last executing test programs:

4m2.861328484s ago: executing program 0 (id=537):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8000}, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0xbe, 0x0, 0x5748}]}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0xffe7}], 0x1, &(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac141400000000001400000000000000000000000700000007038b01000000005e15f32aa9988e60da6af674011b2a455370163705ff6db8fe99e02d5c23fecd3922873c70484cf959be1be72e9341a96fb1aa0c825d8aa4d9b88e8108d7b4073aacafd32f94591c94ddb8ac0acc3aac8ac1960818c53bc0bca554f571a2a134f78b7d55c61c500139014cf38980f0ed12e5f086073d98727cfeb96c1caed1a11815ddb48dd3a6c091fb"], 0x38}, 0x0)

4m2.60919488s ago: executing program 0 (id=541):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x400448e0, &(0x7f00000003c0))
r4 = syz_open_dev$swradio(&(0x7f00000046c0), 0x1, 0x2)
preadv(r4, &(0x7f0000000c00)=[{&(0x7f0000000740)=""/121, 0x79}], 0x1, 0x80000000, 0x5)
ioctl$VIDIOC_S_FREQUENCY(r4, 0x402c5639, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000100), 0x8, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r5, &(0x7f0000000040), 0xe09)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_DSP_GETIPTR(r6, 0x800c5011, 0x0)
ioctl$SNDCTL_DSP_GETISPACE(r6, 0x8010500d, &(0x7f0000000140))
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r7 = dup(0xffffffffffffffff)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)

4m1.714975117s ago: executing program 0 (id=551):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r0, 0x1000)
write$UHID_INPUT2(r0, &(0x7f0000000040)={0xc, {0x5, "5c75c04322"}}, 0xb)

4m1.073592483s ago: executing program 0 (id=553):
syz_mount_image$jfs(&(0x7f0000005dc0), &(0x7f0000005e00)='./file0\x00', 0x0, &(0x7f0000001d40)=ANY=[@ANYBLOB="009c1b06223d15055c6d39aecad6836294e3e1fc38b80cd5eb20b39dc7dceb316fa1203f802b4368850fdef916202a989ea54a4e800c324c19bad386d9a72fc1de2fa7f100eae8a434158d0ed0d6a9061d60971bcf895342571bae0ea58240ebdd0f6f3dd42fa0f9754224a9c2045d2e098e5ca269bb943549e2c2e191b7da91b8645dfdb324ceaf445cdc974884e2d5ac6dbf8b92da3a8a65176db66ca798dce71880c5e6837b5a99b6696d5003a06f62bbfb0b9ba0a6ffbfc2dd37662e077430379386d8e3abf802401b0e8382824a68cf51cde62ac99470edf8c757396564c8079d89017df3182005ec9fe433b122f1c02ca72eb68e41fc7ff69975649149ff4be64bd665e56a5fe9ef4d6ee02ff30ad838a9744100d520765c83c0178534e09d2f578bd10d3bfc68d1e75d6965613448d1045b6a0298d0804f82bc984e271c346d1e30886f81feb02b8320d47dc752b2dd23b4d8e20f2bda7ff84c57d63da96f044f8daaac7cb7132ef6"], 0x1, 0x5e11, &(0x7f000000bc40)="$eJzs3UuPFNfZB/CnL9Nz4TWMLL2WhbIYY+dCMDBcDLnb3iRSVpEiNlmBxmMLBScRkCi2UBhrFvkGUbJIlOyzyifIHj6EF1kGCZKNV6moZs6BmqKHHgLT1TPn95OaqqdOVfcp/n2druoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED88Ps/PteLiKu/SguWI/4vBhH9iMW6XomIxZXlvP4wIl6PreZ4rV59PqLefuufYxEXI+L+0YiHj+6s1YvP77Ef/z7y/8f++dcfnP7933537+QfT73dbv/T+j/u/eRuui0AAADguVRVVfXSx/zj6fN9v+tOAQBTkV//qyQvV6vVarVaffjqpmq8u80iIjaa29TvGe6OuzIAYHZtxBddd4EOyb9ow4g40nUngJnmuPvD6eGjO2u9lG+v+Xqwst2ejwXZkf9G7/H5HbtNJ2kfYzKt+9dmDOLVXfqzOKU+zJKcf7+d/9Xt9lFab7/zn5bd8h9tn/pUnJz/oJ1/y+HJvz82/1Ll/IfPlf9A/gAAAAAAMMPy3/+XO/7+d/7Fd2VPnvX978qU+gAAAAAAAAAAL9uLjv/3mPH/AAAAYGbVn9Vrfz76ZNlun7Hr5Vd6Ea+01gcKk06WWeq6HwAAAAAAAAAAAABQkuH2MbxXehFzEfHK0lJVVfWlqV0/rxfd/qArff+hZF0/yQMAwLb7R1vn8vciFiLiSvqtv7mlpaWqWlhcqpaqxfn8fnY0v1AtNj7X5mm9bH60hzfEw1FVX9lCY7umSZ+XJ7W3r6++rVE12EPHpqPDwAEgIrZfjR56RTpkqupYdP0uh4PB4//w8fhnL7q+nwIAAAD7r6qqqpd+zvt4+s6/33WnAICpyK//7e8F1Gq1Wq1WH766qRrvbrOIiI3mNvV7hrvjrgwAmF0b8UXXXaBD8i/aMCJe77oTwEzrdd0B9sXDR3fWeinfXvP1II3vno8F2ZH/Rm9ru7z9uOkk7WNMpnX/2oxBvLpLf16bUh9mSc6/387/6nb7KK233/lPy2751/u53EF/upbzH7Tzbzk8+ffH5l+qnP/wufIfyB8AAAAAAGZY/vv/su9/8y4DAAAAAAAAwIHz8NGdtXzea/7+/0tj1nP+5+GU8+/Jv0g5/34r/6+11hs05h+8/yT/fz26s/ajP3x+PE/3mv98numle1Yv3SN66ZZ6wzR9kb172ubcYFTf0lyvPximY36quQ/jetyI9VjdsW4//X88aT+3o73u6dyO9vM72odPtV/Y0T6XfnegWsztZ2Itfh434oOt9rptfsL+L0xorya05/wHHv9FyvkPG5c6/6XU3mtNaw8+6z/1uG9Ox93Oe7+9d391/3dnos0YPN63pnr/TnTQn63/kyOj+OWt9Ztnfn3t9u2b5yJNdiw9H2nykuX859Ll8fP/m9vt+Xm/+Xh98NnoufOfFZsx3DX/Nxvz9f6enHLfupDzH6VLzv+D1D7+8X+Q89/98X+qg/4AAAAAAAAAAAAAAADAs1RVtXWK6HsRcSmd/9PVuZkAwHTl1/8qycvVarVarVYfvrqpGu/dZhERf29uU79n+M24KwMAZtl/IuLzrjtBZ+RfsPx7f/X0ra47A0zVrU8+/em1GzfWb97quicAAAAAAAAAwP8qj/+50hj/+a2IWG6tt2P81/dj5UXH/xzmmccDjL7kgb53sdkfDfqN4cbfiGeP/30inj3+93DC7c1NaB9NaJ+f0L4woX3siR4NOf83GuOd1/kfbw2/XsL4r+0x70uQ8z/RuD/X+X+1tV4z/+ovBzn//o78z97++Bdnb33y6enrH1/7aP2j9Z9dXF29dOHyO6uXV89+eP3Gevq3wx7vr5x/HvvacaBlyfnnzOVflpz/l1Mt/7Lk/L+SavmXJeef3+/Jvyw5//zZR/5lyfmfTLX8y5Lz/3qq5V+WnP+pVMu/LDn/t1Mt/7Lk/E+nWv5lyfmfSbX8y5LzP5tq+Zcl55+/4ZJ/WXL++cgG+Zcl538+1fIvS87/QqrlX5ac/8VUy78sOf93Ui3/suT8L6Va/mXJ+V9OtfzLkvP/RqrlX5ac/zdTLf+y5Py/lWr5lyXn/+1Uy78sOf/vpFr+Zcn5fzfV8i9Lzv97qZZ/WXL+76Za/mV58vv/ZsyYMZNnun5mAgAAAAAAAAAAAADapnE4cdf7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8lx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYe9eY+Q6yzuAn13v2muHyxZCcEOAtWOCSZbs+h7TGsytpAlpKRBa6MW49tox8a1em1wUKUahTaRGbaTyIXwoBBqp+VIRAapSlSJXagUSSOQTrdQ2pEqoIkpaQ/sBKsJWM/M+r2fGe/MZx5k55/eT4sc7e2bmnTPvzO5/zX8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoN26d8/cP1QUReO/5h/jRfGyxt9XT4w3Ptzwtpd6hQAAAECvXmj+efaV+YLdy7hS2zHfeMN3vjo3NzdXPPX9t7z2M3Nz+RMTRTG+qiianwvP3fK3G9qPSe4rxoaG2z4eXuLuVyzx+ZElPj+6xOdXLvH5VUt8fmyJz593As6zuvXzmOaNbWj+dbx1SovLi9Hm5zbMc637hlYND8fPcpqGmteZGz1QHCoOFzPFdMfxrWOHmsd/bV3jvm4s4r6G2+7rqsYO+dE9+2INQ+kcb+i4r3O3GZ5/ZzHx4x/ds+8Dn336yvnmkqeh4/Za69y4vrHOT6dLWmsdKlblcxLrHG5b51XzPCcrOtY51Lxe4+/d6zy7zHWuOLfMS6r7OR8rhpt/f7J5nkbaf6yXz9NV6bKfXF0Uxelzy+4+5rz7KoaLNR2XDJ97fsZaO7JxG42t9Kpi5IL26bpl7NPG3L+hc592vybi+V+XrjeywBran6bnP7XyvOf9QvdpaDzqhV4r3XvwYr9W+mUPxr54svmgH5h3D25Ij/+eaxbeg/PunXn2YH7cbXtw/VJ7cHjliuaa85Mw1LzOuT24qeP4Fc17GmrO565ZfA9OnTxyfGr2rrvfeujI3oMzB2eObp2e3r5lx7bpHdNTBw4dnkl/ljzb/W9NMZxfA+vTuYvXwJu7jm3fqnNfuHivw7FFXofjXcde7NfhSPeDG7o0L8jz93TrtfHhxkkfe3C4WOA11nx+ru39dZgfd9vrcKTtdTjv15R5Xocjy3gdNo45fu3yvmcZaftvvjW8WF8Lxtv2YPf3I9178GJ/P9Ive3As7Yt/vXbhrwVXpfU+MHmh34+sOG8P5oeb3nsal+Tv98duaI759uWVjU9ctrI4NTtz4vo79548eWJTkcYl8eq2vdK9X9e0PabivP06fMH7dff93/r2lfNcPp7O1dhbG3+MLfhcNY7Zev3iz1Xzq9v857Pj0s1FGhfZpT6f8301b5zPnCUXOZ+NYz491fv34jmXtr3/ji7w/hu5/+fN+9mQb+q+FaMjrdfvinx2RjvejzufqpHme9dQ877PTi3v/Xg0/Xep348vX+T9eG3XsRf7/Xi0+8HF+/HQUj/t6E338zmW9snh6cXfjxvHrN18oXtyZNH346vTHErn/y0pKeRc1LZ3Ftq3+b5GRkbT4xqJe+jcp1s6jh9N2axxX49tLrdPN17duq0V+dGdc6n26UTXsRd7n+b3q4X26dBSP30rp/v5HEv74vIti+/TxjFntvb+3rk6/tr23rlyqT04umJlY82jeRO23u/nVscevL7YVxwrDhf7m59d2dxPQ837mty2vD24Mv13qd8r1y6yBzd2HXux92D+OrbQ3hsaOf/BXwTdz+dY2hcPb1t8DzaOec+Oi/u968Z0ST6m7XvX7p+vLfQzryu7TtOL+TOvxjr/YcfiP5ttHHP4hgvNmYufp+vSJZfNc566X78Lvab2F5fmPK1N6/zhDQufp8Z6Gsd8Zucy99Puoii+cvPu5s9707+vfPnUd7/a8e8uu1ufe2Lnuds677uO+f7d5ys37z7zzzf99EIeIwD97efNPzesaX2ta/uXqeX8+z8AAAAwECL3D6eZyf8AAABQGZH7438Vnsn/AAAAUBmR+0fSzGqS/x/4t9fc/rN7i9zMn0vi83Eajj/TOi46ro+kjyfmzmlc/q5H//FbH7t3efc9XBTFz276l3mPf+CZWFfLQ2mdE9/rvPw8a7+3rPv/+K3njmvvAI6n24/H070NvvbfzzSvN7GzNc/cdKY5P3j6gfsanz+7s/VxdCef+5/WcX+eyry7D/x9x/U3PtW6vw1PLf644npfev/qm1/3kXP3F9cbWv+K5sN4+O2t243fe/PQu1vHn03HLbT+v/vjx77UOP7ON82//nuH51//c+l2n03zpy+0Lm8/p42P43p/mNYf9xfXu/6LX593/Y+/r3X84+l5eSTN7vW/809f/0L7+Yr1x/3sfrp1vbj/6b/+j+b14vbi9rvXP/aOZzrOR/ftn/ly63Z2ffJ/V7QfH5fH/eR993Tn89y4nfb9Fh77ozMd57n499b1/qZr/XF7x5+ef/3Xda3z+KY1zesvVBn/3Myz8z7eWM/uv3qy4/E8/oN0/t51S/N2x36S9mP6/P891Lq97t+W8OQPOt9P4vhHxluvy7i9qa71P9S1/tNvbJy7pdd/449b63/8Hd/ofD7+s7WO3c+35lLrP/j573Rc/wvfbT0fJ+6YPHps9tSh6FCPp9/9c/z7rdtbNbZ6zWUve/krXpneK7s/3nPs5G0zJyamJ6aLYmIAfyXei73+L6b5X61x+mLf/j1FUdzR9nXt2ve29l/xhrN/8sYbH70tjvun97Quf/Dm1tetN6fjHkqXn07Pd9zO5z7b+nrY6/rjfhaaeb3LdOqb929f1oHp8T+87ormq2zoTOvi7versuJ1/vRrOl/3T324NZ9I53Uu/Wbm9Vd8s3lc9/3H70Z48EOt13d8JxfX73X9f5me71uebd1+3G5eb/o+5utrO98f4/l54t6u3zQw3votHqfT+0dxuvX5OCq+p3rw7BUXsswFzd41O3X40NFTd06dnJk9OTV71917jhw7dfTknubv5tzziaWuf+71vab5+t4/s31r0Xy1H2uNF9lLvf7jt+7bv2P6mv0zB/aeOnDy1uMzJw7um53dN7N/9pq9Bw7M3LHU9Q/t37Vp884tOzZPHjy0f9cNO3du2Tl56OixxjJai1rC9unbJ4+e2NO8yuyurTs3bdu2dXryyLH9M7t2TE9Pnlrq+s2vTZONa39y8sTM4b0nDx2ZmZw9dPfMrk07t2/fvORv9zty/MDsxNSJU0enTs3OnJhqPZaJk82LG1/7lro+NMx+fvW8X6eG0nfvm67bnn8/a8Ojn1rwplqHdP0C0R+m30Xz7b/4s23L+Thy/2iaWU3yPwAAANRB5P6VaWbyPwAAAFRG5P5VaWbyPwAAAFRG5P6xNLOa5H/9f/1//X/9/6D/r/9fhv6//n8Z+v/6/4Owfv1//X9612/9/8j9q4uilvkfAAAA6iBy/5o0M/kfAAAAKiNy/2VpZvI/AAAAVEbk/pelmdUk/+v/6//r/+v/B/1//f8y9P/1/8vQ/9f/H4T16//r/9O7fuv/R+5/eZpZTfI/AAAA1EHk/lekmcn/AAAAUBmR+1+ZZib/AwAAQGVE7h9PM6tJ/tf/1//X/9f/D/r/+v9l6P/r/5eh/6//Pwjr1//X/6d3/db/j9z/C2lmNcn/AAAAUAeR+1+VZib/AwAAQGVE7n91mpn8DwAAAJURuf/yNLOa5H/9f/1//X/9/6D/r/9fhv6//n8Z+v/6/4Owfv1//X9612/9/8j9r0kzq0n+BwAAgDqI3H9Fmpn8DwAAAJURuf+1aWbyPwAAAFRG5P61aWY1yf/6//r/+v/6/0H/X/+/DP1//f8y9P/1/wdh/fr/+v/0rt/6/5H7fzHNrCb5HwAAAOogcv+VaWbyPwAAAFRG5P7XpZnJ/wAAAFAZkfuvSjOrSf7X/9f/1//X/w/6//r/Zej/6/+Xof+v/z8I69f/1/+nd/3W/4/c//o0s5rkfwAAAKiDyP1vSDOT/wEAAKAyIve/Mc1M/gcAAIDKiNw/kWZWk/yv/6//r/+v/x/0//X/y9D/1/8vQ/9f/38Q1q//r/9P7/qt/x+5f12aWU3yPwAAANRB5P71aWbyPwAAAFRG5P6r08zkfwAAAKiMyP0b0sxqkv/1//X/9f/1/4P+v/5/Gfr/+v9l6P/r/w/C+vX/9f/pXb/1/yP3vynNrCb5HwAAAOogcv81aWbyPwAAAFRG5P43p5nJ/wAAAFAZkfs3ppnVJP/r/+v/6//r/wf9f/3/MvT/9f/L0P/X/x+E9ev/6//Tu37r/0fuf0uaWU3yPwAAANRB5P5r08zkfwAAAKiMyP3XpZnJ/wAAAFAZkfsn08xqkv/1//X/9f/1/4P+v/5/Gfr/+v9l6P/r/w/C+vX/9f/pXb/1/yP3vzXNrCb5HwAAAOogcv/1aWbyPwAAAFRG5P6pNDP5HwAAACojcv90mllN8r/+v/6//r/+f9D/1/8vQ/9f/78M/X/9/0FYv/6//j+967f+f+T+TWlmNcn/AAAAUAeR+zenmcn/AAAAUBmR+7ekmcn/AAAAUBmR+7emmdUk/+v/6//r/+v/B/1//f8y9P/1/8vQ/9f/H4T16//r/9O7fuv/R+7flmZWk/wPAAAAdRC5f3uamfwPAAAAlRG5f0eamfwPAAAAlRG5/4Y0s5rkf/1//X/9f/3/oP+v/1+G/r/+fxn6//r/g7B+/X/9f3rXb/3/yP0708xqkv8BAACgDiL3vy3NTP4HAACAyojc/0tpZvI/AAAAVEbk/l9OM6tJ/tf/1//X/9f/D/r/+v9l6P/r/5eh/6//Pwjr1//X/6d3/db/j9y/K82sJvkfAAAA6iBy/9vTzOR/AAAAqIzI/e9IM5P/AQAAoDIi9+9OM6tJ/tf/1//X/9f/D/r/+v9l6P/r/5eh/6//Pwjr1//X/6d3/db/j9z/zjSzmuR/AAAAqIPI/e9KM5P/AQAAoDIi9787zUz+BwAAgMqI3P+eNLOa5H/9f/1//X/9/6D/r/9fhv6//n8Z+v/6/4Owfv1//X9612/9/8j9700zq0n+BwAAgDqI3P8raWbyPwAAAFRG5P73pZnJ/wAAAFAZkftvTDOrSf7X/9f/1//X/w/6//r/Zej/6/+Xof+v/z8I69f/1/+nd/3W/4/c/6tpZjXJ/wAAAFAHkftvSjOT/wEAAKAyIvffnGYm/wMAAEBlRO5/f5pZTfK//r/+v/6//n/Q/9f/L0P/X/+/DP1//f9BWL/+v/4/veu3/n/k/lvSzGqS/wEAAKAOIvf/WpqZ/A8AAACVEbn/19PM5H8AAACojMj9H0gzq0n+1//X/9f/1/8P+v/6/2Xo/+v/l6H/r/8/COvX/9f/p3f91v+P3P8baWY1yf8AAABQB5H7P5hmJv8DAABAZUTu/1CamfwPAAAAlRG5/8NpZjXJ//r/+v/6//r/Qf+///v/Qws9eS8h/X/9/zL0//X/B2H9+v/6//Su3/r/kftvTTOrSf4HAACAOojc/5E0M/kfAAAAKiNy/2+mmcn/AAAAUBmR+38rzawm+V//X/9f/1//P+j/93//vx/p/+v/l6H/r/8/COvX/9f/p3f91v+P3P/RNLOa5H8AAACog8j9H0szk/8BAACgMiL3/3aamfwPAAAAlRG5/3fSzGqS//X/9f/1//X/g/6//n8Z+v/6/2Xo/+v/D8L69f/1/+ldv/X/I/f/bppZTfI/AAAA1EHk/t9LM5P/AQAAoDIi9+9JM5P/AQAAoDIi9388zawm+V//X/9f/1//P+j/6/+Xof+v/1+G/r/+/yCsX/9f/5/e9Vv/P3L/3jSzmuR/AAAAqIPI/b+fZib/AwAAQGVE7t+XZib/AwAAQGVE7t+fZlaT/K//r/+v/6//H/T/9f/L0P/X/y9D/1//fxDWr/+v/0/v+q3/H7l/Js2sJvkfAAAA6iBy/4E0M/kfAAAAKiNy/8E0M/kfAAAAKiNy/21pZjXJ//r/+v/6//r/Qf9f/78M/X/9/zL0//X/B2H9+v/6//Su3/r/kfsPpZnVJP8DAABAHUTu/0SamfwPAAAAlRG5//Y0M/kfAAAAKiNy/+E0s5rkf/1//X/9f/3/oP+v/1+G/r/+fxn6//r/g7B+/X/9f3rXb/3/yP1H0sxqkv8BAACgDiL3H00zk/8BAACgMiL3H0szk/8BAACgMiL3H08zq0n+1//X/9f/1/8P+v/6/2VUpf+/Kr0e9f8T/f8m/X/9f/1//X9602/9/8j9f5BmVpP8DwAAAHUQuf9Empn8DwAAAJURuX82zUz+BwAAgMqI3H8yzawm+V//X/9f/1//P+j/6/+XUZX+v////y76/0299v/Po/8/UOvX/9f/p3eL9P8/WrwE/f/I/afSzGqS/wEAgP9n7655NtmOKIw68u91ZGZmZmZmZmZmZmZmO3Dg2iXZuroanb6a6T61VlLJq9EJ5gt28KiBCbL771q32f8AAACwjez+u9Vt9j8AAABsI7v/7nXbkP2v/9f/6//1/6H/1/+v0P/r/1dM6f99///a79f/6/857mzf/8/uv0fdNmT/AwAAwATZ/fes2+x/AAAA2EZ2/73qNvsfAAAAtpHdf++6bcj+1//r//X/+v/Q/+v/V+j/9f8r9P/6/yu8X/+v/+e4s/X/2f33qduG7H8AAACYILv/vnWb/Q8AAADbyO6/X91m/wMAAMA2svvvX7cN2f/6f/2//l//H/p//f8K/b/+f4X+X/9/hffr//X/HHe2/j+7/wF125D9DwAAABNk9z+wbrP/AQAAYBvZ/Q+q2+x/AAAA2EZ2/4PrtiH7X/+v/9f/6/9D/6//X6H/1/+v0P/r/6/wfv2//p/jztb/Z/c/pG4bsv8BAABgguz+h9Zt9j8AAABsI7v/YXWb/Q8AAADbyO5/eN02ZP/r//X/+n/9f+j/9f8r9P/6/xX6f/3/Fd6v/9f/c9zZ+v/s/kfUbUP2PwAAAEyQ3f/Ius3+BwAAgG1k9z+qbrP/AQAAYBvZ/Y+u24bsf/2//l//r/8P/b/+f4X+X/+/Qv+v/7/C+/X/+n+OO1v/n93/mLptyP4HAACACbL7H1u32f8AAACwjez+x9Vt9j8AAABsI7v/8XXbkP2v/9f/6//1/6H/1/+v0P/r/1fo//X/V3i//l//z3Fn6/+z+59Qtw3Z/wAAADBBdv8T6zb7HwAAALaR3f+kus3+BwAAgG1k9z+5bhuy//X/+n/9v/4/9P/6/xX6f/3/Cv2//v8K79f/6/857mz9f3b/U+q2IfsfAAAAJsjuf2rdZv8DAADANrL7n1a32f8AAACwjez+p9dtQ/a//l//r//X/4f+X/+/Qv9/2/3/HfV+/f9/f6//X3Or+/mrv1//r//nuLP1/9n9z6jbhux/AAAAmCC7/5l1m/0PAAAA28juf1bdZv8DAADANrL7n123Ddn/+n/9v/5f/x/6f/3/Cv2/7/+v0P/r/6/w/p37/7vcSf/PzXG2/j+7/zl125D9DwAAABNk9z+3brP/AQAAYBvZ/c+r2+x/AAAA2EZ2//PrtiH7X/+v/9f/6/9D/6//X6H/1/+v0P/r/6/w/p37f9//52Y5W/+f3f+Cum3I/gcAAIAJsvtfWLfZ/wAAALCN7P4X1W32PwAAAGwju//FdduQ/a//1//r//X/of/X/6/Q/+v/V+j/9f9XeL/+X//PcWfr/7P7X1K3Ddn/AAAAMEF2/0vrNvsfAAAAtpHd/7K6zf4HAACAbWT3v7xuG7L/9f/6f/2//j/0//r/Ffp//f8K/b/+/wrv1//r/znubP1/dv8r6rYh+x8AAAAmyO5/Zd1m/wMAAMA2svtfVbfZ/wAAALCN7P5X121D9r/+X/+v/9f/h/5f/79C/6//X6H/1/9f4f36f/0/x52t/8/uf03dNmT/AwAAwATZ/a+t2+x/AAAA2EZ2/+vqNvsfAAAAtpHd//q6bcj+1//r//X/+v/Q/+v/V+j/9f8r9P/6/yu8X/+v/+e4s/X/2f1vqNuG7H8AAACYILv/jXWb/Q8AAADbyO5/U91m/wMAAMA2svvfXLcN2f/6f/2//l//H/p//f8K/b/+f4X+/0b7/2P/5W91P3/UrX6//l//z3Fn6/+z+99Stw3Z/wAAADBBdv9b6zb7HwAAALaR3f+2us3+BwAAgG1k97+9bhuy//X/+n/9v/4/9P/6/xX6f/3/Cv2/7/9f4f36f/0/x52t/8/uf0fdNmT/AwAAwATZ/e+s2+x/AAAA2EZ2/7vqNvsfAAAAtpHd/+66bcj+1//r//X/+v/Q/+v/V+j/9f8r9P/6/yu8X/+v/+e4s/X/2f3vqduG7H8AAACYILv/vXWb/Q8AAADbyO5/X91m/wMAAMA2svvfX7cN2f/6f/2//l//H/p//f8K/b/+f4X+X/9/hffr//X/HHe2/j+7/wN125D9DwAAABNk93+wbrP/AQAAYBvZ/R+q2+x/AAAA2EZ2/4frtiH7X/+v/9f/6/9D/6//X6H/1/+v0P/r/6/wfv2//p/jztb/Z/d/pG4bsv8BAABgguz+j9Zt9j8AAABsI7v/Y3Wb/Q8AAADbyO7/eN02ZP/r//X/+n/9f+j/9f8r9P/6/xX6f/3/Fd6v/9f/c9zZ+v/s/k/UbUP2PwAAAEyQ3f/Jus3+BwAAgG1k93+qbrP/AQAAYBvZ/Z+u24bsf/2//l//r/8P/b/+f4X+X/+/Qv+v/7/C+/X/+n+OO1v/n93/mbptyP4HAACACbL7P1u32f8AAACwjez+z9Vt9j8AAABsI7v/83XbkP2v/9f/6//1/6H/1/+v0P/r/1fo//X/V3i//l//z3Fn6/+z+79Qtw3Z/wAAADBBdv8X6zb7HwAAALaR3f+lus3+BwAAgG1k93+5bhuy//X/+n/9v/4/9P/6/xX6f/3/Cv2//v8K79f/6/857mz9f3b/V+q2IfsfAAAAJsju/2rdZv8DAADANrL7v1a32f8AAACwjez+r9dtQ/a//l//r//X/4f+X/+/Qv+v/1+h/9f/X+H9+n/9P8edrf/P7v9G3TZk/wMAAMAE2f3frNvsfwAAANhGdv+36jb7HwAAALaR3f/tum3I/tf/6//1//r/0P/r/1fo//X/K/T/+v8rvF//r//nuLP1/9n936nbhux/AAAAmCC7/7t1m/0PAAAA28ju/17dZv8DAADANrL7v1+3Ddn/+n/9v/5f/x/6f/3/Cv2//n+F/l//f4X36//1/xx3tv4/u/8HdduQ/Q8AAAATZPf/sG6z/wEAAGAb2f0/qtvsfwAAANhGdv+P67Yh+1//r//X/+v/Q/+v/1+h/9f/r9D/6/+v8H79v/6f487W/2f3/6RuG7L/AQAAYILs/p/WbfY/AAAAbCO7/2d1m/0PAAAA28ju/3ndNmT/6//1//p//X/o//X/K/T/+v8V+n/9/xXer//X/3Pc2fr/7P5f1G1D9j8AAABMkN3/y7rN/gcAAIBtZPf/qm6z/wEAAGAb2f2/rtuG7H/9v/5f/6//D/2//n+F/l//v0L/r/+/wvv1//p/jjtb/5/d/5u6bcj+BwAAgAmy+39bt9n/AAAAsI3s/t/VbfY/AAAAbCO7//d125D9r//X/+v/b6////+/iP/99/X/+n/9v/5f/79G/6//v8L79f/6f447W/+f3f+Hum3I/gcAAIAJsvv/WLfZ/wAAALCN7P4/1W32PwAAAGwju//PdduQ/a//1//r/33/P/T/+v8V+n/9/wr9v/7/Cu/X/+v/Oe5s/X92/1/qtiH7HwAAACbI7v9r3Wb/AwAAwDay+/9Wt9n/AAAAsI3s/r/XbUP2v/5f/6//1/+H/l//v0L/n/7/zvVL/f+N0P/r/6/wfv2//p/jztb/Z/f/o24bsv8BAABgguz+f9Zt9j8AAABsI7v/X3Wb/Q8AAADbyO7/d902ZP/r//X/+n/9f+j/9f8r9P++/79C/6//v8L79f/6f447W/+f3f+fAAAA///MV21W")
creat(&(0x7f0000000300)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7ffffffffffffffb, 0x10000000000400, 0x0, 0x0, 0x8, 0x7, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200000000000010", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x8]})
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

