last executing test programs:

2.320657462s ago: executing program 1 (id=650):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000540)={0xfffffffffffffffc, 0x608000, 0x800, 0x700, 0x2}, 0x5d)

2.266833048s ago: executing program 1 (id=651):
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x81})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0, 0x0)

2.078101732s ago: executing program 1 (id=657):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201050037057b082d0800014b702c02030109021200070100a0000904"], 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
madvise(&(0x7f0000130000/0xd000)=nil, 0xd000, 0x66)

1.790177555s ago: executing program 2 (id=667):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000100fffffffffbffaaaa88aaaabb08060001080006040001e5"], 0x2e)

1.589660435s ago: executing program 2 (id=669):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$pvfs2(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180), 0x8000, &(0x7f00000006c0)={[{'acl'}]})

1.48987842s ago: executing program 2 (id=670):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000380)={<r1=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000240)={r1, 0x1, r0, 0x6})

845.310416ms ago: executing program 1 (id=671):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSETELEM={0x58, 0xe, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x10, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x4, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x6}]}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xc8}}, 0x0)

750.230038ms ago: executing program 1 (id=672):
r0 = socket(0x1e, 0x2, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000480), 0x4)
sendmsg$tipc(r0, &(0x7f0000000200)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x1, 0x0, 0x2}}, 0x10, 0x0}, 0x4000001)
recvmmsg(r0, &(0x7f00000008c0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000a40)=""/188, 0xbc}], 0x1, &(0x7f0000000500)=""/87, 0x57}}], 0x1, 0x0, 0x0)

678.546948ms ago: executing program 1 (id=673):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6", 0x4d}], 0x1, 0x0, 0x0, 0x1f000801}, 0x4000000)

625.079837ms ago: executing program 2 (id=677):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x400448e3, &(0x7f0000000100)={0x0, 0x4000, '\x00', 0x2})

559.929397ms ago: executing program 2 (id=678):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c84, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x441f, &(0x7f0000008940)="$eJzs3c9PHFUcAPA3A1qobYXaQ01M3MQmGjUEelJpIqW0FFqsqbYxXrYLbFt0YRtYjIce8NbEk4kH46HRxBunhoPX+id48VjPTfTgxcSkEbO7s8AMbFmRBdt8PkkZ5v1mvzNv3xymL05Ubs4s5GYWcoW5XHnq+sLJ3Gfl0uJsMcR7ZL/7pzXtiJPY759LZ859cPVkCD9N//JwdfVAeJyBDb//+cftqY3HhjhTp9ruYxv9zz4OIRzbNK6qjhDCRz+GEIUQTidpw8mxO4RwJNTzrt7+8lpul0Zz70HxVP7RxJ2VwRPjy3dXmv/tUQjfll5888bsb690DP76+i51DwAAAAAAAAAAAAAAAADAE2708qUr7/cPhPtR6FyONr+vO5ocm70fu7prXm7/HwsAAAAAAAAAAAAAAAAAAAD/U+vv/+eio1u8/z+SHIea1F99t/1jpH3G3rs0crZ/INn/PdqU/1aS9PvpjtC7xb7v2f3fT2fqb73/++Z+dqoxvka/PSGK+1LncdzXF8L3ycbvx6ODcam8UHnjenlxbnrXhvHESse/vnt/KjrJhv6txn8403779/9/YdPVVD2/tnuX2FMtHf+OpuV++CJqKf5nMvX2Iv7sXDr+nbW07o0FhuoTQDX+X3VuH/+RTPvtiv+REEIuqo41tz4DNC7fqPl6hbR0/J+ppUXr0/7aB9ns/v8rE/+zmfb3a/5fyn4RsaV0/J+tpXWlSqzf/73x9vf/uUz7+xH/6viXfP+3JB3/A/XEzlSR2ifZ6vw/mmm/XfG/EifjPBKlroDlqJ7e7P+rIy0d/65N+evPf3FL67/zmfp79fzX6Lfx/NeY/l+L6s9/bC0d/+6m5Vq9/8cy9do9/w/V1n/sVDr+B2tp6bVzT+1nq/Efz7TfrvjXViVdjfivzyd/H6inf2f915J0/J+rJ8YbSyzVftbWf9H26/8Lmfb3Y/1XHf9S3N5enxbp+B9qWq4a/59b+P6/mKnX/viH0G+tv2Pp+B9uWq52/3dtH/+JTL12x//VdjYOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8AQYTo49IYr7Uudx3NcXwpnk/Hg4GE0WpvOTpfLUpwshjCTpuXA0ulEqTxZK+Zm58nQxXyiVylMhnE3yj4WuaKFUruRnC7fOrbXVHd0sFuYrk8VCJYQwmqS/FA432pqcqcwWboUQzq/lPR+X52/dLMzlp2fm3+nv7+8PY2tj6I2Kn1eKc5V67/XcEMbX6vZEGwZXy76wNpZD0Sflxfm5QqmWfnFDnVJ5qlDaUGciyfs69EaV+cW5qUKlmC+VbzT6209DyXFk7PKHly8ObMq/FtWPw3s7LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+pfuDb38TQuisn8UhhFyU/BIl/1LuPSieyj+auLMyeGJ8+e7Kw63KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/sAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYVdOkaJGIjCAPxmRLT0GFYh6WwjimhhRPAEegwPo0fxEt7BwsLWYlnYTCAkG0izW31f80h+Zt6DeQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsN7dc/fyVDcRKc43ZxFfb98/4/yh1I/r/edPjjAjh3P/2N3c1k159zTLr8qv3zbv0v+/99fo62mMvgefkz2Z7lNv3mdqad+W5hv6XkTKVUS0Jb9MOVfVursAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC07cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZR9G0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwKwAA//8hvRzL")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0)

559.501432ms ago: executing program 0 (id=679):
r0 = socket(0x1d, 0x2, 0x6)
accept4$tipc(r0, 0x0, 0x0, 0x80800)

510.764114ms ago: executing program 0 (id=680):
prctl$PR_MCE_KILL(0x4e, 0x1, 0x1)

509.737404ms ago: executing program 0 (id=681):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x4d}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80)

295.416915ms ago: executing program 0 (id=682):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000500)=ANY=[], 0x48}}, 0x0)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)={0x40, 0xb, 0x6, 0x3, 0x0, 0x0, {0x1, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_NAME={0x9, 0x12, 'syz1\x00'}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x7}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x44080}, 0x4000002)

295.262898ms ago: executing program 0 (id=683):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@ipv6_delrule={0x40, 0x21, 0x1, 0x0, 0x25dfdbfd, {0xa, 0x20, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x10}, [@FRA_DST={0x14, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @FIB_RULE_POLICY=@FRA_PRIORITY={0x8, 0x6, 0x80}, @FIB_RULE_POLICY=@FRA_TABLE={0x8, 0xf, 0xfe}]}, 0x40}}, 0x0)

294.893622ms ago: executing program 0 (id=684):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0xea}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x282, 0x0)
setresgid(0xee00, 0xee01, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_AUTOCLOSE(r4, 0x84, 0x4, &(0x7f0000000040)=0x3, 0x4)
sendmsg$inet_sctp(r4, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0xc851)
sendmmsg$inet_sctp(r4, &(0x7f0000001880)=[{&(0x7f0000000000)=@in={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@sndinfo={0x20, 0x84, 0x2, {0x2, 0x200, 0xb54, 0xffff070d}}], 0x20}], 0x1, 0x10)

