last executing test programs:

5m8.013145259s ago: executing program 3 (id=1898):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x27}, 0x28)
syz_usb_connect$hid(0x2f3c20a306d466aa, 0x36, &(0x7f0000000000)=ANY=[], 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000380)={'pimreg\x00', 0x5005})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000a80)=@raw={'raw\x00', 0x8, 0x3, 0x370, 0x0, 0x11, 0x148, 0x1d8, 0x0, 0x2d8, 0x2a8, 0x2a8, 0x2d8, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0x3, 0x7}}}, @common=@unspec=@conntrack3={{0xc8}, {{@ipv4=@broadcast, [0xff, 0xff, 0x0, 0xff], @ipv6=@mcast2, [0xffffffff, 0xffffff00, 0x0, 0xffffffff], @ipv6=@dev={0xfe, 0x80, '\x00', 0x27}, [0xffffffff, 0x0, 0x0, 0xff000000], @ipv4=@multicast2, [0x0, 0x0, 0x0, 0xffffff00], 0x6, 0x6, 0x0, 0x4e23, 0x4e24, 0x4e22, 0x4e23, 0x81}, 0x0, 0x480, 0x0, 0x0, 0x0, 0x4e20}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00', {}, {}, 0x0, 0x2}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d0)
socket$nl_route(0x10, 0x3, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xf, 0x2)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r5, 0x0, 0x0, 0x20000000)

5m1.360076279s ago: executing program 3 (id=1917):
r0 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000003ec0)='./binderfs/binder-control\x00', 0x800, 0x0)
ioctl$BINDER_CTL_ADD(r0, 0xc1086201, &(0x7f0000003f00)={'custom0\x00'})