4m0.12195439s ago: executing program 0 (id=561):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000b700000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @tracing=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)

3m59.073994882s ago: executing program 0 (id=568):
r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440)={'syz', 0x0}, &(0x7f0000000000)="feff000000800000003b9963f9c85da6718de4c5fa4d63f4eb96abfe625a45672fb81f3332c6cd6daea1ebd22e3642df279c1ab1a098374e882717415ec8b4fa584ec71d3c390bac2095a29cd00c910e8587613bef0d4acb02e6a7dbb14c0d90bcfe7470565102620debc58e12557f69cd67f9e98658d4f272dc3131ddf0b76cf84f4191c269efa66c62f56b1a42a8a882329665d67f349f0aeac213a8ceb53f5ec22fb28f1b15d0de03515729c8d874063fed8e346492c5f1a9620b0b42777f39b647a2e67b8b181455f128c8591a5fc6981f46ffdcc7c16bea250762ef9d80ab045cfe5a4c70fd563cdb3e96835b1ec0e6d7fc76a0d18181a8c833ffdc8f9b009c13b6d0c0c08a422a8f7b5e671b3992d20eb52fe185fc8504c7de96f0d651c803a8e4", 0x124, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r0, r0, r0}, 0x0, 0x0, 0x0)

3m58.999840732s ago: executing program 32 (id=568):
r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440)={'syz', 0x0}, &(0x7f0000000000)="feff000000800000003b9963f9c85da6718de4c5fa4d63f4eb96abfe625a45672fb81f3332c6cd6daea1ebd22e3642df279c1ab1a098374e882717415ec8b4fa584ec71d3c390bac2095a29cd00c910e8587613bef0d4acb02e6a7dbb14c0d90bcfe7470565102620debc58e12557f69cd67f9e98658d4f272dc3131ddf0b76cf84f4191c269efa66c62f56b1a42a8a882329665d67f349f0aeac213a8ceb53f5ec22fb28f1b15d0de03515729c8d874063fed8e346492c5f1a9620b0b42777f39b647a2e67b8b181455f128c8591a5fc6981f46ffdcc7c16bea250762ef9d80ab045cfe5a4c70fd563cdb3e96835b1ec0e6d7fc76a0d18181a8c833ffdc8f9b009c13b6d0c0c08a422a8f7b5e671b3992d20eb52fe185fc8504c7de96f0d651c803a8e4", 0x124, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r0, r0, r0}, 0x0, 0x0, 0x0)

1.358088457s ago: executing program 1 (id=4781):
r0 = syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f00000002c0)={0x80000000, 0x0, &(0x7f0000002c40)=[{{}, {<r1=>0x80000000}}]})
ioctl$MEDIA_IOC_SETUP_LINK(r0, 0xc0347c03, &(0x7f0000000180)={{r1, 0x0, 0x5, [0x6, 0x81]}, {0x80000000, 0x0, 0x3, [0x5, 0x7]}, 0x4, [0x7, 0x1c8]})

1.356163694s ago: executing program 1 (id=4783):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x400, &(0x7f00000000c0)=ANY=[], 0x1, 0x68b, &(0x7f0000000a40)="$eJzs3U1sHGf9B/DvbnbX3vz/Sp02SQOqRNRIBRGROLGSYi4NCKFIVKgqB8TRSpzGyiatHBc5EYLwfuDCoXeKRG5cQOIeVM7AqVcfKyFx6SmAxKKZnbXXL7F3ndhri88nmp3nmedlnuc3Mzu7s4oc4H/WtXNpPE4t1869uVzkVx7NdFYezdzpp5NMJKknjd4qtbtJ7aPkanpLPlNsrLqrPW0/HyzMvv3xpyuf9HKNainr17drt8mV+hYbH1ZLziQ5Uq2fwbr+rm/orzVyd7XVGRYBO9sPHIxbM0l3ne+eWivZ0fDXLXBg1Xr3zU0X9FRyNMlk9Tmgd1fs3bMPtYfjHgAAAADsgxd+WX6FPzbucQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBhUv39/1q11PvpM6n1//5/q9qWKn2oPR73AAAAAAAAAABgdN/8/w0bPvckT7KcY/18t1b+5v9qmTlRvv5f3s+9zGcx57OcuSxlKYu5mGSqLG+Wr63luaWlxYtDtLy02jIDLS8NOYP27icPAAAAAAAAAIdFY/QmP861td//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIKglR3qrcjnRT0+l3kgymaRV1HuY/LWfPpB+/afBXPff3dKmao/3c0wAAAAwJi88yZMs51g/362V3/lPld/7J/N+7mYpC1lKJ/O5UT4L6H3rr688mumsPJq5Uyyb+/3qP0YaRtljes8ett7z6bJGOzezUG45n+t5N53cSL1sWTjdH8/W4/pRMabaG5UhR3ajWhcz/1WaI81qN2pD15wqI1KMqBeR6aptEY3j20dixKPT31M/9hdTX33yc+J5xny5t3r9t711MZ+fjxSTvbYxEpcGzr5T20ci+fwff/edW527tydu3jt3cKY0gomBJ2gbIzEzEImXh43ErcMaiUHTZSROruav5Rv5ds7lTN7KYhbyvcxlKfM5k69nLkcyV53PxevU9pG6ui731k4jaZXHpVm9iw4/pqXM5dWy7bEs5Ft5Nzcynyvlv0u5mNdzOZczO3CETw5x1ddHe6c9+4WBh8m/SNIert0+KAZ2fPXuNHjWT5fXwfF1W9ai9OLzvx81Plslin38pFofDBsjcXEgEi9tH4nflG8r9zp3by/emntvyP29Vq2L6+hnB+ouUZwvLxYHq8ytPzuKspc2lk324tWqfnHpla2/4xZlJ1fLdrpSW9VnuM09XSrLXt6ybKYsOz1Qtu7z1tXe5y0ADryjXzzaav+9/Zf2h+2ftm+135z82sSXJ15ppfnn5lca00deq79S+0M+zA/Wvv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC7d+/+g9tznc784oZEt9v94VOK9jDRTtLfkuzUqpmd6+xNopWkTDT6idH6mRiqcmvt6Lzx+2cZc3PUVslzCVSjOsnuP7j9z263u++HaYtEc5tzfi3RrWwq6g7VfGyJf3WfX4djfmMC9tyFpTvvXbh3/8GXFu7MvTP/zvzd2cuXZ6dnL1/524WbC5356d7ruEcJ7IW1m/64RwIAAAAAAAAAAAAMaz/+W8JTdv2ffZ4qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEhdOzdRpc5PF68rj2Y6xdJPr1Ysq9WT1L6f1D5Krqa3ZGqgu9rT9vPBwuzbH3+68kkv16iWsn59XbvmbmbxsFpyJsmRaj1o8hn6u16tdzWyUm11hkXAzvYDB+P23wAAAP//+B8RmQ==")
truncate(&(0x7f0000000080)='./file1\x00', 0xeb4)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x5406, 0x0, 0x0)

1.2599024s ago: executing program 1 (id=4784):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000880)=[{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000240)="ebe3a0e9796cf51647e299f4e376fdba", 0x10}], 0x1, 0x0, 0x0, 0x40005}], 0x1, 0x8880)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

1.259385329s ago: executing program 2 (id=4785):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x18)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp6\x00')
preadv(r4, &(0x7f0000000000)=[{&(0x7f0000000580)=""/4077, 0xfed}], 0x1, 0x3ab3, 0x3)

1.259224197s ago: executing program 1 (id=4786):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000280)={r0, r0, 0xc, 0x0, 0x0, 0x9, 0x1, 0x457, 0x9, 0x9, 0x1, 0x1, 'syz1\x00'})
r2 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000400)={0x2, &(0x7f0000000440)=[{}, {@none}]})

1.145840708s ago: executing program 1 (id=4787):
creat(&(0x7f0000000180)='./file0\x00', 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
write$FUSE_INIT(r3, &(0x7f0000002600)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x9, 0x800000, 0x124b, 0x0, 0x6, 0x9, 0x0, 0x0, 0x40, 0x8}}, 0x50)

866.659665ms ago: executing program 1 (id=4790):
bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0), 0x8)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet(0xa, 0x801, 0x84)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x770, 0x0, 0xbabd}, 0x1c)
write(0xffffffffffffffff, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a", 0x1e)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ppoll(&(0x7f0000000500)=[{r1}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0x32, 0x8000000}, 0x9c)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000180)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x4, 0x0}}]}, &(0x7f0000000540)=0x10)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x2)
pipe(&(0x7f0000000600))