0s ago: executing program 2 (id=685):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000180)=0x2, 0x4)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000240)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f13736080000000000000096c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb042d200", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:38364' (ED25519) to the list of known hosts.
syzkaller login: [   48.074751][ T5834] cgroup: Unknown subsys name 'net'
[   48.190986][ T5834] cgroup: Unknown subsys name 'cpuset'
[   48.196641][ T5834] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   49.493107][ T5834] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   56.349497][ T5927] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   60.073284][ T5939] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   60.077015][ T5939] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   60.079594][ T5939] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   60.082597][ T5939] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   60.085749][ T5939] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   60.150669][ T5237] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   60.153997][ T5237] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   60.156948][ T5237] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   60.162425][ T5237] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   60.174481][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   60.189908][ T5945] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   60.193549][ T5950] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   60.193803][ T5945] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   60.199402][ T5945] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   60.200504][ T5950] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   60.307753][ T5938] chnl_net:caif_netlink_parms(): no params data found
[   60.394670][ T5938] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.397582][ T5938] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.400875][ T5938] bridge_slave_0: entered allmulticast mode
[   60.403738][ T5938] bridge_slave_0: entered promiscuous mode
[   60.408278][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.410569][ T5938] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.412863][ T5938] bridge_slave_1: entered allmulticast mode
[   60.415794][ T5938] bridge_slave_1: entered promiscuous mode
[   60.467820][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.474259][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.544623][ T5942] chnl_net:caif_netlink_parms(): no params data found
[   60.551153][ T5938] team0: Port device team_slave_0 added
[   60.558566][ T5938] team0: Port device team_slave_1 added
[   60.583022][ T5943] chnl_net:caif_netlink_parms(): no params data found
[   60.598824][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.601054][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.609613][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.619715][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.621887][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.630291][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.718936][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.721366][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.723747][ T5942] bridge_slave_0: entered allmulticast mode
[   60.726935][ T5942] bridge_slave_0: entered promiscuous mode
[   60.730660][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.732887][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.735074][ T5942] bridge_slave_1: entered allmulticast mode
[   60.737877][ T5942] bridge_slave_1: entered promiscuous mode
[   60.740207][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.742805][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.745170][ T5943] bridge_slave_0: entered allmulticast mode
[   60.747843][ T5943] bridge_slave_0: entered promiscuous mode
[   60.771278][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.774246][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.778769][ T5943] bridge_slave_1: entered allmulticast mode
[   60.781388][ T5943] bridge_slave_1: entered promiscuous mode
[   60.787343][ T5938] hsr_slave_0: entered promiscuous mode
[   60.789759][ T5938] hsr_slave_1: entered promiscuous mode
[   60.821669][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.842498][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.848247][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.878706][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.903718][ T5942] team0: Port device team_slave_0 added
[   60.933564][ T5942] team0: Port device team_slave_1 added
[   60.960920][ T5943] team0: Port device team_slave_0 added
[   60.974826][ T5943] team0: Port device team_slave_1 added
[   60.977632][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.979771][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.989135][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.996673][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.999100][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.009355][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   61.059093][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0
[   61.061978][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.073213][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   61.097203][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1
[   61.099809][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.111182][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   61.124495][ T5942] hsr_slave_0: entered promiscuous mode
[   61.127472][ T5942] hsr_slave_1: entered promiscuous mode
[   61.129709][ T5942] debugfs: 'hsr0' already exists in 'hsr'
[   61.131900][ T5942] Cannot create hsr debugfs directory
[   61.207864][ T5943] hsr_slave_0: entered promiscuous mode
[   61.210237][ T5943] hsr_slave_1: entered promiscuous mode
[   61.212346][ T5943] debugfs: 'hsr0' already exists in 'hsr'
[   61.214108][ T5943] Cannot create hsr debugfs directory
[   61.279029][ T5938] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   61.290992][ T5938] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   61.305347][ T5938] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   61.329596][ T5938] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   61.413684][ T5942] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   61.421173][ T5942] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   61.427658][ T5942] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   61.433186][ T5942] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   61.487086][ T5943] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   61.493388][ T5943] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   61.504647][ T5943] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   61.509774][ T5943] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   61.557224][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.564046][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.585553][ T5938] 8021q: adding VLAN 0 to HW filter on device team0
[   61.594568][ T5942] 8021q: adding VLAN 0 to HW filter on device team0
[   61.604065][ T3684] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.606556][ T3684] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.611752][ T3684] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.613974][ T3684] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.632092][ T3684] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.634579][ T3684] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.645449][ T3684] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.647807][ T3684] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.663065][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.709580][ T5943] 8021q: adding VLAN 0 to HW filter on device team0
[   61.725213][ T2192] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.727821][ T2192] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.734930][ T2192] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.737362][ T2192] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.814326][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.860870][ T5938] veth0_vlan: entered promiscuous mode
[   61.868384][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.875066][ T5938] veth1_vlan: entered promiscuous mode
[   61.898014][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.920337][ T5938] veth0_macvtap: entered promiscuous mode
[   61.924613][ T5942] veth0_vlan: entered promiscuous mode
[   61.935575][ T5938] veth1_macvtap: entered promiscuous mode
[   61.955390][ T5942] veth1_vlan: entered promiscuous mode
[   61.959746][ T5943] veth0_vlan: entered promiscuous mode
[   61.963283][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.968650][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.977469][ T5943] veth1_vlan: entered promiscuous mode
[   61.991207][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.994578][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.998270][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.009436][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.015485][ T5942] veth0_macvtap: entered promiscuous mode
[   62.025780][ T5942] veth1_macvtap: entered promiscuous mode
[   62.045896][ T5943] veth0_macvtap: entered promiscuous mode
[   62.058705][ T5943] veth1_macvtap: entered promiscuous mode
[   62.074564][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.080512][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.091478][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.096139][ T5951] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.108352][ T5951] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.111059][ T5951] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.116956][ T5945] Bluetooth: hci0: command tx timeout
[   62.120902][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.125927][ T5951] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.132524][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.135020][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.149498][ T5951] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.152324][ T5951] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.155178][ T5951] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.161795][ T5951] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.192551][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.195424][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.218972][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.221435][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.262068][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.264584][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.267861][ T5945] Bluetooth: hci1: command tx timeout
[   62.267883][ T5950] Bluetooth: hci2: command tx timeout
[   62.294295][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.299025][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.332453][ T3684] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.335527][ T3684] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.375505][ T6008] Zero length message leads to an empty skb
[   62.499480][ T5989] IPVS: starting estimator thread 0...
[   62.507819][ T5975] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   62.513623][ T6024] warning: `syz.1.81' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   62.587713][ T6022] IPVS: using max 78 ests per chain, 187200 per kthread
[   62.623140][ T6036] use of bytesused == 0 is deprecated and will be removed in the future,
[   62.628271][ T6036] use the actual size instead.
[   62.669218][ T5975] usb 1-1: Using ep0 maxpacket: 16
[   62.679286][ T5975] usb 1-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   62.691995][ T5975] usb 1-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   62.700384][ T5975] usb 1-1: config 0 interface 0 has no altsetting 0
[   62.702492][ T5975] usb 1-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00
[   62.705388][ T5975] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   62.733898][ T5975] usb 1-1: config 0 descriptor??
[   62.793665][ T6052] comedi comedi0: Minor 48 is invalid!
[   62.822096][ T6054] mmap: syz.2.96 (6054) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   63.145551][ T5975] mcp2200 0003:04D8:00DF.0001: collection stack underflow
[   63.153768][ T5975] mcp2200 0003:04D8:00DF.0001: item 0 4 0 12 parsing failed
[   63.160007][ T5975] mcp2200 0003:04D8:00DF.0001: can't parse reports
[   63.162186][ T5975] mcp2200 0003:04D8:00DF.0001: probe with driver mcp2200 failed with error -22
[   63.351889][ T5975] usb 1-1: USB disconnect, device number 2
[   63.486323][ T6017] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   63.636348][ T6017] usb 2-1: Using ep0 maxpacket: 32
[   63.639446][ T6017] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[   63.643413][ T6017] usb 2-1: config 0 has no interface number 0
[   63.645730][ T6017] usb 2-1: config 0 interface 184 has no altsetting 0