5m0.593689334s ago: executing program 3 (id=1919):
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000041c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000006280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3d4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906932966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b1ec1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda451852e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cbbc44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af4180753388f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a00", 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0xfffffffffffffffd, {0x4, 0x8000000000, 0x3, 0x8, 0x0, 0x80, {0x5, 0x80000000000, 0x1, 0xfffffffffffffffa, 0x16f, 0xdbf, 0x10, 0x0, 0x0, 0x8000, 0x2, r2}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000380)={0x50, 0x0, r1, {0x7, 0x27, 0x0, 0x801001a, 0x66d, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x40}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008280)="03680f2a20da68ab7a58c28b635d19c32b6efabb6ae3b5eee5a74d8943c613539e166c8baef50500824343a2f05093a5c21f746caefe9f9bccd83cca0fc28da20e2706308c61398dfce5f54ea9f266791ba29a4c7da158637def8b816aa296815ff13c06d632df45feaec1fd272ec1b510eaf58fe6b26cc36df3ecc0f5b1f258a190304e2519dd39ba9f5bc1788926ced5202e3b1e3afa16ae0b5d66dc05b36d3a00f72e5f318f8bdfc7eddc94238c50031d0657a22445ad0b3b90a86b086eed837a00bf0a3888bf61b4db57d6d8d6b286bbb13ba3b246def60ac34241eb843f89fe77d7e3e52573e90d791f21d4a8dfcc24ba95db60e2135634c02bd4b14535285df4fbe381ec036d876c4c8057c79371fa9717414590890e182a7b9e0ab927812083acf0d04e04c20c0555c8ceedc5bcf9b0e814be6eca98ce7b2f9f17d098bea541b75a1617c09fa99902ad746811f89a1fc5e6a80d77528247d6c104395715d2c9f9102f070a295f20c4307b9e848d3928b50985bfa2486893139761925b8fab96d26291243db23c4fd4d96864f4db860731a4e3e10b52d8d0487f5a8536cb4507dbdc111570ad0321b918edbc52807c2e0676d3257553702d9c1bd6741e9cd5cdeb3b8f636b6eb02a3b0066d7f677d586de5018850000f000ab3960f6656fb98039ceb6400d0299c356fc22b7298ed157c667bed5563fac2192a8ff7706a9e58d9d2f92632d6b25d8b090642e3f323bf7ff4d8264617a43a97099dd7347fbe3b1c439737913f17eff57f3e1ff4fdac374fb554e9a6a1ff32daa69507698d660d8d5f591801d8e4a9309342c3dc84966dbfcd2652800200bcb0dde9d456b7a07c5409f4f5387d0150daa34dbc865c6108d34dcc51eedb277e9638b43ce3c9afac5d7aa0f8542e58b0a84632a07557b041845d0012cf016ef065f97660b731ce1b79493de71def047277a3ae6d4a0d86591847d3475926039848c5baf6e1b43bc83053855182423156e54cadc8c85089265b49da853d15e5a701fedf2bf7986a723abf72e513fa05cb178345f2fcc859df49e74c8ccef196000a05cb090f22986ffb6f8f74ab41d2d88b6b535507a23b03d2fc2743f6f69fbcd43b8ff52b1ba32fa0137d542c515569b7f486f8ffa02ad1f54767f51701eb4c141437720884d529a57e17bc2837799124f7f112f42bd90f5b435d7a5d7524f7667bb7a6266263e62bf7ebf6896888d584c65a530b766111f078630d8629ffa91acb5ed02498549bd7e042acae0fab7ccb23278088a364be3da9619d91e1061bbaa9b33c3c5fbbcbc725ce8c2cc9ab0f2b4d30078040d3ca79d3ca056c360381ee87e743dea73a25ea2b4843f9ef280feb507f933fb556c718d8bf8f8618db72805b65d381b319f65c745c1e5060dae2f498852e79aff8dd9c88fd939a31871a430d3ba96fb118c79d1b08a397af23b1a188d1802106f588c768a1e6c9d244ac9a38d2a54ed50f19b78bf25e0ae1f9337ceaa8ff5ca8640104b19bcd643b51501d4e03ed5ffb383e7ed0ab78d540ae10bbd64fba1af59a4190215b7d10230992bbb4ff618d8284a2e2446990511fc2bff07cce9ba94a11d3db041e220e3d931fdf129d8ec2c9b17d6587a0044c9e09f52848db43ddc0df94513cc9e94e9d427623502a910deea0f21d86b16366769a46bf0d6d9fc0d2cd6b98ed885e9e2d765bdd051196bf20bd27c46ec902726d96de352c346d904fa00d63b67d272f116dce489f9d636cef61b441b9c113addec983b8b2fbdb2b32049e436c972b2fcf5140dc7b094c5047cb6226da700b72aeb3febdf16a75b6f61a311f606251c99b377c775c8fb3446ccf25dc4cca24290b3939f948019b05c80b5a6382112f63e0990b324c16a087c72aaec08796afc769f678e3634100a5a9da8215cb5d7a6a6b50a81676ef4edca35595b11f9606bef2fb84fe1f0a0703c886579f09986086f0dca6eb8061f9a74c79c1f758684a7363974b14561b9d2efdaba6c4cd8cb70627da1e195fcae3d8b2fa751278e8f220c83e677e14731eccd6fe0c357b011ed88b6df0c266b383f224b8e95384e401b717030b1227582d0d1042bd90377c4f2c7206a19983fc5905e4eb87edb6532b26ca9e28e160202606d19d9f5da34762f4b3fa842d7bff382ad70dcbc411f8b3e4cace8c8e0c72898d24023545e0dfdc4176209276a535491ce11c045c57b45c40f19b12dcf6ffbb78ab23e7fe9bdc404cf47db9855f2b835e1fce57debfa071803ec38da3c77a904080a4c737ce2b20e14e8449762f1ca0b1ce71779d2e6ee5299e1cf230e8070045c23c1d0e52f66fe9039f95cdc0b448dc12d24de39157934270345991948fce921b5d8e739315cc75d4b3b49928437b88672c1a7770365207b43895f45909d5d972f48aa66de609152a5afa2c7d75f0a14189d0409f0b623eab3b6e7d81025cde140893ed71b6f24f5a36d21dafb62af6be9da845403bc8ed36672efa74d7da19d5794cb4b79fa1c86940b1890c012e14b7c3bb261f16bdd99efaa9819b0bc00af842a6b94c6086d15b16ab81af9331ba3a5bd6941ef35239e85455ceab02c598ccee8fbad97ed37daebfe3b26a5a6c9eda5f65a1cfaf7a1f1688267c812a56c552ae11b465dac030e18f9008ad03cad80bf2cb91a7d99dcfa54d323ae0a4c3a6dc0f80d7ff703870610a945eb0ab5b6d14e81869c8872f6b123d98edcf6bba10d76d35cff4b0bb73db8b6695a8351785bcba1e160a42ed367c4da727da38f91562e941e5c4fa90cd585c5f1cd3a7d6892f18a5aa3c74a4fc00bf5909267489b937a928d9d8ff92530b5226eedf8ab9a957e5ffec45bc3a55e6955b38393ce52892655265d1f741e0b744808eb568a08d145a8bc5ada9b079f6d0bec5fc2ace0502b3f926372dff49478fbd10451f0de4b3d1a63b9d4e17ade45628d2e9dca041fcf7fc1e105e1fc44089fde9caf418ba8454dc361df4a59e1bd79143d280613e3c79ad18e922a43e199aa5927bb9553dd31e6223ad19bf8aff6e1dac8b3680feea3138bc61742b03f047b3d77039c1a4c2d05bd89c4bc12a1b83d78b4e7023f690fce6a44608c423d8cbc2e80942b9d9df2f4bf5606640fa47692f3e003885983a73e1dc313b243bbab5c3c6348afab796da766044ba142eda5a9d3713e3eda8c54c1708909c5da89ba67d29cd7f409c9b759cba316c42028754e3cb6eae2cc4f6d66982f212320f199b2e837bb4c54c54bcdcd2ac240ef6295d38e9889b4213819ef0f9aba6ceead4e0fd2c4becdc1f8ee3049831996c9a74a5fd4e12a1fd21ed47cf27e29f9d61e4b673d88914c36eefa53d3c49d94b463b7f8462c1951dfe33c10993d5cfcd0ededd50ad55009528f1e79fbc2fa70c3338b32c40ae3bb45d7079c7ae8433fb1aa19affbd3fbce0cb5ab0d557afb3be036856066