795.273352ms ago: executing program 3 (id=4792):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2e, &(0x7f00000004c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0x4, 0x5, 0x3, 0x2}]}}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
setsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000000)=0x200, 0x4)
recvmmsg(r0, &(0x7f0000005380)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=""/20, 0x14}, 0x6}], 0x1, 0x10001, 0x0)

700.744807ms ago: executing program 3 (id=4793):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x4, 0x0, 0x0, 'queue0\x00'})
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x8882)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000400)={0x0, 0x0, {0x3}, 0x9})
write$sndseq(r1, &(0x7f0000000140)=[{0x1f, 0x0, 0x0, 0xfd, @tick, {}, {}, @raw32}], 0x1c)

649.306901ms ago: executing program 3 (id=4794):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
getsockopt$ax25_int(r0, 0x101, 0xc, &(0x7f0000000040), &(0x7f0000000080)=0x4)

571.163861ms ago: executing program 3 (id=4795):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0x806000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f00000002c0)=0x6d, 0x4)

360.038492ms ago: executing program 3 (id=4796):
syz_clone(0x20111, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
recvmsg$can_j1939(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)

359.754768ms ago: executing program 2 (id=4797):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b400000000000000791028000000000069002a00000000009500740000000000", @ANYRESDEC], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/164, 0x0, 0x25, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffff8f}, 0x48)

260.901331ms ago: executing program 2 (id=4798):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @masq={{0x9}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x68}}, 0x0)
r1 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r1, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000080)="cf5a6c3a", 0x4}], 0x1, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}], 0x20}, 0x0)

201.033987ms ago: executing program 2 (id=4799):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r2 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r0, r1, 0x26, 0x0, @void}, 0x10)
close(r1)
close(r2)

200.698506ms ago: executing program 2 (id=4800):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000100)={@val={0x2000}, @void, @eth={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x300, 0x4, 0x28, 0x0, @gue={{0x2, 0x0, 0x0, 0xf5}, "ebc7a1e0ff5befe1fdbc66e400d7e83306de422b4a81099b"}}}}}}}, 0x4e)

172.974µs ago: executing program 3 (id=4801):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x2, [@var={0x0, 0x0, 0x0, 0xe, 0x0, 0x1}, @func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {}]}, @func, @volatile, @volatile, @const={0x0, 0x0, 0x0, 0xa, 0x2}]}}, 0x0, 0x96, 0x0, 0x3}, 0x28)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x1}, 0x28)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r1, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001000), 0x8, 0x0, 0x8, 0xd, 0x0}}, 0x10)

0s ago: executing program 2 (id=4802):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000040)={{{@in6=@empty, @in6=@loopback, 0xfffd, 0x1, 0x0, 0x0, 0xa}, {0x2, 0x6, 0x6, 0x0, 0x7, 0x4, 0x1}, {0x4000000005c, 0x7, 0xfffffffffffffff9, 0xff}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {{@in=@empty, 0x4d6, 0x32}, 0xa, @in6=@mcast2, 0xffffffde, 0x0, 0x2, 0x7f, 0x7}}, 0xe8)
sendmmsg$inet6(r1, &(0x7f0000000300)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @dev}, 0x1c, 0x0}}], 0x1, 0x40040d4)

kernel console output (not intermixed with test programs):