[   63.650416][ T6017] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[   63.653464][ T6017] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   63.656789][ T6017] usb 2-1: Product: syz
[   63.658111][ T6017] usb 2-1: Manufacturer: syz
[   63.659609][ T6017] usb 2-1: SerialNumber: syz
[   63.662951][ T6017] usb 2-1: config 0 descriptor??
[   63.667044][ T6017] smsc75xx v1.0.0
[   63.668277][ T6017] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[   63.671614][ T6017] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -22
[   63.869249][ T6017] usb 2-1: USB disconnect, device number 2
[   63.903088][ T6081] Driver unsupported XDP return value 0 on prog  (id 6) dev N/A, expect packet loss!
[   64.186582][ T5950] Bluetooth: hci0: command tx timeout
[   64.305601][ T6096] binder: 6095:6096 ioctl c0306201 2000000001c0 returned -22
[   64.346678][ T5950] Bluetooth: hci2: command tx timeout
[   64.346700][ T5945] Bluetooth: hci1: command tx timeout
[   65.301210][ T6151] loop0: detected capacity change from 0 to 1024
[   65.304182][ T6151] =======================================================
[   65.304182][ T6151] WARNING: The mand mount option has been deprecated and
[   65.304182][ T6151]          and is ignored by this kernel. Remove the mand
[   65.304182][ T6151]          option from the mount to silence this warning.
[   65.304182][ T6151] =======================================================
[   65.341928][ T6151] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.180668][ T6162] loop2: detected capacity change from 0 to 2048
[   66.242389][ T6162] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[   66.254472][ T6162] UDF-fs: Scanning with blocksize 512 failed
[   66.266772][ T5945] Bluetooth: hci0: command tx timeout
[   66.295885][ T6162] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   66.427786][ T5945] Bluetooth: hci1: command tx timeout
[   66.427916][ T5950] Bluetooth: hci2: command tx timeout
[   66.706128][ T5938] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.742771][ T6166] loop2: detected capacity change from 0 to 256
[   66.810711][ T6166] FAT-fs (loop2): Directory bread(block 64) failed
[   66.821721][ T6166] FAT-fs (loop2): Directory bread(block 65) failed
[   66.838334][ T6166] FAT-fs (loop2): Directory bread(block 66) failed
[   66.843578][ T6166] FAT-fs (loop2): Directory bread(block 67) failed
[   66.851467][ T6166] FAT-fs (loop2): Directory bread(block 68) failed
[   66.855737][ T6166] FAT-fs (loop2): Directory bread(block 69) failed
[   66.866498][ T6166] FAT-fs (loop2): Directory bread(block 70) failed
[   66.869677][ T6166] FAT-fs (loop2): Directory bread(block 71) failed
[   66.876467][ T6166] FAT-fs (loop2): Directory bread(block 72) failed
[   66.886957][ T6166] FAT-fs (loop2): Directory bread(block 73) failed
[   67.976643][ T6208] overlayfs: empty lowerdir
[   68.074198][ T6212] syz.0.163 uses obsolete (PF_INET,SOCK_PACKET)
[   68.159508][ T6214] loop0: detected capacity change from 0 to 1024
[   68.174110][   T33] audit: type=1800 audit(1754927780.772:2): pid=6214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.164" name="file1" dev="loop0" ino=20 res=0 errno=0
[   68.184118][ T6214] syz.0.164: attempt to access beyond end of device
[   68.184118][ T6214] loop0: rw=34817, sector=393274, nr_sectors = 2048 limit=1024
[   68.190466][ T6214] syz.0.164: attempt to access beyond end of device
[   68.190466][ T6214] loop0: rw=34817, sector=395322, nr_sectors = 454 limit=1024
[   68.346841][ T5945] Bluetooth: hci0: command tx timeout
[   68.488782][   T60] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[   68.514483][ T5945] Bluetooth: hci2: command tx timeout
[   68.514516][ T5950] Bluetooth: hci1: command tx timeout
[   68.668633][   T60] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[   68.672002][   T60] usb 1-1: config 0 has no interface number 0
[   68.674611][   T60] usb 1-1: config 0 interface 67 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[   68.679514][   T60] usb 1-1: config 0 interface 67 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[   68.685852][   T60] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[   68.690769][   T60] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   68.694613][   T60] usb 1-1: Product: syz
[   68.709783][   T60] usb 1-1: Manufacturer: syz
[   68.711303][   T60] usb 1-1: SerialNumber: syz
[   68.714468][   T60] usb 1-1: config 0 descriptor??
[   68.718347][ T6216] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   68.723176][ T6216] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   68.738355][   T60] smsc95xx v2.0.0
[   68.807103][ T1272] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   68.940493][ T6216] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   68.942966][ T6216] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   69.117620][ T1272] usb 3-1: config 0 has an invalid interface number: 197 but max is 0
[   69.120490][ T1272] usb 3-1: config 0 has no interface number 0
[   69.122608][ T1272] usb 3-1: config 0 interface 197 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 8
[   69.125864][ T1272] usb 3-1: config 0 interface 197 altsetting 0 endpoint 0xC has invalid maxpacket 1023, setting to 64
[   69.131202][ T1272] usb 3-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=bb.42
[   69.134163][ T1272] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   69.136825][ T1272] usb 3-1: Product: syz
[   69.138296][ T1272] usb 3-1: Manufacturer: syz
[   69.139906][ T1272] usb 3-1: SerialNumber: syz
[   69.145339][ T1272] usb 3-1: config 0 descriptor??
[   69.147620][ T6220] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[   69.149819][   T60] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[   69.153413][   T60] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[   69.364663][ T1272] usb 3-1: USB disconnect, device number 2
[   69.697232][ T6233] netlink: 'syz.1.172': attribute type 2 has an invalid length.
[   69.741542][ T6237] loop1: detected capacity change from 0 to 256
[   69.749837][   T33] audit: type=1800 audit(1754927782.352:3): pid=6237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.174" name="file1" dev="loop1" ino=1048617 res=0 errno=0
[   69.758591][ T6237] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[   69.761491][ T6237] FAT-fs (loop1): Filesystem has been set read-only
[   69.809766][ T6241] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   70.408138][   T60] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[   70.411932][   T60] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[   70.421323][   T60] usb 1-1: USB disconnect, device number 3
[   70.915078][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[   70.918220][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[   71.230907][ T6272] loop0: detected capacity change from 0 to 64
[   71.246242][   T33] audit: type=1800 audit(1754927783.842:4): pid=6272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.188" name="file1" dev="loop0" ino=5 res=0 errno=0
[   72.071834][ T6308] nr0: tun_chr_ioctl cmd 1074554389
[   72.136836][   T33] audit: type=1804 audit(1754927784.742:5): pid=6306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.198" name="/newroot/56/file1" dev="fuse" ino=1 res=1 errno=0
[   72.144414][   T33] audit: type=1804 audit(1754927784.742:6): pid=6306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.198" name="/newroot/56/file1" dev="fuse" ino=1 res=1 errno=0
[   72.158984][ T6316] loop1: detected capacity change from 0 to 512
[   72.178376][   T33] audit: type=1800 audit(1754927784.742:7): pid=6306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.198" name="/" dev="fuse" ino=1 res=0 errno=0
[   72.222133][ T6316] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.231206][ T6316] ext4 filesystem being mounted at /34/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   72.260634][ T5942] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.282248][ T6325] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   72.308599][ T6330] netlink: 12 bytes leftover after parsing attributes in process `syz.1.202'.
[   72.311613][ T6330] tc_dump_action: action bad kind
[   72.570528][ T6356] loop2: detected capacity change from 0 to 128
[   72.585438][ T6356] FAT-fs (loop2): bogus sectors per cluster 7
[   72.594645][ T6356] FAT-fs (loop2): Can't find a valid FAT filesystem
[   73.068185][ T6393] loop0: detected capacity change from 0 to 1024
[   73.100331][   T29] hfsplus: b-tree write err: -5, ino 4
[   73.132235][ T6397] loop0: detected capacity change from 0 to 16
[   73.154667][ T6397] erofs (device loop0): mounted with root inode @ nid 36.
[   73.565568][ T6411] netlink: 8 bytes leftover after parsing attributes in process `syz.2.228'.
[   73.818630][ T6424] loop2: detected capacity change from 0 to 128
[   73.826767][ T2213] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   73.850342][ T6424] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   73.869673][ T6424] ext4 filesystem being mounted at /65/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   74.117163][ T2213] usb 2-1: Using ep0 maxpacket: 32
[   74.120852][ T2213] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[   74.123455][ T2213] usb 2-1: config 0 has no interface number 0
[   74.125480][ T2213] usb 2-1: config 0 interface 12 has no altsetting 0
[   74.140206][ T2213] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[   74.143261][ T2213] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   74.145890][ T2213] usb 2-1: Product: syz
[   74.149445][ T2213] usb 2-1: Manufacturer: syz
[   74.156680][ T2213] usb 2-1: SerialNumber: syz
[   74.162965][ T2213] usb 2-1: config 0 descriptor??
[   74.206752][ T6429] netlink: 8 bytes leftover after parsing attributes in process `syz.0.236'.
[   74.398998][ T2213] f81534 2-1:0.12: f81534_set_register: reg: 1002 data: 3 failed: -71
[   74.401786][ T2213] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71
[   74.404266][ T2213] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71
[   74.409270][ T2213] f81534 2-1:0.12: probe with driver f81534 failed with error -71
[   74.423697][ T2213] usb 2-1: USB disconnect, device number 3
[   74.958727][ T5943] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   75.003567][ T6452] loop2: detected capacity change from 0 to 8
[   75.012231][ T6452] unable to read xattr id index table
[   75.136325][ T2213] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   75.286288][ T2213] usb 1-1: Using ep0 maxpacket: 16
[   75.289849][ T2213] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   75.293440][ T2213] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[   75.296704][ T2213] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.303061][ T2213] usb 1-1: config 0 descriptor??
[   75.734164][ T2213] mcp2221 0003:04D8:00DD.0002: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[   75.895417][ T6461] capability: warning: `syz.1.250' uses deprecated v2 capabilities in a way that may be insecure
[   76.009007][ T6467] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[   76.141756][ T6476] loop2: detected capacity change from 0 to 4096
[   76.150042][ T6476] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.157440][ T5989] usb 1-1: USB disconnect, device number 4
[   76.197692][ T5943] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.314389][ T6490] loop2: detected capacity change from 0 to 256
[   76.317009][ T6490] exfat: Deprecated parameter 'utf8'
[   76.324001][ T6490] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[   76.370828][ T6492] loop2: detected capacity change from 0 to 2048
[   76.375534][ T6492] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   76.463012][ T6498] netlink: 'syz.2.268': attribute type 1 has an invalid length.
[   76.486497][ T2213] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   76.486574][ T6500] netlink: 8 bytes leftover after parsing attributes in process `syz.2.269'.
[   76.492154][ T6500] openvswitch: netlink: nsh attr 8224 is out of range max 3
[   76.494589][ T6500] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   76.639332][ T2213] usb 2-1: New USB device found, idVendor=05dc, idProduct=0001, bcdDevice= 0.01
[   76.642224][ T2213] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.651149][ T2213] usb 2-1: config 0 descriptor??
[   76.655963][ T2213] ums-jumpshot 2-1:0.0: USB Mass Storage device detected
[   76.679540][ T2213] ums-jumpshot 2-1:0.0: Quirks match for vid 05dc pid 0001: 2
[   76.765005][ T6514] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   76.800277][ T6518] loop0: detected capacity change from 0 to 256
[   76.811064][ T6518] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   76.855965][ T2213] usb 2-1: USB disconnect, device number 4
[   77.002008][ T5989] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[   77.015729][ T6524] loop0: detected capacity change from 0 to 256
[   77.022495][ T6524] exfat: Deprecated parameter 'utf8'
[   77.024272][ T6524] exfat: Deprecated parameter 'namecase'
[   77.026121][ T6524] exfat: Deprecated parameter 'utf8'
[   77.034112][ T6524] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[   77.071347][ T6526] loop0: detected capacity change from 0 to 256