eea45c28e93528b35477fc97fe9ff3641e5bb0f0e46069eb653c027daabff38541250081c77e0e3a1d030a73289e771cc41db10819af60599b5df0ad978fcf0b46af821c6b717b265e07d3a85397ea94de26f510290ddb5df8fcff76fe624843c8577802809c145916afce01d9dfdfa8bf07633e98f14fc73d5ef58ae5cb0c308bc74ca38259692a1cd4cf16752786a1c816f24612c27393d7e40a2df9a3dfa23a0c59613c8a7ccdd97c3fc67ecab94dcd8cc4b4517ed2414d41ce574074ffebd156e3d65c4421b0f339bc9f29abbfe49db62122248cf96b74d9639b3ef9d935cd81315a7ecfb0dc6ea1ee053c2e5c3615fbc10782f16a564fcabe1df70da7de989e00eedc346cef5b5cf880e9d563fc15302f056d37f98a939fd1dd5478b4318c256e93b77e31f87d8f7fe31755191b40d778ddb2ada1480bb9fcb96a09783f13cd460ee2c9cf4a712f04eb1b1a746091109f7ce0655e1ff7781fbe853e3d03bb91c9d8f4f416f5745c6b607bbf72786bd3c0ac4761e6e6d70f12dbefa1b13542086f793b72c6102ac06e75be17bdbb1efbf7e007f07f9bd433fd9d9cbf93e760757b792f15231895561fe49d9d683ccc066f38af581422b71702627162c0f0f35c36a61eaaa92129114b7334281e35fd39576e51d8593c149c9326e0c710ea4dcc9ef39a432a48ae1834f5046b954f9c033d6035cde0dbffe3e97f48a1dc695f4b2f6fe5d4eee83008318def105c37e11c9015670f13417ed036e68f6fbfca2a8289829677feb23079f3f2ee53b26e491924fefc1c50e54f288a8c4b6ba6d319054c3a9e39e14bba81b423acbd44b51279bbea6b0bb2047325837ce8b2191454f52ffa2cd04abe89e3de5bc102e9fdf740d3efd975bc9503af796e6aeee711ef8797de5d507a964730aa70cb9d3840054d4e1ffc57de378b511f7649666a54a6b3d91ed517198d76322bf99d13bef530a43ed3f13196bf2def6dcfb39f76471c75c5779bedf105717e546057fb478bfd24e8fdf3c12d028b542d1f424a9d45bb9e026e6098eb1cb0a77378300ec1b4c9f006aa4dfb7fb5c57cf1b035cbe96009ead1ca25ea1e5fae40312a4e9fe250684a1c8653bb303209e0fc6a498f3a08f6c5b946378a349f3aea45104a2badb8a45f500bb4f0f6cd620ce794e0f390e1cb7f2f1fc0039f4250a577544a6862b47bf89eea3a8c1516b7a9dd111c2ca719190e8feb1a7079e9fdfdb8224dc50791c986825469c087c8f081616edaa4193e161281aa68b7286a364cbb336b2459f0892e57c40afcfda7d16ea1877efb4e4b0d4b5c31e8cba15066903d3a91bdc7fb64452fb9843436110596f0b038da167a86f97d32c807270a1c994fe88e2517e11bdd210dd982d3c8158459440108308a936c9d2370b9d157c3f9caec36ff05bc40b37f095edf33bf4fad440f38c3f52129456936c07014140be5618f4e9d07b66679238023390cd676b1a3a28d0e90d5ad9ef13a31fcdc5a435454309367c437424e340a1f91c6483bce1026d85a16fb854252ea4ede39a4e69702ecff76432de508e064eda0df9f263a25c0f626d1c1ffaa6783be2975451ee936cc2178648935a924f6fb2db2f8ba34e348920d903114520918cc6872b842e3744fc18d1363583a107ec7b89c7792c0d8069e12f873f6d668f6fdeb47b72986914e45c2b061c5c936c73c9bcf1475ea0d25edaad21cf193405c8acef3bff4e4f1b2b321d70dba59e856a8849c2bba9508bad775370669b2bb7f5e53181af8bff525e13a4935d7e28b997b4ff15da9e36f1353a154ab701ad15420786daaf27ba7e122f7b825c668185b685630420378b4142ec4e4242c2cf0bf6e143f7e55cb12fb9dd59a8df9959ce4fc5fff68ae7174977a31ad7fd644bc94a20bae76f0af474034990fdfec8ceca0e6cd93fe21d84837b7e9d74c17b6d3054f0c008ee05764745fd8773a0c1c31bb3eef5b7e261b54805b5c805a4eeef05c812fcdede200442e7340c63490645ebd09c235d5c52a785542526edfe3875ad08267faed1d0a15236f00c6736b94c1a3821302ff610697ad7becdbc96f54b55138b585cd122e0d5aeaf43c9ba373e8aa1c1297e3415552cc57cd60ee1f3c04500ed0eed37775c873de3066c034c176c67c5bfbe9899a47732030855781341374641da058eee61d01d11b9db8f19fd4558957897340e32cdfbc39713f1f439be0638f614cdb5361433a45a6ff024e39c94141dc5403af101404ce5f2efa97b90d9ecdb7c361785dab977feded32554d1a74d5cbfe2435be7f0329ba382455c2ac11fbe29fe3826796d4bea03dc53a37f63f5be2773f83faf282f0ae24d9fe5762b71b499fd37b4ce7e71f93c3a983f80fed477708bbf2261c89893c4b76e34fac9b42671b6cc81678cc867f53e8c3ec47716206212743ca0c4941c2c61ed3177fccf85921e998d2b826df751173944bb07eeaae4001f677a0687a2550eeac8bb5128ecad9c7b6a514596a30b8292fbacc09ab488193507b6785d7a35c979db774b2c413246f1ae88d35d1914b20b8fb501034321642fb0b0baba3378e4c31fb5e247c177e573295df0194462b99079a436400ba1be2e30d39b8714c0fb2bdcd981d5a5cd514f8d4f14e4e0437108630355d8f2b60a6d18cb14ceb2b5d0704aa6e93e180bd79cb17e176bc4f81a03db12a03413de6189896955bb9e3cc69b6f9a50a7eda3742527f98c71d7ea8ba75e253c2b783f7104813c619949e6a0765179b1b9cbe68b703335ab5986928d86384357a2f4189f4b4ffcd61a3d29709bbc93b5371f0e7798cb72ae4c17bcee24f8e566f2777803c3d182d15a63ac40063f0ccdf4bd790404524eae02eafb6b54c699578486490033f0be866c74a134083003d330498658ba973ea674c4a0ff158403987b4c4752b07c8637a119b019fd5093406960144445056f6ffe73eda0235dc1871bb6058d4a9feecac628265689d58a81453d33290ab56eb691f3180d0288449f41844e56f5c6cf522d4a5866b24fb9552fde71946c4d25dcceaa41cfddb5a33c51c54c0a0a5abd31be8fb6ec53c1d14ba648e183979dbd0db01b9e51ba3803be7e7d3dee752668367264c783f74838121797ae5706ef3aa460682d1bf55808c70e69ae29d7683368470d08e7e9a1095305dce250b5b4bd48c02e098d241b1089736e8306a737e3a1a93e554cc3ab24672b8c74bfb8825004ca869e347f873de14575493836662ad741d79269904f905d7df64d0581ab8d76ee51a32d72ccb719f3a25c0a856b5bd2b2a1269e208d70c32e1d5ad0dfdc0ef43f0230e95eb85871eb4d6033abbf0be7025382d878eeaeea73c94270e79bd5757dc1bac95236a62545cd467830b12dcc30d7cc81e889d360d073db40058e9a1c7b41fc53e67740bc984132a1452cf7d000378f14ef93a7eb0dc9bacf23584ad6761139576607f8214757f71fc47b2944127116ca3e83b9d9643bce8d7bb44b4d16b5d5cff70a9e1114cd920b6fc1f409672648ad56ac3136ef0a314adb458faf3d3f171cb2fc513d76e43e6bda2f1a68e6fcf4a4ecbe6bc87716e2a82ea0c4657983ca0caaf8d75fdf5b0d7930e4f3e95eb1271485f938e7ad2bf0c97b7c11745de45518a1e3a74341968588558e7197b407d24eda0671ee28f219e4c5f809a7ea6f9f5b9705f4634a96112eb262bd5967db5237285b865d3f64516495ea6d1ec20dbed7af02362370bcc98671a61241fa1ef5b3095609d66ecc16010f6f67a280d1c6d215ec224ead17d68bbc9bc64b363b5be9b479b7aa2cbc8587a6b48cf653fde7a262a11ab3a10356f55f122310feac77c32ce0994d6e8a70f1c53331cb473a8e29427322fb6da292c4443b1678877f1c981fa05fbdef96520e5895aeb2a3a8e62652f9d8830c3b144b9598873e2ef41b7ade943807766877d609972cca74855eaedce07cda35b50557de96e736ca3107c154d31aeee78db234687b9964517bcd2c6c9ec047514b45c831aee4588166dc3ec9ab36bd1033e74b3d02d731c5bd84f659fa9fe55cac08c12cb999a2e64fac52f6cb7d1fffbf45d9a1126787d0060fd1be563ccbc278ac97dab0c1bee664675f273f5fa429bdc24b21ff1cf0a3ad3c687fb07ffd88bad6ab6c6b422a43b77ff76f96bf405c07f8a667bb8ff54d6