.374491][ T5919] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  139.565062][ T5919] usb 2-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.00
[  139.568435][ T5919] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.579490][ T5919] usb 2-1: config 0 descriptor??
[  139.617833][ T5919] go7007 2-1:0.0: probe with driver go7007 failed with error -12
[  139.794280][    T9] usb 2-1: USB disconnect, device number 15
[  139.971294][  T791] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  140.034795][ T7818] loop2: detected capacity change from 0 to 64
[  140.038500][ T7818] MINIX-fs: mounting file system with errors, running fsck is recommended
[  140.125101][  T791] usb 4-1: Using ep0 maxpacket: 32
[  140.131013][  T791] usb 4-1: unable to get BOS descriptor or descriptor too short
[  140.146097][  T791] usb 4-1: config 1 has an invalid interface number: 48 but max is 0
[  140.155086][  T791] usb 4-1: config 1 has no interface number 0
[  140.157793][  T791] usb 4-1: config 1 interface 48 altsetting 9 bulk endpoint 0xF has invalid maxpacket 64
[  140.171601][  T791] usb 4-1: config 1 interface 48 has no altsetting 0
[  140.186337][ T7826] vim2m vim2m.0: Fourcc format (0x56595559) invalid.
[  140.189471][  T791] usb 4-1: New USB device found, idVendor=110a, idProduct=1130, bcdDevice=f3.9e
[  140.200763][  T791] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.213724][  T791] usb 4-1: Product: syz
[  140.216384][  T791] usb 4-1: Manufacturer: syz
[  140.218165][  T791] usb 4-1: SerialNumber: syz
[  140.227031][ T7798] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  140.452075][  T791] ti_usb_3410_5052 4-1:1.48: TI USB 3410 1 port adapter converter detected
[  140.476542][  T791] usb 4-1: USB disconnect, device number 5
[  140.694614][   T47] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  140.814560][ T5886] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  140.854545][   T47] usb 3-1: Using ep0 maxpacket: 16
[  140.860530][   T47] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 78, changing to 10
[  140.865520][   T47] usb 3-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[  140.869203][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.875761][   T47] usb 3-1: config 0 descriptor??
[  140.984705][ T5886] usb 2-1: Using ep0 maxpacket: 8
[  140.995420][ T5886] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  140.999826][ T5886] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  141.013691][ T5886] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.021207][ T5886] usb 2-1: config 0 descriptor??
[  141.027444][ T5886] gspca_main: vc032x-2.14.0 probing 046d:0892
[  141.313110][   T47] uclogic 0003:5543:0781.000A: unknown main item tag 0x0
[  141.317130][   T47] uclogic 0003:5543:0781.000A: unknown main item tag 0x0
[  141.321915][   T47] uclogic 0003:5543:0781.000A: unknown main item tag 0x0
[  141.326018][   T47] uclogic 0003:5543:0781.000A: unknown main item tag 0x0
[  141.329300][   T47] uclogic 0003:5543:0781.000A: unknown main item tag 0x0
[  141.340827][   T47] uclogic 0003:5543:0781.000A: hidraw0: USB HID v0.04 Device [HID 5543:0781] on usb-dummy_hcd.2-1/input0
[  141.490100][ T7860] loop3: detected capacity change from 0 to 32768
[  141.509060][  T791] usb 3-1: USB disconnect, device number 17
[  141.513638][ T7860] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  141.542330][ T6363] (kworker/u8:4,6363,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=16, inode=66, rec_len=491, name_len=2
[  141.562986][ T7448] ocfs2: Unmounting device (7,3) on (node local)
[  141.789893][ T7870] netlink: 4 bytes leftover after parsing attributes in process `syz.3.709'.
[  141.841329][ T5886] gspca_vc032x: reg_w err -71
[  141.843481][ T5886] vc032x 2-1:0.0: probe with driver vc032x failed with error -71
[  141.848656][ T5886] usb 2-1: USB disconnect, device number 16
[  142.074541][  T791] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  142.252376][  T791] usb 4-1: config 2 has an invalid interface number: 1 but max is 0
[  142.257142][  T791] usb 4-1: config 2 has no interface number 0
[  142.259887][  T791] usb 4-1: config 2 interface 1 has no altsetting 0
[  142.267220][  T791] usb 4-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice=47.78
[  142.274667][  T791] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.277731][  T791] usb 4-1: Product: syz
[  142.279114][  T791] usb 4-1: Manufacturer: syz
[  142.280859][  T791] usb 4-1: SerialNumber: syz
[  142.768405][  T791] snd-usb-audio 4-1:2.1: probe with driver snd-usb-audio failed with error -22
[  142.800740][  T791] snd-usb-us122l 4-1:2.1: usb_set_interface error
[  142.812880][  T791] snd-usb-us122l 4-1:2.1: probe with driver snd-usb-us122l failed with error -22
[  142.836410][  T791] usb 4-1: USB disconnect, device number 6
[  142.851708][ T5865] udevd[5865]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:2.1/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  142.930745][ T7886] loop1: detected capacity change from 0 to 32768
[  142.954024][ T7886] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  142.992055][ T5857] ocfs2: Unmounting device (7,1) on (node local)
[  143.361046][ T7906] binder: 7905:7906 ioctl c0306201 200000000480 returned -14
[  143.398279][ T7908] loop1: detected capacity change from 0 to 128
[  143.844870][ T5919] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  144.012519][ T5919] usb 3-1: New USB device found, idVendor=03da, idProduct=2820, bcdDevice=52.3c
[  144.016481][ T5919] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.032408][ T5919] usb 3-1: config 0 descriptor??
[  144.055602][ T5919] usb 3-1: bad CDC descriptors
[  144.298707][ T5919] usb 3-1: USB disconnect, device number 18
[  144.383022][ T7917] loop1: detected capacity change from 0 to 1024
[  144.391875][ T7917] EXT4-fs: Ignoring removed bh option
[  144.394327][ T7917] EXT4-fs: inline encryption not supported
[  144.409058][ T7917] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  144.461882][ T7917] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 2: comm syz.1.729: lblock 2 mapped to illegal pblock 2 (length 1)
[  144.481343][ T7917] Quota error (device loop1): qtree_write_dquot: dquota write failed
[  144.490304][ T7917] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 48: comm syz.1.729: lblock 0 mapped to illegal pblock 48 (length 1)
[  144.498148][ T7917] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  144.502294][ T7917] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.729: Failed to acquire dquot type 0
[  144.510209][ T7917] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  144.518060][ T7917] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.729: mark_inode_dirty error
[  144.523715][ T7917] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  144.530839][ T7917] EXT4-fs (loop1): 1 orphan inode deleted
[  144.545141][ T7917] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.553893][ T1089] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u10:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  144.565997][ T1089] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  144.571560][ T7917] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz.1.729: Invalid inode table block 1 in block_group 0
[  144.572080][ T1089] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u10:4: Failed to release dquot type 0
[  144.586950][ T7917] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  144.650164][ T5857] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.657957][ T3612] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u9:6: lblock 1 mapped to illegal pblock 1 (length 1)
[  144.664168][ T3612] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  144.672424][ T3612] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u9:6: Failed to release dquot type 0
[  144.682586][ T5857] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  144.693204][ T5857] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  144.702814][ T5857] EXT4-fs error (device loop1): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[  145.164497][ T5919] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  145.347696][ T5919] usb 3-1: Using ep0 maxpacket: 32
[  145.354089][ T5919] usb 3-1: config 0 has an invalid interface number: 35 but max is 0
[  145.358050][ T5919] usb 3-1: config 0 has no interface number 0
[  145.379754][ T5919] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  145.383462][ T5919] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.395037][ T5919] usb 3-1: Product: syz
[  145.396864][ T5919] usb 3-1: Manufacturer: syz
[  145.398786][ T5919] usb 3-1: SerialNumber: syz
[  145.488273][ T5919] usb 3-1: config 0 descriptor??
[  145.687803][ T7955] loop1: detected capacity change from 0 to 1024
[  145.692226][ T7955] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  145.698372][ T7955] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  145.701891][ T7955] EXT4-fs (loop1): orphan cleanup on readonly fs
[  145.710202][ T7955] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.745: Freeing blocks not in datazone - block = 0, count = 4096
[  145.721186][ T7955] EXT4-fs (loop1): 1 orphan inode deleted
[  145.727096][ T7955] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  145.788354][ T5857] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.791741][ T5919] radio-si470x 3-1:0.35: this is not a si470x device.
[  145.824968][ T5919] radio-raremono 3-1:0.35: this is not Thanko's Raremono.
[  145.841051][ T5919] usb 3-1: USB disconnect, device number 19
[  146.623718][ T5863] Bluetooth: hci2: hcon ffff8881091b8000 sent 1 < count 7
[  146.626838][ T5863] Bluetooth: hci2: hcon ffff8881091b8000 sent 0 < count 64
[  146.755838][ T7970] loop2: detected capacity change from 0 to 40427
[  146.761765][ T7970] F2FS-fs: heap/no_heap options were deprecated
[  146.772922][ T7970] F2FS-fs (loop2): Mismatch start address, segment0(0) cp_blkaddr(512)
[  146.780182][ T7970] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  146.785085][ T7970] F2FS-fs (loop2): invalid crc value
[  146.923682][ T7970] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  146.930786][ T7970] F2FS-fs (loop2): Start checkpoint disabled!
[  146.935314][ T7970] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  146.938435][ T7970] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  147.144645][    T9] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  147.295230][    T9] usb 4-1: Using ep0 maxpacket: 16
[  147.301800][    T9] usb 4-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  147.305786][    T9] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  147.309137][    T9] usb 4-1: Product: syz
[  147.310982][    T9] usb 4-1: Manufacturer: syz
[  147.312890][    T9] usb 4-1: SerialNumber: syz
[  147.317800][    T9] usb 4-1: config 0 descriptor??
[  147.529950][    T9] usb 4-1: USB disconnect, device number 7
[  147.864266][ T8000] loop1: detected capacity change from 0 to 128
[  147.883244][ T8000] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  147.889746][ T8000] ext4 filesystem being mounted at /281/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  147.969750][ T8002] netlink: 16 bytes leftover after parsing attributes in process `syz.1.763'.
[  147.973768][ T8002] netlink: 4 bytes leftover after parsing attributes in process `syz.1.763'.
[  147.983116][ T8002] netlink: 72 bytes leftover after parsing attributes in process `syz.1.763'.
[  148.320384][ T8008] dummy0: entered promiscuous mode
[  148.329982][ T8008] macsec1: entered allmulticast mode
[  148.332747][ T8008] dummy0: entered allmulticast mode
[  148.352927][ T8008] dummy0: left allmulticast mode
[  148.355633][ T8008] dummy0: left promiscuous mode
[  149.339720][ T5857] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  149.676046][ T8033] loop3: detected capacity change from 0 to 64
[  149.679854][    T9] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  149.706635][ T8033] MINIX-fs: bad superblock or unable to read bitmaps
[  149.813585][ T8031] loop2: detected capacity change from 0 to 32768
[  149.823452][   T33] audit: type=1800 audit(1758712976.752:14): pid=8031 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.775" name="file1" dev="loop2" ino=4 res=0 errno=0
[  149.846967][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[  149.854663][    T9] usb 2-1: config 9 has an invalid interface number: 64 but max is 0
[  149.860732][ T8031] read_mapping_page failed!
[  149.862904][ T8031] ERROR: (device loop2): txCommit: 
[  149.862904][ T8031] 
[  149.867370][    T9] usb 2-1: config 9 has no interface number 0
[  149.869813][    T9] usb 2-1: config 9 interface 64 has no altsetting 0
[  149.879439][    T9] usb 2-1: New USB device found, idVendor=0572, idProduct=cb00, bcdDevice=1e.21
[  149.893513][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.900303][    T9] usb 2-1: Product: syz
[  149.902130][    T9] usb 2-1: Manufacturer: syz
[  149.904120][    T9] usb 2-1: SerialNumber: syz
[  150.065655][ T8044] input: syz1 as /devices/virtual/input/input10
[  150.145670][    T9] cxacru 2-1:9.64: cxacru_bind: interface has incorrect endpoints
[  150.149745][    T9] cxacru 2-1:9.64: usbatm_usb_probe: bind failed: -19!
[  150.163133][    T9] usb 2-1: USB disconnect, device number 17
[  150.189103][ T8050] netlink: 'syz.3.784': attribute type 2 has an invalid length.
[  150.215210][ T8050] : entered promiscuous mode
[  150.730593][ T8064] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  151.004555][    T9] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  151.172626][    T9] usb 2-1: config 1 has an invalid interface number: 13 but max is 0
[  151.192953][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  151.199424][    T9] usb 2-1: config 1 has no interface number 0
[  151.202190][    T9] usb 2-1: config 1 interface 13 altsetting 6 endpoint 0xE has invalid wMaxPacketSize 0
[  151.207011][    T9] usb 2-1: config 1 interface 13 altsetting 6 bulk endpoint 0xE has invalid maxpacket 0
[  151.210480][    T9] usb 2-1: config 1 interface 13 altsetting 6 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  151.216263][    T9] usb 2-1: config 1 interface 13 has no altsetting 0
[  151.229661][    T9] usb 2-1: New USB device found, idVendor=1943, idProduct=2255, bcdDevice=4c.2b
[  151.233285][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.237099][    T9] usb 2-1: Product: syz
[  151.238857][    T9] usb 2-1: Manufacturer: syz
[  151.240599][    T9] usb 2-1: SerialNumber: syz
[  151.522242][    T9] s2255 2-1:1.13: Could not find bulk-in endpoint
[  151.526365][    T9] Sensoray 2255 driver load failed: 0xfffffff4
[  151.529401][    T9] s2255 2-1:1.13: probe with driver s2255 failed with error -12
[  151.545202][    T9] usb 2-1: USB disconnect, device number 18
[  151.782422][ T8078] loop3: detected capacity change from 0 to 1024
[  151.790907][ T8078] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  151.954117][ T8084] netlink: 132 bytes leftover after parsing attributes in process `syz.3.800'.
[  152.064059][ T8088] loop2: detected capacity change from 0 to 4096
[  152.070735][ T8088] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  152.083054][ T8088] ntfs3(loop2): ino=4, mi_enum_attr
[  152.086844][ T8088] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  152.090235][ T8088] ntfs3(loop2): Failed to load $AttrDef (-22)
[  152.143969][ T8087] loop3: detected capacity change from 0 to 8192
[  152.152384][ T8087] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  152.165421][ T8092] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  152.169745][ T8092] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  152.484602][ T8110] netlink: 12 bytes leftover after parsing attributes in process `syz.1.813'.
[  152.489215][ T8110] netlink: 12 bytes leftover after parsing attributes in process `syz.1.813'.
[  152.492929][ T8110] netlink: 50 bytes leftover after parsing attributes in process `syz.1.813'.
[  153.194091][ T8129] evm: overlay not supported
[  153.486693][ T8131] netlink: 144 bytes leftover after parsing attributes in process `syz.2.824'.
[  153.784098][ T8137] loop3: detected capacity change from 0 to 512
[  153.839764][ T8137] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.847229][ T8137] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.869995][   T33] audit: type=1800 audit(1758712980.802:15): pid=8137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.826" name="file1" dev="loop3" ino=15 res=0 errno=0
[  153.953648][ T7448] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.200350][ T8150] loop3: detected capacity change from 0 to 2048
[  154.208181][ T8150] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  154.287102][ T8155] usb usb8: usbfs: process 8155 (syz.2.833) did not claim interface 6 before use
[  154.658500][ T8177] netlink: 228 bytes leftover after parsing attributes in process `syz.2.844'.
[  154.718754][ T8181] netlink: 24 bytes leftover after parsing attributes in process `syz.2.846'.
[  154.722483][ T8181] netlink: 56 bytes leftover after parsing attributes in process `syz.2.846'.
[  154.727857][ T8181] netlink: 'syz.2.846': attribute type 10 has an invalid length.
[  154.734569][   T10] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  154.884613][   T10] usb 2-1: Using ep0 maxpacket: 32
[  154.888514][   T10] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  154.913743][   T10] usb 2-1: config 0 has no interface number 0
[  154.916988][   T10] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 123, changing to 10
[  154.921543][   T10] usb 2-1: config 0 interface 85 has no altsetting 0
[  154.930302][   T10] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  154.933744][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.938092][   T10] usb 2-1: Product: syz
[  155.036028][   T10] usb 2-1: Manufacturer: syz
[  155.037950][   T10] usb 2-1: SerialNumber: syz
[  155.045099][   T10] usb 2-1: config 0 descriptor??
[  155.725865][   T10] appletouch 2-1:0.85: Geyser mode initialized.
[  155.738423][   T10] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input11
[  155.790734][ T8198] loop2: detected capacity change from 0 to 512
[  155.796489][ T8198] EXT4-fs: Ignoring removed oldalloc option
[  155.807317][ T8198] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  155.819078][ T8198] EXT4-fs (loop2): 1 truncate cleaned up
[  155.835650][ T8198] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.845679][   T33] audit: type=1800 audit(1758712982.782:16): pid=8198 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.853" name="file2" dev="loop2" ino=16 res=0 errno=0
[  155.930111][   T10] usb 2-1: USB disconnect, device number 19
[  155.941326][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.962795][   T10] appletouch 2-1:0.85: input: appletouch disconnected
[  156.466800][ T8214] loop1: detected capacity change from 0 to 1024
[  156.490592][ T8214] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.539258][ T5857] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.681355][ T8222] overlayfs: failed to clone upperpath
[  156.703932][ T8224] loop1: detected capacity change from 0 to 128
[  156.809944][ T8229] overlayfs: conflicting lowerdir path
[  157.043110][ T8240] loop1: detected capacity change from 0 to 128
[  157.077637][ T8240] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  157.081062][ T8240] FAT-fs (loop1): Filesystem has been set read-only
[  157.252355][ T8244] netlink: 'syz.2.874': attribute type 30 has an invalid length.
[  157.724666][ T5886] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  157.864547][   T10] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  157.894602][ T5886] usb 3-1: Using ep0 maxpacket: 32
[  157.901481][ T5886] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  157.906995][ T5886] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  157.910982][ T5886] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  157.916300][ T5886] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.921667][ T5886] usb 3-1: config 0 descriptor??
[  158.026171][   T10] usb 2-1: Using ep0 maxpacket: 32
[  158.030954][   T10] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[  158.035937][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.042997][   T10] usb 2-1: config 0 descriptor??
[  158.264610][   T10] dvb-usb: found a 'Elgato EyeTV DTT' in warm state.
[  158.272098][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  158.284998][   T10] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT)
[  158.290623][   T10] usb 2-1: media controller created
[  158.320959][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  158.353759][ T5886] hid-led 0003:27B8:01ED.000B: item fetching failed at offset 0/2
[  158.367815][ T5886] hid-led 0003:27B8:01ED.000B: probe with driver hid-led failed with error -22
[  158.373282][   T10] DVB: Unable to find symbol dib7000p_attach()
[  158.376124][   T10] dvb-usb: no frontend was attached by 'Elgato EyeTV DTT'
[  158.446520][   T10] rc_core: IR keymap rc-dib0700-rc5 not found
[  158.449744][   T10] Registered IR keymap rc-empty
[  158.452182][   T10] dvb-usb: could not initialize remote control.
[  158.455995][   T10] dvb-usb: Elgato EyeTV DTT successfully initialized and connected.
[  158.490478][   T10] usb 2-1: USB disconnect, device number 20
[  158.525792][   T10] dvb-usb: Elgato EyeTV DTT successfully deinitialized and disconnected.
[  158.541608][  T791] usb 3-1: USB disconnect, device number 20
[  159.046485][ T8277] loop1: detected capacity change from 0 to 4096
[  159.091721][ T8280] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  159.109555][ T8282] loop2: detected capacity change from 0 to 1024
[  159.123037][ T8282] EXT4-fs: inline encryption not supported
[  159.143685][ T8282] EXT4-fs: Ignoring removed bh option
[  159.186637][ T8282] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.220333][ T8289] loop1: detected capacity change from 0 to 8192
[  159.233453][ T8282] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.890: Allocating blocks 481-513 which overlap fs metadata
[  159.241150][ T8282] EXT4-fs (loop2): Remounting filesystem read-only
[  159.244196][ T5865] Dev loop1: RDB in block 1 has bad checksum
[  159.265059][ T8289] Dev loop1: RDB in block 1 has bad checksum
[  159.284292][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.366168][ T8296] netlink: 8 bytes leftover after parsing attributes in process `syz.1.897'.
[  159.611504][ T8310] loop2: detected capacity change from 0 to 512
[  159.646958][ T8310] EXT4-fs (loop2): orphan cleanup on readonly fs
[  159.662524][ T8310] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  159.686603][ T8310] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  159.690392][ T8310] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.900: Failed to acquire dquot type 1
[  159.703787][ T8310] EXT4-fs (loop2): 1 truncate cleaned up
[  159.719210][ T8310] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  159.753950][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.834172][ T8308] loop1: detected capacity change from 0 to 32768
[  159.888751][ T8308] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  159.917274][   T33] audit: type=1800 audit(1758712986.852:17): pid=8308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.903" name="bus" dev="loop1" ino=17058 res=0 errno=0
[  159.978966][ T5857] (syz-executor,5857,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[  159.986841][ T5857] ocfs2: Unmounting device (7,1) on (node local)
[  160.981181][ T8363] netlink: 8 bytes leftover after parsing attributes in process `syz.3.926'.
[  161.424503][  T792] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  161.584671][  T792] usb 3-1: Using ep0 maxpacket: 8
[  161.589267][  T792] usb 3-1: config 0 has no interfaces?
[  161.591684][  T792] usb 3-1: New USB device found, idVendor=0404, idProduct=c20e, bcdDevice= 0.00
[  161.595238][  T792] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.600892][  T792] usb 3-1: config 0 descriptor??
[  161.890102][  T792] usb 3-1: USB disconnect, device number 21
[  163.474628][ T8408] F2FS-fs: Conflicting test_dummy_encryption options
[  164.262121][ T8410] loop2: detected capacity change from 0 to 512
[  164.266701][ T8410] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  164.301535][ T8410] EXT4-fs (loop2): 1 truncate cleaned up
[  164.309474][ T8410] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.322663][ T8410] EXT4-fs error (device loop2): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.2.945: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  164.375065][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.606507][ T8432] loop2: detected capacity change from 0 to 1024
[  164.636645][ T8434] overlayfs: failed to resolve './file1': -2
[  164.641771][ T8432] hfsplus: trying to free free bnode 0(1)
[  164.662107][ T1090] hfsplus: b-tree write err: -5, ino 4
[  164.781900][ T8450] netlink: 248 bytes leftover after parsing attributes in process `syz.2.963'.
[  165.035774][  T792] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  165.070945][ T8474] netlink: 8 bytes leftover after parsing attributes in process `syz.3.972'.
[  165.216227][  T792] usb 2-1: Using ep0 maxpacket: 16
[  165.231162][  T792] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  165.241244][  T792] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  165.256269][  T792] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  165.272915][  T792] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  165.283826][  T792] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.293341][  T792] usb 2-1: Product: syz
[  165.296960][  T792] usb 2-1: Manufacturer: syz
[  165.302877][  T792] usb 2-1: SerialNumber: syz
[  165.349949][ T8486] loop2: detected capacity change from 0 to 2048
[  165.374636][ T8486] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  165.394861][ T8486] NILFS (loop2): mounting unchecked fs
[  165.398905][ T6025] udevd[6025]: incorrect nilfs2 checksum on /dev/loop2
[  165.443509][ T8486] NILFS (loop2): recovery complete
[  165.467045][ T8493] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  165.734755][  T792] usb 2-1: 0:2 : does not exist
[  165.974970][  T791] usb 3-1: new full-speed USB device number 22 using dummy_hcd
[  166.137899][  T791] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  166.146157][  T791] usb 3-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  166.152075][  T791] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.164683][  T791] usb 3-1: Product: syz
[  166.166662][  T791] usb 3-1: Manufacturer: syz
[  166.168610][  T791] usb 3-1: SerialNumber: syz
[  166.176205][  T791] usb 3-1: config 0 descriptor??
[  166.186137][  T791] usb 3-1: ucan: probing device on interface #0
[  166.188862][  T791] usb 3-1: ucan: invalid EP count (0)
[  166.191056][  T791] usb 3-1: ucan: probe failed; try to update the device firmware
[  166.371965][  T792] usb 2-1: 1:0: failed to get current value for ch 0 (-22)
[  166.401093][  T792] usb 2-1: USB disconnect, device number 21
[  166.412256][  T791] usb 3-1: USB disconnect, device number 22
[  166.459003][ T5865] udevd[5865]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  166.659422][ T8546] netlink: 'syz.3.996': attribute type 1 has an invalid length.
[  166.661892][ T8546] netlink: 'syz.3.996': attribute type 1 has an invalid length.
[  167.041323][ T8564] 9pnet_virtio: no channels available for device syz
[  167.268883][ T8570] loop2: detected capacity change from 0 to 512
[  167.276032][ T8570] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  167.285809][ T8570] EXT4-fs (loop2): orphan cleanup on readonly fs
[  167.296404][ T8570] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.1007: Block bitmap for bg 0 marked uninitialized
[  167.309128][ T8570] EXT4-fs (loop2): Remounting filesystem read-only
[  167.312173][ T8570] EXT4-fs (loop2): 1 orphan inode deleted
[  167.316165][ T8570] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  167.341605][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.554592][  T792] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  167.756964][  T792] usb 2-1: config 0 has an invalid interface number: 56 but max is 0
[  167.761587][  T792] usb 2-1: config 0 has no interface number 0
[  167.767018][  T792] usb 2-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=c7.76
[  167.772569][  T792] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.778019][  T792] usb 2-1: Product: syz
[  167.779992][  T792] usb 2-1: Manufacturer: syz
[  167.782160][  T792] usb 2-1: SerialNumber: syz
[  167.787785][  T792] usb 2-1: config 0 descriptor??
[  167.999788][  T792] peak_usb 2-1:0.56: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels)
[  168.204843][  T792] peak_usb 2-1:0.56 can0: sending command failure: -22
[  168.209740][  T792] peak_usb 2-1:0.56 can0: sending command failure: -22
[  168.212567][  T792] peak_usb 2-1:0.56 can0: sending command failure: -22
[  168.275869][  T792] peak_usb 2-1:0.56: probe with driver peak_usb failed with error -22
[  168.409442][  T792] usb 2-1: USB disconnect, device number 22
[  168.626051][  T791] usb 3-1: new full-speed USB device number 23 using dummy_hcd
[  168.776598][  T791] usb 3-1: config index 0 descriptor too short (expected 156, got 27)
[  168.780305][  T791] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  168.785039][  T791] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  168.789597][  T791] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  168.794886][  T791] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  168.801334][  T791] usb 3-1: config 0 interface 0 has no altsetting 0
[  168.806841][  T791] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  168.810675][  T791] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  168.814172][  T791] usb 3-1: Product: syz
[  168.816219][  T791] usb 3-1: Manufacturer: syz
[  168.818284][  T791] usb 3-1: SerialNumber: syz
[  168.822504][  T791] usb 3-1: config 0 descriptor??
[  168.826290][ T8602] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  168.831418][  T791] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  168.842515][  T791] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  169.057839][ T5886] usb 3-1: USB disconnect, device number 23
[  169.079106][ T5886] ldusb 3-1:0.0: LD USB Device #0 now disconnected
[  169.577602][ T8619] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  170.261756][   T33] audit: type=1400 audit(1758712997.182:18): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6DAB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36FD3578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F041321635
[  170.557465][ T8640] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1038'.
[  170.626775][ T8642] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  171.439574][ T8665] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1050'.
[  171.793684][ T8690] netlink: 'syz.2.1060': attribute type 4 has an invalid length.
[  172.671141][ T8716] netlink: 'syz.3.1072': attribute type 4 has an invalid length.
[  172.713725][ T8716] netlink: 'syz.3.1072': attribute type 17 has an invalid length.
[  173.342423][ T8732] loop1: detected capacity change from 0 to 512
[  173.379944][ T8732] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.396520][ T8732] ext4 filesystem being mounted at /363/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.407907][ T8732] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  173.431739][ T5857] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.677502][ T8744] loop1: detected capacity change from 0 to 32768
[  173.683318][ T8744] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1084 (8744)
