity change from 0 to 4096
[  165.580763][ T6697] EXT4-fs: Ignoring removed orlov option
[  165.652643][ T6697] EXT4-fs (loop4): Test dummy encryption mode enabled
[  165.669049][   T23] usb 2-1: Using ep0 maxpacket: 8
[  165.680233][   T23] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  165.699185][   T23] usb 2-1: config 179 has no interface number 0
[  165.705572][   T23] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  165.728617][   T23] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  165.743211][   T23] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  165.755068][   T23] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  165.756873][ T6697] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.766569][   T23] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  165.766625][   T23] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  165.766648][   T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.813461][ T6693] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  165.878965][ T6673] loop3: detected capacity change from 0 to 40427
[  165.904913][ T6673] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  165.914075][ T6673] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  165.949352][ T6673] F2FS-fs (loop3): invalid crc value
[  165.980387][ T6673] F2FS-fs (loop3): Found nat_bits in checkpoint
[  166.104821][   T23] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input6
[  166.244570][ T6093] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.342809][ T6673] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  166.381568][ T5815] usb 2-1: USB disconnect, device number 4
[  166.381632][    C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  166.396068][    C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  166.408367][ T5815] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  166.424852][ T6673] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  166.562469][ T6013] udevd[6013]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[  167.047828][ T6728] loop4: detected capacity change from 0 to 256
[  167.136556][ T6728] FAT-fs (loop4): Directory bread(block 64) failed
[  167.145933][ T6728] FAT-fs (loop4): Directory bread(block 65) failed
[  167.153409][ T6728] FAT-fs (loop4): Directory bread(block 66) failed
[  167.160525][ T6728] FAT-fs (loop4): Directory bread(block 67) failed
[  167.167298][ T6728] FAT-fs (loop4): Directory bread(block 68) failed
[  167.187416][ T6728] FAT-fs (loop4): Directory bread(block 69) failed
[  167.221880][ T6728] FAT-fs (loop4): Directory bread(block 70) failed
[  167.242811][ T6728] FAT-fs (loop4): Directory bread(block 71) failed
[  167.259714][ T6728] FAT-fs (loop4): Directory bread(block 72) failed
[  167.277750][ T6728] FAT-fs (loop4): Directory bread(block 73) failed
[  167.629834][ T6741] netlink: 64 bytes leftover after parsing attributes in process `syz.3.199'.
[  167.705765][ T6743] netlink: 64 bytes leftover after parsing attributes in process `syz.0.204'.
[  167.823654][ T6741] loop3: detected capacity change from 0 to 4096
[  167.841404][ T6747] loop4: detected capacity change from 0 to 512
[  167.856455][ T6741] EXT4-fs: Ignoring removed orlov option
[  167.863642][ T6747] EXT4-fs: Ignoring removed mblk_io_submit option
[  167.891850][ T6747] EXT4-fs: Ignoring removed mblk_io_submit option
[  167.904079][ T6741] EXT4-fs (loop3): Test dummy encryption mode enabled
[  167.913650][ T6747] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  167.953162][ T6741] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.972299][ T6747] EXT4-fs (loop4): 1 truncate cleaned up
[  168.009596][ T6747] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.260113][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.396376][ T6093] EXT4-fs error (device loop4): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /33/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  168.495156][ T6093] EXT4-fs (loop4): Remounting filesystem read-only
[  168.951035][ T6781] netlink: 64 bytes leftover after parsing attributes in process `syz.0.214'.
[  168.971694][ T6093] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.039634][ T6785] netlink: 64 bytes leftover after parsing attributes in process `syz.1.215'.
[  169.337733][ T6788] loop1: detected capacity change from 0 to 4096
[  169.392568][ T6788] EXT4-fs: Ignoring removed orlov option
[  169.416091][   T49] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.496545][ T6788] EXT4-fs (loop1): Test dummy encryption mode enabled
[  169.561199][ T6788] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.747831][   T49] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.820409][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.998788][   T49] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.231508][   T49] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.308060][ T6778] loop3: detected capacity change from 0 to 40427
[  170.468619][ T6778] F2FS-fs (loop3): Found nat_bits in checkpoint
[  170.555876][ T6815] loop1: detected capacity change from 0 to 256
[  170.608231][ T6815] exfat: Deprecated parameter 'namecase'
[  170.683035][ T6815] exfat: Deprecated parameter 'namecase'
[  170.767408][ T6778] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  170.800730][ T6815] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d)
[  171.202829][ T5786] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  171.213977][ T5786] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  171.226563][ T5786] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  171.305950][ T6826] loop1: detected capacity change from 0 to 16
[  171.338617][ T6826] erofs: (device loop1): mounted with root inode @ nid 36.
[  171.514346][ T5786] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  171.527586][ T5786] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  171.539237][ T5786] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  172.922101][ T6829] loop1: detected capacity change from 0 to 40427
[  172.958914][ T6829] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  172.966874][ T6829] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  173.021167][ T6829] F2FS-fs (loop1): invalid crc value
[  173.072633][ T6829] F2FS-fs (loop1): Found nat_bits in checkpoint
[  173.275050][ T6829] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  173.289796][ T6848] binder: 6846:6848 ioctl c0306201 2000000004c0 returned -14
[  173.307601][ T6829] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  173.606515][ T6822] chnl_net:caif_netlink_parms(): no params data found
[  173.668663][ T5786] Bluetooth: hci3: command tx timeout
[  174.898834][ T6822] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.912844][ T6822] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.932847][ T6822] bridge_slave_0: entered allmulticast mode
[  174.963128][ T6822] bridge_slave_0: entered promiscuous mode
[  175.000178][ T6822] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.012412][ T6822] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.022741][ T6822] bridge_slave_1: entered allmulticast mode
[  175.036551][ T6822] bridge_slave_1: entered promiscuous mode
[  175.069018][ T6868] netlink: 64 bytes leftover after parsing attributes in process `syz.0.226'.
[  175.123821][   T49] hsr_slave_0: left promiscuous mode
[  175.140289][   T49] hsr_slave_1: left promiscuous mode
[  175.153113][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  175.169097][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  175.187399][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  175.215444][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  175.247646][   T49] bridge_slave_1: left allmulticast mode
[  175.258871][   T49] bridge_slave_1: left promiscuous mode
[  175.264983][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.280340][ T6872] loop3: detected capacity change from 0 to 128
[  175.316514][   T49] bridge_slave_0: left allmulticast mode
[  175.334219][   T49] bridge_slave_0: left promiscuous mode
[  175.360252][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.436315][   T49] veth1_macvtap: left promiscuous mode
[  175.443923][   T49] veth0_macvtap: left promiscuous mode
[  175.475827][   T49] veth1_vlan: left promiscuous mode
[  175.483027][   T49] veth0_vlan: left promiscuous mode
[  175.769230][ T5786] Bluetooth: hci3: command tx timeout
[  177.004958][ T6882] loop1: detected capacity change from 0 to 40427
[  177.023318][ T6882] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  177.049441][ T6882] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  177.065926][ T6882] F2FS-fs (loop1): invalid crc_offset: 33558524
[  177.083972][ T6882] F2FS-fs (loop1): Found nat_bits in checkpoint
[  177.185552][ T6882] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  177.226793][ T6882] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  177.434595][   T49] team0 (unregistering): Port device team_slave_1 removed
[  177.495951][   T49] team0 (unregistering): Port device team_slave_0 removed
[  177.560496][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.622463][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.839194][ T5786] Bluetooth: hci3: command tx timeout
[  178.206177][   T49] bond0 (unregistering): Released all slaves
[  178.460827][ T6822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  178.523691][ T6822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  178.704103][ T6822] team0: Port device team_slave_0 added
[  178.763136][ T6822] team0: Port device team_slave_1 added
[  178.897506][ T6899] overlayfs: workdir and upperdir must reside under the same mount
[  178.916643][ T6822] batman_adv: batadv0: Adding interface: batadv_slave_0
[  178.967215][ T6822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.032268][ T6822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  179.073737][ T6822] batman_adv: batadv0: Adding interface: batadv_slave_1
[  179.091488][ T6822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.184411][ T6822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  179.365081][ T6822] hsr_slave_0: entered promiscuous mode
[  179.386026][ T6822] hsr_slave_1: entered promiscuous mode
[  179.400480][ T6822] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  179.415860][ T6822] Cannot create hsr debugfs directory
[  179.909318][ T5786] Bluetooth: hci3: command tx timeout
[  180.084360][ T6822] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  180.163268][ T6822] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  180.549695][ T6822] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  181.023921][ T6822] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  181.325805][ T6822] 8021q: adding VLAN 0 to HW filter on device bond0
[  181.365162][ T6822] 8021q: adding VLAN 0 to HW filter on device team0
[  181.413842][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.421116][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  181.456967][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.465135][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state
[  181.671680][ T6936] netlink: 64 bytes leftover after parsing attributes in process `syz.3.239'.
[  181.804978][ T6936] loop3: detected capacity change from 0 to 4096
[  181.817981][ T6936] EXT4-fs: Ignoring removed orlov option
[  181.858944][ T6936] EXT4-fs (loop3): Test dummy encryption mode enabled
[  181.897322][ T6936] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.160921][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.293606][ T6822] 8021q: adding VLAN 0 to HW filter on device batadv0
[  182.477021][ T6955] loop3: detected capacity change from 0 to 1024
[  182.529792][ T6955] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  182.618729][ T5815] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  182.646944][ T6955] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.841307][ T5815] usb 2-1: too many endpoints for config 0 interface 0 altsetting 254: 253, using maximum allowed: 30
[  182.883648][ T5815] usb 2-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  182.903970][ T6955] overlayfs: failed to verify origin (/, ino=2, err=-28)
[  182.919173][ T5815] usb 2-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.933858][ T6955] overlayfs: failed to verify upper root origin
[  182.951576][ T5815] usb 2-1: config 0 interface 0 altsetting 254 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  182.976814][ T5815] usb 2-1: config 0 interface 0 has no altsetting 0
[  182.996136][ T5815] usb 2-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00
[  183.020678][ T5815] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.061186][ T5815] usb 2-1: config 0 descriptor??