[   77.073907][ T6526] exfat: Deprecated parameter 'utf8'
[   77.075720][ T6526] exfat: Deprecated parameter 'utf8'
[   77.090536][ T6526] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x4d7dfc9d, utbl_chksum : 0xe619d30d)
[   77.148046][ T5989] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   77.156375][ T5989] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   77.161613][ T5989] usb 3-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[   77.164722][ T5989] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.171291][ T5989] usb 3-1: config 0 descriptor??
[   77.583970][ T5989] hid-generic 0003:04F3:0754.0003: failed to start in urb: -90
[   77.589812][ T5989] hid-generic 0003:04F3:0754.0003: hidraw0: USB HID v1.01 Device [HID 04f3:0754] on usb-dummy_hcd.2-1/input0
[   77.607834][ T2213] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   77.667366][ T1272] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   77.756350][ T2213] usb 1-1: Using ep0 maxpacket: 8
[   77.761707][ T2213] usb 1-1: config 0 has an invalid interface number: 38 but max is 0
[   77.765161][ T2213] usb 1-1: config 0 has no interface number 0
[   77.771490][ T2213] usb 1-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice=7e.a5
[   77.775353][ T2213] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.778848][ T2213] usb 1-1: Product: syz
[   77.780679][ T2213] usb 1-1: Manufacturer: syz
[   77.782799][ T2213] usb 1-1: SerialNumber: syz
[   77.790744][ T2213] usb 1-1: config 0 descriptor??
[   77.795516][    T9] usb 3-1: USB disconnect, device number 3
[   77.803996][ T2213] gspca_main: pac7311-2.14.0 probing 093a:2601
[   77.816281][ T1272] usb 2-1: Using ep0 maxpacket: 32
[   77.822940][ T1272] usb 2-1: New USB device found, idVendor=0b95, idProduct=2791, bcdDevice= d.2d
[   77.825895][ T1272] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.828608][ T1272] usb 2-1: Product: syz
[   77.830068][ T1272] usb 2-1: Manufacturer: syz
[   77.831639][ T1272] usb 2-1: SerialNumber: syz
[   77.997723][ T2213] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71
[   78.001567][ T2213] pac7311 1-1:0.38: probe with driver pac7311 failed with error -71
[   78.005855][ T2213] usb 1-1: USB disconnect, device number 5
[   78.013346][ T6004] udevd[6004]: setting owner of /dev/bus/usb/001/005 to uid=0, gid=0 failed: No such file or directory
[   78.042478][ T1272] aqc111 2-1:1.0: probe with driver aqc111 failed with error -22
[   78.050030][ T1272] usb 2-1: USB disconnect, device number 5
[   78.323059][ T6549] loop2: detected capacity change from 0 to 256
[   78.597102][ T5989] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[   78.749332][ T5989] usb 3-1: config 135 has an invalid interface number: 230 but max is 0
[   78.758776][ T5989] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[   78.766482][ T5989] usb 3-1: config 135 has no interface number 0
[   78.775532][ T5989] usb 3-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[   78.784852][ T5989] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[   78.788109][ T5989] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   78.790830][ T5989] usb 3-1: Product: syz
[   78.792309][ T5989] usb 3-1: Manufacturer: syz
[   78.793966][ T5989] usb 3-1: SerialNumber: syz
[   78.810079][ T5989] usb 3-1: Found UVC 0.00 device syz (18ec:3288)
[   78.813532][ T5989] usb 3-1: No valid video chain found.
[   79.137945][ T5314] usb 3-1: USB disconnect, device number 4
[   79.696863][ T6601] process 'syz.2.308' launched '/dev/fd/3' with NULL argv: empty string added
[   79.713971][ T6604] loop0: detected capacity change from 0 to 1024
[   79.726838][   T33] audit: type=1800 audit(1754927792.322:8): pid=6604 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.310" name="file1" dev="loop0" ino=25 res=0 errno=0
[   79.787903][ T6610] loop1: detected capacity change from 0 to 256
[   79.790595][ T6610] exfat: Deprecated parameter 'utf8'
[   79.792436][ T6610] exfat: Deprecated parameter 'namecase'
[   79.831042][ T6610] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[   79.918823][ T6621] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[   79.932712][   T68] Bluetooth: hci3: Frame reassembly failed (-84)
[   80.050756][ T6631] netlink: 32 bytes leftover after parsing attributes in process `syz.0.323'.
[   80.110090][ T6635] 9pnet_rdma: rdma_create_trans (6635): problem binding to privport: 13
[   80.157574][ T6639] loop0: detected capacity change from 0 to 16
[   80.160121][ T6639] MTD: Attempt to mount non-MTD device "/dev/loop0"
[   80.290318][ T6649] loop0: detected capacity change from 0 to 1024
[   80.293013][ T6649] EXT4-fs: Ignoring removed oldalloc option
[   80.298277][ T6649] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   80.310837][ T6649] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.341991][   T33] audit: type=1804 audit(1754927792.942:9): pid=6649 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.332" name="/newroot/95/file1/file1" dev="loop0" ino=15 res=1 errno=0
[   80.369579][ T5938] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.428033][ T6656] netlink: 8 bytes leftover after parsing attributes in process `syz.0.334'.
[   80.763661][ T6664] cgroup: fork rejected by pids controller in /syz0
[   80.828844][ T6702] loop0: detected capacity change from 0 to 256
[   80.834298][ T6702] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[   80.886053][ T6705] loop0: detected capacity change from 0 to 512
[   80.896101][ T6705] EXT4-fs (loop0): Test dummy encryption mode enabled
[   80.901324][ T6707] loop1: detected capacity change from 0 to 128
[   80.903748][ T6707] hpfs: Unexpected value for 'help'
[   80.908739][ T6705] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   80.916133][ T6705] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   80.938241][ T6705] EXT4-fs (loop0): 1 truncate cleaned up
[   80.945377][ T6705] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.042600][ T6705] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[   81.111137][ T5938] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.171776][   T24] cfg80211: failed to load regulatory.db
[   81.946329][ T5945] Bluetooth: hci3: command 0x1003 tx timeout
[   81.946481][ T5950] Bluetooth: hci3: Opcode 0x1003 failed: -110
[   82.239890][ T6727] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input4
[   82.244721][ T6729] tmpfs: Bad value for 'mpol'
[   82.294269][ T6731] loop1: detected capacity change from 0 to 512
[   82.305433][ T6731] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[   82.308979][ T6731] EXT4-fs (loop1): orphan cleanup on readonly fs
[   82.311484][ T6731] EXT4-fs error (device loop1): ext4_quota_enable:7124: inode #15: comm syz.1.351: iget: bad i_size value: 360287970189639690
[   82.317030][ T6731] EXT4-fs error (device loop1): ext4_quota_enable:7127: comm syz.1.351: Bad quota inode: 15, type: 2
[   82.321723][ T6731] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-117, ino=15). Please run e2fsck to fix.
[   82.337866][ T6731] EXT4-fs (loop1): Cannot turn on quotas: error -117
[   82.347242][ T6736] loop0: detected capacity change from 0 to 512
[   82.356677][ T6731] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   82.400972][ T6736] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.401322][ T5942] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.405002][ T6736] ext4 filesystem being mounted at /106/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   82.461567][ T5938] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.500992][ T6745] loop2: detected capacity change from 0 to 8192
[   82.538073][ T6745]  loop2: AHDI p1 p2
[   82.539605][ T6745] loop2: p1 size 2164260863 extends beyond EOD, truncated
[   82.676678][ T6755] netlink: 15 bytes leftover after parsing attributes in process `syz.0.361'.
[   82.685071][ T6755] netlink: 4 bytes leftover after parsing attributes in process `syz.0.361'.
[   82.793263][ T6004] udevd[6004]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   82.890058][   T33] audit: type=1326 audit(1754927795.482:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6767 comm="syz.0.365" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4ba818ebe9 code=0x0
[   83.425004][ T6775] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[   83.699534][ T6791] binder: 6790:6791 ioctl c0306201 200000000680 returned -14
[   83.988691][ T6805] loop0: detected capacity change from 0 to 4096
[   83.993226][ T6805] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[   83.998744][   T24] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   84.009087][ T6805] ntfs3(loop0): ino=0, mi_enum_attr
[   84.013059][ T6805] ntfs3(loop0): mft corrupted
[   84.014704][ T6805] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[   84.019899][ T6805] ntfs3(loop0): Failed to load $MFT (-22).
[   84.053600][ T6807] syzkaller1: entered promiscuous mode
[   84.055459][ T6807] syzkaller1: entered allmulticast mode
[   84.156329][   T24] usb 3-1: Using ep0 maxpacket: 16
[   84.160826][   T24] usb 3-1: too many endpoints for config 0 interface 0 altsetting 109: 65, using maximum allowed: 30
[   84.168742][   T24] usb 3-1: config 0 interface 0 altsetting 109 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   84.174320][   T24] usb 3-1: config 0 interface 0 altsetting 109 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[   84.181930][   T24] usb 3-1: config 0 interface 0 has no altsetting 0
[   84.184107][   T24] usb 3-1: New USB device found, idVendor=172f, idProduct=0500, bcdDevice= 0.00
[   84.188682][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.199013][   T24] usb 3-1: config 0 descriptor??
[   84.609592][   T24] waltop 0003:172F:0500.0004: unknown main item tag 0x0
[   84.612038][   T24] waltop 0003:172F:0500.0004: unknown main item tag 0x0
[   84.614448][   T24] waltop 0003:172F:0500.0004: unknown main item tag 0x0
[   84.620737][   T24] waltop 0003:172F:0500.0004: unknown main item tag 0x0
[   84.626615][   T24] waltop 0003:172F:0500.0004: unknown main item tag 0x0
[   84.632544][   T24] waltop 0003:172F:0500.0004: hidraw0: USB HID v0.05 Device [HID 172f:0500] on usb-dummy_hcd.2-1/input0
[   84.812562][   T24] usb 3-1: USB disconnect, device number 5
[   84.867402][ T1272] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   85.018978][ T1272] usb 2-1: Using ep0 maxpacket: 16
[   85.026591][ T1272] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[   85.031338][ T1272] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   85.035456][ T1272] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   85.058216][ T1272] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   85.066733][ T1272] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.070561][ T1272] usb 2-1: Product: syz
[   85.072370][ T1272] usb 2-1: Manufacturer: syz
[   85.074563][ T1272] usb 2-1: SerialNumber: syz
[   85.563468][ T6832] netlink: 8 bytes leftover after parsing attributes in process `syz.2.393'.
[   85.920480][ T1272] usb 2-1: 0:2 : does not exist
[   86.027755][ T6848] loop0: detected capacity change from 0 to 512
[   86.043713][ T6848] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.049289][ T6848] ext4 filesystem being mounted at /126/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   86.065962][ T6848] EXT4-fs error (device loop0): ext4_xattr_block_find:1869: inode #15: comm syz.0.401: corrupted xattr block 33: invalid ea_ino
[   86.072732][ T6848] EXT4-fs (loop0): Remounting filesystem read-only
[   86.089106][ T5938] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.093305][ T1091] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   86.097632][ T1091] Quota error (device loop0): write_blk: dquota write failed
[   86.100032][ T1091] Quota error (device loop0): remove_free_dqentry: Can't write block (5) with free entries
[   86.103356][ T1091] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   86.106951][ T1091] Quota error (device loop0): write_blk: dquota write failed
[   86.109373][ T1091] Quota error (device loop0): free_dqentry: Can't move quota data block (5) to free list
[   86.112731][ T1091] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   86.116399][ T1091] Quota error (device loop0): v2_write_file_info: Can't write info structure
[   86.131151][ T1272] usb 2-1: 1:0: cannot get min/max values for control 4 (id 1)
[   86.155165][ T1272] usb 2-1: USB disconnect, device number 6
[   86.334172][ T6864] loop0: detected capacity change from 0 to 1024
[   86.347852][ T6864] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[   86.397904][ T6866] loop0: detected capacity change from 0 to 256
[   86.412924][   T33] audit: type=1800 audit(1754927799.012:11): pid=6866 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.408" name="file1" dev="loop0" ino=1048626 res=0 errno=0
[   86.417987][ T6866] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[   86.423656][ T6866] FAT-fs (loop0): Filesystem has been set read-only
[   86.463850][ T6868] loop0: detected capacity change from 0 to 1764
[   87.293827][ T6892] netlink: 'syz.2.419': attribute type 21 has an invalid length.
[   87.590104][ T6907] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   87.824290][ T6913] loop1: detected capacity change from 0 to 4096