714aaa21ceba2e78ce03146b2ab9f49e6d65081119b8e7cf3843e91349790d2b975c9f9c305df0ab4f2b1b2f30f629313cc66a325e4037f38f29842ee5781ba73d2f30f506cf7ff2237a72b4075aefa32cdd5ba0ae4e65cb6fa47a3e06f0d5f684b7172d6b58f5f7d783c4122db4f4b8b4f9d3296c9d115f432710c29d40dfca0010ecbe2f42fac899911d65c84f08aaa1923c8add5af518286211db14e1187a8839f3b2ae8bd914eafc16a576bbe3eba6271a4c5b3170c3f543761f11f1326a05c575bde1b5c6afd3876bea4fbb649071a95caf74de9f7b3421803ec351f934b8d0932ce72a13abf3627d9a396c10875fc167ef1ae98ff92af9ca366033c99d30306fd540a09d67d26ab192504e7c09f9e4d06287a2b1748f1761ba3c16d9d08be7562b7351c4b4679f5d4b38681bfd86c7f2003a9749b20b602112a95803469f5d252c564912b55c4bf3409298dbd066d877cc70a89b484b9ee6bb836c9acd1e53086c4be85e9a3bc5969c7016db9c72b68620c241409d06f4d7f72fe2289c9b4921055922783b8b886bc22926b7d194820af2b90e3c60e87e1a7851f38a970c07c1da120d1da75de2bb994ff7d05a313522373326f160914a9589711e0439d694f5221afe8cc118722ce4927e9543e61a12a76bcf2da1d01a0f258095d32063387349b4e9f253d8b73c6e834b6866f8a56b4797b92d521fa732aa0d55c8e9d6c56011ee6fb450853dc564d18e97c463609c27a63f9c91c46d7bd80ace4edc0615ca342f43ca3b3d0cc36ed52b7d1f457e5b4b26b5eca0d91abe4f1a42a2eec40ec2faff1222f71dc226d6344e947b45155691205c09913fc3c6ab3fe76f4d1b11fa45869e20694b5f0a1074780a07332764212533b797dd24d8df157d4172f91253b77eb2ec90c8222307ed59136463057b7f469116086410b7503b44cef401c47811c1390060da5b3321d34096b67468a7702978d98d4bd721c18a25ed541249638e90281dc8e3565dc33e66d7b832a9bd62c02c5ed0e92935c92472499653d2d842ea6697c733ee80d775884074b3a0c250a4aa021bb6ea93514f9cc5f09feb5719d270cd184e364ca966f1416e10f111bc425f32a993fc5cd75503f99d89d91d7ddc6dee70193057cb946e5fbf8663c53e12cebffe5dbd4a86bfcf5f35f0d8aa43763a60e00356b4f8bc2bca01b02cfddde38f0c4df1e7f98709fdebc5abb5eb9631bdc3dbfcf15517fabcf16931eb7381e83713b081ad1947274d4896ee8953d772e9e71f363b6f1147317bc739ec128e4ec865f8f0ea34cd5ff19fb2c28931d2c85846735358504ae9161535cd7890e8b95c814cfec116b78e6d0eb5097cd4f35888121452e27391d865c15f0b986925d0d0c623bcbb4d8ca66603720253af17853967ea5954eb5ef0dc43de185ec4925026c680464e66d1caff1f4c7c757bd55ec2515ffe7183e3481ff6f626c2228a3fc3d15f63e4bfbec76a2a170206142cbbcf204a1cbfe0ee56eb47dfb79c80894c0a0fbf8a2955d861678fc2f8f9ad7a28052197b5992bced1273658da5b1f42fca48c80883600c24d8515a0c7113deb4c97df918ab64bca16a0c14f2547dc91d5ce4f884978c95fe54899f77ffc20a2c4b27350bc451bef72a46d8e144ad57a8d5f8ac039f58b8a53ea1f3fd5fce612a171bf82ba17c0681cf46ce5c8181a522ed2e986361903903159643046c7be1787dac6ccab09d18a30997541dc6e9efa260f1ff0392bc1890f19d8bb725f4fe7d8bc618f46e0c23be6b9ca67777dd3f5a89b41ccfb11a526a3bed045a2906f86cc5186a1db7a70391261b694b423e5a44d374f9d3720330e083574083f8950b2b35c8bb5b6c0a7fe259f235dc1c069d4581a9f0a7451890561a0829bb290de6aefe4d243ae0b00ca61a1dc4262bb4951242b21d88148eb7b6a9718d6433274f2b3c9bcdbb6d5df67b48ff42692d8cd7f4b7f41728de68ea1ce0f3e4a2843c5b9ffc43f69b8a0445dce44081f5b443a327084b0d00d07cbdbbfd2da5d67bf8d4bb4ee408d17eeee48b61decd06bd3dac9a1adbeb069b49ec96608b9179bb3af4c10f2ade6778b31fd4c22c2961cb949a64e9a8a4879c550f8d8783064cb304511e40e2e562ba83c08ba8ae011a784ed9db03db5527a5aae222c856c8df0a94f9c4def0f94244c5b8e3db9f39dbd337928e24d9d8562f231fea72116c01089163d2c5f4ca17faab20b73c9957fa1a9af20837a804870034d4e64281125b070d8ee0dbf05f95e5fb079e2a57e9af977222e90b664189114dccbca81ee58b7de90a813768a2049052b339a608d3e9966bdb3b584291fbf7694a7d1dea7f72ca604894e6cca5d326ed5e48c15eff5e6a8cc11c40f84ca920d79a5c55d07001909bf6338921c656a39d59d03f62bb5b8870189f0416ec8c317b03ccdcbbeb3e1a9bf2661813f4966b57eb56a2757de5f7745851b5f7bf75e41eb1646e61a41923c5c0e58c2ea478d95b5c39c450744aea0aad3706fce684cb7338ff3dacab60e8d968f0e6fc070693ae3ca16996b34a50afb7e6e377546ae28dc8de7a2ea3a657b4b0003a91a488e347c61971d62f32eaf843d4d4c4f86cc4033c1244c8408def09188dde509c629323f34072f9089a3846680894e8b000a03865438b2ea212b68fdef7f17583f92014eef2c8115a37c9c82dee06213c1407c1433690f68cdc8e91971104039dfe06774b946f43b68b7957a5ca3ee763eafbb7437850eb0a285c413bcf6965232d593d8da47a2a06abc635ae38e596a9dae55b43f341bcc6fe72d79b453ac1c259da37f64cbc1f1508caf280aa6a3f4cd2ff5564cc5a8727f222431454a5ac93398a29fb95b4e057686cd6fcd920992f74e5870749676a36e043bec5fc1b0fce5563affe9addfaa3689e857383ccd1f2924080449d2cfb006e855570b711c1dedd1df2629afaa3806f4ae229a9a8ef1940ddf2c55dac7812d2374c0684b7ba27b2f0849ee4c055d2b8ccc8e41c593378340d7546bb974bc8032f220b37099e3b04c6591c40d2c50a855a491e03c1c9cbb32c400f6104341262d92daaf3e2c04936cf28788fdff8e0a77770a9deb9089a9e32eb5d9e2581aecd98f83881ca8e7d49e603556dc03a9aa19a8f3a4735aaee347b25ea35b36fa57484c0b6d591979b4a3da894fa0c15966d6a5e02e397cccdb9c314b504372b81ef6913877767001263c05dae362b49e5928ef36f554ce245b4111486417634f1e7f4530a760ae6ffd3123f5736ac12c5bf506c5dca03079c0fd0776cdb56c938cdf480fb9b97b1685dfa3be6f712aae107e2dda726bec137b2ebdf56c0fcaecca4350bd7b5c84d57f29c2a2c99ae10c30cece4831d71ae4ee3362983cc816bb6cb9225b9db08503a1be23a26a0425a8628a2e718feae5df91d829f27966f766b623a0a4958a57642aefae259713733670d5b1d027fb8eb2d0d3a0b4acd482076dfa09ffe883f556b2db2262bc0872e1bd713f100dd7a8a8f2d725b46e09c625d513179872bbcc9a41e596a18b2471d977f4ca2bebd06cdaba31b70ef25e098f214fef16f16f725cad4311eb91457fdb70b471eddb65ecafb1e2b03c5ff21356241e3cab2c8ba601f9ef1aec9006b7cd0b81da29be01cb4c1d52e563298e373013886ebb1889bd5616647c6c418ea6bc1f3c0853b65cae48467b35f08318e3a9d034af7224cc3520ab1ece7751ba15407298b21e4f84ef7c23d7993739403d4f116cba2d0ae2d4003a28334c461c734d4555105b986ad0af28aac36c753ab52b91b7e23ae3ab07d3b170fe53a2249efe5b65463a3f237cec72091b04005f95a15ae595191ba39d0ae1d91d8e00b132ae9339884bc57bbb79978a308e1c31c5f213b092f380a7ba58f55869e9c29a5a6e7a7aa4f8d58e5787cc05e500", 0x2000, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000d00)={0x90, 0x0, 0x0, {0x4, 0x3, 0x0, 0x8a23, 0xf, 0x0, {0x0, 0x20000, 0x0, 0x3, 0xffffffffffffffff, 0x1, 0x2, 0xffffffff, 0x0, 0xc000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
rename(&(0x7f0000000100)='./file0/../file0/file0\x00', &(0x7f00000000c0)='./file0/../file0/file0\x00')