[  173.699092][ T8744] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  173.704608][ T8744] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  173.738523][ T8744] BTRFS info (device loop1): rebuilding free space tree
[  173.750600][ T8744] BTRFS info (device loop1): setting nodatasum
[  173.753135][ T8744] BTRFS info (device loop1): setting nodatacow
[  173.755885][ T8744] BTRFS info (device loop1): turning off barriers
[  173.758615][ T8744] BTRFS info (device loop1): enabling free space tree
[  173.761337][ T8744] BTRFS info (device loop1): force clearing of disk cache
[  173.847233][ T5857] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  174.746805][ T8797] loop2: detected capacity change from 0 to 8192
[  175.072948][ T8811] serio: Serial port ptm0
[  175.198513][ T8813] loop1: detected capacity change from 0 to 512
[  175.212957][ T8813] EXT4-fs (loop1): Test dummy encryption mode enabled
[  175.219553][ T8813] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  175.236698][ T8813] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  175.242235][ T8813] System zones: 1-12
[  175.248638][ T8813] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.1108: corrupted in-inode xattr: e_name out of bounds
[  175.259464][ T8813] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1108: couldn't read orphan inode 15 (err -117)
[  175.272597][ T8813] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.301645][ T8813] EXT4-fs (loop1): Online defrag not supported for encrypted files
[  175.339708][ T5857] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.958410][ T8823] can0: slcan on ptm0.
[  176.005066][  T792] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  176.015557][ T8822] can0 (unregistered): slcan off ptm0.
[  176.057425][ T5863] Bluetooth: min 50 > max 0
[  176.176523][  T792] usb 2-1: Using ep0 maxpacket: 8
[  176.195717][  T792] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  176.198818][  T792] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.201391][  T792] usb 2-1: Product: syz
[  176.202877][  T792] usb 2-1: Manufacturer: syz
[  176.208333][  T792] usb 2-1: SerialNumber: syz
[  176.213283][  T792] usb 2-1: config 0 descriptor??
[  176.217230][  T792] gspca_main: se401-2.14.0 probing 047d:5003
[  176.619183][  T792] gspca_se401: write req failed req 0x57 val 0x00 error -71
[  176.622150][  T792] se401 2-1:0.0: probe with driver se401 failed with error -71
[  176.639006][  T792] usb 2-1: USB disconnect, device number 23
[  176.966457][ T8898] loop2: detected capacity change from 0 to 1024
[  176.979226][ T8894] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1138'.
[  176.998369][ T8898] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.040615][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.095696][ T8907] syz.3.1143(8907): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  177.895902][ T8926] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  177.895902][ T8926] The task syz.3.1148 (8926) triggered the difference, watch for misbehavior.
[  178.074946][ T8918] loop1: detected capacity change from 0 to 32768
[  178.164599][ T5863] Bluetooth: hci2: command tx timeout
[  178.270133][ T8928] loop2: detected capacity change from 0 to 32768
[  178.380312][ T8928] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  178.431881][ T5853] ocfs2: Unmounting device (7,2) on (node local)
[  179.393218][ T8956] loop2: detected capacity change from 0 to 8
[  179.452408][ T8956] SQUASHFS error: xz decompression failed, data probably corrupt
[  179.465392][ T8956] SQUASHFS error: Failed to read block 0x108: -5
[  179.468907][ T8956] SQUASHFS error: Unable to read metadata cache entry [106]
[  179.471938][ T8956] SQUASHFS error: Unable to read inode 0x11f
[  179.645718][ T8960] loop2: detected capacity change from 0 to 8192
[  179.865779][ T8962] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  179.869444][ T8962] batman_adv: batadv0: Removing interface: batadv_slave_0
[  179.879639][ T8962] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  179.882569][ T8962] batman_adv: batadv0: Removing interface: batadv_slave_1
[  180.237646][ T8970] netlink: 'syz.3.1168': attribute type 7 has an invalid length.
[  180.245060][ T8970] netlink: 'syz.3.1168': attribute type 8 has an invalid length.
[  180.265860][ T8972] loop2: detected capacity change from 0 to 512
[  180.278962][ T8972] EXT4-fs: Ignoring removed i_version option
[  180.308715][ T8972] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  180.322893][ T8978] netlink: 'syz.3.1171': attribute type 1 has an invalid length.
[  180.329407][ T8978] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1171'.
[  180.358877][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.550638][ T8997] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1180'.
[  180.559492][ T8997] tipc: Started in network mode
[  180.561568][ T8997] tipc: Node identity ff000000000000000000000000000001, cluster identity 4711
[  180.566391][ T8997] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  180.651724][ T9009] loop1: detected capacity change from 0 to 512
[  180.659786][ T9009] FAT-fs (loop1): bogus number of FAT sectors
[  180.662309][ T9009] FAT-fs (loop1): Can't find a valid FAT filesystem
[  180.703874][ T9012] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1188'.
[  180.784587][   T10] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  181.244545][   T10] usb 3-1: Using ep0 maxpacket: 32
[  181.248995][   T10] usb 3-1: config 0 has an invalid interface number: 30 but max is 0
[  181.252359][   T10] usb 3-1: config 0 has no interface number 0
[  181.257737][   T10] usb 3-1: New USB device found, idVendor=061d, idProduct=c180, bcdDevice=fc.f0
[  181.261625][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.265387][   T10] usb 3-1: Product: syz
[  181.267151][   T10] usb 3-1: Manufacturer: syz
[  181.269168][   T10] usb 3-1: SerialNumber: syz
[  181.273197][   T10] usb 3-1: config 0 descriptor??
[  181.278606][   T10] quatech2 3-1:0.30: Quatech 2nd gen USB to Serial Driver converter detected
[  181.284657][  T791] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  181.444723][  T791] usb 2-1: Using ep0 maxpacket: 32
[  181.452289][  T791] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  181.460827][  T791] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  181.464764][  T791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.468200][  T791] usb 2-1: Product: syz
[  181.470164][  T791] usb 2-1: Manufacturer: syz
[  181.472205][  T791] usb 2-1: SerialNumber: syz
[  181.484837][  T791] usb 2-1: config 0 descriptor??
[  181.487367][   T10] usb 3-1: qt2_attach - failed to power on unit: -71
[  181.494726][  T791] usb 2-1: bad CDC descriptors
[  181.497483][   T10] quatech2 3-1:0.30: probe with driver quatech2 failed with error -71
[  181.502383][  T791] usb 2-1: unsupported MDLM descriptors
[  181.512546][   T10] usb 3-1: USB disconnect, device number 24
[  181.699576][  T791] usb 2-1: USB disconnect, device number 24
[  182.314596][ T5886] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  182.479879][ T5886] usb 3-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=26.50
[  182.484084][ T5886] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.488841][ T5886] usb 3-1: Product: syz
[  182.490786][ T5886] usb 3-1: Manufacturer: syz
[  182.493272][ T5886] usb 3-1: SerialNumber: syz
[  182.495556][  T792] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  182.501314][ T5886] usb 3-1: config 0 descriptor??
[  182.518389][ T5886] usb 3-1: Waiting for MOTU Microbook II to boot up...
[  182.521391][ T5886] usb 3-1: failed setting the sample rate for Motu MicroBook II: -22
[  182.525303][ T5886] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -22
[  182.664652][  T792] usb 2-1: Using ep0 maxpacket: 16
[  182.669754][  T792] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  182.674221][  T792] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  182.681138][  T792] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  182.685545][  T792] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.689298][  T792] usb 2-1: Product: syz
[  182.691308][  T792] usb 2-1: Manufacturer: syz
[  182.693352][  T792] usb 2-1: SerialNumber: syz
[  182.715512][  T791] usb 3-1: USB disconnect, device number 25
[  182.910342][  T792] usb 2-1: 0:2 : does not exist
[  182.919246][  T792] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[  182.948436][  T792] usb 2-1: USB disconnect, device number 25
[  182.990131][ T5865] udevd[5865]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  183.419174][ T9049] netlink: set zone limit has 4 unknown bytes
[  183.820629][ T9056] loop1: detected capacity change from 0 to 40427
[  183.841616][ T9056] F2FS-fs (loop1): invalid crc value
[  183.894497][ T9056] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  183.898487][ T9056] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  183.907455][   T33] audit: type=1800 audit(1758713010.842:19): pid=9056 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1208" name="file1" dev="loop1" ino=10 res=0 errno=0
[  183.925843][ T5857] syz-executor: attempt to access beyond end of device
[  183.925843][ T5857] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  183.942272][ T5857] CPU: 0 UID: 0 PID: 5857 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  183.942296][ T5857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  183.942303][ T5857] Call Trace:
[  183.942309][ T5857]  <TASK>
[  183.942315][ T5857]  dump_stack_lvl+0x189/0x250
[  183.942346][ T5857]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.942362][ T5857]  ? __pfx_queue_work_on+0x10/0x10
[  183.942375][ T5857]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  183.942395][ T5857]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  183.942422][ T5857]  f2fs_handle_critical_error+0x37c/0x540
[  183.942445][ T5857]  f2fs_write_end_io+0x886/0xb60
[  183.942472][ T5857]  __submit_merged_bio+0x27a/0x6a0
[  183.942494][ T5857]  __submit_merged_write_cond+0x255/0x530
[  183.942516][ T5857]  f2fs_write_data_pages+0x261d/0x3000
[  183.942550][ T5857]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  183.942586][ T5857]  ? __mod_zone_page_state+0xd7/0x140
[  183.942607][ T5857]  ? folios_put_refs+0x560/0x640
[  183.942628][ T5857]  ? __lock_acquire+0xab9/0xd20
[  183.942650][ T5857]  ? do_raw_spin_lock+0x121/0x290
[  183.942671][ T5857]  ? do_raw_spin_unlock+0x4d/0x240
[  183.942686][ T5857]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  183.942696][ T5857]  do_writepages+0x32e/0x550
[  183.942722][ T5857]  ? do_raw_spin_unlock+0x4d/0x240
[  183.942737][ T5857]  filemap_fdatawrite+0x199/0x240
[  183.942754][ T5857]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  183.942801][ T5857]  ? do_raw_spin_unlock+0x4d/0x240
[  183.942817][ T5857]  f2fs_sync_dirty_inodes+0x31f/0x830
[  183.942841][ T5857]  f2fs_write_checkpoint+0x95a/0x1df0
[  183.942869][ T5857]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  183.942912][ T5857]  ? kill_f2fs_super+0x298/0x6c0
[  183.942930][ T5857]  kill_f2fs_super+0x2c3/0x6c0
[  183.942944][ T5857]  ? __pfx_kill_f2fs_super+0x10/0x10
[  183.942956][ T5857]  ? radix_tree_delete_item+0x2b6/0x400
[  183.942974][ T5857]  ? shrinker_free+0x2ce/0x3e0
[  183.942988][ T5857]  deactivate_locked_super+0xbc/0x130
[  183.943004][ T5857]  cleanup_mnt+0x425/0x4c0
[  183.943017][ T5857]  ? lockdep_hardirqs_on+0x9c/0x150
[  183.943031][ T5857]  task_work_run+0x1d4/0x260
[  183.943048][ T5857]  ? __pfx_task_work_run+0x10/0x10
[  183.943061][ T5857]  ? __x64_sys_umount+0x122/0x160
[  183.943120][ T5857]  ? exit_to_user_mode_loop+0x40/0x110
[  183.943140][ T5857]  exit_to_user_mode_loop+0xec/0x110
[  183.943157][ T5857]  do_syscall_64+0x2bd/0x3b0
[  183.943168][ T5857]  ? lockdep_hardirqs_on+0x9c/0x150
[  183.943179][ T5857]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.943191][ T5857]  ? exc_page_fault+0x9f/0xf0
[  183.943205][ T5857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.943216][ T5857] RIP: 0033:0x7fa479b8ff57
[  183.943228][ T5857] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  183.943238][ T5857] RSP: 002b:00007fffffdaecb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  183.943253][ T5857] RAX: 0000000000000000 RBX: 00007fa479c11c2d RCX: 00007fa479b8ff57
[  183.943260][ T5857] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffffdaed70
[  183.943268][ T5857] RBP: 00007fffffdaed70 R08: 0000000000000000 R09: 0000000000000000
[  183.943275][ T5857] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffffdafe00
[  183.943283][ T5857] R13: 00007fa479c11c2d R14: 000000000002cdef R15: 00007fffffdafe40
[  183.943304][ T5857]  </TASK>
[  183.943309][ T5857] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  184.587179][ T9077] loop1: detected capacity change from 0 to 512
[  184.612455][ T9077] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.619952][ T9077] ext4 filesystem being mounted at /394/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.632658][ T9077] fscrypt (loop1, inode 15): Error -61 getting encryption context
[  184.660221][ T5857] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.919726][   T33] audit: type=1326 audit(1758713012.852:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9105 comm="syz.3.1227" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  185.927507][   T33] audit: type=1326 audit(1758713012.852:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9105 comm="syz.3.1227" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  185.936583][   T33] audit: type=1326 audit(1758713012.862:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9105 comm="syz.3.1227" exe="/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  185.947268][   T33] audit: type=1326 audit(1758713012.862:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9105 comm="syz.3.1227" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  185.956150][   T33] audit: type=1326 audit(1758713012.862:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9105 comm="syz.3.1227" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  187.376021][   T33] audit: type=1800 audit(1758713014.312:25): pid=9124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1235" name="file1" dev="tmpfs" ino=2045 res=0 errno=0
[  188.455748][  T791] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  188.608158][  T791] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.612679][  T791] usb 2-1: New USB device found, idVendor=046d, idProduct=c532, bcdDevice= 0.00
[  188.617714][  T791] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.626728][  T791] usb 2-1: config 0 descriptor??
[  189.053541][  T791] logitech-djreceiver 0003:046D:C532.000C: item fetching failed at offset 3/7
[  189.057902][  T791] logitech-djreceiver 0003:046D:C532.000C: logi_dj_probe: parse failed
[  189.061311][  T791] logitech-djreceiver 0003:046D:C532.000C: probe with driver logitech-djreceiver failed with error -22
[  189.265624][  T791] usb 2-1: USB disconnect, device number 26
[  189.482841][ T9172] loop2: detected capacity change from 0 to 32768
[  189.503895][ T9172] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  189.508978][ T9172] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  189.575929][ T9172] BTRFS info (device loop2): enabling ssd optimizations
[  189.578838][ T9172] BTRFS info (device loop2): enabling free space tree
[  189.608309][ T9172] BTRFS info (device loop2): setting incompat feature flag for SIMPLE_QUOTA (0x10000)
[  189.785847][ T5853] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  190.792942][ T9224] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  190.929622][ T9230] loop2: detected capacity change from 0 to 1024
[  190.937157][ T9230] EXT4-fs: Ignoring removed orlov option
[  190.981537][ T9230] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.041276][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.271116][ T9247] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1281'.
[  191.576854][  T792] usb 3-1: new full-speed USB device number 26 using dummy_hcd
[  191.746566][  T792] usb 3-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  191.751044][  T792] usb 3-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[  191.764658][  T792] usb 3-1: config 253 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  191.782274][  T792] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  191.786702][  T792] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  191.789873][  T792] usb 3-1: SerialNumber: syz
[  191.857576][ T9245] loop1: detected capacity change from 0 to 131072
[  191.864035][ T9245] F2FS-fs (loop1): Invalid log sectorsize (67108873)
[  191.866916][ T9245] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  191.882344][ T9245] F2FS-fs (loop1): invalid crc value
[  191.917680][ T9245] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  191.924911][ T9245] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  191.928138][ T9245] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  192.042205][  T792] usb 3-1: bad CDC descriptors
[  192.067572][  T792] usb 3-1: USB disconnect, device number 26
[  192.602667][ T9290] loop2: detected capacity change from 0 to 128
[  192.755331][  T792] usb 2-1: new full-speed USB device number 27 using dummy_hcd
[  192.909467][  T792] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  192.914225][  T792] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  192.924531][  T792] usb 2-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47
[  192.928778][  T792] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.950471][  T792] usb 2-1: config 0 descriptor??
[  192.972628][  T792] qmi_wwan 2-1:0.0: probe with driver qmi_wwan failed with error -22
[  192.995187][ T9313] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1312'.
[  193.035178][ T9309] loop2: detected capacity change from 0 to 32768
[  193.057598][ T9309] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  193.080313][ T9309] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  193.131464][ T5853] ocfs2: Unmounting device (7,2) on (node local)
[  193.173749][  T791] usb 2-1: USB disconnect, device number 27
[  193.471992][ T9327] loop2: detected capacity change from 0 to 32768
[  193.507110][ T9327] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  193.536070][ T9327] OCFS2: ERROR (device loop2): int __ocfs2_find_path(struct ocfs2_caching_info *, struct ocfs2_extent_list *, u32, path_insert_t *, void *): Owner 65 has invalid tree depth 312 in extent list
[  193.543790][ T9327] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  193.553335][ T9327] OCFS2: File system is now read-only.
[  193.556404][ T9327] (syz.2.1316,9327,1):ocfs2_find_leaf:1948 ERROR: status = -30
[  193.559599][ T9327] (syz.2.1316,9327,1):ocfs2_get_clusters_nocache:421 ERROR: status = -30
[  193.563210][ T9327] (syz.2.1316,9327,1):ocfs2_fiemap:792 ERROR: status = -30
[  193.588701][ T5853] ocfs2: Unmounting device (7,2) on (node local)
[  193.838995][ T9343] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1325'.
[  194.010700][ T9351] loop2: detected capacity change from 0 to 512
[  194.041396][ T9351] EXT4-fs (loop2): Test dummy encryption mode enabled
[  194.073047][ T9351] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.1328: corrupted in-inode xattr: overlapping e_value 
[  194.082800][ T9351] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.1328: couldn't read orphan inode 15 (err -117)
[  194.089561][ T9351] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.129445][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  194.132483][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  194.247651][ T9363] netlink: 'syz.3.1334': attribute type 2 has an invalid length.
[  194.346256][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.474997][ T9376] loop2: detected capacity change from 0 to 1024
[  194.478701][ T9376] EXT4-fs: Ignoring removed orlov option
[  194.483932][ T9376] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869)
[  194.492290][ T9376] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  194.498741][ T9376] EXT4-fs (loop2): invalid journal inode
[  194.501248][ T9376] EXT4-fs (loop2): can't get journal size
[  194.512793][ T9376] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  194.562410][ T9378] ref_ctr_offset mismatch. inode: 0x6cb offset: 0x0 ref_ctr_offset(old): 0x200000000100 ref_ctr_offset(new): 0x0
[  195.386076][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.758490][ T9409] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0
[  195.907035][ T9413] loop1: detected capacity change from 0 to 4096
[  195.931807][ T9413] NILFS (loop1): invalid segment: Checksum error in segment payload
[  195.949576][ T9413] NILFS (loop1): trying rollback from an earlier position
[  195.987274][ T9413] NILFS (loop1): recovery complete
[  196.008854][ T9417] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  196.552827][ T9434] netlink: 'syz.2.1363': attribute type 3 has an invalid length.
[  196.686637][ T9432] loop1: detected capacity change from 0 to 32768
[  196.708230][ T9432] (syz.1.1364,9432,0):ocfs2_slot_map_physical_size:223 ERROR: Slot map file is too small!  (size 0, needed 8)
[  196.712691][ T9432] (syz.1.1364,9432,0):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 69
[  196.718596][ T9439] loop2: detected capacity change from 0 to 32768
[  196.752647][ T9439] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  196.783244][ T9439] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  196.794620][   T12] (kworker/u8:0,12,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214
[  196.820444][ T5853] ocfs2: Unmounting device (7,2) on (node local)
[  198.192987][ T9472] loop1: detected capacity change from 0 to 131072
[  198.196863][ T9472] F2FS-fs (loop1): Wrong CP boundary, start(512) end(1536) blocks(0)
[  198.199855][ T9472] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  198.204181][ T9472] F2FS-fs (loop1): invalid crc value
[  198.301645][ T9472] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  198.307744][ T9472] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  198.310680][ T9472] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  199.193482][ T9511] sg_read: process 968 (syz.1.1397) changed security contexts after opening file descriptor, this is not allowed.
[  199.771310][ T9553] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1417'.
[  199.844540][  T791] usb 2-1: new full-speed USB device number 28 using dummy_hcd
[  200.157452][  T791] usb 2-1: unable to get BOS descriptor or descriptor too short
[  200.160760][  T791] usb 2-1: not running at top speed; connect to a high speed hub
[  200.168525][  T791] usb 2-1: config 4 has an invalid interface number: 32 but max is 0
[  200.172081][  T791] usb 2-1: config 4 has no interface number 0
[  200.196927][  T791] usb 2-1: New USB device found, idVendor=17dc, idProduct=0202, bcdDevice=f1.50
[  200.213096][  T791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.216670][  T791] usb 2-1: Product: syz
[  200.218385][  T791] usb 2-1: Manufacturer: syz
[  200.220260][  T791] usb 2-1: SerialNumber: syz
[  200.253539][ T9571] netlink: 'syz.2.1424': attribute type 8 has an invalid length.
[  200.441082][ T9581] ip6erspan0: entered promiscuous mode
[  200.481212][  T791] usb 2-1: Found UVC 0.02 device syz (17dc:0202)
[  200.483732][  T791] usb 2-1: No valid video chain found.
[  200.491117][  T791] usb 2-1: USB disconnect, device number 28
[  200.605941][ T9597] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  200.766971][ T9609] fuse: Bad value for 'fd'
[  201.234115][ T9631] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1452'.
[  201.503546][ T9653] netlink: 'syz.2.1463': attribute type 2 has an invalid length.
[  201.556524][ T9655] loop1: detected capacity change from 0 to 4096
[  201.582605][ T9655] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  201.589657][ T9655] ntfs3(loop1): Failed to load $MFT.
[  201.742175][ T9672] overlayfs: failed to clone upperpath
[  201.841037][ T9682] loop1: detected capacity change from 0 to 1024
[  201.873819][ T9682] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.912529][ T5857] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.423765][ T9716] netlink: 212892 bytes leftover after parsing attributes in process `syz.1.1489'.
[  202.820269][ T9734] netlink: 'syz.1.1498': attribute type 12 has an invalid length.
[  202.823794][ T9734] netlink: 'syz.1.1498': attribute type 29 has an invalid length.
[  202.827644][ T9734] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1498'.
[  202.831646][ T9734] netlink: 59 bytes leftover after parsing attributes in process `syz.1.1498'.
[  203.226104][ T9757] netlink: 'syz.2.1505': attribute type 83 has an invalid length.
[  204.780865][ T9819] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1540'.
[  204.788426][ T9819] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1540'.
[  205.069213][ T9838] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1548'.
[  206.659675][ T9898] sctp: [Deprecated]: syz.1.1575 (pid 9898) Use of int in max_burst socket option.
[  206.659675][ T9898] Use struct sctp_assoc_value instead
[  206.964655][ T9922] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1586'.
[  206.968482][ T9922] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1586'.
[  206.973689][ T9922] netlink: 'syz.3.1586': attribute type 1 has an invalid length.
[  207.135113][ T9929] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1590'.
[  207.311487][ T9941] netlink: 159784 bytes leftover after parsing attributes in process `syz.1.1594'.
[  207.593764][ T9964] PKCS7: Unknown OID: [5] (bad)
[  207.598486][ T9964] PKCS7: Only support pkcs7_signedData type
[  207.727827][ T9972] netlink: 165 bytes leftover after parsing attributes in process `syz.2.1607'.
[  207.978905][ T9980] fuse: Bad value for 'fd'
[  209.439041][   T33] audit: type=1326 audit(1758713036.372:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10041 comm="syz.1.1639" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa479b8ec29 code=0x0
[  211.322598][T10125] overlayfs: failed to clone upperpath
[  211.363614][T10133] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  211.514077][T10139] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1684'.
[  211.830258][T10158] netlink: 'syz.2.1692': attribute type 6 has an invalid length.
[  213.017809][T10224] netlink: 16342 bytes leftover after parsing attributes in process `syz.2.1721'.
[  213.290232][T10235] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1727'.
[  213.294085][T10235] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1727'.
[  214.306892][T10246] Invalid ELF header magic: != ELF
[  214.506262][T10268] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1742'.
[  214.539183][T10268] 8021q: adding VLAN 0 to HW filter on device bond2
[  214.558911][T10268] macvlan2: entered promiscuous mode
[  214.560780][T10268] macvlan2: entered allmulticast mode
[  214.563484][T10268] bond2: (slave macvlan2): Opening slave failed
[  214.604630][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.687970][T10283] netlink: 'syz.1.1749': attribute type 4 has an invalid length.
[  214.741871][T10285] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1750'.
[  214.771195][T10285] veth1_macvtap: left promiscuous mode
[  215.108968][T10308] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode active-backup(1)
[  215.914085][T10327] dns_resolver: Unsupported server list version (0)
[  215.974326][T10335] fuse: Bad value for 'fd'
[  216.140239][T10340] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1775'.
[  216.477873][   T33] audit: type=1326 audit(1758713043.412:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10359 comm="syz.3.1783" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb549f8ec29 code=0x0
[  216.727305][T10371] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  217.820680][T10435] cgroup: Need name or subsystem set
[  218.142244][T10461] netlink: 136 bytes leftover after parsing attributes in process `syz.1.1830'.
[  218.198303][T10465] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1832'.
[  219.620101][T10537] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1867'.
[  219.707274][T10549] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1872'.
[  219.762371][T10555] 9pnet: p9_errstr2errno: server reported unknown error @cF	S++
[  219.842963][T10561] IPVS: wlc: SCTP 172.20.20.187:0 - no destination available
[  219.844907][ T5906] IPVS: starting estimator thread 0...
[  219.934688][T10562] IPVS: using max 43 ests per chain, 103200 per kthread
[  220.532898][   T33] audit: type=1326 audit(1758713047.462:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10587 comm="syz.1.1890" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa479b8ec29 code=0x0
[  220.938209][ T5886] IPVS: starting estimator thread 0...
[  221.035643][T10616] IPVS: using max 77 ests per chain, 184800 per kthread
[  221.876760][T10693] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1938'.
[  221.969619][T10699] netlink: 160 bytes leftover after parsing attributes in process `syz.3.1942'.
[  221.973556][T10699] netlink: 'syz.3.1942': attribute type 1 has an invalid length.
[  221.979741][T10699] netlink: 'syz.3.1942': attribute type 2 has an invalid length.
[  221.983071][T10699] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1942'.
[  222.283380][T10727] tipc: Can't bind to reserved service type 2
[  222.911976][ T5863] Bluetooth: hci2: adv larger than maximum supported
[  222.912008][ T5863] Bluetooth: hci2: Malformed LE Event: 0x0d
[  224.675842][T10860] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2018'.
[  224.679360][T10860] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2018'.
[  225.307961][T10898] netlink: 'syz.1.2036': attribute type 4 has an invalid length.
[  225.417393][T10906] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  226.869618][T10949] netlink: 'syz.1.2057': attribute type 10 has an invalid length.
[  226.873852][T10949] veth0_vlan: entered allmulticast mode
[  226.895691][T10949] veth0_vlan: left promiscuous mode
[  226.900497][T10949] veth0_vlan: entered promiscuous mode
[  226.904092][T10949] team0: Device veth0_vlan failed to register rx_handler
[  228.033279][T10982] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2072'.
[  228.037132][T10982] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2072'.
[  228.047049][T10982] geneve2: entered promiscuous mode
[  228.048894][T10982] geneve2: entered allmulticast mode
[  228.870002][T11020] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2089'.
[  229.171909][T11036] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2096'.
[  229.184378][T11038] netlink: 'syz.1.2097': attribute type 5 has an invalid length.
[  229.624040][   T33] audit: type=1326 audit(1758713056.552:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11057 comm="syz.2.2107" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d8f38ec29 code=0x7ffc0000
[  229.635164][   T33] audit: type=1326 audit(1758713056.552:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11057 comm="syz.2.2107" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d8f38ec29 code=0x7ffc0000
[  229.644312][   T33] audit: type=1326 audit(1758713056.552:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11057 comm="syz.2.2107" exe="/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f7d8f38ec29 code=0x7ffc0000
[  229.655642][   T33] audit: type=1326 audit(1758713056.552:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11057 comm="syz.2.2107" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d8f38ec29 code=0x7ffc0000