[   87.856011][ T6916] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   87.970965][ T6921] netlink: 204 bytes leftover after parsing attributes in process `syz.1.431'.
[   88.056475][ T6922] netlink: 8 bytes leftover after parsing attributes in process `syz.0.429'.
[   88.345225][ T6936] netlink: 'syz.2.438': attribute type 11 has an invalid length.
[   88.408653][ T6940] loop2: detected capacity change from 0 to 4096
[   88.464789][ T6944] evm: overlay not supported
[   88.502695][ T6948] kAFS: unparsable volume name
[   88.771108][ T6951] loop1: detected capacity change from 0 to 2048
[   88.788658][ T6951] EXT4-fs (loop1): unsupported descriptor size 3
[   89.165691][ T2213] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   89.377557][ T2213] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   89.381458][ T2213] usb 2-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00
[   89.384623][ T2213] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.411668][ T2213] usb 2-1: config 0 descriptor??
[   89.975718][ T2213] dragonrise 0003:0079:0006.0005: item fetching failed at offset 5/7
[   89.979044][ T6968] netlink: 'syz.2.453': attribute type 28 has an invalid length.
[   89.987276][ T2213] dragonrise 0003:0079:0006.0005: parse failed
[   89.991431][ T2213] dragonrise 0003:0079:0006.0005: probe with driver dragonrise failed with error -22
[   90.195318][ T2213] usb 2-1: USB disconnect, device number 7
[   90.272448][ T6979] loop0: detected capacity change from 0 to 4096
[   90.280537][ T6979] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[   90.295772][ T6979] ntfs3(loop0): Failed to initialize $Extend/$Reparse.
[   90.308970][ T6979] ntfs3(loop0): ino=1e, mi_enum_attr
[   90.310861][ T6979] ntfs3(loop0): ino=1e, mi_enum_attr
[   90.354938][ T6981] input: syz1 as /devices/virtual/input/input5
[   90.456286][ T1272] usb 3-1: new low-speed USB device number 6 using dummy_hcd
[   90.621191][ T1272] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   90.624212][ T1272] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.632394][ T1272] usb 3-1: config 0 descriptor??
[   90.846531][ T1272] asix 3-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[   91.047974][ T1272] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[   91.051451][ T1272] asix 3-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[   91.054963][ T1272] asix 3-1:0.0: probe with driver asix failed with error -71
[   91.063451][ T7026] netlink: 132 bytes leftover after parsing attributes in process `syz.0.480'.
[   91.068113][ T1272] usb 3-1: USB disconnect, device number 6
[   91.177441][ T7039] loop0: detected capacity change from 0 to 128
[   91.192919][ T7039] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   91.197615][ T7039] ext4 filesystem being mounted at /163/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.215654][ T5938] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   91.246102][ T7043] netlink: 12 bytes leftover after parsing attributes in process `syz.0.487'.
[   91.253238][ T7043] netlink: 'syz.0.487': attribute type 2 has an invalid length.
[   91.255800][ T7043] netlink: 16 bytes leftover after parsing attributes in process `syz.0.487'.
[   91.368032][ T7053] netlink: 96 bytes leftover after parsing attributes in process `syz.0.492'.
[   91.431480][ T7057] Unsupported ieee802154 address type: 0
[   91.457257][ T7059] loop0: detected capacity change from 0 to 512
[   91.474261][ T7059] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   91.483281][ T7059] EXT4-fs error (device loop0): xattr_find_entry:333: inode #15: comm syz.0.495: corrupted xattr entries
[   91.490010][ T7059] EXT4-fs (loop0): Remounting filesystem read-only
[   91.492180][ T7059] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   91.496868][ T7059] EXT4-fs (loop0): 1 truncate cleaned up
[   91.499568][ T7059] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.518657][ T5938] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.710573][ T7082] tmpfs: Bad value for 'mpol'
[   91.777855][ T7089] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   91.982797][ T7098] loop0: detected capacity change from 0 to 32768
[   92.011492][ T1091] Bluetooth: hci3: Frame reassembly failed (-84)
[   92.014354][ T5945] Bluetooth: hci3: Received unexpected HCI Event 0x00
[   92.024474][ T7096] loop2: detected capacity change from 0 to 32768
[   92.032387][ T7098] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   92.040331][ T7096] bcachefs (/dev/loop2): error validating superblock: Invalid superblock section members_v2: device 0: not enough buckets (got 1, max 64)
[   92.040331][ T7096] members_v2 (size 152):
[   92.040331][ T7096] Device:                        0
[   92.040331][ T7096]   Label:                       (none)
[   92.040331][ T7096]   UUID:                        7af6772b-00de-4159-84cd-1faead05aceb
[   92.040331][ T7096]   Size:                        131072
[   92.040331][ T7096]   read errors:                 0
[   92.040331][ T7096]   write errors:                0
[   92.040331][ T7096]   checksum errors:             0
[   92.040331][ T7096]   seqread iops:                0
[   92.040331][ T7096]   seqwrite iops:               0
[   92.040331][ T7096]   randread iops:               0
[   92.040331][ T7096]   randwrite iops:              0
[   92.040331][ T7096]   Bucket size:                 131072
[   92.040331][ T7096]   First bucket:                0
[   92.040331][ T7096]   Buckets:                     1
[   92.040331][ T7096]   Last mount:                  1714681267
[   92.040331][ T7096]   Last superblock write:       42
[   92.040331][ T7096]   State:                       rw
[   92.040331][ T7096]   Data allowed:                journal,btree,user
[   92.040331][ T7096]   Has data:                    btree,user
[   92.040331][ T7096]   Btree allocated bitmap blocksize:256
[   92.040331][ T7096]   Btree allocated bitmap:      0000000000000000000001000010000010011000000000000000000000000000
[   92.040331][ T7096]   Durability:
[   92.040416][ T7096] bcachefs: bch2_fs_get_tree() error: invalid_sb_members
[   92.094424][ T7098] XFS (loop0): Ending clean mount
[   92.101953][ T7098] XFS (loop0): Quotacheck needed: Please wait.
[   92.131717][ T7098] XFS (loop0): Quotacheck: Done.
[   92.167854][ T5938] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   92.360755][ T7122] loop2: detected capacity change from 0 to 512
[   92.365017][ T7122] EXT4-fs: Ignoring removed mblk_io_submit option
[   92.368115][ T7122] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   92.372329][ T7122] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   92.375036][ T7122] EXT4-fs (loop2): orphan cleanup on readonly fs
[   92.379811][ T7122] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.521: Invalid block bitmap block 0 in block_group 0
[   92.385626][ T7122] EXT4-fs (loop2): Remounting filesystem read-only
[   92.390530][ T7122] Quota error (device loop2): write_blk: dquota write failed
[   92.393201][ T7122] Quota error (device loop2): write_blk: dquota write failed
[   92.395679][ T7122] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota
[   92.399077][ T7122] EXT4-fs (loop2): 1 orphan inode deleted
[   92.403174][ T7122] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   92.423009][ T5943] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.453339][ T7125] loop2: detected capacity change from 0 to 1024
[   92.470021][ T7125] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.473927][ T7125] ext4 filesystem being mounted at /147/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.485570][ T7125] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #14: comm syz.2.522: attempt to clear invalid blocks 1886221359 len 1
[   92.502104][ T5943] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.548317][ T7131] netlink: 8 bytes leftover after parsing attributes in process `syz.2.524'.
[   92.566397][ T1272] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[   92.623082][ T7137] loop2: detected capacity change from 0 to 128
[   92.653256][ T7137] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   92.658505][ T7137] ext4 filesystem being mounted at /152/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   92.679986][ T5943] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   92.747500][ T1272] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[   92.751212][ T1272] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[   92.755281][ T1272] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[   92.768440][ T1272] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.896910][ T7148] loop2: detected capacity change from 0 to 32768
[   92.900415][ T7148] bcachefs (/dev/loop2): error validating superblock: Invalid superblock section replicas_v0: no devices in entry btree: 1/0 []
[   92.900415][ T7148] replicas_v0 (size 24):
[   92.900415][ T7148] btree: 0 [] (unknown data_type 16): 2 [1 0] user: 1 [0]
[   92.900415][ T7148] 
[   92.909509][ T7148] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry
[   92.981225][ T1272] aiptek 1-1:17.0: Aiptek using 400 ms programming speed
[   92.991578][ T1272] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input6
[   93.010818][ T1272] input: failed to attach handler kbd to device input6, error: -5
[   93.047384][ T1272] usb 1-1: USB disconnect, device number 6
[   93.603623][ T7166] loop2: detected capacity change from 0 to 1024
[   94.058102][ T5950] Bluetooth: hci3: Opcode 0x1003 failed: -110
[   94.516486][   T60] usb 2-1: new low-speed USB device number 8 using dummy_hcd
[   94.688945][   T60] usb 2-1: config index 0 descriptor too short (expected 1307, got 27)
[   94.691753][   T60] usb 2-1: config 0 has an invalid interface number: 0 but max is -1
[   94.694747][   T60] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 0
[   94.698705][   T60] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[   94.702208][   T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 4
[   94.705724][   T60] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[   94.714055][   T60] usb 2-1: string descriptor 0 read error: -22
[   94.717940][   T60] usb 2-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[   94.721061][   T60] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.725672][   T60] usb 2-1: config 0 descriptor??
[   94.734721][   T60] hub 2-1:0.0: bad descriptor, ignoring hub
[   94.738244][   T60] hub 2-1:0.0: probe with driver hub failed with error -5
[   95.062417][   T60] usb 2-1: USB disconnect, device number 8
[   95.066525][ T7192] loop0: detected capacity change from 0 to 256
[   95.071726][ T7192] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   95.224582][ T7194] loop2: detected capacity change from 0 to 32768
[   95.276976][ T7194] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   95.313868][ T7194] XFS (loop2): Ending clean mount
[   95.317946][ T7194] XFS (loop2): Quotacheck needed: Please wait.
[   95.335396][ T7194] XFS (loop2): Quotacheck: Done.
[   95.361759][ T5943] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   95.984059][ T7231] loop1: detected capacity change from 0 to 32768
[   96.022883][   T33] audit: type=1800 audit(1754927808.622:12): pid=7231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.559" name="file1" dev="loop1" ino=4 res=0 errno=0
[   96.384092][ T7242] loop0: detected capacity change from 0 to 1024
[   96.470282][ T2192] hfsplus: found bad thread record in catalog
[   97.022424][ T5314] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   97.151561][ T7263] loop1: detected capacity change from 0 to 32768
[   97.167963][ T7263] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   97.176463][ T5314] usb 1-1: Using ep0 maxpacket: 32
[   97.180727][ T5314] usb 1-1: config 1 has an invalid interface number: 3 but max is 0
[   97.183666][ T5314] usb 1-1: config 1 has no interface number 0
[   97.185808][ T5314] usb 1-1: config 1 interface 3 has no altsetting 0
[   97.190041][ T5314] usb 1-1: New USB device found, idVendor=d084, idProduct=c487, bcdDevice=f4.ce
[   97.193052][ T5314] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.195722][ T5314] usb 1-1: Product: syz
[   97.195914][ T7263] XFS (loop1): Ending clean mount
[   97.198754][ T5314] usb 1-1: Manufacturer: syz
[   97.200634][ T5314] usb 1-1: SerialNumber: syz
[   97.205488][ T7263] XFS (loop1): Quotacheck needed: Please wait.
[   97.224090][ T7263] XFS (loop1): Quotacheck: Done.
[   97.294168][ T5942] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   97.423162][ T5314] usb 1-1: USB disconnect, device number 7
[   97.449555][ T7275] loop2: detected capacity change from 0 to 32768
[   97.457723][ T7275] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.574 (7275)
[   97.482680][ T7275] BTRFS info (device loop2): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[   97.486010][ T7275] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[   97.490357][ T7275] BTRFS info (device loop2): using free-space-tree
[   97.563082][ T7277] loop1: detected capacity change from 0 to 32768