5m0.482058136s ago: executing program 3 (id=1920):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r0, 0x40047438, &(0x7f0000000180)=""/246)
writev(r0, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)

5m0.305680209s ago: executing program 3 (id=1922):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000008140), &(0x7f0000008180)='./file0\x00', 0x0, &(0x7f00000081c0), 0x1, 0x8130, &(0x7f0000008200)="$eJzs3D+LY1UcBuCfbnTjyG6mEEFBPGijzWUzhZVNkFmQDSi7G2FHEO44NxpyTYbcMBARZzoLG7HxO4ilnSB+gWnEj2A3jeUUYmQSnX/EQpS5LPM8TV44eeGc5nLh3HOO3vzqk2G/yvr5NJ5sNqNxEBHHKVI04kaceCIO4vWvv/zlpQePtu51ut3N+ynd7Txsv5FSuv3yj+9/9t0rP02ffe/72z/cjMP1D45+2/j18PnDF47+ePjxoEqDKo3G05Sn7fF4mm+XRdoZVMMspXfLIq+KNBhVxeTCeL8c7+7OUj7aubW2OymqKuWjWRoWszQdp+lklvKP8sEoZVmWbq0F/0Xv27pnAAAAwNU4ns/nEfOFm9FcpLrnBAAAAAAAAAAAAAAAAAAAANeN8/8AAAAAAAAAAAAAAAAAAABQP+f/AQAAAAAAAAAAAAAAAAAAoH7O/wMAAAAAAAAAAAAAAAAAAED9Hjzautfpdjfvp9SMKL/Y6+31lr/L8U4/BlFGEXeiFb//fVPA/PTWgLtvdzfvpIX1+Kbc/6u/v9e7cbHfjlasr+63l/10sf9UrJ3vb0Qrnlvd31jZfzpee/VcP4tW/PxhjKOMnTjpnvU/b6f01jvdS/1nFv8DAAAAAAAAgMdBlk6t3L/Psn8aX/b/xfcBl/bXG/Fio961AwAAwHVRzT4d5mVZTARBEE5D3U8mAADg/3b20l/3TAAAAAAAAAAAAAAAAAAAAOD6uorrxOpeIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAn+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAACC/K1XGKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgKgAA///5cu/6")
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
mount$nfs(&(0x7f0000000100)='...', 0x0, 0x0, 0x42000, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000000100)='./file0/file0\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/fscaps', 0x16b286, 0x0)