[  183.148740][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.292258][ T6822] veth0_vlan: entered promiscuous mode
[  183.332718][ T6822] veth1_vlan: entered promiscuous mode
[  183.457467][ T6822] veth0_macvtap: entered promiscuous mode
[  183.483420][ T6822] veth1_macvtap: entered promiscuous mode
[  183.512602][ T5815] usbhid 2-1:0.0: can't add hid device: -71
[  183.543605][ T5815] usbhid: probe of 2-1:0.0 failed with error -71
[  183.566257][ T6822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  183.581823][ T5815] usb 2-1: USB disconnect, device number 5
[  183.593467][ T6822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.613684][ T6822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  183.630874][ T6822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.644333][ T6822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  183.680115][ T6822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.703287][ T6822] batman_adv: batadv0: Interface activated: batadv_slave_0
[  183.771106][ T6822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  183.789392][ T6822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.816363][ T6822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  183.848832][ T6822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.878506][ T6822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  183.898505][ T6822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.930649][ T6822] batman_adv: batadv0: Interface activated: batadv_slave_1
[  183.968439][ T6822] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  183.997729][ T6822] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  184.047048][ T6822] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  184.073023][ T6822] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  184.497930][   T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  184.560514][   T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  184.690653][ T5907] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  184.713815][ T5907] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  184.972837][ T6994] overlay: ./file0 is not a directory
[  185.875225][ T7006] loop5: detected capacity change from 0 to 512
[  185.907673][ T7008] netlink: 64 bytes leftover after parsing attributes in process `syz.0.248'.
[  185.972937][ T7006] EXT4-fs: Ignoring removed mblk_io_submit option
[  186.009882][ T7006] EXT4-fs: Ignoring removed mblk_io_submit option
[  186.067770][ T7006] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  186.171825][ T7006] EXT4-fs (loop5): 1 truncate cleaned up
[  186.185922][ T7006] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  187.442237][ T6822] EXT4-fs error (device loop5): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /0/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  187.506920][ T6822] EXT4-fs (loop5): Remounting filesystem read-only
[  188.076814][ T7044] input: syz0 as /devices/virtual/input/input7
[  188.884450][ T6822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.152529][ T2974] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.341254][ T2974] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.475253][ T2974] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.707633][ T2974] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.459690][ T5082] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  191.470580][ T5082] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  191.478799][ T5082] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  191.487013][ T5082] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  191.496011][ T5082] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  191.507687][ T5082] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  191.909092][ T7095] netlink: 852 bytes leftover after parsing attributes in process `syz.0.267'.
[  192.873601][ T7083] chnl_net:caif_netlink_parms(): no params data found
[  193.549675][ T7083] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.565584][ T7083] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.583333][ T7083] bridge_slave_0: entered allmulticast mode
[  193.590676][ T5082] Bluetooth: hci3: command tx timeout
[  193.610843][ T7083] bridge_slave_0: entered promiscuous mode
[  193.635720][ T2974] hsr_slave_0: left promiscuous mode
[  193.642674][ T2974] hsr_slave_1: left promiscuous mode
[  193.681001][ T2974] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  193.709236][ T2974] batman_adv: batadv0: Removing interface: batadv_slave_0
[  193.724416][ T2974] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  193.751330][ T2974] batman_adv: batadv0: Removing interface: batadv_slave_1
[  193.783755][ T2974] bridge_slave_1: left allmulticast mode
[  193.808789][ T2974] bridge_slave_1: left promiscuous mode
[  193.818973][ T2974] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.852239][ T2974] bridge_slave_0: left allmulticast mode
[  193.857986][ T2974] bridge_slave_0: left promiscuous mode
[  193.899782][ T2974] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.284537][ T2974] veth1_macvtap: left promiscuous mode
[  194.308059][ T2974] veth0_macvtap: left promiscuous mode
[  194.326614][ T2974] veth1_vlan: left promiscuous mode
[  194.344597][ T2974] veth0_vlan: left promiscuous mode
[  194.633885][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  194.640469][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  195.272842][ T7156] loop3: detected capacity change from 0 to 512
[  195.284272][ T7156] EXT4-fs: Ignoring removed mblk_io_submit option
[  195.334068][ T7156] EXT4-fs: Ignoring removed mblk_io_submit option
[  195.368856][ T7156] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  195.411134][ T7156] EXT4-fs (loop3): 1 truncate cleaned up
[  195.429069][ T7156] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.668815][ T5082] Bluetooth: hci3: command tx timeout
[  195.913054][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.461139][ T2974] team0 (unregistering): Port device team_slave_1 removed
[  196.533827][ T2974] team0 (unregistering): Port device team_slave_0 removed
[  196.647548][ T2974] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  197.222960][ T2974] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  197.750475][ T5082] Bluetooth: hci3: command tx timeout
[  197.911817][ T2974] bond0 (unregistering): Released all slaves
[  197.926773][ T7186] xt_hashlimit: size too large, truncated to 1048576
[  198.114353][ T7083] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.136557][ T7083] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.152340][ T7083] bridge_slave_1: entered allmulticast mode
[  198.160384][ T7083] bridge_slave_1: entered promiscuous mode
[  198.441615][ T7083] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  198.493357][ T7083] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  198.647645][ T7083] team0: Port device team_slave_0 added
[  198.680769][ T7083] team0: Port device team_slave_1 added
[  198.945849][ T7083] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.981391][ T7083] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  199.070902][ T7083] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  199.109330][ T7083] batman_adv: batadv0: Adding interface: batadv_slave_1
[  199.130157][ T7083] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  199.165110][ T7203] loop1: detected capacity change from 0 to 512
[  199.182589][ T7203] EXT4-fs: Ignoring removed mblk_io_submit option
[  199.212862][ T7203] EXT4-fs: Ignoring removed mblk_io_submit option
[  199.240316][ T7203] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  199.259435][ T7083] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  199.291158][ T7203] EXT4-fs (loop1): 1 truncate cleaned up
[  199.305532][ T7203] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.527822][ T7083] hsr_slave_0: entered promiscuous mode
[  199.561722][ T7083] hsr_slave_1: entered promiscuous mode
[  199.602754][ T7083] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  199.618537][ T7083] Cannot create hsr debugfs directory
[  199.757511][ T5772] EXT4-fs error (device loop1): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /70/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  199.833233][ T5082] Bluetooth: hci3: command tx timeout
[  199.874394][ T5772] EXT4-fs (loop1): Remounting filesystem read-only
[  201.302113][ T7083] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  201.351958][ T7083] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  201.387259][ T7083] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  201.456496][ T7083] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  201.916686][ T7083] 8021q: adding VLAN 0 to HW filter on device bond0
[  202.093047][ T7083] 8021q: adding VLAN 0 to HW filter on device team0
[  202.187969][ T1031] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.195259][ T1031] bridge0: port 1(bridge_slave_0) entered forwarding state
[  202.268494][ T1031] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.276047][ T1031] bridge0: port 2(bridge_slave_1) entered forwarding state
[  203.380363][ T5907] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.650639][ T5907] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.479139][ T5907] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.822278][ T5907] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.923887][ T7083] 8021q: adding VLAN 0 to HW filter on device batadv0
[  205.831921][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.128874][    T9] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  206.338565][    T9] usb 4-1: Using ep0 maxpacket: 16
[  206.359024][    T9] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 48, changing to 7
[  206.392401][    T9] usb 4-1: New USB device found, idVendor=1235, idProduct=800c, bcdDevice= 0.40
[  206.409040][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.417198][    T9] usb 4-1: Product: syz
[  206.447403][    T9] usb 4-1: Manufacturer: syz
[  206.465153][    T9] usb 4-1: SerialNumber: syz
[  206.596042][ T7083] veth0_vlan: entered promiscuous mode
[  206.691105][ T7083] veth1_vlan: entered promiscuous mode
[  206.723093][ T7275] netlink: 312 bytes leftover after parsing attributes in process `syz.3.296'.
[  206.851468][    T9] usb 4-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  206.872468][    T9] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  206.883165][ T7083] veth0_macvtap: entered promiscuous mode
[  206.948864][ T5779] Bluetooth: hci1: command 0x0406 tx timeout
[  206.954977][ T5779] Bluetooth: hci0: command 0x0406 tx timeout
[  207.036924][ T7083] veth1_macvtap: entered promiscuous mode
[  207.097713][ T5786] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  207.157618][ T5786] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  207.169603][ T5786] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  207.178752][ T5786] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  207.190336][ T5786] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  207.197928][ T5786] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  207.206019][ T7083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  207.238629][ T7083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.248893][ T7083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  207.259705][ T7083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.270079][ T7083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  207.280903][ T7083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.293269][ T7083] batman_adv: batadv0: Interface activated: batadv_slave_0
[  207.423467][ T7083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.463904][ T7083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.488286][ T7083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.517097][ T7083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.555022][ T7083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.579738][ T7083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.595466][ T7083] batman_adv: batadv0: Interface activated: batadv_slave_1
[  207.660940][    T9] snd-usb-audio: probe of 4-1:1.0 failed with error -71
[  207.730869][    T9] usb 4-1: USB disconnect, device number 6
[  207.754166][ T7083] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  207.797655][ T7083] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  207.807588][ T7272] udevd[7272]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  207.841458][ T7083] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  207.862935][ T7083] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  208.128927][    T9] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  208.140731][ T5907] hsr_slave_0: left promiscuous mode
[  208.159535][ T5907] hsr_slave_1: left promiscuous mode
[  208.166151][ T5907] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  208.174865][ T5907] batman_adv: batadv0: Removing interface: batadv_slave_0
[  208.184381][ T5907] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  208.192810][ T5907] batman_adv: batadv0: Removing interface: batadv_slave_1
[  208.203142][ T5907] bridge_slave_1: left allmulticast mode
[  208.209608][ T5907] bridge_slave_1: left promiscuous mode
[  208.215484][ T5907] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.227507][ T5907] bridge_slave_0: left allmulticast mode
[  208.234585][ T5907] bridge_slave_0: left promiscuous mode
[  208.241430][ T5907] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.275159][ T5907] veth1_macvtap: left promiscuous mode
[  208.281406][ T5907] veth0_macvtap: left promiscuous mode
[  208.287986][ T5907] veth1_vlan: left promiscuous mode
[  208.295421][ T5907] veth0_vlan: left promiscuous mode
[  208.329546][    T9] usb 4-1: Using ep0 maxpacket: 32
[  208.346052][    T9] usb 4-1: config 0 has an invalid interface number: 188 but max is 0
[  208.363603][    T9] usb 4-1: config 0 has no interface number 0
[  208.391641][    T9] usb 4-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  208.440030][    T9] usb 4-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  208.459157][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.467581][    T9] usb 4-1: Product: syz
[  208.498116][    T9] usb 4-1: Manufacturer: syz
[  208.513443][    T9] usb 4-1: SerialNumber: syz
[  208.527210][    T9] usb 4-1: config 0 descriptor??