[   97.582244][ T7277] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[   97.585374][ T7277] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   97.618767][ T7277] XFS (loop1): Ending clean mount
[   97.623247][ T7277] XFS (loop1): Quotacheck needed: Please wait.
[   97.645449][ T7277] XFS (loop1): Quotacheck: Done.
[   97.663091][ T7275] syz.2.574 (7275) used greatest stack depth: 19528 bytes left
[   97.714168][ T5943] BTRFS info (device loop2): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[   97.723361][ T5942] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   97.928043][ T7310] netlink: 'syz.1.579': attribute type 32 has an invalid length.
[   97.930903][ T7310] netlink: 8 bytes leftover after parsing attributes in process `syz.1.579'.
[   97.938052][ T7310] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[   98.325913][ T7322] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   98.328642][ T7322] IPv6: NLM_F_CREATE should be set when creating new route
[   98.335388][ T7322] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   99.314944][ T7352] loop2: detected capacity change from 0 to 8
[   99.324886][ T7352] unable to read id index table
[   99.407911][ T7360] loop2: detected capacity change from 0 to 1764
[   99.469267][ T7356] loop1: detected capacity change from 0 to 32768
[   99.532324][ T7356] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[   99.532337][ T7356]   allowing incompatible features above 0.0: (unknown version)
[   99.532342][ T7356]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[   99.544865][ T7356] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[   99.547675][ T7356] bcachefs (loop1): initializing new filesystem
[   99.555530][ T7356] bcachefs (loop1): going read-write
[   99.564555][ T7356] bcachefs (loop1): marking superblocks
[   99.572806][ T7356] bcachefs (loop1): initializing freespace
[   99.577538][ T7356] bcachefs (loop1): done initializing freespace
[   99.580795][ T7356] bcachefs (loop1): reading snapshots table
[   99.582693][ T7356] bcachefs (loop1): reading snapshots done
[   99.603464][ T7356] bcachefs (loop1): done starting filesystem
[   99.753716][ T7356] syz.1.598 (7356) used greatest stack depth: 16824 bytes left
[   99.832667][ T5942] bcachefs (loop1): shutting down
[   99.832746][ T5942] bcachefs (loop1): going read-only
[   99.842830][ T5942] bcachefs (loop1): finished waiting for writes to stop
[   99.846524][ T5942] bcachefs (loop1): flushing journal and stopping allocators, journal seq 4
[   99.872802][ T5942] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 4
[   99.877753][ T5942] bcachefs (loop1): clean shutdown complete, journal seq 5
[   99.880934][ T5942] bcachefs (loop1): marking filesystem clean
[   99.912526][ T5942] bcachefs (loop1): shutdown complete
[   99.927449][ T7397] loop2: detected capacity change from 0 to 512
[   99.951101][ T7397] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   99.953819][ T7397] EXT4-fs (loop2): orphan cleanup on readonly fs
[   99.974404][ T7397] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.612: corrupted inode contents
[   99.982887][ T7397] EXT4-fs (loop2): Remounting filesystem read-only
[   99.985386][ T7397] EXT4-fs (loop2): 1 truncate cleaned up
[  100.003095][ T2192] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  100.008369][ T2192] Quota error (device loop2): write_blk: dquota write failed
[  100.010732][ T2192] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  100.013920][ T2192] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  100.021525][ T2192] Quota error (device loop2): write_blk: dquota write failed
[  100.023962][ T2192] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  100.029181][ T2192] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  100.032909][ T2192] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  100.035863][ T2192] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  100.040237][ T7397] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  100.059012][ T5943] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.213855][ T7404] loop0: detected capacity change from 0 to 32768
[  100.227178][ T7404] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.615 (7404)
[  100.322037][ T7404] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  100.325525][ T7404] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  100.362104][ T7404] BTRFS info (device loop0): using free-space-tree
[  100.584388][   T33] audit: type=1800 audit(1754927813.182:13): pid=7404 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.615" name="file1" dev="loop0" ino=260 res=0 errno=0
[  100.729345][ T5938] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  101.227375][ T7442] (syz.1.623,7442,0):dlmfs_mkdir:421 ERROR: invalid domain name for directory.
[  101.277337][ T7446] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  101.296652][ T2213] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[  101.485220][ T2213] usb 3-1: config index 0 descriptor too short (expected 69, got 36)
[  101.502034][ T2213] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  101.526329][ T2213] usb 3-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89
[  101.529209][ T2213] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.531735][ T2213] usb 3-1: Product: syz
[  101.533125][ T2213] usb 3-1: Manufacturer: syz
[  101.534635][ T2213] usb 3-1: SerialNumber: syz
[  101.574017][ T2213] usb 3-1: config 0 descriptor??
[  101.588983][ T2213] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622
[  101.836504][ T2213] gspca_pac7302: reg_w() failed i: ff v: 01 error -71
[  101.838929][ T2213] gspca_pac7302 3-1:0.0: probe with driver gspca_pac7302 failed with error -71
[  101.846985][ T2213] usb 3-1: USB disconnect, device number 7
[  102.508576][ T7457] netlink: 'syz.2.629': attribute type 3 has an invalid length.
[  102.511218][ T7457] netlink: 'syz.2.629': attribute type 1 has an invalid length.
[  102.516047][ T7457] netlink: 216 bytes leftover after parsing attributes in process `syz.2.629'.
[  102.520516][ T7457] NCSI netlink: No device for ifindex 33022
[  102.602138][ T7463] loop1: detected capacity change from 0 to 1024
[  102.801710][ T7474] netlink: 36 bytes leftover after parsing attributes in process `syz.2.635'.
[  102.925316][ T7482] loop2: detected capacity change from 0 to 8192
[  103.055226][ T7488] loop0: detected capacity change from 0 to 8192
[  103.063028][ T7488] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  103.276041][ T7490] loop0: detected capacity change from 0 to 40427
[  103.291386][ T7490] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  103.294545][ T7490] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  103.302998][ T7490] F2FS-fs (loop0): invalid crc value
[  103.341800][ T7490] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  103.350782][ T7490] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  103.353319][ T7490] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  103.363442][ T7490] fscrypt (loop0, inode 3): Error -61 getting encryption context
[  103.602352][ T7506] loop1: detected capacity change from 0 to 2048
[  103.660306][ T7507] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  103.820311][ T7516] loop0: detected capacity change from 0 to 1024
[  103.846625][ T7516] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.860468][ T7516] EXT4-fs (loop0): shut down requested (0)
[  103.948084][ T5938] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.999165][ T7530] macvlan2: entered promiscuous mode
[  104.002816][ T7530] macvlan2: entered allmulticast mode
[  104.074392][ T7536] loop2: detected capacity change from 0 to 256
[  104.206312][   T60] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  104.214004][ T7546] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null.
[  104.217620][ T7546] overlayfs: overlapping lowerdir path
[  104.356342][   T60] usb 2-1: Using ep0 maxpacket: 8
[  104.363321][   T60] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7
[  104.373818][   T60] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  104.378572][   T60] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  104.381430][   T60] usb 2-1: Product: syz
[  104.382969][   T60] usb 2-1: Manufacturer: syz
[  104.384546][   T60] usb 2-1: SerialNumber: syz
[  104.489176][ T7555] Device name not specified.
[  104.489176][ T7555] 
[  104.616135][   T60] usb 2-1: palm_os_3_probe - error -71 getting connection information
[  104.619006][   T60] visor 2-1:1.0: probe with driver visor failed with error -71
[  104.627446][   T60] usb 2-1: USB disconnect, device number 9
[  105.412418][   T33] audit: type=1326 audit(1754927818.012:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7556 comm="syz.2.670" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27ecf8ebe9 code=0x7fc00000
[  105.636592][ T7576] loop2: detected capacity change from 0 to 32768
[  105.794386][ T7576] JBD2: Ignoring recovery information on journal
[  105.827797][ T7576] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  106.080350][ T5943] ocfs2: Unmounting device (7,2) on (node local)
[  106.155393][ T7594] ==================================================================
[  106.157964][ T7594] BUG: KASAN: slab-use-after-free in __xfrm_state_lookup+0x6ad/0x8d0
[  106.160486][ T7594] Read of size 2 at addr ffff8881112b0142 by task syz.2.685/7594
[  106.163664][ T7594] 
[  106.164476][ T7594] CPU: 1 UID: 0 PID: 7594 Comm: syz.2.685 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  106.164486][ T7594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  106.164491][ T7594] Call Trace:
[  106.164495][ T7594]  <TASK>
[  106.164499][ T7594]  dump_stack_lvl+0x189/0x250
[  106.164512][ T7594]  ? __kasan_check_byte+0x12/0x40
[  106.164523][ T7594]  ? __pfx_dump_stack_lvl+0x10/0x10
[  106.164532][ T7594]  ? lock_release+0x4b/0x3e0
[  106.164545][ T7594]  ? __virt_addr_valid+0x4a5/0x5c0
[  106.164557][ T7594]  print_report+0xca/0x240
[  106.164565][ T7594]  ? __xfrm_state_lookup+0x6ad/0x8d0
[  106.164573][ T7594]  kasan_report+0x118/0x150
[  106.164583][ T7594]  ? __xfrm_state_lookup+0x6ad/0x8d0
[  106.164593][ T7594]  __xfrm_state_lookup+0x6ad/0x8d0
[  106.164603][ T7594]  ? __pfx___xfrm_state_lookup+0x10/0x10
[  106.164614][ T7594]  xfrm_input_state_lookup+0x6e9/0xa60
[  106.164625][ T7594]  ? xfrm_input_state_lookup+0xcf/0xa60
[  106.164634][ T7594]  ? __pfx_xfrm_input_state_lookup+0x10/0x10
[  106.164644][ T7594]  ? xfrm_parse_spi+0x300/0x680
[  106.164651][ T7594]  xfrm_input+0x425c/0x72c0
[  106.164662][ T7594]  vti_input+0x219/0x330
[  106.164671][ T7594]  ? __pfx_vti_input+0x10/0x10
[  106.164683][ T7594]  ? skb_checksum+0x7c1/0x8c0
[  106.164692][ T7594]  xfrm4_rcv_encap+0x39f/0x620
[  106.164700][ T7594]  udp_queue_rcv_one_skb+0x17bc/0x19e0
[  106.164711][ T7594]  ? __pfx_xfrm6_udp_encap_rcv+0x10/0x10
[  106.164723][ T7594]  ? __pfx_udp_queue_rcv_one_skb+0x10/0x10
[  106.164735][ T7594]  udp_unicast_rcv_skb+0x257/0x400
[  106.164744][ T7594]  ? dst_dev_put+0x251/0x290
[  106.164752][ T7594]  __udp4_lib_rcv+0x1496/0x2600
[  106.164764][ T7594]  ? __pfx___udp4_lib_rcv+0x10/0x10
[  106.164774][ T7594]  ? __pfx_udp_rcv+0x10/0x10
[  106.164784][ T7594]  ip_protocol_deliver_rcu+0x282/0x440
[  106.164794][ T7594]  ? ip_local_deliver_finish+0x2ae/0x6f0
[  106.164802][ T7594]  ip_local_deliver_finish+0x3bb/0x6f0
[  106.164811][ T7594]  NF_HOOK+0x30c/0x3a0
[  106.164819][ T7594]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  106.164827][ T7594]  ? NF_HOOK+0x9a/0x3a0
[  106.164835][ T7594]  ? __pfx_NF_HOOK+0x10/0x10
[  106.164843][ T7594]  ? ip_rcv_finish_core+0xce0/0x1c00
[  106.164851][ T7594]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  106.164860][ T7594]  ? skb_dst+0x4f/0xd0
[  106.164868][ T7594]  ? ip_local_deliver+0x12a/0x1b0
[  106.164876][ T7594]  NF_HOOK+0x30c/0x3a0
[  106.164884][ T7594]  ? __pfx_ip_rcv_finish+0x10/0x10
[  106.164892][ T7594]  ? NF_HOOK+0x9a/0x3a0
[  106.164899][ T7594]  ? __pfx_NF_HOOK+0x10/0x10
[  106.164907][ T7594]  ? ip_rcv_core+0x7f7/0xd00
[  106.164915][ T7594]  ? __pfx_ip_rcv_finish+0x10/0x10
[  106.164924][ T7594]  ? __pfx_ip_rcv+0x10/0x10
[  106.164931][ T7594]  __netif_receive_skb+0x143/0x380
[  106.164941][ T7594]  ? netif_receive_skb+0x115/0x790
[  106.164947][ T7594]  netif_receive_skb+0x1cb/0x790
[  106.164955][ T7594]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  106.164962][ T7594]  ? __pfx_netif_receive_skb+0x10/0x10
[  106.164969][ T7594]  ? tun_rx_batched+0x160/0x730
[  106.164981][ T7594]  tun_rx_batched+0x1b9/0x730
[  106.164989][ T7594]  ? __lock_acquire+0xab9/0xd20
[  106.165000][ T7594]  ? __pfx_tun_rx_batched+0x10/0x10
[  106.165009][ T7594]  ? tun_get_user+0x266c/0x3e20
[  106.165020][ T7594]  tun_get_user+0x2aa2/0x3e20
[  106.165030][ T7594]  ? tun_get_user+0x6f6/0x3e20
[  106.165039][ T7594]  ? tun_get_user+0x266c/0x3e20
[  106.165049][ T7594]  ? aa_file_perm+0x44d/0x1550
[  106.165061][ T7594]  ? __pfx_tun_get_user+0x10/0x10
[  106.165070][ T7594]  ? __futex_wait+0x34f/0x3e0
[  106.165107][ T7594]  ? __pfx___futex_wait+0x10/0x10
[  106.165120][ T7594]  ? ref_tracker_alloc+0x318/0x460
[  106.165129][ T7594]  ? __lock_acquire+0xab9/0xd20