[  229.815701][T11068] netlink: 168 bytes leftover after parsing attributes in process `syz.2.2112'.
[  230.462848][T11094] netlink: 'syz.1.2124': attribute type 4 has an invalid length.
[  230.899707][T11107] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  231.827192][T11135] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2143'.
[  231.830647][T11135] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (511)
[  231.834126][T11135] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255
[  232.053316][T11149] vxcan1: MTU too low for tipc bearer
[  232.056139][T11149] tipc: Enabling of bearer <eth:vxcan1> rejected, failed to enable media
[  232.293159][T11171] netlink: 'syz.2.2160': attribute type 10 has an invalid length.
[  232.299373][T11171] bond0: left promiscuous mode
[  232.301307][T11171] bond_slave_0: left promiscuous mode
[  232.303922][T11171] bond_slave_1: left promiscuous mode
[  232.756564][T11199] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2172'.
[  233.076856][T11210] veth1_to_bridge: entered allmulticast mode
[  233.079361][T11210] veth1_to_bridge: left allmulticast mode
[  233.152359][T11217] ptrace attach of "/syz-executor exec"[5853] was attempted by "/syz-executor exec"[11217]
[  233.187610][T11220] 9pnet_fd: Insufficient options for proto=fd
[  233.815828][T11252] netlink: 'syz.3.2198': attribute type 5 has an invalid length.
[  234.137409][T11264] syz.2.2202 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  234.297418][T11286] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2213'.
[  234.300602][T11286] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2213'.
[  234.464087][T11301] netlink: 'syz.1.2221': attribute type 1 has an invalid length.
[  234.727929][T11322] netlink: 9280 bytes leftover after parsing attributes in process `syz.2.2231'.
[  236.347107][T11379] gfs2: path_lookup on tmpfs returned error -2
[  238.052291][T11420] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2275'.
[  238.498400][T11436] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2283'.
[  238.924149][T11472] netlink: 'syz.3.2299': attribute type 8 has an invalid length.
[  239.142660][T11500] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2312'.
[  239.441632][T11518] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  239.524345][T11526] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2325'.
[  239.624870][T11532] sch_tbf: burst 0 is lower than device ip6gre0 mtu (65485) !
[  239.738043][T11544] openvswitch: netlink: VXLAN extension 2 out of range max 1
[  239.936178][T11562] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2343'.
[  240.028953][T11570] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2347'.
[  240.071192][T11577] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2350'.
[  240.150827][T11583] kAFS: Can only specify source 'none' with -o dyn
[  241.482907][T11651] netlink: 'syz.3.2386': attribute type 1 has an invalid length.
[  241.488212][T11651] netlink: 'syz.3.2386': attribute type 4 has an invalid length.
[  241.491186][T11651] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.2386'.
[  241.569767][T11657] netlink: 'syz.3.2389': attribute type 29 has an invalid length.
[  241.725474][T11669] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2394'.
[  241.729763][T11669] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2394'.
[  242.568092][T11698] vxcan3: entered allmulticast mode
[  243.059881][T11720] No source specified
[  243.240102][T11735] IPVS: wlc: SCTP 172.20.20.187:0 - no destination available
[  243.935778][T11761] bridge0: port 4(erspan0) entered blocking state
[  243.938430][T11761] bridge0: port 4(erspan0) entered disabled state
[  243.941132][T11761] erspan0: entered allmulticast mode
[  243.944900][T11761] erspan0: entered promiscuous mode
[  243.952062][T11761] erspan0: left allmulticast mode
[  243.954962][T11761] erspan0: left promiscuous mode
[  243.959923][T11761] bridge0: port 4(erspan0) entered disabled state
[  244.372148][T11784] netlink: 'syz.2.2444': attribute type 11 has an invalid length.
[  244.930497][T11809] netlink: 'syz.3.2456': attribute type 1 has an invalid length.
[  244.991875][T11813] __nla_validate_parse: 1 callbacks suppressed
[  244.991886][T11813] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2457'.
[  245.693752][T11852] overlayfs: failed to resolve './cgroup': -2
[  246.253426][T11870] netlink: 'syz.3.2485': attribute type 3 has an invalid length.
[  247.302940][T11914] syz_tun: entered allmulticast mode
[  247.307211][T11913] syz_tun: left allmulticast mode
[  248.300555][T11945] 9pnet_fd: Insufficient options for proto=fd
[  250.656493][T12015] overlayfs: failed to clone upperpath
[  251.651817][T12063] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2574'.
[  251.996131][T12083] trusted_key: syz.1.2585 sent an empty control message without MSG_MORE.
[  252.360814][T12123] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  252.736226][T12154] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2614'.
[  252.740219][T12154] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2614'.
[  254.912348][T12234] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2642'.
[  254.912613][T12232] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2641'.
[  254.916287][T12234] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2642'.
[  254.920920][T12232] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2641'.
[  255.569933][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  255.572635][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  256.049367][T12311] netlink: 'syz.1.2679': attribute type 83 has an invalid length.
[  256.081691][T12315] 9pnet_fd: Insufficient options for proto=fd
[  256.303225][T12327] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2687'.
[  256.683606][   T33] audit: type=1326 audit(1758713083.612:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12343 comm="syz.1.2695" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa479b8ec29 code=0x0
[  257.254760][T12370] IPVS: length: 187 != 24
[  257.287754][T12372] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2709'.
[  257.470646][T12388] xfrm0: entered promiscuous mode
[  257.472894][T12388] xfrm0: entered allmulticast mode
[  257.788927][T12407] netlink: 'syz.1.2726': attribute type 1 has an invalid length.
[  258.268930][T12426] 9pnet_fd: Insufficient options for proto=fd
[  258.307455][T12428] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2736'.
[  258.603045][T12450] overlayfs: failed to clone upperpath
[  260.012767][T12476] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2756'.
[  260.019272][T12476] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2756'.
[  260.226224][T12487] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2761'.
[  260.531453][T12513] netlink: 'syz.3.2768': attribute type 3 has an invalid length.
[  260.998530][T12555] netlink: 'syz.1.2794': attribute type 3 has an invalid length.
[  261.001811][T12555] netlink: 'syz.1.2794': attribute type 27 has an invalid length.
[  261.950217][T12600] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  261.953917][T12600] IPv6: NLM_F_CREATE should be set when creating new route
[  261.957245][T12600] IPv6: NLM_F_CREATE should be set when creating new route
[  261.960363][T12600] IPv6: NLM_F_CREATE should be set when creating new route
[  261.966285][T12600] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  262.645084][T12655] overlayfs: failed to clone upperpath
[  262.781897][T12669] geneve2: entered promiscuous mode
[  263.147919][T12704] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2862'.
[  263.151333][T12704] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2862'.
[  263.165493][T12704] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2862'.
[  263.168957][T12704] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2862'.
[  264.021980][T12732] mmap: syz.2.2877 (12732): VmData 37466112 exceed data ulimit 25. Update limits or use boot option ignore_rlimit_data.
[  265.031503][T12798] overlayfs: failed to clone upperpath
[  265.320223][T12810] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000000000f
[  265.713743][T12834] PKCS8: Unsupported PKCS#8 version
[  265.725871][T12833] hsr0: entered promiscuous mode
[  265.732977][T12833] macsec0: entered promiscuous mode
[  265.739389][T12833] macsec0: entered allmulticast mode
[  265.742775][T12833] hsr0: entered allmulticast mode
[  265.751101][T12833] hsr_slave_0: entered allmulticast mode
[  265.753545][T12833] hsr_slave_1: entered allmulticast mode
[  265.759183][T12833] hsr0: left allmulticast mode
[  265.766707][T12833] hsr_slave_0: left allmulticast mode
[  265.769107][T12833] hsr_slave_1: left allmulticast mode
[  266.040788][T12848] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2930'.
[  268.622858][   T33] audit: type=1326 audit(1758713095.552:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12906 comm="syz.2.2956" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d8f38ec29 code=0x0
[  268.649292][T12909] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.2958'.
[  268.892367][T12921] blk_print_req_error: 12 callbacks suppressed
[  268.892392][T12921] I/O error, dev loop7, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  268.906698][T12921] EXT4-fs (loop7): unable to read superblock
[  269.292055][T12925] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2964'.
[  269.340555][T12927] netlink: 'syz.3.2965': attribute type 6 has an invalid length.
[  269.818649][T12968] 9pnet: Found fid 0 not clunked
[  269.896551][T12976] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2979'.
[  270.429503][T12998] xt_HMARK: proto mask must be zero with L3 mode
[  271.082235][   T10] IPVS: starting estimator thread 0...
[  271.087493][T13043] IPVS: fo: FWM 3 0x00000003 - no destination available
[  271.118264][T13048] netlink: 1 bytes leftover after parsing attributes in process `syz.1.3017'.
[  271.122023][T13048] netlink: 1 bytes leftover after parsing attributes in process `syz.1.3017'.
[  271.176344][T13046] IPVS: using max 43 ests per chain, 103200 per kthread
[  271.212608][T13055] netlink: 'syz.3.3020': attribute type 1 has an invalid length.
[  271.217827][T13055] netlink: 'syz.3.3020': attribute type 1 has an invalid length.
[  271.783102][T13081] overlayfs: failed to clone upperpath
[  271.988674][T13098] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3040'.
[  272.043677][T13101] batman_adv: batadv0: Adding interface: dummy0
[  272.048810][T13101] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  272.061577][T13101] batman_adv: batadv0: Interface activated: dummy0
[  272.092223][T13101] batadv0: mtu less than device minimum
[  272.101527][T13101] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  272.107236][T13101] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  272.112396][T13101] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  272.117654][T13101] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  272.122942][T13101] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  272.128392][T13101] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  272.133724][T13101] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  272.139127][T13101] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  272.547482][T13118] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3050'.
[  272.721555][T13133] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[  273.005990][ T5863] Bluetooth: hci2: command 0x0406 tx timeout
[  274.584270][T13205] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3089'.
[  274.596810][   T12] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  274.600237][   T12] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  274.800539][   T12] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  274.803475][   T12] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  275.384942][T13234] 9pnet_fd: Insufficient options for proto=fd
[  275.461153][T13244] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3106'.
[  275.554129][T13248] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3108'.
[  275.699433][T13256] overlayfs: failed to clone upperpath
[  276.869889][T13296] overlayfs: failed to clone upperpath
[  277.825144][T13351] afs: Unknown parameter 'f2fs'
[  278.347937][T13388] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3174'.
[  278.769240][T13412] (unnamed net_device) (uninitialized): option broadcast_neighbor: mode dependency failed, not supported in mode balance-rr(0)
[  279.770263][T13441] netlink: 348 bytes leftover after parsing attributes in process `syz.1.3199'.
[  279.815626][T13447] xt_l2tp: v2 sid > 0xffff: 1114112
[  280.080274][   T33] audit: type=1326 audit(1758713107.012:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13478 comm="syz.2.3218" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d8f38ec29 code=0x7ffc0000
[  280.087594][   T33] audit: type=1326 audit(1758713107.012:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13478 comm="syz.2.3218" exe="/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f7d8f38ec29 code=0x7ffc0000
[  280.737345][T13490] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3222'.
[  281.458851][T13508] netlink: 'syz.3.3231': attribute type 10 has an invalid length.
[  281.462941][T13508] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.468241][T13508] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.482085][T13508] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.485172][T13508] bridge0: port 2(bridge_slave_1) entered forwarding state
[  281.488573][T13508] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.491711][T13508] bridge0: port 1(bridge_slave_0) entered forwarding state
[  281.502993][T13508] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  281.698831][T13520] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3237'.
[  281.703220][T13520] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3237'.
[  282.117807][T13543] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3247'.
[  282.121718][T13543] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3247'.
[  282.482324][   T33] audit: type=1326 audit(1758713109.412:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13555 comm="syz.1.3253" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  282.502166][   T33] audit: type=1326 audit(1758713109.412:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13555 comm="syz.1.3253" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  282.511427][   T33] audit: type=1326 audit(1758713109.432:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13555 comm="syz.1.3253" exe="/syz-executor" sig=0 arch=c000003e syscall=86 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  282.520716][T13559] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  282.540364][   T33] audit: type=1326 audit(1758713109.432:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13555 comm="syz.1.3253" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  282.551238][   T33] audit: type=1326 audit(1758713109.432:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13555 comm="syz.1.3253" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  283.087483][T13589] net_ratelimit: 13 callbacks suppressed
[  283.087505][T13589] openvswitch: netlink: Key type 40 is out of range max 32
[  283.227024][T13603] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3277'.
[  283.231062][T13603] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3277'.
[  283.270780][T13605] 9pnet: p9_errstr2errno: server reported unknown error 184467440
[  283.341721][T13614] bridge0: port 4(netdevsim0) entered blocking state
[  283.345778][T13614] bridge0: port 4(netdevsim0) entered disabled state
[  283.349121][T13614] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  283.360633][T13614] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  283.363883][T13614] bridge0: port 4(netdevsim0) entered blocking state
[  283.366619][T13614] bridge0: port 4(netdevsim0) entered forwarding state
[  284.372534][ T5860] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  284.545685][T13662] ref_ctr going negative. vaddr: 0x200000ffd000, curr val: -19135, delta: 1
[  284.549189][T13662] ref_ctr increment failed for inode: 0x1399 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff88802379d600
[  284.860598][T13696] netlink: 'syz.2.3318': attribute type 3 has an invalid length.
[  285.461438][T13724] netlink: 'syz.1.3333': attribute type 4 has an invalid length.
[  285.526491][T13732] netlink: 'syz.2.3337': attribute type 2 has an invalid length.
[  285.540999][T13732] : entered promiscuous mode
[  285.716566][T13740] netlink: 4280 bytes leftover after parsing attributes in process `syz.1.3335'.
[  285.719945][T13740] netlink: 4280 bytes leftover after parsing attributes in process `syz.1.3335'.
[  286.019836][T13744] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.3342'.
[  287.506533][T13805] lo speed is unknown, defaulting to 1000
[  287.509301][T13805] lo speed is unknown, defaulting to 1000
[  287.530500][T13805] lo speed is unknown, defaulting to 1000
[  287.562413][T13805] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  287.608777][T13805] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  287.733775][T13805] lo speed is unknown, defaulting to 1000
[  287.738925][T13805] lo speed is unknown, defaulting to 1000
[  287.742979][T13805] lo speed is unknown, defaulting to 1000
[  288.129375][T13824] netlink: 'syz.2.3378': attribute type 46 has an invalid length.
[  288.132771][T13824] netlink: 'syz.2.3378': attribute type 19 has an invalid length.
[  288.153332][T13823] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3377'.
[  288.579083][T13844] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3389'.
[  289.471154][T13882] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3406'.
[  289.782622][T13911] overlayfs: failed to clone upperpath
[  289.875535][   T33] audit: type=1326 audit(1758713116.812:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13913 comm="syz.3.3421" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  289.898240][   T33] audit: type=1326 audit(1758713116.812:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13913 comm="syz.3.3421" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  289.920677][   T33] audit: type=1326 audit(1758713116.812:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13913 comm="syz.3.3421" exe="/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  289.976715][   T33] audit: type=1326 audit(1758713116.812:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13913 comm="syz.3.3421" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  289.994354][   T33] audit: type=1326 audit(1758713116.812:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13913 comm="syz.3.3421" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  290.010301][   T33] audit: type=1326 audit(1758713116.822:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13913 comm="syz.3.3421" exe="/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  290.033462][   T33] audit: type=1326 audit(1758713116.822:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13913 comm="syz.3.3421" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  290.059545][   T33] audit: type=1326 audit(1758713116.822:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13913 comm="syz.3.3421" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  290.093782][   T33] audit: type=1326 audit(1758713116.822:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13913 comm="syz.3.3421" exe="/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  290.122499][   T33] audit: type=1326 audit(1758713116.822:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13913 comm="syz.3.3421" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  290.367782][T13918] (syz.2.3422,13918,1):dlmfs_mkdir:421 ERROR: invalid domain name for directory.
[  291.692038][T13973] netlink: 25 bytes leftover after parsing attributes in process `syz.2.3445'.
[  292.757717][T14010] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3460'.
[  293.024250][T14036] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3473'.
[  293.029951][T14036] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3473'.
[  293.046854][T14040] netlink: 'syz.2.3475': attribute type 2 has an invalid length.
[  293.089732][T14044] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3478'.
[  293.157146][T14052] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3481'.
[  295.214039][T14096] netlink: 146780 bytes leftover after parsing attributes in process `syz.1.3501'.
[  295.541135][T14116] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3510'.
[  295.546159][T14116] openvswitch: netlink: Message has 3 unknown bytes.
[  295.558436][T14118] veth1_to_bridge: entered promiscuous mode
[  295.561348][T14118] veth1_to_bridge: left promiscuous mode
[  297.102730][T14158] netlink: 'syz.3.3527': attribute type 12 has an invalid length.
[  297.107290][T14158] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3527'.
[  297.120682][T14158] netlink: 'syz.3.3527': attribute type 12 has an invalid length.
[  297.123824][T14158] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3527'.
[  297.128092][   T13] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  297.132453][   T13] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  297.136810][   T13] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  297.140604][   T13] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  297.223108][T14167] netlink: 'syz.1.3531': attribute type 5 has an invalid length.
[  297.958272][T14201] netlink: 'syz.1.3546': attribute type 2 has an invalid length.
[  298.453027][T14225] netlink: 276 bytes leftover after parsing attributes in process `syz.1.3557'.
[  298.579729][T14235] batadv_slave_1: entered promiscuous mode
[  298.588441][T14235] batman_adv: batadv0: Adding interface: macsec1
[  298.591167][T14235] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500.
[  298.599163][T14235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  298.603334][T14235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  298.607536][T14235] batman_adv: batadv0: Interface activated: macsec1
[  298.776863][   T33] kauditd_printk_skb: 4 callbacks suppressed
[  298.776877][   T33] audit: type=1800 audit(1758713125.712:56): pid=14245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.2.3567" name="/newroot/1201/bus/#6269//deleted" dev="tmpfs" ino=6269 res=0 errno=0
[  299.337982][   T33] audit: type=1326 audit(1758713126.262:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14283 comm="syz.3.3585" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  299.350697][   T33] audit: type=1326 audit(1758713126.262:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14283 comm="syz.3.3585" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  299.360658][   T33] audit: type=1326 audit(1758713126.272:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14283 comm="syz.3.3585" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  299.374738][   T33] audit: type=1326 audit(1758713126.272:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14283 comm="syz.3.3585" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  299.389283][   T33] audit: type=1326 audit(1758713126.272:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14283 comm="syz.3.3585" exe="/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  299.400016][   T33] audit: type=1326 audit(1758713126.272:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14283 comm="syz.3.3585" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  299.410852][   T33] audit: type=1326 audit(1758713126.272:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14283 comm="syz.3.3585" exe="/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  299.421176][   T33] audit: type=1326 audit(1758713126.272:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14283 comm="syz.3.3585" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  299.431778][   T33] audit: type=1326 audit(1758713126.272:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14283 comm="syz.3.3585" exe="/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  300.581956][T14358] netlink: 'syz.1.3620': attribute type 1 has an invalid length.
[  301.356072][T14382] netlink: 'syz.1.3631': attribute type 12 has an invalid length.
[  301.612650][T14398] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3639'.
[  301.626878][T14398] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3639'.
[  301.630885][T14398] netlink: 31 bytes leftover after parsing attributes in process `syz.3.3639'.
[  301.637700][T14398] netlink: 'syz.3.3639': attribute type 3 has an invalid length.
[  301.640974][T14398] netlink: 'syz.3.3639': attribute type 2 has an invalid length.
[  301.650442][T14398] netlink: 31 bytes leftover after parsing attributes in process `syz.3.3639'.
[  301.821772][T14417] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3648'.
[  303.059523][T14469] netlink: 140 bytes leftover after parsing attributes in process `syz.2.3672'.
[  303.357412][T14484] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3679'.
[  304.581882][T14524] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3696'.
[  304.587496][T14524] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3696'.
[  304.592249][T14524] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3696'.
[  305.233582][T14562] netlink: 'syz.2.3715': attribute type 2 has an invalid length.
[  306.795167][T14606] netlink: 'syz.2.3733': attribute type 9 has an invalid length.
[  307.632864][T14642] overlayfs: failed to clone upperpath
[  307.652106][T14644] all: renamed from bridge_slave_0 (while UP)
[  311.110320][T14775] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3812'.
[  311.113987][T14775] netlink: 312 bytes leftover after parsing attributes in process `syz.3.3812'.
[  312.199230][    C1] vcan0: j1939_tp_rxtimer: 0xffff88803ac99800: rx timeout, send abort
[  312.202552][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88803ac99800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  312.207931][    C1] vcan0: j1939_tp_rxtimer: 0xffff88803ac99000: rx timeout, send abort
[  312.214635][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88803ac99000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  313.299060][   T33] kauditd_printk_skb: 6 callbacks suppressed
[  313.299076][   T33] audit: type=1326 audit(1758713140.232:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14887 comm="syz.1.3864" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  313.321091][   T33] audit: type=1326 audit(1758713140.252:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14887 comm="syz.1.3864" exe="/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  313.415099][   T33] audit: type=1326 audit(1758713140.252:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14887 comm="syz.1.3864" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  313.423974][   T33] audit: type=1326 audit(1758713140.252:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14887 comm="syz.1.3864" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  313.435059][   T33] audit: type=1326 audit(1758713140.252:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14887 comm="syz.1.3864" exe="/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  313.443680][   T33] audit: type=1326 audit(1758713140.252:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14887 comm="syz.1.3864" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  313.470825][   T33] audit: type=1326 audit(1758713140.252:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14887 comm="syz.1.3864" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  313.479691][   T33] audit: type=1326 audit(1758713140.252:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14887 comm="syz.1.3864" exe="/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  313.496157][   T33] audit: type=1326 audit(1758713140.252:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14887 comm="syz.1.3864" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  313.505510][   T33] audit: type=1326 audit(1758713140.252:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14887 comm="syz.1.3864" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  314.042824][T14914] netlink: 372 bytes leftover after parsing attributes in process `syz.2.3874'.
[  314.103268][T14920] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3877'.
[  314.109087][T14920] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3877'.
[  314.173382][T14924] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3879'.
[  314.182772][T14924] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3879'.
[  314.346895][T14936] IPv6: sit1: Disabled Multicast RS
[  314.357655][T14936] sit1: entered allmulticast mode
[  316.046118][T14994] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3910'.
[  316.106475][T14998] netlink: 'syz.2.3912': attribute type 1 has an invalid length.
[  316.638159][T15015] netlink: 'syz.2.3920': attribute type 20 has an invalid length.
[  316.641763][T15015] IPv6: NLM_F_CREATE should be specified when creating new route
[  316.650266][T15015] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  316.653424][T15015] IPv6: NLM_F_CREATE should be set when creating new route
[  316.830063][T15025] syz_tun: entered allmulticast mode
[  316.842857][T15025] dvmrp8: entered allmulticast mode
[  316.853794][T15024] syz_tun: left allmulticast mode
[  317.016938][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  317.019673][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  317.722883][T15049] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  318.433750][T15069] overlayfs: failed to clone upperpath
[  320.021377][   T33] kauditd_printk_skb: 21 callbacks suppressed
[  320.021394][   T33] audit: type=1326 audit(1758713146.952:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15109 comm="syz.1.3962" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x0
[  320.169328][T15123] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3968'.
[  320.971798][T15146] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3979'.
[  320.975335][T15146] netlink: 43 bytes leftover after parsing attributes in process `syz.1.3979'.
[  320.978567][T15146] netlink: 'syz.1.3979': attribute type 6 has an invalid length.
[  320.981215][T15146] netlink: 'syz.1.3979': attribute type 5 has an invalid length.
[  320.984118][T15146] netlink: 43 bytes leftover after parsing attributes in process `syz.1.3979'.
[  321.026993][T15152] overlayfs: failed to clone upperpath
[  321.230007][T15166] netlink: 'syz.3.3989': attribute type 30 has an invalid length.
[  321.232810][T15166] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3989'.
[  321.236378][T15166] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode 802.3ad(4)
[  321.387272][T15178] IPVS: set_ctl: invalid protocol: 29 0.0.0.0:20000
[  321.648281][T15198] vlan0: entered allmulticast mode
[  321.651913][T15198] bridge0: port 5(vlan0) entered blocking state
[  321.655009][T15198] bridge0: port 5(vlan0) entered disabled state
[  321.658564][T15198] vlan0: entered promiscuous mode
[  322.253621][T15237] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  322.260007][T15237] batadv0: mtu less than device minimum
[  322.265191][T15237] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.271348][T15237] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.276835][T15237] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.282130][T15237] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.287089][T15237] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.292345][T15237] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.297920][T15237] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.302648][T15237] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.307379][T15237] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.338421][T15239] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4022'.