[  208.551704][ T7300] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  208.829197][ T7300] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  209.081516][    T9] asix 4-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  209.119161][    T9] asix: probe of 4-1:0.188 failed with error -61
[  209.269040][ T5082] Bluetooth: hci2: command tx timeout
[  209.713861][ T5907] team0 (unregistering): Port device team_slave_1 removed
[  209.777350][ T5907] team0 (unregistering): Port device team_slave_0 removed
[  209.840391][ T5907] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  209.937662][ T5907] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  210.712715][   T28] usb 4-1: USB disconnect, device number 7
[  210.903330][ T5907] bond0 (unregistering): Released all slaves
[  211.364392][ T5082] Bluetooth: hci2: command tx timeout
[  212.006963][ T2951] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.073411][ T2951] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.327479][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.415528][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.627576][ T7292] chnl_net:caif_netlink_parms(): no params data found
[  213.284747][ T7292] bridge0: port 1(bridge_slave_0) entered blocking state
[  213.337388][ T7292] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.375584][ T7292] bridge_slave_0: entered allmulticast mode
[  213.400192][ T7292] bridge_slave_0: entered promiscuous mode
[  213.416437][ T7292] bridge0: port 2(bridge_slave_1) entered blocking state
[  213.432969][ T5082] Bluetooth: hci2: command tx timeout
[  213.434779][ T7292] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.476503][ T7345] loop3: detected capacity change from 0 to 256
[  213.483631][ T7292] bridge_slave_1: entered allmulticast mode
[  213.520155][ T7292] bridge_slave_1: entered promiscuous mode
[  213.559817][ T7345] exfat: Deprecated parameter 'utf8'
[  213.609810][ T7345] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x47dfe6af, utbl_chksum : 0xe619d30d)
[  213.696105][ T7292] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  213.731444][ T7292] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  213.856116][ T7292] team0: Port device team_slave_0 added
[  213.907467][ T7292] team0: Port device team_slave_1 added
[  214.005818][ T7292] batman_adv: batadv0: Adding interface: batadv_slave_0
[  214.025394][ T7292] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  214.070741][ T7292] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  214.243898][ T7292] batman_adv: batadv0: Adding interface: batadv_slave_1
[  214.397905][ T7292] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  214.923956][ T7292] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  215.245519][ T7292] hsr_slave_0: entered promiscuous mode
[  215.267968][ T7292] hsr_slave_1: entered promiscuous mode
[  215.292029][ T7292] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  215.364403][ T7292] Cannot create hsr debugfs directory
[  215.510545][ T5082] Bluetooth: hci2: command tx timeout
[  216.001591][ T7382] overlayfs: failed to clone upperpath
[  217.001979][ T7387] loop6: detected capacity change from 0 to 1024
[  217.068096][ T7387] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  217.224558][ T7387] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.350921][ T7292] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  217.425487][ T7395] loop3: detected capacity change from 0 to 512
[  217.436545][ T7292] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  217.518366][ T7292] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  217.619382][ T7292] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  217.936978][ T7399] loop3: detected capacity change from 0 to 1024
[  217.957830][ T7399] EXT4-fs: Ignoring removed nomblk_io_submit option
[  218.024784][ T7399] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  218.127843][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.275270][ T7292] 8021q: adding VLAN 0 to HW filter on device bond0
[  218.305246][ T7083] EXT4-fs error (device loop6): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  218.370748][ T7083] EXT4-fs (loop6): Remounting filesystem read-only
[  218.386277][ T7292] 8021q: adding VLAN 0 to HW filter on device team0
[  218.414649][ T2974] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.421896][ T2974] bridge0: port 1(bridge_slave_0) entered forwarding state
[  218.480508][ T2974] bridge0: port 2(bridge_slave_1) entered blocking state
[  218.487735][ T2974] bridge0: port 2(bridge_slave_1) entered forwarding state
[  218.836304][ T7083] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.129663][ T2951] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.440662][ T2951] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.593575][ T2951] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.727926][ T2951] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.783668][ T7292] 8021q: adding VLAN 0 to HW filter on device batadv0
[  220.841619][ T7449] loop3: detected capacity change from 0 to 1024
[  220.978374][ T7449] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.290884][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.537153][ T7470] loop3: detected capacity change from 0 to 16
[  222.591597][ T7470] erofs: (device loop3): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  222.626816][ T5786] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  222.640003][ T5786] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  222.655390][ T5786] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  222.869305][ T5786] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  222.877617][ T5786] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  222.885608][ T5786] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  223.222188][ T7478] loop3: detected capacity change from 0 to 1024
[  223.401616][ T7478] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  223.411762][ T7478] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  223.439287][ T7478] EXT4-fs (loop3): invalid journal inode
[  223.445543][ T7478] EXT4-fs (loop3): can't get journal size
[  223.500959][ T7478] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 17104912: comm syz.3.327: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  223.522436][ T7478] EXT4-fs (loop3): failed to initialize system zone (-117)
[  223.530378][ T7478] EXT4-fs (loop3): mount failed
[  224.948895][ T5786] Bluetooth: hci3: command tx timeout
[  225.683792][ T7489] netlink: 64 bytes leftover after parsing attributes in process `syz.0.331'.
[  227.028861][ T5786] Bluetooth: hci3: command tx timeout
[  227.137609][ T7292] veth0_vlan: entered promiscuous mode
[  227.386861][ T7292] veth1_vlan: entered promiscuous mode
[  227.788959][ T7522] loop3: detected capacity change from 0 to 512
[  227.958187][ T7522] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.336: inode has both inline data and extents flags
[  227.973150][ T7522] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.336: couldn't read orphan inode 15 (err -117)
[  227.996924][ T7522] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.109300][ T5786] Bluetooth: hci3: command tx timeout
[  229.638188][ T2951] hsr_slave_0: left promiscuous mode
[  229.688406][ T2951] hsr_slave_1: left promiscuous mode
[  229.723696][ T2951] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  229.745239][ T2951] batman_adv: batadv0: Removing interface: batadv_slave_0
[  229.769421][ T2951] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  229.776917][ T2951] batman_adv: batadv0: Removing interface: batadv_slave_1
[  229.799485][ T2951] bridge_slave_1: left allmulticast mode
[  229.805231][ T2951] bridge_slave_1: left promiscuous mode
[  229.818734][ T2951] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.824570][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.851013][ T2951] bridge_slave_0: left allmulticast mode
[  229.857320][ T2951] bridge_slave_0: left promiscuous mode
[  229.864080][ T2951] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.018030][ T2951] veth1_macvtap: left promiscuous mode
[  230.024224][ T2951] veth0_macvtap: left promiscuous mode
[  230.050623][ T2951] veth1_vlan: left promiscuous mode
[  230.065984][ T2951] veth0_vlan: left promiscuous mode
[  231.061049][ T7550] overlay: filesystem on ./bus is read-only
[  231.468616][ T5786] Bluetooth: hci3: command tx timeout
[  232.076550][ T7555] loop3: detected capacity change from 0 to 4096
[  232.107028][ T7555] EXT4-fs: Ignoring removed orlov option
[  232.158965][ T7555] EXT4-fs (loop3): Test dummy encryption mode enabled
[  232.232757][ T7555] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.167537][ T2951] team0 (unregistering): Port device team_slave_1 removed
[  233.294189][ T2951] team0 (unregistering): Port device team_slave_0 removed
[  233.360285][ T2951] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  233.434535][ T2951] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  233.895629][ T2951] bond0 (unregistering): Released all slaves
[  233.985175][ T7472] chnl_net:caif_netlink_parms(): no params data found
[  233.997735][ T7292] veth0_macvtap: entered promiscuous mode
[  234.047721][ T7552] netlink: 64 bytes leftover after parsing attributes in process `syz.3.339'.
[  234.151231][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.194956][ T7292] veth1_macvtap: entered promiscuous mode
[  234.357074][ T7562] loop3: detected capacity change from 0 to 16
[  234.372892][ T7292] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.383998][ T7292] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.394016][ T7292] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.404604][ T7292] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.414705][ T7562] erofs: (device loop3): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  234.420087][ T7292] batman_adv: batadv0: Interface activated: batadv_slave_0
[  234.525209][ T7472] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.532766][ T7472] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.582715][ T7472] bridge_slave_0: entered allmulticast mode
[  234.630756][ T7472] bridge_slave_0: entered promiscuous mode
[  234.667591][ T7292] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.711004][ T7292] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.721700][ T7292] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.732554][ T7292] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.745439][ T7292] batman_adv: batadv0: Interface activated: batadv_slave_1
[  234.757486][ T7292] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  234.781092][ T7292] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  234.830187][ T7292] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.059825][ T7569] loop3: detected capacity change from 0 to 1024
[  235.128580][ T7569] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  235.138544][ T7569] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  235.164247][ T7569] EXT4-fs (loop3): invalid journal inode
[  235.171067][ T7569] EXT4-fs (loop3): can't get journal size
[  235.228228][ T7569] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 17104912: comm syz.3.340: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  235.245809][ T7569] EXT4-fs (loop3): failed to initialize system zone (-117)
[  235.253675][ T7569] EXT4-fs (loop3): mount failed
[  235.381931][ T7292] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.699601][ T7472] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.830145][ T7472] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.982210][ T7472] bridge_slave_1: entered allmulticast mode
[  236.200801][ T7472] bridge_slave_1: entered promiscuous mode
[  237.093952][ T7472] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.177793][ T7472] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.555901][ T7472] team0: Port device team_slave_0 added
[  237.746180][ T7582] overlayfs: failed to clone upperpath
[  238.023742][ T7472] team0: Port device team_slave_1 added
[  238.394735][ T7472] batman_adv: batadv0: Adding interface: batadv_slave_0
[  238.421386][ T7472] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.494924][ T7472] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  238.538848][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.581968][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.637699][ T7472] batman_adv: batadv0: Adding interface: batadv_slave_1
[  238.673684][ T7472] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.741552][ T7472] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  238.951556][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.980929][ T7472] hsr_slave_0: entered promiscuous mode
[  238.997997][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  239.012233][ T7472] hsr_slave_1: entered promiscuous mode
[  239.031485][ T7472] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  239.053148][ T7472] Cannot create hsr debugfs directory
[  240.081894][ T7472] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  240.136876][ T7472] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  240.586278][ T7472] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  241.075566][ T7472] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  241.249643][ T7608] netlink: 64 bytes leftover after parsing attributes in process `syz.0.346'.