4m55.399463235s ago: executing program 3 (id=1935):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f00000055c0), 0x400023c, 0x300, 0x0)

4m39.985948716s ago: executing program 32 (id=1935):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f00000055c0), 0x400023c, 0x300, 0x0)

2m43.974706205s ago: executing program 1 (id=2290):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa, 0x2}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x800}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x84}]}}]}, 0x44}}, 0x24004000)
r2 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2m43.710110559s ago: executing program 1 (id=2293):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
sendmsg$AUDIT_ADD_RULE(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x4}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x8000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0600000004"], 0x48)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000340), 0x8)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, &(0x7f0000000800)={0x7, {{0xa, 0x4e21, 0x6d7, @loopback, 0x8}}, {{0xa, 0x4e20, 0x5, @loopback, 0x6508}}}, 0x108)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[], 0x1c}}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000200000000000000", @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRESHEX], 0x50)
r2 = socket$alg(0x26, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

2m43.17368244s ago: executing program 1 (id=2294):
r0 = syz_open_procfs$namespace(0x0, 0x0)
ioctl$NS_GET_USERNS(r0, 0xb701, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x58)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x4, 0x6, 0x0, 0x0, 0x4}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x0)
r6 = dup2(r5, r5)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', <r7=>0x0})
ioctl$sock_inet6_SIOCDELRT(r6, 0x890c, &(0x7f00000000c0)={@remote, @private0, @empty, 0x40003, 0x40, 0x5, 0x100, 0x0, 0x590043, r7})

2m41.769984888s ago: executing program 1 (id=2296):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x6)
getsockopt$inet6_opts(r4, 0x29, 0x39, 0x0, &(0x7f0000000080))

2m40.453687993s ago: executing program 1 (id=2303):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_open_dev$sndpcmp(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)

2m39.470924802s ago: executing program 1 (id=2304):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x401c5820, &(0x7f0000000080)={@desc={0xd32780, 0x0, @auto="2d6d8be989c5ebe2"}})
sync()
renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000001240)='./file0/file0\x00', 0x2)

2m24.26490739s ago: executing program 33 (id=2304):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x401c5820, &(0x7f0000000080)={@desc={0xd32780, 0x0, @auto="2d6d8be989c5ebe2"}})
sync()
renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000001240)='./file0/file0\x00', 0x2)

12.381843798s ago: executing program 4 (id=2867):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r0 = mq_open(&(0x7f0000000040)='$$\x00', 0x40, 0x0, 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ptrace$poke(0x1, r1, &(0x7f0000000000), 0x1000000000005)
mq_notify(r0, 0x0)

11.429791027s ago: executing program 4 (id=2871):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x0)

10.181766271s ago: executing program 4 (id=2874):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_DELCHAIN={0x20, 0x5, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x48}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x40810, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x24000011}, 0x4000000)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0xffff}, 0x8)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r3, 0x0, 0x16, 0x0, &(0x7f00000001c0)=0x2)
close(0x3)
syz_emit_ethernet(0x82, &(0x7f0000000240)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x2000000, @rand_addr, {[@lsrr={0x83, 0x3}, @rr={0x7, 0x3}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@multicast1=0xe0000089}, {@private}, {@local}, {@remote}, {@private}, {@dev}, {@private}]}]}}}}}}}, 0x0)

9.577310823s ago: executing program 4 (id=2877):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x3e, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000002000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x0, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1a8584c, 0x0)

9.417732596s ago: executing program 4 (id=2878):
r0 = syz_open_procfs$namespace(0x0, 0x0)
ioctl$NS_GET_USERNS(r0, 0xb701, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x58)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x4, 0x6, 0x0, 0x0, 0x4}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x0)
r6 = dup2(r5, r5)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', <r7=>0x0})
ioctl$sock_inet6_SIOCDELRT(r6, 0x890c, &(0x7f00000000c0)={@remote, @private0, @empty, 0x40003, 0x40, 0x5, 0x100, 0x0, 0x590043, r7})

8.254361379s ago: executing program 4 (id=2882):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x4004884)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r3)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_pie={{0x8}, {0xc, 0x2, [@TCA_PIE_LIMIT={0x8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

7.15040192s ago: executing program 34 (id=2882):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x4004884)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r3)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_pie={{0x8}, {0xc, 0x2, [@TCA_PIE_LIMIT={0x8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

6.097811871s ago: executing program 0 (id=2888):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(0x0, r0)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000f00), r0)
sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000000fc0)={0x0, 0x0, &(0x7f0000000f80)={&(0x7f0000000f40)={0x14, r1, 0x1, 0x70bd27, 0x25dfdbff}, 0x14}}, 0x4)