[  322.376870][T15241] netlink: 'syz.1.4023': attribute type 10 has an invalid length.
[  322.380475][T15241] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4023'.
[  322.387755][T15241] dummy0: entered promiscuous mode
[  322.391154][T15241] bridge0: port 6(dummy0) entered blocking state
[  322.395005][T15241] bridge0: port 6(dummy0) entered disabled state
[  322.397949][T15241] dummy0: entered allmulticast mode
[  322.402085][T15241] bridge0: port 6(dummy0) entered blocking state
[  322.404905][T15241] bridge0: port 6(dummy0) entered forwarding state
[  322.948578][T15264] IPv6: NLM_F_CREATE should be specified when creating new route
[  323.196691][T15277] overlayfs: failed to clone upperpath
[  323.925405][   T33] audit: type=1326 audit(1758713150.862:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15304 comm="syz.3.4050" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  323.935656][   T33] audit: type=1326 audit(1758713150.872:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15304 comm="syz.3.4050" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  323.946597][   T33] audit: type=1326 audit(1758713150.872:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15304 comm="syz.3.4050" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  323.956659][   T33] audit: type=1326 audit(1758713150.872:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15304 comm="syz.3.4050" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  323.975077][   T33] audit: type=1326 audit(1758713150.882:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15304 comm="syz.3.4050" exe="/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  323.999425][   T33] audit: type=1326 audit(1758713150.882:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15304 comm="syz.3.4050" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  324.008563][   T33] audit: type=1326 audit(1758713150.882:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15304 comm="syz.3.4050" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  324.017713][   T33] audit: type=1326 audit(1758713150.892:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15304 comm="syz.3.4050" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  324.027087][   T33] audit: type=1326 audit(1758713150.892:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15304 comm="syz.3.4050" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x7ffc0000
[  324.377088][T15324] trusted_key: encrypted_key: key trusted:syz not found
[  327.031224][T15420] netlink: 360 bytes leftover after parsing attributes in process `syz.2.4101'.
[  327.488708][T15459] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4119'.
[  327.491707][T15459] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4119'.
[  327.557711][T15465] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (13)
[  327.623672][T15471] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  327.707192][T15479] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4128'.
[  327.979944][  T792] Process accounting resumed
[  328.007462][T15502] Process accounting resumed
[  328.716308][T15542] netlink: 'syz.2.4158': attribute type 1 has an invalid length.
[  328.719879][T15542] netlink: 'syz.2.4158': attribute type 2 has an invalid length.
[  328.763045][T15544] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4159'.
[  329.486272][T15583] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4173'.
[  329.615449][T15577] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4173'.
[  329.759938][T15596] netlink: 'syz.2.4180': attribute type 12 has an invalid length.
[  329.767233][T15596] netlink: 9472 bytes leftover after parsing attributes in process `syz.2.4180'.
[  330.344873][   T33] kauditd_printk_skb: 1 callbacks suppressed
[  330.344888][   T33] audit: type=1326 audit(1758713157.272:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15621 comm="syz.3.4192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x50000
[  330.376962][   T33] audit: type=1326 audit(1758713157.272:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15621 comm="syz.3.4192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x50000
[  330.387867][   T33] audit: type=1326 audit(1758713157.272:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15621 comm="syz.3.4192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x50000
[  330.401261][   T33] audit: type=1326 audit(1758713157.272:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15621 comm="syz.3.4192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x50000
[  330.415748][   T33] audit: type=1326 audit(1758713157.292:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15621 comm="syz.3.4192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x50000
[  330.424755][   T33] audit: type=1326 audit(1758713157.292:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15621 comm="syz.3.4192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x50000
[  330.434341][   T33] audit: type=1326 audit(1758713157.292:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15621 comm="syz.3.4192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x50000
[  330.446995][   T33] audit: type=1326 audit(1758713157.292:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15621 comm="syz.3.4192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x50000
[  330.460138][   T33] audit: type=1326 audit(1758713157.292:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15621 comm="syz.3.4192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x50000
[  330.469490][   T33] audit: type=1326 audit(1758713157.292:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15621 comm="syz.3.4192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x50000
[  331.325582][T15660] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4210'.
[  331.329449][T15660] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4210'.
[  331.619357][T15677] net_ratelimit: 12 callbacks suppressed
[  331.619379][T15677] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  333.584269][T15739] netlink: 'syz.3.4246': attribute type 1 has an invalid length.
[  333.587741][T15739] __nla_validate_parse: 1 callbacks suppressed
[  333.587756][T15739] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4246'.
[  334.440882][T15762] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.4256'.
[  334.447532][T15761] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.4256'.
[  334.742745][T15773] sit1: entered promiscuous mode
[  334.760692][T15773] sit1: entered allmulticast mode
[  335.266777][T15781] netlink: 'syz.1.4264': attribute type 5 has an invalid length.
[  335.739900][T15792] sctp: [Deprecated]: syz.1.4269 (pid 15792) Use of struct sctp_assoc_value in delayed_ack socket option.
[  335.739900][T15792] Use struct sctp_sack_info instead
[  336.448416][T15823] netlink: 165 bytes leftover after parsing attributes in process `syz.1.4282'.
[  336.703587][T15833] overlayfs: failed to clone upperpath
[  336.793745][T15839] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4290'.
[  336.959690][T15852] bpf: Bad value for 'gid'
[  337.379368][T15861] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4299'.
[  337.942334][T15885] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4311'.
[  337.968727][T15887] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4312'.
[  337.971838][T15887] netlink: 84 bytes leftover after parsing attributes in process `syz.2.4312'.
[  338.035345][T15893] overlayfs: failed to resolve './cgroup': -2
[  338.257460][   T33] kauditd_printk_skb: 62 callbacks suppressed
[  338.257474][   T33] audit: type=1326 audit(1758713165.192:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.1.4319" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa479b8ec29 code=0x0
[  338.916095][T15909] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4322'.
[  340.444814][T15971] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4352'.
[  340.744673][T15982] netlink: 'syz.3.4358': attribute type 1 has an invalid length.
[  340.748045][T15982] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4358'.
[  341.122591][T15988] IPVS: dh: FWM 3 0x00000003 - no destination available
[  341.339477][T16004] batman_adv: batadv0: Local translation table size (136) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  341.358065][T16004] netlink: 'syz.3.4368': attribute type 10 has an invalid length.
[  341.370723][T16004] batman_adv: batadv0: Local translation table size (136) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[  341.382866][T16004] batman_adv: batadv0: Local translation table size (136) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[  341.390570][T16004] batman_adv: batadv0: Local translation table size (136) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[  341.398882][T16004] 8021q: adding VLAN 0 to HW filter on device batadv0
[  341.411167][T16004] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  341.420855][T16005] batman_adv: batadv0: Local translation table size (112) exceeds maximum packet size (-320); Ignoring new local tt entry: 24:02:48:ff:05:00
[  341.430220][T16005] batman_adv: batadv0: Local translation table size (112) exceeds maximum packet size (-320); Ignoring new local tt entry: 24:02:48:ff:05:00
[  341.436054][T16005] batman_adv: batadv0: Local translation table size (112) exceeds maximum packet size (-320); Ignoring new local tt entry: 24:02:48:ff:05:00
[  341.443955][T16005] bond0: entered promiscuous mode
[  341.447009][  T792] batman_adv: batadv0: Local translation table size (112) exceeds maximum packet size (-320); Ignoring new local tt entry: 24:02:48:ff:05:00
[  341.453783][T16005] bond_slave_0: entered promiscuous mode
[  341.456227][T16005] bond_slave_1: entered promiscuous mode
[  341.458398][T16005] bridge0: entered promiscuous mode
[  341.460564][T16005] batadv0: entered promiscuous mode
[  341.570950][T16009] overlayfs: failed to clone upperpath
[  341.941045][T16016] batman_adv: batadv0: Adding interface: gretap1
[  341.943742][T16016] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1468.
[  341.952529][T16016] batman_adv: batadv0: Interface activated: gretap1
[  342.002513][   T33] audit: type=1326 audit(1758713168.932:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16017 comm="syz.1.4374" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  342.017881][   T33] audit: type=1326 audit(1758713168.952:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16017 comm="syz.1.4374" exe="/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  342.027520][   T33] audit: type=1326 audit(1758713168.952:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16017 comm="syz.1.4374" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  342.038981][   T33] audit: type=1326 audit(1758713168.952:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16017 comm="syz.1.4374" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  342.050187][   T33] audit: type=1326 audit(1758713168.952:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16017 comm="syz.1.4374" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x7ffc0000
[  343.081353][T16095] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  343.167089][   T33] audit: type=1326 audit(1758713170.092:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16097 comm="syz.3.4412" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb549f8ec29 code=0x0
[  343.624120][T16119] netlink: 'syz.3.4421': attribute type 1 has an invalid length.
[  343.658300][T16119] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  343.668752][   T12] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  343.677711][T16119] 8021q: adding VLAN 0 to HW filter on device bond2
[  344.280739][T16149] overlay: Unknown parameter '/'
[  344.719797][T16170] netlink: 'syz.3.4445': attribute type 30 has an invalid length.
[  345.097747][T16197] netlink: 'syz.3.4457': attribute type 3 has an invalid length.
[  345.101009][T16197] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.4457'.
[  345.153305][T16202] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4459'.
[  347.979738][T16285] netlink: 'syz.1.4494': attribute type 1 has an invalid length.
[  348.080407][T16293] netlink: 65051 bytes leftover after parsing attributes in process `syz.1.4498'.
[  348.280030][T16311] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4506'.
[  349.293060][T16331] net_ratelimit: 1 callbacks suppressed
[  349.293072][T16331] openvswitch: netlink: Flow key attribute not present in set flow.
[  349.352934][T16337] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  349.406950][T16344] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  349.407512][T16345] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4521'.
[  349.498466][T16352] virtio-fs: tag </dev/md0> not found
[  349.888220][T16368] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4533'.
[  350.097704][T16378] openvswitch: netlink: Tunnel attr 5 has unexpected len 4 expected 0
[  350.516946][T16389] 9pnet_fd: Insufficient options for proto=fd
[  350.870449][T16416] vlan2: entered allmulticast mode
[  351.579993][T16458] overlayfs: failed to clone upperpath
[  351.620741][T16457] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4576'.
[  351.788142][T16465] netem: incorrect gi model size
[  351.805452][T16465] netem: change failed
[  352.194235][T16484] netlink: 76 bytes leftover after parsing attributes in process `syz.3.4589'.
[  352.199603][T16484] netlink: 76 bytes leftover after parsing attributes in process `syz.3.4589'.
[  352.466495][T16496] bridge0: port 6(dummy0) entered disabled state
[  352.469835][T16496] bridge0: port 4(netdevsim0) entered disabled state
[  352.472845][T16496] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.478996][T16496] bridge0: port 1(bridge_slave_0) entered disabled state
[  353.498310][T16521] netlink: 'syz.2.4604': attribute type 1 has an invalid length.
[  353.534328][T16521] 8021q: adding VLAN 0 to HW filter on device bond3
[  353.560298][T16521] bond3: (slave gretap1): making interface the new active one
[  353.564190][T16521] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  353.574695][T16521] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  353.577559][T16521] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  353.599816][   T12] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  353.615864][  T792] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  353.623799][T16521] syz.2.4604 (16521) used greatest stack depth: 17384 bytes left
[  353.857742][T16537] xt_time: unknown flags 0xf4
[  354.194850][  T792] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  354.605936][   T12] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  354.788195][   T13] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  355.011870][T16581] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4630'.
[  355.015655][T16581] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4630'.
[  355.237397][T16601] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4640'.
[  355.648078][ T6363] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  355.653477][ T6363] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  355.921063][   T12] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  356.052494][   T10] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  356.482014][T16653] overlayfs: failed to clone upperpath
[  356.746124][T16665] netlink: 'syz.1.4669': attribute type 29 has an invalid length.
[  356.750188][T16665] netlink: 'syz.1.4669': attribute type 29 has an invalid length.
[  356.754048][T16665] netlink: 500 bytes leftover after parsing attributes in process `syz.1.4669'.
[  356.850666][T16669] overlayfs: failed to clone upperpath
[  357.379994][   T12] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  357.544275][T16710] netlink: 161716 bytes leftover after parsing attributes in process `syz.2.4689'.
[  357.740363][T16721] openvswitch: netlink: Multiple metadata blocks provided
[  358.761388][ T6363] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  359.807442][    C0] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  359.900230][   T12] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  360.050938][T16808] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4733'.
[  360.388923][   T33] audit: type=1326 audit(1758713187.322:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16830 comm="syz.1.4743" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa479b8ec29 code=0x0
[  361.125110][   T12] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  361.132260][T16872] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4763'.
[  361.742010][T16903] xt_HMARK: spi-set and port-set can't be combined
[  362.235669][ T5869] IPVS: sh: UDP 172.20.20.187:0 - no destination available
[  363.194712][T16962] ==================================================================
[  363.197410][T16962] BUG: KASAN: slab-use-after-free in xfrm_state_find+0x2cf2/0x5400
[  363.200144][T16962] Read of size 1 at addr ffff88810f742bb0 by task syz.2.4802/16962
[  363.204117][T16962] 
[  363.204929][T16962] CPU: 1 UID: 0 PID: 16962 Comm: syz.2.4802 Not tainted syzkaller #0 PREEMPT(full) 
[  363.204945][T16962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  363.204954][T16962] Call Trace:
[  363.204961][T16962]  <TASK>
[  363.204967][T16962]  dump_stack_lvl+0x189/0x250
[  363.204990][T16962]  ? __kasan_check_byte+0x12/0x40
[  363.205010][T16962]  ? __pfx_dump_stack_lvl+0x10/0x10
[  363.205051][T16962]  ? lock_release+0x4b/0x3e0
[  363.205068][T16962]  ? __virt_addr_valid+0x4a5/0x5c0
[  363.205078][T16962]  print_report+0xca/0x240
[  363.205085][T16962]  ? xfrm_state_find+0x2cf2/0x5400
[  363.205093][T16962]  kasan_report+0x118/0x150
[  363.205104][T16962]  ? xfrm_state_find+0x2cf2/0x5400
[  363.205113][T16962]  xfrm_state_find+0x2cf2/0x5400
[  363.205122][T16962]  ? __pfx___rt6_find_exception_rcu+0x10/0x10
[  363.205131][T16962]  ? xfrm_state_find+0x1da/0x5400
[  363.205140][T16962]  ? __pfx_xfrm_state_find+0x10/0x10
[  363.205147][T16962]  ? ip6_pol_route+0x547/0x1180
[  363.205156][T16962]  ? fib6_rule_saddr+0xc0/0x420
[  363.205169][T16962]  xfrm_resolve_and_create_bundle+0x768/0x2f80
[  363.205185][T16962]  ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10
[  363.205195][T16962]  ? __lock_acquire+0xab9/0xd20
[  363.205208][T16962]  ? xfrm_sk_policy_lookup+0x9d/0x750
[  363.205218][T16962]  ? xfrm_sk_policy_lookup+0x9d/0x750
[  363.205233][T16962]  ? ip6_dst_lookup_tail+0x2ca/0x1510
[  363.205243][T16962]  ? xfrm_expand_policies+0x41f/0x6a0
[  363.205253][T16962]  xfrm_lookup_with_ifid+0x2a7/0x1a70
[  363.205262][T16962]  ? ip6_dst_lookup_tail+0x2ca/0x1510
[  363.205273][T16962]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  363.205284][T16962]  ? sk_dst_check+0x25/0x480
[  363.205293][T16962]  xfrm_lookup_route+0x3c/0x1c0
[  363.205303][T16962]  ip6_sk_dst_lookup_flow+0x790/0x980
[  363.205313][T16962]  ? udpv6_sendmsg+0x1656/0x24b0
[  363.205323][T16962]  udpv6_sendmsg+0x183b/0x24b0
[  363.205334][T16962]  ? __pfx_udplite_getfrag+0x10/0x10
[  363.205344][T16962]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  363.205354][T16962]  ? __lock_acquire+0xab9/0xd20
[  363.205365][T16962]  ? __local_bh_enable_ip+0x12d/0x1c0
[  363.205373][T16962]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  363.205381][T16962]  ? inet_send_prepare+0x1b9/0x270
[  363.205393][T16962]  ? inet_send_prepare+0x1b9/0x270
[  363.205403][T16962]  ? inet6_sendmsg+0xe4/0x120
[  363.205411][T16962]  __sock_sendmsg+0xe5/0x270
[  363.205423][T16962]  ____sys_sendmsg+0x52d/0x830
[  363.205432][T16962]  ? __pfx_____sys_sendmsg+0x10/0x10
[  363.205441][T16962]  ? import_iovec+0x74/0xa0
[  363.205451][T16962]  ___sys_sendmsg+0x21f/0x2a0
[  363.205459][T16962]  ? __pfx____sys_sendmsg+0x10/0x10
[  363.205474][T16962]  ? __fget_files+0x2a/0x420
[  363.205480][T16962]  ? __fget_files+0x3a0/0x420
[  363.205487][T16962]  __sys_sendmmsg+0x227/0x430
[  363.205496][T16962]  ? __pfx___sys_sendmmsg+0x10/0x10
[  363.205503][T16962]  ? do_futex+0x333/0x420
[  363.205519][T16962]  ? __pfx___se_sys_futex+0x10/0x10
[  363.205530][T16962]  __x64_sys_sendmmsg+0xa0/0xc0
[  363.205539][T16962]  do_syscall_64+0xfa/0x3b0
[  363.205548][T16962]  ? lockdep_hardirqs_on+0x9c/0x150
[  363.205556][T16962]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.205562][T16962]  ? exc_page_fault+0x9f/0xf0
[  363.205569][T16962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.205576][T16962] RIP: 0033:0x7f7d8f38ec29
[  363.205585][T16962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.205591][T16962] RSP: 002b:00007f7d90263038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  363.205600][T16962] RAX: ffffffffffffffda RBX: 00007f7d8f5d5fa0 RCX: 00007f7d8f38ec29
[  363.205605][T16962] RDX: 0000000000000001 RSI: 0000200000000300 RDI: 0000000000000004
[  363.205609][T16962] RBP: 00007f7d8f411e41 R08: 0000000000000000 R09: 0000000000000000
[  363.205613][T16962] R10: 00000000040040d4 R11: 0000000000000246 R12: 0000000000000000
[  363.205618][T16962] R13: 00007f7d8f5d6038 R14: 00007f7d8f5d5fa0 R15: 00007ffcc04c9a18
[  363.205627][T16962]  </TASK>
[  363.205630][T16962] 
[  363.345206][T16962] Allocated by task 14914:
[  363.346762][T16962]  kasan_save_track+0x3e/0x80
[  363.348506][T16962]  __kasan_slab_alloc+0x6c/0x80
[  363.350313][T16962]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  363.352376][T16962]  xfrm_state_alloc+0x24/0x2f0
[  363.353980][T16962]  __find_acq_core+0x8a7/0x1c00
[  363.355751][T16962]  xfrm_find_acq+0x78/0xa0
[  363.357561][T16962]  xfrm_alloc_userspi+0x6b3/0xc90
[  363.359258][T16962]  xfrm_user_rcv_msg+0x7a3/0xab0
[  363.361343][T16962]  netlink_rcv_skb+0x208/0x470
[  363.363101][T16962]  xfrm_netlink_rcv+0x79/0x90
[  363.364656][T16962]  netlink_unicast+0x82f/0x9e0
[  363.366252][T16962]  netlink_sendmsg+0x805/0xb30
[  363.367816][T16962]  __sock_sendmsg+0x21c/0x270
[  363.369675][T16962]  ____sys_sendmsg+0x505/0x830
[  363.371586][T16962]  ___sys_sendmsg+0x21f/0x2a0
[  363.373245][T16962]  __x64_sys_sendmsg+0x19b/0x260
[  363.375186][T16962]  do_syscall_64+0xfa/0x3b0
[  363.376703][T16962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.378911][T16962] 
[  363.379806][T16962] Freed by task 792:
[  363.381494][T16962]  kasan_save_track+0x3e/0x80
[  363.383364][T16962]  kasan_save_free_info+0x46/0x50
[  363.385724][T16962]  __kasan_slab_free+0x5b/0x80
[  363.387734][T16962]  kmem_cache_free+0x18f/0x400
[  363.389654][T16962]  xfrm_state_gc_task+0x52d/0x6b0
[  363.391736][T16962]  process_scheduled_works+0xae1/0x17b0
[  363.394010][T16962]  worker_thread+0x8a0/0xda0
[  363.395628][T16962]  kthread+0x711/0x8a0
[  363.396951][T16962]  ret_from_fork+0x439/0x7d0
[  363.398447][T16962]  ret_from_fork_asm+0x1a/0x30
[  363.400086][T16962] 
[  363.400921][T16962] The buggy address belongs to the object at ffff88810f742880
[  363.400921][T16962]  which belongs to the cache xfrm_state of size 928
[  363.405364][T16962] The buggy address is located 816 bytes inside of
[  363.405364][T16962]  freed 928-byte region [ffff88810f742880, ffff88810f742c20)
[  363.409922][T16962] 
[  363.410898][T16962] The buggy address belongs to the physical page:
[  363.413080][T16962] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88810f742400 pfn:0x10f740
[  363.416399][T16962] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  363.419191][T16962] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[  363.422049][T16962] page_type: f5(slab)
[  363.423401][T16962] raw: 057ff00000000040 ffff888104e0b280 dead000000000122 0000000000000000
[  363.426382][T16962] raw: ffff88810f742400 00000000800e0005 00000000f5000000 0000000000000000
[  363.429229][T16962] head: 057ff00000000040 ffff888104e0b280 dead000000000122 0000000000000000
[  363.432068][T16962] head: ffff88810f742400 00000000800e0005 00000000f5000000 0000000000000000
[  363.434945][T16962] head: 057ff00000000002 ffffea00043dd001 00000000ffffffff 00000000ffffffff
[  363.438061][T16962] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  363.441450][T16962] page dumped because: kasan: bad access detected
[  363.444089][T16962] page_owner tracks the page as allocated
[  363.446246][T16962] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 7155, tgid 7154 (syz.2.451), ts 112518024341, free_ts 112496445052
[  363.453486][T16962]  post_alloc_hook+0x240/0x2a0
[  363.455205][T16962]  get_page_from_freelist+0x21e4/0x22c0
[  363.457046][T16962]  __alloc_frozen_pages_noprof+0x181/0x370
[  363.459454][T16962]  alloc_pages_mpol+0x232/0x4a0
[  363.461355][T16962]  allocate_slab+0x8a/0x370
[  363.462878][T16962]  ___slab_alloc+0xbeb/0x1420
[  363.464736][T16962]  kmem_cache_alloc_noprof+0x283/0x3c0
[  363.466882][T16962]  xfrm_state_alloc+0x24/0x2f0
[  363.468985][T16962]  pfkey_add+0x6e4/0x2e00
[  363.470695][T16962]  pfkey_sendmsg+0xbfe/0x1090
[  363.472511][T16962]  __sock_sendmsg+0x21c/0x270
[  363.474294][T16962]  ____sys_sendmsg+0x505/0x830
[  363.475970][T16962]  ___sys_sendmsg+0x21f/0x2a0
[  363.477600][T16962]  __x64_sys_sendmsg+0x19b/0x260
[  363.479507][T16962]  do_syscall_64+0xfa/0x3b0
[  363.481454][T16962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.483821][T16962] page last free pid 5853 tgid 5853 stack trace:
[  363.486259][T16962]  __free_frozen_pages+0xbc4/0xd30
[  363.488123][T16962]  __slab_free+0x303/0x3c0
[  363.489777][T16962]  qlist_free_all+0x97/0x140
[  363.491546][T16962]  kasan_quarantine_reduce+0x148/0x160
[  363.493579][T16962]  __kasan_slab_alloc+0x22/0x80
[  363.495413][T16962]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  363.497408][T16962]  ptlock_alloc+0x20/0x70
[  363.498942][T16962]  pte_alloc_one+0x7d/0x170
[  363.500775][T16962]  __pte_alloc+0x25/0x1a0
[  363.502559][T16962]  copy_pmd_range+0x6a91/0x71d0
[  363.504496][T16962]  copy_page_range+0xc14/0x1270
[  363.506488][T16962]  dup_mmap+0xf57/0x1ac0
[  363.508233][T16962]  copy_mm+0x13c/0x4b0
[  363.509874][T16962]  copy_process+0x1706/0x3c00
[  363.511774][T16962]  kernel_clone+0x21e/0x840
[  363.513483][T16962]  __x64_sys_clone+0x18b/0x1e0
[  363.515406][T16962] 
[  363.516248][T16962] Memory state around the buggy address:
[  363.518162][T16962]  ffff88810f742a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  363.521264][T16962]  ffff88810f742b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  363.523840][T16962] >ffff88810f742b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  363.526520][T16962]                                      ^
[  363.528759][T16962]  ffff88810f742c00: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
[  363.531664][T16962]  ffff88810f742c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  363.534823][T16962] ==================================================================
[  363.544867][T16962] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  363.547891][T16962] CPU: 1 UID: 0 PID: 16962 Comm: syz.2.4802 Not tainted syzkaller #0 PREEMPT(full) 
[  363.551799][T16962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  363.555930][T16962] Call Trace:
[  363.557313][T16962]  <TASK>
[  363.558670][T16962]  dump_stack_lvl+0x99/0x250
[  363.560616][T16962]  ? __asan_memcpy+0x40/0x70
[  363.562501][T16962]  ? __pfx_dump_stack_lvl+0x10/0x10
[  363.564546][T16962]  ? __pfx__printk+0x10/0x10
[  363.566459][T16962]  vpanic+0x281/0x750
[  363.568110][T16962]  ? preempt_schedule+0xae/0xc0
[  363.569883][T16962]  ? __pfx_vpanic+0x10/0x10
[  363.571354][T16962]  ? preempt_schedule_common+0x83/0xd0
[  363.573346][T16962]  ? preempt_schedule+0xae/0xc0
[  363.575344][T16962]  ? __pfx_preempt_schedule+0x10/0x10
[  363.577560][T16962]  panic+0xb9/0xc0
[  363.578937][T16962]  ? __pfx_panic+0x10/0x10
[  363.580761][T16962]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  363.583059][T16962]  ? xfrm_state_find+0x2cf2/0x5400
[  363.585002][T16962]  check_panic_on_warn+0x89/0xb0
[  363.587072][T16962]  ? xfrm_state_find+0x2cf2/0x5400
[  363.588893][T16962]  end_report+0x78/0x160
[  363.590580][T16962]  kasan_report+0x129/0x150
[  363.592418][T16962]  ? xfrm_state_find+0x2cf2/0x5400
[  363.594074][T16962]  xfrm_state_find+0x2cf2/0x5400
[  363.595998][T16962]  ? __pfx___rt6_find_exception_rcu+0x10/0x10
[  363.598292][T16962]  ? xfrm_state_find+0x1da/0x5400
[  363.600163][T16962]  ? __pfx_xfrm_state_find+0x10/0x10
[  363.602045][T16962]  ? ip6_pol_route+0x547/0x1180
[  363.603729][T16962]  ? fib6_rule_saddr+0xc0/0x420
[  363.605526][T16962]  xfrm_resolve_and_create_bundle+0x768/0x2f80
[  363.607616][T16962]  ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10
[  363.609919][T16962]  ? __lock_acquire+0xab9/0xd20
[  363.611808][T16962]  ? xfrm_sk_policy_lookup+0x9d/0x750
[  363.613921][T16962]  ? xfrm_sk_policy_lookup+0x9d/0x750
[  363.616141][T16962]  ? ip6_dst_lookup_tail+0x2ca/0x1510
[  363.618288][T16962]  ? xfrm_expand_policies+0x41f/0x6a0
[  363.620496][T16962]  xfrm_lookup_with_ifid+0x2a7/0x1a70
[  363.622394][T16962]  ? ip6_dst_lookup_tail+0x2ca/0x1510
[  363.624477][T16962]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  363.626881][T16962]  ? sk_dst_check+0x25/0x480
[  363.628732][T16962]  xfrm_lookup_route+0x3c/0x1c0
[  363.630768][T16962]  ip6_sk_dst_lookup_flow+0x790/0x980
[  363.632987][T16962]  ? udpv6_sendmsg+0x1656/0x24b0
[  363.634963][T16962]  udpv6_sendmsg+0x183b/0x24b0
[  363.636722][T16962]  ? __pfx_udplite_getfrag+0x10/0x10
[  363.638718][T16962]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  363.640447][T16962]  ? __lock_acquire+0xab9/0xd20
[  363.642044][T16962]  ? __local_bh_enable_ip+0x12d/0x1c0
[  363.643921][T16962]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  363.645933][T16962]  ? inet_send_prepare+0x1b9/0x270
[  363.647627][T16962]  ? inet_send_prepare+0x1b9/0x270
[  363.649313][T16962]  ? inet6_sendmsg+0xe4/0x120
[  363.650872][T16962]  __sock_sendmsg+0xe5/0x270
[  363.652351][T16962]  ____sys_sendmsg+0x52d/0x830
[  363.653930][T16962]  ? __pfx_____sys_sendmsg+0x10/0x10
[  363.655673][T16962]  ? import_iovec+0x74/0xa0
[  363.657192][T16962]  ___sys_sendmsg+0x21f/0x2a0
[  363.659150][T16962]  ? __pfx____sys_sendmsg+0x10/0x10
[  363.661306][T16962]  ? __fget_files+0x2a/0x420
[  363.663311][T16962]  ? __fget_files+0x3a0/0x420
[  363.665160][T16962]  __sys_sendmmsg+0x227/0x430
[  363.667133][T16962]  ? __pfx___sys_sendmmsg+0x10/0x10
[  363.669304][T16962]  ? do_futex+0x333/0x420
[  363.671113][T16962]  ? __pfx___se_sys_futex+0x10/0x10
[  363.672931][T16962]  __x64_sys_sendmmsg+0xa0/0xc0
[  363.674937][T16962]  do_syscall_64+0xfa/0x3b0
[  363.676539][T16962]  ? lockdep_hardirqs_on+0x9c/0x150
[  363.678412][T16962]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.680364][T16962]  ? exc_page_fault+0x9f/0xf0
[  363.681812][T16962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.683693][T16962] RIP: 0033:0x7f7d8f38ec29
[  363.685182][T16962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.692302][T16962] RSP: 002b:00007f7d90263038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  363.695160][T16962] RAX: ffffffffffffffda RBX: 00007f7d8f5d5fa0 RCX: 00007f7d8f38ec29
[  363.697714][T16962] RDX: 0000000000000001 RSI: 0000200000000300 RDI: 0000000000000004
[  363.701556][T16962] RBP: 00007f7d8f411e41 R08: 0000000000000000 R09: 0000000000000000
[  363.704691][T16962] R10: 00000000040040d4 R11: 0000000000000246 R12: 0000000000000000
[  363.707261][T16962] R13: 00007f7d8f5d6038 R14: 00007f7d8f5d5fa0 R15: 00007ffcc04c9a18
[  363.709954][T16962]  </TASK>
[  363.711943][T16962] Kernel Offset: disabled
[  363.713746][T16962] Rebooting in 86400 seconds..