[  241.686010][ T7472] 8021q: adding VLAN 0 to HW filter on device bond0
[  241.752775][ T7472] 8021q: adding VLAN 0 to HW filter on device team0
[  241.790305][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.797508][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  241.859745][ T2951] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.867039][ T2951] bridge0: port 2(bridge_slave_1) entered forwarding state
[  242.085877][ T7634] loop3: detected capacity change from 0 to 512
[  242.350411][ T7634] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.439764][ T7634] ext4 filesystem being mounted at /96/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  242.743821][ T7643] overlay: filesystem on ./bus is read-only
[  243.376858][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.067764][ T7657] overlayfs: failed to clone upperpath
[  245.010533][ T7660] loop3: detected capacity change from 0 to 16
[  245.043554][ T7472] 8021q: adding VLAN 0 to HW filter on device batadv0
[  245.090319][ T7660] erofs: (device loop3): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  245.962421][ T7664] loop3: detected capacity change from 0 to 1024
[  246.100169][ T7664] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  246.110215][ T7664] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  246.142225][ T7664] EXT4-fs (loop3): invalid journal inode
[  246.148499][ T7664] EXT4-fs (loop3): can't get journal size
[  246.200786][ T7664] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 17104912: comm syz.3.354: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  246.219582][ T7664] EXT4-fs (loop3): failed to initialize system zone (-117)
[  246.228029][ T7664] EXT4-fs (loop3): mount failed
[  248.287871][ T7682] netlink: 64 bytes leftover after parsing attributes in process `syz.0.357'.
[  248.682138][ T7472] veth0_vlan: entered promiscuous mode
[  248.769578][ T7472] veth1_vlan: entered promiscuous mode
[  249.962112][ T7472] veth0_macvtap: entered promiscuous mode
[  250.059321][ T7472] veth1_macvtap: entered promiscuous mode
[  250.849619][ T7711] overlay: filesystem on ./bus is read-only
[  250.929197][ T7712] overlayfs: failed to clone upperpath
[  252.827238][ T7472] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  252.905345][ T7472] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.938757][ T7472] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  252.968498][ T7472] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.008056][ T7472] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  253.047370][ T7472] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.075200][ T7472] batman_adv: batadv0: Interface activated: batadv_slave_0
[  253.147048][ T7472] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  253.194467][ T7472] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.215036][ T7472] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  253.247689][ T7472] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.273559][ T7472] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  253.315084][ T7472] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.364548][ T7472] batman_adv: batadv0: Interface activated: batadv_slave_1
[  253.407098][ T7472] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  253.451407][ T7472] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  253.478557][ T7472] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  253.496104][ T7472] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  254.040697][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  254.082681][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  254.151313][ T5907] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  254.191232][ T5907] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  254.906215][ T7751] loop7: detected capacity change from 0 to 16
[  254.955174][ T7751] erofs: (device loop7): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  255.900461][ T7756] loop7: detected capacity change from 0 to 1024
[  256.017873][ T7756] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  256.027969][ T7756] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  256.048858][ T7756] EXT4-fs (loop7): invalid journal inode
[  256.055486][ T7756] EXT4-fs (loop7): can't get journal size
[  256.091279][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  256.097677][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  256.162340][ T7756] EXT4-fs error (device loop7): ext4_map_blocks:608: inode #3: block 17104912: comm syz.7.368: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  256.186621][ T7756] EXT4-fs (loop7): failed to initialize system zone (-117)
[  256.194740][ T7756] EXT4-fs (loop7): mount failed
[  257.504109][ T7766] netlink: 64 bytes leftover after parsing attributes in process `syz.0.369'.
[  259.630683][ T7789] overlayfs: failed to clone upperpath
[  260.698840][ T5608] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  260.899024][ T5608] usb 4-1: Using ep0 maxpacket: 16
[  260.917874][ T5608] usb 4-1: config 1 has an invalid interface association descriptor of length 5, skipping
[  260.957295][ T5608] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  260.997813][ T5608] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x9 has invalid maxpacket 14609, setting to 1024
[  261.043401][ T5608] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x9 has invalid maxpacket 1024
[  261.194002][ T5608] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  261.220860][ T7798] overlay: filesystem on ./bus is read-only
[  261.374191][ T5608] usb 4-1: New USB device found, idVendor=1235, idProduct=8213, bcdDevice= 0.40
[  261.404523][ T5608] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.443315][ T5608] usb 4-1: Product: syz
[  261.447570][ T5608] usb 4-1: Manufacturer: syz
[  261.487022][ T5608] usb 4-1: SerialNumber: syz
[  261.543880][ T7791] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  261.743899][ T7802] capability: warning: `syz.0.377' uses deprecated v2 capabilities in a way that may be insecure
[  261.830731][ T5608] usb 4-1: Quirk or no altest; falling back to MIDI 1.0
[  261.837836][ T5608] usb 4-1: MIDIStreaming interface descriptor not found
[  261.847235][ T7803] overlayfs: failed to clone upperpath
[  262.028287][ T5608] usb 4-1: USB disconnect, device number 8
[  262.159415][ T7263] udevd[7263]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  262.418710][ T7816] netlink: 64 bytes leftover after parsing attributes in process `syz.0.380'.
[  262.582641][ T7818] loop3: detected capacity change from 0 to 16
[  262.624806][ T7818] erofs: (device loop3): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  263.580669][ T7824] loop3: detected capacity change from 0 to 1024
[  263.731178][ T7824] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  263.741801][ T7824] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  263.774670][ T7824] EXT4-fs (loop3): invalid journal inode
[  263.781098][ T7824] EXT4-fs (loop3): can't get journal size
[  263.814843][ T7824] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 17104912: comm syz.3.381: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  263.838068][ T7824] EXT4-fs (loop3): failed to initialize system zone (-117)
[  263.846178][ T7824] EXT4-fs (loop3): mount failed
[  266.094665][ T7848] loop7: detected capacity change from 0 to 512
[  266.384118][ T7848] EXT4-fs error (device loop7): ext4_orphan_get:1398: inode #15: comm syz.7.385: inode has both inline data and extents flags
[  266.401920][ T7848] EXT4-fs error (device loop7): ext4_orphan_get:1403: comm syz.7.385: couldn't read orphan inode 15 (err -117)
[  266.423418][ T7848] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  269.192671][ T7292] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.452849][ T7869] syzkaller0: entered promiscuous mode
[  269.485692][ T7869] syzkaller0: entered allmulticast mode
[  269.664559][ T7872] netlink: 64 bytes leftover after parsing attributes in process `syz.0.390'.
[  269.934021][ T7886] loop8: detected capacity change from 0 to 16
[  270.010157][ T7886] erofs: (device loop8): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  270.635044][ T7893] loop8: detected capacity change from 0 to 1024
[  271.220173][ T7893] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  271.230813][ T7893] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  271.251532][ T7893] EXT4-fs (loop8): invalid journal inode
[  271.257711][ T7893] EXT4-fs (loop8): can't get journal size
[  271.316169][ T7893] EXT4-fs error (device loop8): ext4_map_blocks:608: inode #3: block 17104912: comm syz.8.393: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  271.343265][ T7893] EXT4-fs (loop8): failed to initialize system zone (-117)
[  271.351494][ T7893] EXT4-fs (loop8): mount failed
[  273.143383][ T7904] loop7: detected capacity change from 0 to 512
[  273.338801][ T7904] EXT4-fs error (device loop7): ext4_orphan_get:1398: inode #15: comm syz.7.396: inode has both inline data and extents flags
[  273.355529][ T7904] EXT4-fs error (device loop7): ext4_orphan_get:1403: comm syz.7.396: couldn't read orphan inode 15 (err -117)
[  273.392900][ T7904] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  276.130005][ T7920] overlay: filesystem on ./bus is read-only
[  277.935333][ T7930] loop3: detected capacity change from 0 to 256
[  277.990382][ T7292] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.071871][ T7930] FAT-fs (loop3): Directory bread(block 64) failed
[  278.103854][ T7930] FAT-fs (loop3): Directory bread(block 65) failed
[  278.151484][ T7930] FAT-fs (loop3): Directory bread(block 66) failed
[  278.178571][ T7930] FAT-fs (loop3): Directory bread(block 67) failed
[  278.215064][ T7930] FAT-fs (loop3): Directory bread(block 68) failed
[  278.240880][ T7930] FAT-fs (loop3): Directory bread(block 69) failed
[  278.288015][ T7930] FAT-fs (loop3): Directory bread(block 70) failed
[  278.310658][ T7930] FAT-fs (loop3): Directory bread(block 71) failed
[  278.327683][ T7930] FAT-fs (loop3): Directory bread(block 72) failed
[  278.408621][ T7930] FAT-fs (loop3): Directory bread(block 73) failed
[  279.082404][ T7952] loop3: detected capacity change from 0 to 16
[  279.105667][ T7948] netlink: 64 bytes leftover after parsing attributes in process `syz.8.405'.
[  279.149058][ T7952] erofs: (device loop3): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  279.177399][ T7953] loop8: detected capacity change from 0 to 4096
[  279.201633][ T7953] EXT4-fs: Ignoring removed orlov option
[  279.397281][ T7953] EXT4-fs (loop8): Test dummy encryption mode enabled
[  279.635482][ T7961] loop3: detected capacity change from 0 to 1024
[  279.718633][ T7961] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  279.729229][ T7961] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  279.757406][ T7961] EXT4-fs (loop3): invalid journal inode
[  279.765044][ T7961] EXT4-fs (loop3): can't get journal size
[  279.909064][ T7961] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 17104912: comm syz.3.406: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  279.957241][ T7961] EXT4-fs (loop3): failed to initialize system zone (-117)
[  279.965233][ T7961] EXT4-fs (loop3): mount failed
[  280.121165][ T7953] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.292049][ T7967] overlayfs: failed to clone upperpath
[  282.582177][ T7472] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.329874][ T7982] overlay: filesystem on ./bus is read-only
[  286.474704][ T8019] netlink: 64 bytes leftover after parsing attributes in process `syz.8.417'.