[  106.165140][ T7594]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  106.165150][ T7594]  ? tun_get+0x1c/0x2f0
[  106.165161][ T7594]  ? tun_get+0x1c/0x2f0
[  106.165170][ T7594]  ? tun_get+0x1c/0x2f0
[  106.165180][ T7594]  tun_chr_write_iter+0x113/0x200
[  106.165190][ T7594]  vfs_write+0x54b/0xa90
[  106.165202][ T7594]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  106.165211][ T7594]  ? __pfx_vfs_write+0x10/0x10
[  106.165221][ T7594]  ? __fget_files+0x2a/0x420
[  106.165232][ T7594]  ksys_write+0x145/0x250
[  106.165241][ T7594]  ? __pfx_ksys_write+0x10/0x10
[  106.165249][ T7594]  ? rcu_is_watching+0x15/0xb0
[  106.165257][ T7594]  ? do_syscall_64+0xbe/0x3b0
[  106.165266][ T7594]  do_syscall_64+0xfa/0x3b0
[  106.165274][ T7594]  ? lockdep_hardirqs_on+0x9c/0x150
[  106.165282][ T7594]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.165289][ T7594]  ? exc_page_fault+0x9f/0xf0
[  106.165297][ T7594]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.165304][ T7594] RIP: 0033:0x7f27ecf8d69f
[  106.165311][ T7594] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  106.165318][ T7594] RSP: 002b:00007f27ede68000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  106.165327][ T7594] RAX: ffffffffffffffda RBX: 00007f27ed1b5fa0 RCX: 00007f27ecf8d69f
[  106.165333][ T7594] RDX: 00000000000000be RSI: 0000200000000000 RDI: 00000000000000c8
[  106.165338][ T7594] RBP: 00007f27ed011e19 R08: 0000000000000000 R09: 0000000000000000
[  106.165343][ T7594] R10: 00000000000000be R11: 0000000000000293 R12: 0000000000000000
[  106.165348][ T7594] R13: 00007f27ed1b6038 R14: 00007f27ed1b5fa0 R15: 00007fff9453f718
[  106.165356][ T7594]  </TASK>
[  106.165359][ T7594] 
[  106.327922][ T7594] Allocated by task 6411:
[  106.329328][ T7594]  kasan_save_track+0x3e/0x80
[  106.330877][ T7594]  __kasan_slab_alloc+0x6c/0x80
[  106.332489][ T7594]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  106.334254][ T7594]  xfrm_state_alloc+0x24/0x2f0
[  106.335766][ T7594]  __find_acq_core+0x8a7/0x1c00
[  106.337319][ T7594]  xfrm_find_acq+0x78/0xa0
[  106.338787][ T7594]  xfrm_alloc_userspi+0x6b3/0xc90
[  106.340437][ T7594]  xfrm_user_rcv_msg+0x7a3/0xab0
[  106.342007][ T7594]  netlink_rcv_skb+0x208/0x470
[  106.343488][ T7594]  xfrm_netlink_rcv+0x79/0x90
[  106.344950][ T7594]  netlink_unicast+0x82f/0x9e0
[  106.346439][ T7594]  netlink_sendmsg+0x805/0xb30
[  106.347988][ T7594]  __sock_sendmsg+0x21c/0x270
[  106.349514][ T7594]  ____sys_sendmsg+0x505/0x830
[  106.351098][ T7594]  ___sys_sendmsg+0x21f/0x2a0
[  106.352626][ T7594]  __x64_sys_sendmsg+0x19b/0x260
[  106.354212][ T7594]  do_syscall_64+0xfa/0x3b0
[  106.355657][ T7594]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.357499][ T7594] 
[  106.358294][ T7594] Freed by task 60:
[  106.359510][ T7594]  kasan_save_track+0x3e/0x80
[  106.361004][ T7594]  kasan_save_free_info+0x46/0x50
[  106.362652][ T7594]  __kasan_slab_free+0x5b/0x80
[  106.364238][ T7594]  kmem_cache_free+0x18f/0x400
[  106.365808][ T7594]  xfrm_state_gc_task+0x52d/0x6b0
[  106.367457][ T7594]  process_scheduled_works+0xae1/0x17b0
[  106.369269][ T7594]  worker_thread+0x8a0/0xda0
[  106.370793][ T7594]  kthread+0x711/0x8a0
[  106.372126][ T7594]  ret_from_fork+0x3fc/0x770
[  106.373620][ T7594]  ret_from_fork_asm+0x1a/0x30
[  106.375147][ T7594] 
[  106.375910][ T7594] The buggy address belongs to the object at ffff8881112b0000
[  106.375910][ T7594]  which belongs to the cache xfrm_state of size 928
[  106.380309][ T7594] The buggy address is located 322 bytes inside of
[  106.380309][ T7594]  freed 928-byte region [ffff8881112b0000, ffff8881112b03a0)
[  106.384630][ T7594] 
[  106.385425][ T7594] The buggy address belongs to the physical page:
[  106.387489][ T7594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8881112b0000 pfn:0x1112b0
[  106.390728][ T7594] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  106.393459][ T7594] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[  106.395928][ T7594] page_type: f5(slab)
[  106.397254][ T7594] raw: 057ff00000000040 ffff88801cf2a780 dead000000000122 0000000000000000
[  106.400023][ T7594] raw: ffff8881112b0000 00000000800e000d 00000000f5000000 0000000000000000
[  106.402801][ T7594] head: 057ff00000000040 ffff88801cf2a780 dead000000000122 0000000000000000
[  106.405570][ T7594] head: ffff8881112b0000 00000000800e000d 00000000f5000000 0000000000000000
[  106.408374][ T7594] head: 057ff00000000002 ffffea000444ac01 00000000ffffffff 00000000ffffffff
[  106.411192][ T7594] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  106.413971][ T7594] page dumped because: kasan: bad access detected
[  106.416011][ T7594] page_owner tracks the page as allocated
[  106.417873][ T7594] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6299, tgid 6298 (syz.0.195), ts 71998681844, free_ts 71632443781
[  106.423882][ T7594]  post_alloc_hook+0x240/0x2a0
[  106.425458][ T7594]  get_page_from_freelist+0x21e4/0x22c0
[  106.427267][ T7594]  __alloc_frozen_pages_noprof+0x181/0x370
[  106.429161][ T7594]  alloc_pages_mpol+0x232/0x4a0
[  106.430710][ T7594]  allocate_slab+0x8a/0x370
[  106.432189][ T7594]  ___slab_alloc+0xbeb/0x1410
[  106.433721][ T7594]  kmem_cache_alloc_noprof+0x283/0x3c0
[  106.435472][ T7594]  xfrm_state_alloc+0x24/0x2f0
[  106.437029][ T7594]  xfrm_add_sa+0x17d1/0x4070
[  106.438561][ T7594]  xfrm_user_rcv_msg+0x7a3/0xab0
[  106.440194][ T7594]  netlink_rcv_skb+0x208/0x470
[  106.441764][ T7594]  xfrm_netlink_rcv+0x79/0x90
[  106.443313][ T7594]  netlink_unicast+0x82f/0x9e0
[  106.444882][ T7594]  netlink_sendmsg+0x805/0xb30
[  106.446462][ T7594]  __sock_sendmsg+0x21c/0x270
[  106.448004][ T7594]  ____sys_sendmsg+0x505/0x830
[  106.449606][ T7594] page last free pid 6282 tgid 6282 stack trace:
[  106.451652][ T7594]  __free_frozen_pages+0xbc4/0xd30
[  106.453342][ T7594]  __slab_free+0x303/0x3c0
[  106.454828][ T7594]  qlist_free_all+0x97/0x140
[  106.456363][ T7594]  kasan_quarantine_reduce+0x148/0x160
[  106.458146][ T7594]  __kasan_slab_alloc+0x22/0x80
[  106.459750][ T7594]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  106.461537][ T7594]  vm_area_alloc+0x24/0x140
[  106.463032][ T7594]  mmap_region+0xdc7/0x20c0
[  106.464524][ T7594]  do_mmap+0xc45/0x10d0
[  106.465993][ T7594]  vm_mmap_pgoff+0x2a6/0x4d0
[  106.467591][ T7594]  ksys_mmap_pgoff+0x51f/0x760
[  106.469217][ T7594]  do_syscall_64+0xfa/0x3b0
[  106.470769][ T7594]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.472760][ T7594] 
[  106.473583][ T7594] Memory state around the buggy address:
[  106.475480][ T7594]  ffff8881112b0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  106.478157][ T7594]  ffff8881112b0080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  106.480715][ T7594] >ffff8881112b0100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  106.483389][ T7594]                                            ^
[  106.485432][ T7594]  ffff8881112b0180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  106.488126][ T7594]  ffff8881112b0200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  106.490816][ T7594] ==================================================================
[  106.493830][ T7594] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  106.496198][ T7594] CPU: 1 UID: 0 PID: 7594 Comm: syz.2.685 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  106.499971][ T7594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  106.503145][ T7594] Call Trace:
[  106.504214][ T7594]  <TASK>
[  106.505228][ T7594]  dump_stack_lvl+0x99/0x250
[  106.506709][ T7594]  ? __asan_memcpy+0x40/0x70
[  106.508211][ T7594]  ? __pfx_dump_stack_lvl+0x10/0x10
[  106.509932][ T7594]  ? __pfx__printk+0x10/0x10
[  106.511502][ T7594]  vpanic+0x281/0x750
[  106.512791][ T7594]  ? __pfx_vpanic+0x10/0x10
[  106.514248][ T7594]  ? irqentry_exit+0x74/0x90
[  106.515804][ T7594]  panic+0xb9/0xc0
[  106.517076][ T7594]  ? __pfx_panic+0x10/0x10
[  106.518577][ T7594]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  106.520434][ T7594]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  106.522328][ T7594]  ? __xfrm_state_lookup+0x6ad/0x8d0
[  106.524021][ T7594]  check_panic_on_warn+0x89/0xb0
[  106.525672][ T7594]  ? __xfrm_state_lookup+0x6ad/0x8d0
[  106.527441][ T7594]  end_report+0x78/0x160
[  106.528813][ T7594]  kasan_report+0x129/0x150
[  106.530272][ T7594]  ? __xfrm_state_lookup+0x6ad/0x8d0
[  106.531971][ T7594]  __xfrm_state_lookup+0x6ad/0x8d0
[  106.533609][ T7594]  ? __pfx___xfrm_state_lookup+0x10/0x10
[  106.535411][ T7594]  xfrm_input_state_lookup+0x6e9/0xa60
[  106.537154][ T7594]  ? xfrm_input_state_lookup+0xcf/0xa60
[  106.538980][ T7594]  ? __pfx_xfrm_input_state_lookup+0x10/0x10
[  106.540987][ T7594]  ? xfrm_parse_spi+0x300/0x680
[  106.542640][ T7594]  xfrm_input+0x425c/0x72c0
[  106.544192][ T7594]  vti_input+0x219/0x330
[  106.545639][ T7594]  ? __pfx_vti_input+0x10/0x10
[  106.547259][ T7594]  ? skb_checksum+0x7c1/0x8c0
[  106.548843][ T7594]  xfrm4_rcv_encap+0x39f/0x620
[  106.550490][ T7594]  udp_queue_rcv_one_skb+0x17bc/0x19e0
[  106.552312][ T7594]  ? __pfx_xfrm6_udp_encap_rcv+0x10/0x10
[  106.554194][ T7594]  ? __pfx_udp_queue_rcv_one_skb+0x10/0x10
[  106.556140][ T7594]  udp_unicast_rcv_skb+0x257/0x400
[  106.557804][ T7594]  ? dst_dev_put+0x251/0x290
[  106.559323][ T7594]  __udp4_lib_rcv+0x1496/0x2600
[  106.560972][ T7594]  ? __pfx___udp4_lib_rcv+0x10/0x10
[  106.562674][ T7594]  ? __pfx_udp_rcv+0x10/0x10
[  106.564173][ T7594]  ip_protocol_deliver_rcu+0x282/0x440
[  106.566014][ T7594]  ? ip_local_deliver_finish+0x2ae/0x6f0
[  106.567905][ T7594]  ip_local_deliver_finish+0x3bb/0x6f0
[  106.569677][ T7594]  NF_HOOK+0x30c/0x3a0
[  106.571015][ T7594]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  106.572912][ T7594]  ? NF_HOOK+0x9a/0x3a0
[  106.574343][ T7594]  ? __pfx_NF_HOOK+0x10/0x10
[  106.575905][ T7594]  ? ip_rcv_finish_core+0xce0/0x1c00
[  106.577688][ T7594]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  106.579691][ T7594]  ? skb_dst+0x4f/0xd0
[  106.581069][ T7594]  ? ip_local_deliver+0x12a/0x1b0
[  106.582777][ T7594]  NF_HOOK+0x30c/0x3a0
[  106.584174][ T7594]  ? __pfx_ip_rcv_finish+0x10/0x10
[  106.585896][ T7594]  ? NF_HOOK+0x9a/0x3a0
[  106.587327][ T7594]  ? __pfx_NF_HOOK+0x10/0x10
[  106.588884][ T7594]  ? ip_rcv_core+0x7f7/0xd00
[  106.590435][ T7594]  ? __pfx_ip_rcv_finish+0x10/0x10
[  106.592163][ T7594]  ? __pfx_ip_rcv+0x10/0x10
[  106.593704][ T7594]  __netif_receive_skb+0x143/0x380
[  106.595454][ T7594]  ? netif_receive_skb+0x115/0x790
[  106.597192][ T7594]  netif_receive_skb+0x1cb/0x790
[  106.598861][ T7594]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  106.600825][ T7594]  ? __pfx_netif_receive_skb+0x10/0x10
[  106.602665][ T7594]  ? tun_rx_batched+0x160/0x730
[  106.604332][ T7594]  tun_rx_batched+0x1b9/0x730
[  106.605917][ T7594]  ? __lock_acquire+0xab9/0xd20
[  106.607575][ T7594]  ? __pfx_tun_rx_batched+0x10/0x10
[  106.609329][ T7594]  ? tun_get_user+0x266c/0x3e20
[  106.610925][ T7594]  tun_get_user+0x2aa2/0x3e20
[  106.612488][ T7594]  ? tun_get_user+0x6f6/0x3e20
[  106.614121][ T7594]  ? tun_get_user+0x266c/0x3e20
[  106.615736][ T7594]  ? aa_file_perm+0x44d/0x1550
[  106.617294][ T7594]  ? __pfx_tun_get_user+0x10/0x10
[  106.618981][ T7594]  ? __futex_wait+0x34f/0x3e0
[  106.620574][ T7594]  ? __pfx___futex_wait+0x10/0x10
[  106.622268][ T7594]  ? ref_tracker_alloc+0x318/0x460
[  106.623983][ T7594]  ? __lock_acquire+0xab9/0xd20
[  106.625596][ T7594]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  106.627397][ T7594]  ? tun_get+0x1c/0x2f0
[  106.628793][ T7594]  ? tun_get+0x1c/0x2f0
[  106.630228][ T7594]  ? tun_get+0x1c/0x2f0
[  106.631645][ T7594]  tun_chr_write_iter+0x113/0x200
[  106.633323][ T7594]  vfs_write+0x54b/0xa90
[  106.634760][ T7594]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  106.636607][ T7594]  ? __pfx_vfs_write+0x10/0x10
[  106.638229][ T7594]  ? __fget_files+0x2a/0x420
[  106.639792][ T7594]  ksys_write+0x145/0x250
[  106.641271][ T7594]  ? __pfx_ksys_write+0x10/0x10
[  106.642871][ T7594]  ? rcu_is_watching+0x15/0xb0
[  106.644417][ T7594]  ? do_syscall_64+0xbe/0x3b0
[  106.645987][ T7594]  do_syscall_64+0xfa/0x3b0
[  106.647530][ T7594]  ? lockdep_hardirqs_on+0x9c/0x150
[  106.649296][ T7594]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.651344][ T7594]  ? exc_page_fault+0x9f/0xf0
[  106.652852][ T7594]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.654769][ T7594] RIP: 0033:0x7f27ecf8d69f
[  106.656276][ T7594] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  106.662482][ T7594] RSP: 002b:00007f27ede68000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  106.665137][ T7594] RAX: ffffffffffffffda RBX: 00007f27ed1b5fa0 RCX: 00007f27ecf8d69f
[  106.667677][ T7594] RDX: 00000000000000be RSI: 0000200000000000 RDI: 00000000000000c8
[  106.670216][ T7594] RBP: 00007f27ed011e19 R08: 0000000000000000 R09: 0000000000000000
[  106.672723][ T7594] R10: 00000000000000be R11: 0000000000000293 R12: 0000000000000000
[  106.675220][ T7594] R13: 00007f27ed1b6038 R14: 00007f27ed1b5fa0 R15: 00007fff9453f718
[  106.677746][ T7594]  </TASK>
[  106.679431][ T7594] Kernel Offset: disabled
[  106.680838][ T7594] Rebooting in 86400 seconds..