VM DIAGNOSIS:
11:17:57  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=1ffff11026cc7f61 RCX=ffff88803f7ad640 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=ffffc900028dfac0 RSP=ffffc900028df940
R8 =ffffffff8fa3a837 R9 =1ffffffff1f47506 R10=dffffc0000000000 R11=fffffbfff1f47507
R12=ffff88813663fb08 R13=dffffc0000000000 R14=ffff88804b03b1c0 R15=0000000000000001
RIP=ffffffff81b44e68 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555560ed8500 ffffffff 00c00000
GS =0000 ffff8880b8613000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c2559cb CR3=000000003c74c000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff816798bb ffffffff816798bb
XMM02=00007fa479da7498 ffffffff816798bb XMM03=00007fa479da74a8 00007fa479da74a0
XMM04=00007fa47a90d100 00007fa479da7460 XMM05=00007fa479da7478 00007fa479da74c0
XMM06=00007fa479da74b8 00007fa479da74b0 XMM07=00007fa479da74a8 00007fa479da74a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fa479c12fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000034 RBX=0000000000000034 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000001977 RDI=0000000000001978 RBP=00000000000003f8 RSP=ffffc900025be710
R8 =ffff8880217d0237 R9 =1ffff110042fa046 R10=dffffc0000000000 R11=ffffffff854fad60
R12=dffffc0000000000 R13=ffffffff99b0290e R14=ffffffff99df7460 R15=0000000000000000
RIP=ffffffff854faddc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f7d902636c0 ffffffff 00c00000
GS =0000 ffff8881a3c13000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f7d90262fc8 CR3=000000004202e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f7d8f5a7498 00007f7d8f5a7470 XMM03=00007f7d8f5a74a8 00007f7d8f5a74a0
XMM04=00007f7d9010d100 00007f7d8f5a7460 XMM05=00007f7d8f5a7478 00007f7d8f5a74c0
XMM06=00007f7d8f5a74b8 00007f7d8f5a74b0 XMM07=00007f7d8f5a74a8 00007f7d8f5a74a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f7d8f412fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