[  286.598713][ T8018] netlink: 16 bytes leftover after parsing attributes in process `syz.7.416'.
[  286.646320][ T8019] loop8: detected capacity change from 0 to 4096
[  286.670109][ T8019] EXT4-fs: Ignoring removed orlov option
[  286.717853][ T8019] EXT4-fs (loop8): Test dummy encryption mode enabled
[  286.768646][ T8019] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.302240][ T7472] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.446352][ T8033] loop3: detected capacity change from 0 to 512
[  287.714575][ T8033] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.420: inode has both inline data and extents flags
[  287.731876][ T8033] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.420: couldn't read orphan inode 15 (err -117)
[  287.753944][ T8033] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.580495][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.214036][ T8048] overlay: filesystem on ./bus is read-only
[  294.512956][ T8068] netlink: 64 bytes leftover after parsing attributes in process `syz.0.429'.
[  295.800766][ T8078] loop8: detected capacity change from 0 to 512
[  295.973275][ T8078] EXT4-fs error (device loop8): ext4_orphan_get:1398: inode #15: comm syz.8.431: inode has both inline data and extents flags
[  295.996837][ T8078] EXT4-fs error (device loop8): ext4_orphan_get:1403: comm syz.8.431: couldn't read orphan inode 15 (err -117)
[  296.024220][ T8078] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.613756][ T8086] loop3: detected capacity change from 0 to 16
[  297.684815][ T8086] erofs: (device loop3): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  298.228043][ T8092] loop3: detected capacity change from 0 to 1024
[  298.329634][ T8092] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  298.339743][ T8092] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  298.364529][ T8092] EXT4-fs (loop3): invalid journal inode
[  298.370741][ T8092] EXT4-fs (loop3): can't get journal size
[  298.415127][ T8092] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 17104912: comm syz.3.434: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  298.444369][ T8092] EXT4-fs (loop3): failed to initialize system zone (-117)
[  298.452945][ T8092] EXT4-fs (loop3): mount failed
[  298.616944][ T7472] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.340832][ T8107] overlay: filesystem on ./bus is read-only
[  302.885073][ T8123] netlink: 64 bytes leftover after parsing attributes in process `syz.3.442'.
[  306.147993][ T8145] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  307.290194][ T8157] loop3: detected capacity change from 0 to 16
[  307.317031][ T8157] erofs: (device loop3): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  307.697949][ T8160] loop3: detected capacity change from 0 to 1024
[  307.718863][ T8160] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  307.728676][ T8160] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  307.750195][ T8160] EXT4-fs (loop3): invalid journal inode
[  307.756046][ T8160] EXT4-fs (loop3): can't get journal size
[  307.763022][ T8160] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 17104912: comm syz.3.448: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  307.781573][ T8160] EXT4-fs (loop3): failed to initialize system zone (-117)
[  307.789092][ T8160] EXT4-fs (loop3): mount failed
[  309.129990][ T8166] overlay: filesystem on ./bus is read-only
[  310.639461][ T8184] netlink: 64 bytes leftover after parsing attributes in process `syz.8.453'.
[  310.870379][ T8187] loop3: detected capacity change from 0 to 1024
[  310.877971][ T8187] EXT4-fs: Ignoring removed bh option
[  310.965563][ T8187] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  311.039863][ T8187] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  311.845323][ T5769] EXT4-fs error (device loop3): ext4_read_inline_dir:1583: inode #12: block 7: comm syz-executor: path /124/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  311.961472][ T5769] EXT4-fs (loop3): Remounting filesystem read-only
[  312.063859][ T8209] loop8: detected capacity change from 0 to 16
[  312.108840][ T8209] erofs: (device loop8): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  312.526223][ T8214] loop8: detected capacity change from 0 to 1024
[  312.548698][ T8214] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  312.558383][ T8214] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  312.577304][ T8214] EXT4-fs (loop8): invalid journal inode
[  312.583492][ T8214] EXT4-fs (loop8): can't get journal size
[  312.601174][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.658258][ T8214] EXT4-fs error (device loop8): ext4_map_blocks:608: inode #3: block 17104912: comm syz.8.460: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  312.678198][ T8214] EXT4-fs (loop8): failed to initialize system zone (-117)
[  312.686027][ T8214] EXT4-fs (loop8): mount failed
[  313.797206][ T8229] overlayfs: failed to clone upperpath
[  315.094846][ T8243] netlink: 64 bytes leftover after parsing attributes in process `syz.0.464'.
[  316.275238][ T8261] overlay: filesystem on ./bus is read-only
[  317.529262][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  317.535697][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  321.431389][ T5907] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.190276][ T5907] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.373152][ T8316] loop7: detected capacity change from 0 to 512
[  322.723721][ T8316] EXT4-fs error (device loop7): ext4_orphan_get:1398: inode #15: comm syz.7.475: inode has both inline data and extents flags
[  322.740605][ T8316] EXT4-fs error (device loop7): ext4_orphan_get:1403: comm syz.7.475: couldn't read orphan inode 15 (err -117)
[  322.761336][ T8316] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.355897][ T5907] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.513176][ T5082] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  324.523446][ T7292] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.542212][ T5082] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  324.559795][ T5082] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  324.579263][ T5082] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  324.603954][ T5082] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  324.611701][ T5082] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  324.635974][ T5907] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.765140][ T8331] overlay: filesystem on ./bus is read-only
[  326.705949][ T8321] chnl_net:caif_netlink_parms(): no params data found
[  326.719320][ T5786] Bluetooth: hci1: command tx timeout
[  328.373758][ T8344] loop7: detected capacity change from 0 to 40427
[  328.448078][ T8344] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  328.482116][ T8344] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  328.543253][ T8344] F2FS-fs (loop7): invalid crc value
[  328.584329][ T8344] F2FS-fs (loop7): Found nat_bits in checkpoint
[  328.631497][ T8321] bridge0: port 1(bridge_slave_0) entered blocking state
[  328.661008][ T8321] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.689814][ T8321] bridge_slave_0: entered allmulticast mode
[  328.718379][ T8321] bridge_slave_0: entered promiscuous mode
[  328.788871][ T5082] Bluetooth: hci1: command tx timeout
[  328.898610][ T8344] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  328.926317][ T8344] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  329.025406][ T8321] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.050756][   T27] kauditd_printk_skb: 1015 callbacks suppressed
[  329.050773][   T27] audit: type=1800 audit(2000000222.170:1033): pid=8344 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.478" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop7" ino=10 res=0 errno=0
[  329.072940][ T8321] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.214202][ T8321] bridge_slave_1: entered allmulticast mode
[  329.222007][ T8321] bridge_slave_1: entered promiscuous mode
[  329.544211][ T8321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  329.577421][ T8321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  329.922845][ T5082] Bluetooth: hci2: command 0x0406 tx timeout
[  330.023502][ T8321] team0: Port device team_slave_0 added
[  330.462574][ T8397] loop8: detected capacity change from 0 to 512
[  330.485597][ T8321] team0: Port device team_slave_1 added
[  330.673397][ T8397] EXT4-fs error (device loop8): ext4_orphan_get:1398: inode #15: comm syz.8.486: inode has both inline data and extents flags
[  330.688525][ T8397] EXT4-fs error (device loop8): ext4_orphan_get:1403: comm syz.8.486: couldn't read orphan inode 15 (err -117)
[  330.710172][ T8397] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.878679][ T5786] Bluetooth: hci1: command tx timeout
[  331.675482][ T8321] batman_adv: batadv0: Adding interface: batadv_slave_0
[  331.726278][ T8321] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.962994][ T8321] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  332.519092][ T8321] batman_adv: batadv0: Adding interface: batadv_slave_1
[  332.526121][ T8321] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.597341][ T7472] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.607506][ T8321] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  332.949245][ T5786] Bluetooth: hci1: command tx timeout
[  334.011170][ T8428] overlay: filesystem on ./bus is read-only
[  334.496676][ T8321] hsr_slave_0: entered promiscuous mode
[  334.568991][ T8321] hsr_slave_1: entered promiscuous mode
[  334.589893][ T8321] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  334.797127][ T8321] Cannot create hsr debugfs directory
[  336.268583][ T5907] hsr_slave_0: left promiscuous mode
[  336.279912][ T5907] hsr_slave_1: left promiscuous mode
[  336.288997][ T5907] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  336.313404][ T5907] batman_adv: batadv0: Removing interface: batadv_slave_0
[  336.324657][ T5907] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  336.344658][ T5907] batman_adv: batadv0: Removing interface: batadv_slave_1
[  336.355645][ T5907] bridge_slave_1: left allmulticast mode
[  336.368658][ T5907] bridge_slave_1: left promiscuous mode
[  336.374496][ T5907] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.434879][ T5907] bridge_slave_0: left allmulticast mode
[  336.448465][ T5907] bridge_slave_0: left promiscuous mode
[  336.455001][ T5907] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.606810][ T5907] veth1_macvtap: left promiscuous mode
[  336.616570][ T5907] veth0_macvtap: left promiscuous mode
[  336.630228][ T5907] veth1_vlan: left promiscuous mode
[  336.641245][ T5907] veth0_vlan: left promiscuous mode
[  338.077448][ T8479] loop8: detected capacity change from 0 to 512
[  338.308736][ T8479] EXT4-fs error (device loop8): ext4_orphan_get:1398: inode #15: comm syz.8.498: inode has both inline data and extents flags
[  338.323773][ T8479] EXT4-fs error (device loop8): ext4_orphan_get:1403: comm syz.8.498: couldn't read orphan inode 15 (err -117)
[  338.346876][ T8479] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  340.124803][ T7472] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.427722][ T5907] team0 (unregistering): Port device team_slave_1 removed
[  340.573163][ T5907] team0 (unregistering): Port device team_slave_0 removed
[  340.700815][ T5907] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  340.821963][ T5907] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  341.426798][ T5907] bond0 (unregistering): Released all slaves
[  341.930867][ T8321] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  342.017959][ T8321] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  342.096013][ T8321] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  342.456492][ T8496] overlay: filesystem on ./bus is read-only
[  342.789466][ T8321] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  343.283352][ T8503] netlink: 12 bytes leftover after parsing attributes in process `syz.8.502'.