VM DIAGNOSIS:
15:56:58  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff818ed901 RBX=ffff8880225d0000 RCX=ffffffff818ed772 RDX=0000000000000000
RSI=0000000000000008 RDI=ffff8880225d0000 RBP=ffffc9000411fe70 RSP=ffffc9000411fd08
R8 =ffff8880225d0007 R9 =1ffff110044ba000 R10=dffffc0000000000 R11=ffffed10044ba000
R12=ffff8880225d1788 R13=ffff888028578c10 R14=ffffffff88e53520 R15=1ffff110044ba000
RIP=ffffffff8222fe2f RFL=00000a07 [-O---PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fe2a13cd6c0 ffffffff 00c00000
GS =0000 ffff8880b8624000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b3011fff8 CR3=000000010a3c6000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=ffffffffffffffff ffff00ff00000000 XMM05=622d383864342d63 6666352d63333536
XMM06=656431626632785c 646975752d796266 XMM07=32785c6b73696466 32785c2f736b6e69
XMM08=00000000ffffffff ffffffffffffffff XMM09=65642f2000000000 323a37622f396533
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000002e RBX=000000000000002e RCX=0000000000000000 RDX=00000000000003f8
RSI=00000000000012fc RDI=00000000000012fd RBP=00000000000003f8 RSP=ffffc9000415e5f0
R8 =ffff888107d90237 R9 =1ffff11020fb2046 R10=dffffc0000000000 R11=ffffffff854e72a0
R12=dffffc0000000000 R13=ffffffff99af190b R14=ffffffff99de64e0 R15=0000000000000000
RIP=ffffffff854e731c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f27ede686c0 ffffffff 00c00000
GS =0000 ffff8881a3c24000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000000180 CR3=000000010fad8000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f27ed187498 00007f27ed187470 XMM03=00007f27ed1874a8 00007f27ed1874a0
XMM04=00007f27edced100 00007f27ed187460 XMM05=00007f27ed187478 00007f27ed1874c0
XMM06=00007f27ed1874b8 00007f27ed1874b0 XMM07=00007f27ed1874a8 00007f27ed1874a0
XMM08=0000000000000000 00007f27ed012ee7 XMM09=0000000000000000 00007f27ed012fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