5.860177505s ago: executing program 0 (id=2890):
r0 = syz_open_procfs$namespace(0x0, 0x0)
ioctl$NS_GET_USERNS(r0, 0xb701, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x58)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x4, 0x6, 0x0, 0x0, 0x4}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x0)
r6 = dup2(r5, r5)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', <r7=>0x0})
ioctl$sock_inet6_SIOCDELRT(r6, 0x890c, &(0x7f00000000c0)={@remote, @private0, @empty, 0x40003, 0x40, 0x5, 0x100, 0x0, 0x590043, r7})

5.721336188s ago: executing program 2 (id=2892):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000004c0)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x20200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
write$FUSE_GETXATTR(r3, &(0x7f00000000c0)={0x18, 0x0, 0x0, {0x4}}, 0x18)
read$FUSE(r3, &(0x7f0000004200)={0x2020}, 0x2020)

4.864849285s ago: executing program 2 (id=2893):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000ee0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x6)
getsockopt$inet6_opts(r4, 0x29, 0x39, 0x0, &(0x7f0000000080))

4.715619868s ago: executing program 0 (id=2895):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x7}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56747, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0x11}, {0xffe0, 0xb}, {0xb, 0xc}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x2a90137b}}]}, 0x40}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4000000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

3.5975724s ago: executing program 0 (id=2897):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(0x0, r0)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000f00), r0)
sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000000fc0)={0x0, 0x0, &(0x7f0000000f80)={&(0x7f0000000f40)={0x14, r1, 0x1, 0x70bd27, 0x25dfdbff}, 0x14}}, 0x4)

3.399870843s ago: executing program 0 (id=2899):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events.local\x00', 0x275a, 0x0)
ftruncate(r1, 0xde34)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x9, 0x12, r1, 0x0)
setreuid(0x0, 0x0)
linkat(r0, &(0x7f00000000c0)='./file0/../file0\x00', r0, 0x0, 0x1400)

3.245588176s ago: executing program 5 (id=2900):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r3, 0xffffffffffffffff, 0x0)

3.181682528s ago: executing program 0 (id=2901):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_read_part_table(0x5cc, &(0x7f0000000000)="$eJzs07FrnHUYB/Dve3fxTQU5KQWHLgUPB2lV0sGlN0hJjyw2iIqDczGLQsGhw3nHNa5V/wGLbUXpUtwEM0qvQRSSKdwiyIGz4nIInsT3RcwQCBJNEz6f6bnnueee34/fc+FYKz74sI7mZVp12DxAX7KZvHF/+crKudVXXns9Wch4bz05laSsPn9V56+WVXWlXNr67LvLv+6O3B537jbq+kYjGSbFMGnvM7hIfp9X/tWVOUEedB+WN9ev927d6K7t9PrTi9cuLJ9t5d1PXr5zafDmM5feqhdro/GfzW9X81trO4t1cl7vZzFbetSt1vR8sbfvAH8xjoG/33+QpNef3j4zmoxmrz735fsvnj89+Xbwcf3uvxVHfVIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCke9B92L65fr1360Z3bafXn168dmH57Gxea6eZ5L0kG43FuqN5yPNP1VE1v9PI5z/Mr/7y6VMvLIy3ZkuPcifJS5v7tBeHehj+d//cv1avP719ZjQZzYrkiSKnJ/UaJvMy+TplUhTJO0d9aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgsfbRlZVzq41mkiJvJ7ncePpe/phX/srualZf/jlJWYULdf/9fP/s9rhzd7XO/7ie4TDJFz/dayfPf1P/0GBxt9hKOk8ewSXZ158BAAD///V3mZs=")
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2000844, &(0x7f00000041c0)={[{@dots}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x10}}, {@fat=@quiet}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x8}}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x4}}, {@dots}, {@nodots}, {@fat=@check_normal}, {@nodots}, {@fat=@umask={'umask', 0x3d, 0x4}}, {@fat=@showexec}, {@dots}, {@fat=@sys_immutable}]}, 0x1, 0x249, &(0x7f0000000500)="$eJzs3cFqE1EUBuCTNm2n3di1uBhw01VR3yBIBHFAiMxCVw5UN60IKcjoKo/RZ+gj+RhZdTeiE0xMg6BMO0nm+yDMIT8Xzt3kZnFu8v7Rp/Ozz5cfq+9XkSRp9CMmcRNxHDuxG7XewrMX+7FoEgDAphmNikHbPdCg3q13DiOi2IuIg1tRfn1PXQEAAAAAAAAAANCwf5n/3zH/DwBbwfz/9huPB8XR7Pvbn8z/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO25qaoH1V9ebfcHADTP+Q8A3eP8B4Ducf4DQPe8efvu1SDLhqM0TSKmkzIv8/pZ5y9eZsMn6S/H81XTssz3ZnU2fFrn6XJ+NFv/bGW+HyeP6/xn9vx1tpQfxNldbx4AAAAAAAAAAAAAAAAAAADWxGn628L9/l5E7Nb56ap8Wq74fYCl+/v9eNi/t20AAAAAAAAAAAAAAAAAAADARrv8+u28uLj4MN644vrk6ssatLGVxWH8x6ok1qN5RSNF259MAAAAAAAAAAAAAAAAAADQPfNLv213AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADtmf///90Vbe8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6IYfAQAA//+BtY57")
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x140, 0x82)
r2 = fanotify_init(0x81, 0x40000)
fanotify_mark(r2, 0x105, 0x40001032, r1, 0x0)
read$FUSE(r2, &(0x7f0000002300)={0x2020}, 0x2020)

3.07674988s ago: executing program 5 (id=2902):
r0 = syz_open_procfs$namespace(0x0, 0x0)
ioctl$NS_GET_USERNS(r0, 0xb701, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x58)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x0)
r6 = dup2(r5, r5)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', <r7=>0x0})
ioctl$sock_inet6_SIOCDELRT(r6, 0x890c, &(0x7f00000000c0)={@remote, @private0, @empty, 0x40003, 0x40, 0x5, 0x100, 0x0, 0x590043, r7})