[  344.305990][ T8321] 8021q: adding VLAN 0 to HW filter on device bond0
[  344.367863][ T8321] 8021q: adding VLAN 0 to HW filter on device team0
[  344.430655][ T7572] bridge0: port 1(bridge_slave_0) entered blocking state
[  344.437878][ T7572] bridge0: port 1(bridge_slave_0) entered forwarding state
[  344.639958][ T5907] bridge0: port 2(bridge_slave_1) entered blocking state
[  344.647210][ T5907] bridge0: port 2(bridge_slave_1) entered forwarding state
[  345.188710][ T5082] Bluetooth: hci3: command 0x0406 tx timeout
[  345.325210][ T8537] loop7: detected capacity change from 0 to 512
[  345.544703][ T8537] EXT4-fs error (device loop7): ext4_orphan_get:1398: inode #15: comm syz.7.508: inode has both inline data and extents flags
[  345.577249][ T8537] EXT4-fs error (device loop7): ext4_orphan_get:1403: comm syz.7.508: couldn't read orphan inode 15 (err -117)
[  345.603987][ T8537] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  347.510377][ T8554] overlay: filesystem on ./bus is read-only
[  348.063356][ T8321] 8021q: adding VLAN 0 to HW filter on device batadv0
[  348.109374][ T7292] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.296566][ T8563] loop8: detected capacity change from 0 to 256
[  348.436681][ T8563] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  349.752395][ T8586] loop7: detected capacity change from 0 to 16
[  349.800985][ T8586] erofs: (device loop7): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  350.190432][ T8605] loop7: detected capacity change from 0 to 1024
[  350.270839][ T8605] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  350.280900][ T8605] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  350.303305][ T8605] EXT4-fs (loop7): invalid journal inode
[  350.310708][ T8605] EXT4-fs (loop7): can't get journal size
[  350.329082][ T8605] EXT4-fs error (device loop7): ext4_map_blocks:608: inode #3: block 17104912: comm syz.7.515: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  350.356059][ T8605] EXT4-fs (loop7): failed to initialize system zone (-117)
[  350.366101][ T8605] EXT4-fs (loop7): mount failed
[  350.913726][ T8611] loop8: detected capacity change from 0 to 512
[  352.583706][ T8623] overlay: filesystem on ./bus is read-only
[  352.626253][ T8611] EXT4-fs error (device loop8): ext4_orphan_get:1398: inode #15: comm syz.8.518: inode has both inline data and extents flags
[  352.670807][ T8611] EXT4-fs error (device loop8): ext4_orphan_get:1403: comm syz.8.518: couldn't read orphan inode 15 (err -117)
[  352.685421][ T8611] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.115814][ T8321] veth0_vlan: entered promiscuous mode
[  353.130605][ T8321] veth1_vlan: entered promiscuous mode
[  353.161659][ T8321] veth0_macvtap: entered promiscuous mode
[  353.172556][ T8321] veth1_macvtap: entered promiscuous mode
[  353.302330][ T8321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.343721][ T8321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.399593][ T8321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.435701][ T8321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.464946][ T8321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.506718][ T8321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.575911][ T8321] batman_adv: batadv0: Interface activated: batadv_slave_0
[  353.625241][ T7472] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.642568][ T8321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  353.828559][ T8321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.929333][ T8321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  354.617789][ T8321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.654787][ T8321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  354.756360][ T8321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.785215][ T8321] batman_adv: batadv0: Interface activated: batadv_slave_1
[  355.021377][ T8321] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  355.047161][ T8321] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  355.077178][ T8321] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  355.097869][ T8321] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  355.667281][ T7525] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  355.716559][ T7525] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  355.856529][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  355.884219][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  357.802964][ T8690] loop7: detected capacity change from 0 to 16
[  357.856418][ T8690] erofs: (device loop7): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  358.242937][ T8701] loop7: detected capacity change from 0 to 1024
[  358.304281][ T8701] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  358.315088][ T8701] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  358.332828][ T8701] EXT4-fs (loop7): invalid journal inode
[  358.338729][ T8701] EXT4-fs (loop7): can't get journal size
[  358.355730][ T8701] EXT4-fs error (device loop7): ext4_map_blocks:608: inode #3: block 17104912: comm syz.7.528: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  358.385711][ T8701] EXT4-fs (loop7): failed to initialize system zone (-117)
[  358.393234][ T8701] EXT4-fs (loop7): mount failed
[  359.004790][ T8704] overlayfs: failed to clone upperpath
[  359.856505][ T8713] overlay: filesystem on ./bus is read-only
[  361.415985][ T8739] loop7: detected capacity change from 0 to 4096
[  361.518987][ T8739] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  362.150888][ T7292] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.298677][ T6262] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  362.522512][ T6262] usb 10-1: unable to get BOS descriptor or descriptor too short
[  362.574262][ T6262] usb 10-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice= 0.40
[  362.591587][ T6262] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  362.630397][ T6262] usb 10-1: Product: syz
[  362.634745][ T6262] usb 10-1: Manufacturer: syz
[  362.662803][ T6262] usb 10-1: SerialNumber: syz
[  362.907139][ T8772] loop7: detected capacity change from 0 to 1024
[  362.933396][ T8772] EXT4-fs: Ignoring removed i_version option
[  362.973182][ T8772] EXT4-fs: Ignoring removed bh option
[  363.029638][ T8772] ext4: Unknown parameter 'noacl'
[  363.889527][ T6262] usb 10-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  364.177759][ T6262] usb 10-1: USB disconnect, device number 2
[  365.608757][ T8789] loop7: detected capacity change from 0 to 256
[  365.730775][ T8789] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x0726f69c, utbl_chksum : 0xe619d30d)
[  365.770719][ T7272] udevd[7272]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  365.852641][ T8789] syz.7.545: attempt to access beyond end of device
[  365.852641][ T8789] loop7: rw=524288, sector=34359738488, nr_sectors = 8 limit=256
[  365.909789][ T8789] syz.7.545: attempt to access beyond end of device
[  365.909789][ T8789] loop7: rw=0, sector=34359738488, nr_sectors = 8 limit=256
[  366.051965][   T27] audit: type=1800 audit(2000000259.130:1034): pid=8789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.545" name="file1" dev="loop7" ino=1048633 res=0 errno=0
[  366.639419][ T8812] overlay: filesystem on ./bus is read-only
[  367.203907][ T8813] loop8: detected capacity change from 0 to 512
[  367.380007][ T8813] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  367.418595][ T8813] ext4 filesystem being mounted at /50/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  368.212324][ T8829] overlay: ./file0 is not a directory
[  368.630807][ T8826] netlink: 24 bytes leftover after parsing attributes in process `syz.0.551'.
[  369.151947][ T7472] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.609044][ T8845] loop9: detected capacity change from 0 to 16
[  369.659741][ T8845] erofs: (device loop9): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  370.729084][ T8852] loop9: detected capacity change from 0 to 1024
[  370.747543][ T8852] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  370.757696][ T8852] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  370.772952][ T8852] EXT4-fs (loop9): invalid journal inode
[  370.778973][ T8852] EXT4-fs (loop9): can't get journal size
[  370.808013][ T8852] EXT4-fs error (device loop9): ext4_map_blocks:608: inode #3: block 17104912: comm syz.9.554: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  370.824547][ T8852] EXT4-fs (loop9): failed to initialize system zone (-117)
[  370.832023][ T8852] EXT4-fs (loop9): mount failed
[  373.341702][ T8881] overlay: filesystem on ./bus is read-only
[  374.388280][ T8893] loop7: detected capacity change from 0 to 256
[  374.724742][ T8895] overlay: ./file0 is not a directory
[  376.183896][ T8905] loop7: detected capacity change from 0 to 512
[  376.227054][ T8905] EXT4-fs error (device loop7): ext4_orphan_get:1398: inode #15: comm syz.7.564: inode has both inline data and extents flags
[  376.240924][ T8905] EXT4-fs error (device loop7): ext4_orphan_get:1403: comm syz.7.564: couldn't read orphan inode 15 (err -117)
[  376.293221][ T8905] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.015524][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  379.024402][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  379.148934][ T8914] loop9: detected capacity change from 0 to 4096
[  379.178352][ T8914] EXT4-fs: Ignoring removed mblk_io_submit option
[  379.286083][ T8914] EXT4-fs (loop9): Test dummy encryption mode enabled
[  379.406148][ T7292] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.417010][ T8914] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.782671][ T8936] loop7: detected capacity change from 0 to 512
[  379.819715][ T8936] ext4: Unknown parameter 'noacl'
[  380.374853][ T8943] overlay: filesystem on ./bus is read-only
[  380.844232][ T7268] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  380.896383][ T8936] loop7: detected capacity change from 0 to 512
[  380.897339][ T7268] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  380.929612][ T8936] EXT4-fs: Ignoring removed nobh option
[  381.001964][ T8936] EXT4-fs error (device loop7): ext4_iget_extra_inode:4732: inode #15: comm syz.7.569: corrupted in-inode xattr: overlapping e_value 
[  381.148565][ T8936] EXT4-fs error (device loop7): ext4_orphan_get:1403: comm syz.7.569: couldn't read orphan inode 15 (err -117)
[  381.216445][ T8936] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  381.390214][ T8321] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.794928][ T7292] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.038714][ T8959] loop9: detected capacity change from 0 to 256
[  382.152207][ T8959] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  384.029476][ T8979] netlink: 8 bytes leftover after parsing attributes in process `syz.7.578'.
[  384.075487][ T8979] netlink: 8 bytes leftover after parsing attributes in process `syz.7.578'.
[  384.590390][ T8975] loop9: detected capacity change from 0 to 512
[  384.700455][ T8975] EXT4-fs error (device loop9): ext4_orphan_get:1398: inode #15: comm syz.9.577: inode has both inline data and extents flags
[  384.723041][ T8975] EXT4-fs error (device loop9): ext4_orphan_get:1403: comm syz.9.577: couldn't read orphan inode 15 (err -117)
[  384.737186][ T8975] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  386.411660][ T8321] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.355783][ T9013] overlay: filesystem on ./bus is read-only
[  389.475537][ T9041] loop8: detected capacity change from 0 to 16
[  389.497468][ T9041] erofs: (device loop8): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  389.869845][ T9042] loop8: detected capacity change from 0 to 1024
[  389.933928][ T9042] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  389.943877][ T9042] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  389.960714][ T9042] EXT4-fs (loop8): invalid journal inode
[  389.966498][ T9042] EXT4-fs (loop8): can't get journal size
[  389.978974][ T9042] EXT4-fs error (device loop8): ext4_map_blocks:608: inode #3: block 17104912: comm syz.8.586: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  390.002252][ T9042] EXT4-fs (loop8): failed to initialize system zone (-117)
[  390.010028][ T9042] EXT4-fs (loop8): mount failed
[  393.636220][ T9074] overlay: filesystem on ./bus is read-only
[  394.863810][ T9083] overlayfs: failed to clone upperpath
[  398.489880][ T9117] process 'syz.0.599' launched './file0' with NULL argv: empty string added
[  399.822299][ T9129] overlayfs: failed to clone upperpath
[  400.172336][ T5082] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  400.193796][ T5082] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  400.209719][ T5082] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  400.219999][ T5082] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  400.230109][ T5082] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  400.237983][ T5082] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  401.565654][ T9155] loop9: detected capacity change from 0 to 1024
[  401.652400][ T1031] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.664328][ T9155] EXT4-fs: Ignoring removed mblk_io_submit option
[  401.764942][ T9132] chnl_net:caif_netlink_parms(): no params data found
[  401.885854][ T9155] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  402.025150][ T1031] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.348810][ T5082] Bluetooth: hci4: command tx timeout
[  402.532656][ T1031] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.665274][ T9174] overlayfs: failed to clone upperpath
[  403.555508][ T1031] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.780049][ T9132] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.831687][ T9132] bridge0: port 1(bridge_slave_0) entered disabled state
[  403.866643][ T9132] bridge_slave_0: entered allmulticast mode
[  403.884796][ T9132] bridge_slave_0: entered promiscuous mode
[  403.907073][ T9132] bridge0: port 2(bridge_slave_1) entered blocking state
[  403.928702][ T9132] bridge0: port 2(bridge_slave_1) entered disabled state
[  403.946555][ T9132] bridge_slave_1: entered allmulticast mode
[  403.958055][ T9132] bridge_slave_1: entered promiscuous mode
[  404.054239][ T9132] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  404.091908][ T9132] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  404.231625][ T9132] team0: Port device team_slave_0 added
[  404.280371][ T9132] team0: Port device team_slave_1 added
[  404.367481][ T9132] batman_adv: batadv0: Adding interface: batadv_slave_0
[  404.387625][ T9132] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  404.413804][ T5082] Bluetooth: hci4: command tx timeout
[  404.450686][ T9132] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  404.470998][ T9132] batman_adv: batadv0: Adding interface: batadv_slave_1
[  404.488492][ T9132] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  404.577162][ T9132] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  404.613816][   T27] audit: type=1800 audit(2000000297.730:1035): pid=9155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.604" name="file1" dev="loop9" ino=15 res=0 errno=0
[  404.725613][ T9193] loop8: detected capacity change from 0 to 16
[  404.775125][ T9193] erofs: (device loop8): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  405.005237][ T9132] hsr_slave_0: entered promiscuous mode
[  405.062549][ T8321] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.113340][ T9132] hsr_slave_1: entered promiscuous mode
[  405.157228][ T9132] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  405.206218][ T9132] Cannot create hsr debugfs directory
[  405.532038][ T9203] loop8: detected capacity change from 0 to 1024
[  405.595925][ T9203] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  405.663301][ T9203] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  405.717160][ T9203] EXT4-fs (loop8): invalid journal inode
[  405.748970][ T9203] EXT4-fs (loop8): can't get journal size
[  405.841377][ T9203] EXT4-fs error (device loop8): ext4_map_blocks:608: inode #3: block 17104912: comm syz.8.612: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  406.058961][ T9203] EXT4-fs (loop8): failed to initialize system zone (-117)
[  406.066372][ T9203] EXT4-fs (loop8): mount failed
[  406.089991][ T9210] loop9: detected capacity change from 0 to 256
[  406.159500][ T9210] exfat: Deprecated parameter 'utf8'
[  406.209651][ T9210] exfat: Deprecated parameter 'utf8'
[  406.215122][ T9210] exfat: Deprecated parameter 'utf8'
[  406.380489][ T9210] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x0afbdf60, utbl_chksum : 0xe619d30d)
[  406.469292][ T5082] Bluetooth: hci4: command tx timeout
[  408.548507][ T5082] Bluetooth: hci4: command tx timeout
[  409.718982][ T9265] loop8: detected capacity change from 0 to 1024
[  409.726395][ T9265] EXT4-fs: Ignoring removed mblk_io_submit option
[  410.185735][ T9265] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  410.623599][ T9265] ==================================================================
[  410.631752][ T9265] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x94b/0x1e90
[  410.639586][ T9265] Read of size 18446744073709551588 at addr ffff888064f5c040 by task syz.8.617/9265
[  410.648998][ T9265] 
[  410.651388][ T9265] CPU: 0 PID: 9265 Comm: syz.8.617 Not tainted syzkaller #0
[  410.658729][ T9265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  410.668845][ T9265] Call Trace:
[  410.672177][ T9265]  <TASK>
[  410.675235][ T9265]  dump_stack_lvl+0x18c/0x250
[  410.679972][ T9265]  ? read_lock_is_recursive+0x20/0x20
[  410.685412][ T9265]  ? show_regs_print_info+0x20/0x20
[  410.690672][ T9265]  ? load_image+0x400/0x400
[  410.695238][ T9265]  ? _raw_spin_lock_irqsave+0xc0/0x100
[  410.700761][ T9265]  ? __virt_addr_valid+0x18c/0x540
[  410.706023][ T9265]  ? __virt_addr_valid+0x469/0x540
[  410.711193][ T9265]  print_report+0xa8/0x210
[  410.715671][ T9265]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  410.721456][ T9265]  kasan_report+0x117/0x150
[  410.726022][ T9265]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  410.731590][ T9265]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  410.737117][ T9265]  kasan_check_range+0x241/0x290
[  410.742117][ T9265]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  410.747644][ T9265]  __asan_memmove+0x29/0x70
[  410.752290][ T9265]  ext4_xattr_set_entry+0x94b/0x1e90
[  410.757652][ T9265]  ext4_xattr_block_set+0xae8/0x32b0
[  410.763003][ T9265]  ? ext4_destroy_inode+0x200/0x200
[  410.768270][ T9265]  ? proc_nr_inodes+0x230/0x230
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  410.773187][ T9265]  ? do_raw_spin_unlock+0x121/0x230
[  410.778453][ T9265]  ? _raw_spin_unlock+0x28/0x40
[  410.783361][ T9265]  ? ext4_xattr_block_find+0x350/0x350
[  410.788888][ T9265]  ? ext4_xattr_ibody_set+0x50d/0x6a0
[  410.794321][ T9265]  ext4_xattr_set_handle+0x1280/0x14c0
[  410.799857][ T9265]  ? ext4_xattr_inode_free_quota+0x1b0/0x1b0
[  410.805905][ T9265]  ? __ext4_journal_start_sb+0x259/0x560
[  410.811619][ T9265]  ext4_xattr_set+0x252/0x340
[  410.816368][ T9265]  ? end_current_label_crit_section+0x170/0x170
[  410.822762][ T9265]  ? ext4_xattr_set_credits+0x2f0/0x2f0
[  410.828379][ T9265]  ? posix_xattr_acl+0x93/0xb0
[  410.833196][ T9265]  ? ext4_xattr_trusted_get+0x40/0x40
[  410.838702][ T9265]  __vfs_setxattr+0x431/0x470
[  410.843446][ T9265]  __vfs_setxattr_noperm+0x12d/0x5e0
[  410.848786][ T9265]  vfs_setxattr+0x16b/0x2f0
[  410.853367][ T9265]  ? xattr_permission+0x470/0x470
[  410.858453][ T9265]  ? __mnt_want_write+0x223/0x2a0
[  410.863709][ T9265]  ? path_setxattr+0x3a1/0x5d0
[  410.868533][ T9265]  path_setxattr+0x3f3/0x5d0
[  410.873184][ T9265]  ? simple_xattrs_free+0x150/0x150
[  410.878455][ T9265]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  410.884487][ T9265]  ? lock_chain_count+0x20/0x20
[  410.889540][ T9265]  __x64_sys_lsetxattr+0xb8/0xd0
[  410.894574][ T9265]  do_syscall_64+0x55/0xa0
[  410.899054][ T9265]  ? clear_bhb_loop+0x40/0x90
[  410.903812][ T9265]  ? clear_bhb_loop+0x40/0x90
[  410.908585][ T9265]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  410.914530][ T9265] RIP: 0033:0x7fa6e699c819
[  410.918999][ T9265] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  410.938651][ T9265] RSP: 002b:00007fa6e77b3028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  410.947128][ T9265] RAX: ffffffffffffffda RBX: 00007fa6e6c15fa0 RCX: 00007fa6e699c819
[  410.955168][ T9265] RDX: 0000200000000380 RSI: 0000200000000180 RDI: 00002000000001c0
[  410.963319][ T9265] RBP: 00007fa6e6a32c91 R08: 0000000000000000 R09: 0000000000000000
[  410.971528][ T9265] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000
[  410.979651][ T9265] R13: 00007fa6e6c16038 R14: 00007fa6e6c15fa0 R15: 00007ffd7f5cf2d8
[  410.987705][ T9265]  </TASK>
[  410.990769][ T9265] 
[  410.993142][ T9265] Allocated by task 9265:
[  410.997505][ T9265]  kasan_set_track+0x4e/0x70
[  411.002143][ T9265]  __kasan_kmalloc+0x8f/0xa0
[  411.006828][ T9265]  __kmalloc_node_track_caller+0xb2/0x230
[  411.012701][ T9265]  kmemdup+0x2b/0x70
[  411.016650][ T9265]  ext4_xattr_block_set+0x9ea/0x32b0
[  411.021998][ T9265]  ext4_xattr_set_handle+0x1280/0x14c0
[  411.027506][ T9265]  ext4_xattr_set+0x252/0x340
[  411.032330][ T9265]  __vfs_setxattr+0x431/0x470
[  411.037067][ T9265]  __vfs_setxattr_noperm+0x12d/0x5e0
[  411.042595][ T9265]  vfs_setxattr+0x16b/0x2f0
[  411.047150][ T9265]  path_setxattr+0x3f3/0x5d0
[  411.051814][ T9265]  __x64_sys_lsetxattr+0xb8/0xd0
[  411.056891][ T9265]  do_syscall_64+0x55/0xa0
[  411.061406][ T9265]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  411.067440][ T9265] 
[  411.069805][ T9265] Last potentially related work creation:
[  411.075672][ T9265]  kasan_save_stack+0x3e/0x60
[  411.080425][ T9265]  __kasan_record_aux_stack+0xaf/0xc0
[  411.085964][ T9265]  insert_work+0x3d/0x310
[  411.090361][ T9265]  __queue_work+0xd2c/0x1020
[  411.095169][ T9265]  queue_work_on+0x128/0x1f0
[  411.099806][ T9265]  cleanup_net+0x70a/0xbb0
[  411.104289][ T9265]  process_scheduled_works+0xa5d/0x15d0
[  411.109914][ T9265]  worker_thread+0xa55/0xfc0
[  411.114645][ T9265]  kthread+0x2fa/0x390
[  411.118763][ T9265]  ret_from_fork+0x48/0x80
[  411.123243][ T9265]  ret_from_fork_asm+0x11/0x20
[  411.128075][ T9265] 
[  411.130434][ T9265] The buggy address belongs to the object at ffff888064f5c000
[  411.130434][ T9265]  which belongs to the cache kmalloc-1k of size 1024
[  411.144550][ T9265] The buggy address is located 64 bytes inside of
[  411.144550][ T9265]  1024-byte region [ffff888064f5c000, ffff888064f5c400)
[  411.158053][ T9265] 
[  411.160505][ T9265] The buggy address belongs to the physical page:
[  411.166952][ T9265] page:ffffea000193d600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64f58
[  411.177153][ T9265] head:ffffea000193d600 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  411.186144][ T9265] anon flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  411.194626][ T9265] page_type: 0xffffffff()
[  411.199025][ T9265] raw: 00fff00000000840 ffff888017c41dc0 0000000000000000 dead000000000001
[  411.207654][ T9265] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  411.216277][ T9265] page dumped because: kasan: bad access detected
[  411.222732][ T9265] page_owner tracks the page as allocated
[  411.228998][ T9265] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 1140, tgid 1140 (kworker/u4:7), ts 256262125213, free_ts 256238928675
[  411.249901][ T9265]  post_alloc_hook+0x1c1/0x200
[  411.254732][ T9265]  get_page_from_freelist+0x1951/0x19e0
[  411.260321][ T9265]  __alloc_pages+0x1f0/0x460
[  411.265044][ T9265]  alloc_slab_page+0x5d/0x160
[  411.269944][ T9265]  new_slab+0x87/0x2d0
[  411.274067][ T9265]  ___slab_alloc+0xc5d/0x12f0
[  411.278799][ T9265]  __kmem_cache_alloc_node+0x19e/0x250
[  411.284312][ T9265]  __kmalloc+0xa4/0x230
[  411.288580][ T9265]  ieee802_11_parse_elems_full+0xb9/0x20c0
[  411.294441][ T9265]  ieee80211_ibss_rx_queued_mgmt+0x4b5/0x2c80
[  411.300553][ T9265]  ieee80211_iface_work+0x717/0xc70
[  411.305794][ T9265]  cfg80211_wiphy_work+0x225/0x260
[  411.310946][ T9265]  process_scheduled_works+0xa5d/0x15d0
[  411.316545][ T9265]  worker_thread+0xa55/0xfc0
[  411.321188][ T9265]  kthread+0x2fa/0x390
[  411.325314][ T9265]  ret_from_fork+0x48/0x80
[  411.329788][ T9265] page last free stack trace:
[  411.334591][ T9265]  free_unref_page_prepare+0x7b2/0x8c0
[  411.340118][ T9265]  free_unref_page+0x32/0x2e0
[  411.344857][ T9265]  __unfreeze_partials+0x1cf/0x210
[  411.350032][ T9265]  put_cpu_partial+0x17c/0x250
[  411.354852][ T9265]  __slab_free+0x319/0x400
[  411.359317][ T9265]  qlist_free_all+0x75/0xd0
[  411.363884][ T9265]  kasan_quarantine_reduce+0x143/0x160
[  411.369410][ T9265]  __kasan_slab_alloc+0x22/0x80
[  411.374403][ T9265]  slab_post_alloc_hook+0x6e/0x4b0
[  411.379571][ T9265]  kmem_cache_alloc_node+0x14c/0x320
[  411.384917][ T9265]  __alloc_skb+0x103/0x2c0
[  411.389378][ T9265]  mld_newpack+0x154/0xbe0
[  411.393854][ T9265]  add_grhead+0x5a/0x2a0
[  411.398406][ T9265]  add_grec+0x13ad/0x1660
[  411.402873][ T9265]  mld_send_initial_cr+0xed/0x240
[  411.407954][ T9265]  ipv6_mc_dad_complete+0x88/0x210
[  411.413119][ T9265] 
[  411.415472][ T9265] Memory state around the buggy address:
[  411.421134][ T9265]  ffff888064f5bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  411.429243][ T9265]  ffff888064f5bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  411.437361][ T9265] >ffff888064f5c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  411.445560][ T9265]                                            ^
[  411.451756][ T9265]  ffff888064f5c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  411.459868][ T9265]  ffff888064f5c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  411.467981][ T9265] ==================================================================
[  411.669574][ T9265] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  411.676848][ T9265] CPU: 1 PID: 9265 Comm: syz.8.617 Not tainted syzkaller #0
[  411.684177][ T9265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  411.694273][ T9265] Call Trace:
[  411.697602][ T9265]  <TASK>
[  411.700586][ T9265]  dump_stack_lvl+0x18c/0x250
[  411.705339][ T9265]  ? show_regs_print_info+0x20/0x20
[  411.710600][ T9265]  ? load_image+0x400/0x400
[  411.715257][ T9265]  panic+0x2dc/0x730
[  411.719235][ T9265]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  411.725697][ T9265]  ? bpf_jit_dump+0xd0/0xd0
[  411.730250][ T9265]  ? _raw_spin_unlock_irqrestore+0x111/0x120
[  411.736292][ T9265]  ? _raw_spin_unlock+0x40/0x40
[  411.741212][ T9265]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  411.746730][ T9265]  check_panic_on_warn+0x84/0xa0
[  411.751717][ T9265]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  411.757247][ T9265]  end_report+0x6f/0x130
[  411.761614][ T9265]  kasan_report+0x128/0x150
[  411.766161][ T9265]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  411.771687][ T9265]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  411.777367][ T9265]  kasan_check_range+0x241/0x290
[  411.782459][ T9265]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  411.787987][ T9265]  __asan_memmove+0x29/0x70
[  411.792564][ T9265]  ext4_xattr_set_entry+0x94b/0x1e90
[  411.797918][ T9265]  ext4_xattr_block_set+0xae8/0x32b0
[  411.803311][ T9265]  ? ext4_destroy_inode+0x200/0x200
[  411.808576][ T9265]  ? proc_nr_inodes+0x230/0x230
[  411.813478][ T9265]  ? do_raw_spin_unlock+0x121/0x230
[  411.818763][ T9265]  ? _raw_spin_unlock+0x28/0x40
[  411.823668][ T9265]  ? ext4_xattr_block_find+0x350/0x350
[  411.829176][ T9265]  ? ext4_xattr_ibody_set+0x50d/0x6a0
[  411.834616][ T9265]  ext4_xattr_set_handle+0x1280/0x14c0
[  411.840134][ T9265]  ? ext4_xattr_inode_free_quota+0x1b0/0x1b0
[  411.847046][ T9265]  ? __ext4_journal_start_sb+0x259/0x560
[  411.852753][ T9265]  ext4_xattr_set+0x252/0x340
[  411.857491][ T9265]  ? end_current_label_crit_section+0x170/0x170
[  411.863806][ T9265]  ? ext4_xattr_set_credits+0x2f0/0x2f0
[  411.869424][ T9265]  ? posix_xattr_acl+0x93/0xb0
[  411.874246][ T9265]  ? ext4_xattr_trusted_get+0x40/0x40
[  411.879691][ T9265]  __vfs_setxattr+0x431/0x470
[  411.884570][ T9265]  __vfs_setxattr_noperm+0x12d/0x5e0
[  411.889912][ T9265]  vfs_setxattr+0x16b/0x2f0
[  411.894467][ T9265]  ? xattr_permission+0x470/0x470
[  411.899580][ T9265]  ? __mnt_want_write+0x223/0x2a0
[  411.904660][ T9265]  ? path_setxattr+0x3a1/0x5d0
[  411.909482][ T9265]  path_setxattr+0x3f3/0x5d0
[  411.914136][ T9265]  ? simple_xattrs_free+0x150/0x150
[  411.919588][ T9265]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  411.925645][ T9265]  ? lock_chain_count+0x20/0x20
[  411.930554][ T9265]  __x64_sys_lsetxattr+0xb8/0xd0
[  411.935552][ T9265]  do_syscall_64+0x55/0xa0
[  411.940039][ T9265]  ? clear_bhb_loop+0x40/0x90
[  411.944787][ T9265]  ? clear_bhb_loop+0x40/0x90
[  411.949535][ T9265]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  411.955485][ T9265] RIP: 0033:0x7fa6e699c819
[  411.960055][ T9265] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  411.979800][ T9265] RSP: 002b:00007fa6e77b3028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  411.988266][ T9265] RAX: ffffffffffffffda RBX: 00007fa6e6c15fa0 RCX: 00007fa6e699c819
[  411.996401][ T9265] RDX: 0000200000000380 RSI: 0000200000000180 RDI: 00002000000001c0
[  412.004424][ T9265] RBP: 00007fa6e6a32c91 R08: 0000000000000000 R09: 0000000000000000
[  412.012480][ T9265] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000
[  412.020589][ T9265] R13: 00007fa6e6c16038 R14: 00007fa6e6c15fa0 R15: 00007ffd7f5cf2d8
[  412.028798][ T9265]  </TASK>
[  412.032540][ T9265] Kernel Offset: disabled
[  412.036907][ T9265] Rebooting in 86400 seconds..