1.955908312s ago: executing program 5 (id=2903):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_DELCHAIN={0x20, 0x5, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x40810, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x24000011}, 0x4000000)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0xffff}, 0x8)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r2, 0x0, 0x16, 0x0, &(0x7f00000001c0)=0x2)
close(0x3)
syz_emit_ethernet(0x82, &(0x7f0000000240)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x2000000, @rand_addr, {[@lsrr={0x83, 0x3}, @rr={0x7, 0x3}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@multicast1=0xe0000089}, {@private}, {@local}, {@remote}, {@private}, {@dev}, {@private}]}]}}}}}}}, 0x0)

1.755553456s ago: executing program 5 (id=2904):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_linger(r1, 0x1, 0x3d, &(0x7f0000000180)={0x1}, 0x8)

1.649701988s ago: executing program 2 (id=2905):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000080)={@loopback, @multicast1, 0x0, "2634784b05261d78b092012000", 0x0, 0xffffffff, 0x5, 0xf6}, 0x3c)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
add_key(0x0, 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffc)
setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000280)={@private, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23bd0f4eb500", 0x7}, 0x3c)
setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd2, 0x0, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd2, &(0x7f0000000200)={@dev, @multicast1, 0x0, "05888ee9654ce5db9229e6a1f0a3c9505e2ebbbc3d341ad6ad352965b867e20b"}, 0x3c)

1.579943579s ago: executing program 5 (id=2906):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(0x0, r0)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000f00), r0)
sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000000fc0)={0x0, 0x0, &(0x7f0000000f80)={&(0x7f0000000f40)={0x14, r1, 0x1, 0x70bd27, 0x25dfdbff}, 0x14}}, 0x4)

1.364622494s ago: executing program 5 (id=2907):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x27}, 0x28)
syz_usb_connect$hid(0x2f3c20a306d466aa, 0x36, &(0x7f0000000000)=ANY=[], 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000380)={'pimreg\x00', 0x5005})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000a80)=@raw={'raw\x00', 0x8, 0x3, 0x370, 0x0, 0x11, 0x148, 0x1d8, 0x0, 0x2d8, 0x2a8, 0x2a8, 0x2d8, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0x3, 0x7}}}, @common=@unspec=@conntrack3={{0xc8}, {{@ipv4=@broadcast, [0xff, 0xff, 0x0, 0xff], @ipv6=@mcast2, [0xffffffff, 0xffffff00, 0x0, 0xffffffff], @ipv6=@dev={0xfe, 0x80, '\x00', 0x27}, [0xffffffff, 0x0, 0x0, 0xff000000], @ipv4=@multicast2, [0x0, 0x0, 0x0, 0xffffff00], 0x6, 0x6, 0x0, 0x4e23, 0x4e24, 0x4e22, 0x4e23, 0x81}, 0x0, 0x480, 0x0, 0x0, 0x0, 0x4e20}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00', {}, {}, 0x0, 0x2}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d0)
socket$nl_route(0x10, 0x3, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xf, 0x2)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r5, 0x0, 0x0, 0x20000000)

528.46199ms ago: executing program 2 (id=2908):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
syncfs(r0)

289.820564ms ago: executing program 2 (id=2909):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0xd, 0x0, 0x0, &(0x7f0000000140)='syzkaller\x00', 0xc, 0x0, 0x0, 0x40f00, 0x1b}, 0x94)
syz_open_dev$evdev(&(0x7f0000000000), 0x8, 0x4ccc00)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040)=@in={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40094}, 0x24000001)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
wait4(r0, 0x0, 0x40000000, 0x0)
ptrace$setregset(0x4205, r0, 0x1, &(0x7f0000000000)={0x0})

0s ago: executing program 2 (id=2910):
r0 = syz_open_procfs$namespace(0x0, 0x0)
ioctl$NS_GET_USERNS(r0, 0xb701, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x58)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x0)
r6 = dup2(r5, r5)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', <r7=>0x0})
ioctl$sock_inet6_SIOCDELRT(r6, 0x890c, &(0x7f00000000c0)={@remote, @private0, @empty, 0x40003, 0x40, 0x5, 0x100, 0x0, 0x590043, r7})

kernel console output (not intermixed with test programs):

 415.476136][T10128] loop1: detected capacity change from 0 to 512
[  415.494125][T10128] EXT4-fs: Ignoring removed orlov option
[  415.514571][T10128] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  415.542163][T10130] loop0: detected capacity change from 0 to 1024
[  415.564070][T10128] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  415.605557][T10128] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2244: inode #15: comm syz.1.1348: corrupted in-inode xattr: e_value size too large
[  415.623287][T10128] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1348: couldn't read orphan inode 15 (err -117)
[  415.637668][T10128] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  415.685298][ T5831] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  415.851222][T10130] hfsplus: request for non-existent node 33554434 in B*Tree
[  415.895119][T10130] hfsplus: request for non-existent node 33554434 in B*Tree
[  416.151367][T10138] xt_CT: You must specify a L4 protocol and not use inversions on it
[  416.949335][ T5831] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  417.009969][T10129] hfsplus: request for non-existent node 33554434 in B*Tree
[  417.055101][T10129] hfsplus: request for non-existent node 33554434 in B*Tree
[  417.057740][ T5831] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  417.219129][ T5831] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  417.257488][   T42] hfsplus: request for non-existent node 33554434 in B*Tree
[  417.445039][   T42] hfsplus: request for non-existent node 33554434 in B*Tree
[  417.453434][ T5831] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  417.513762][ T5831] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.630930][ T5831] usb 3-1: config 0 descriptor??
[  420.610519][ T5792] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  420.646335][ T5831] usbhid 3-1:0.0: can't add hid device: -71
[  420.652363][ T5831] usbhid: probe of 3-1:0.0 failed with error -71
[  420.672446][T10154] loop0: detected capacity change from 0 to 512
[  420.677574][ T5831] usb 3-1: USB disconnect, device number 6
[  420.726806][T10154] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  420.796058][T10154] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  420.995981][T10154] ext4 filesystem being mounted at /335/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  422.182115][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  428.967879][T10194] Illegal XDP return value 4294967274 on prog  (id 160) dev syz_tun, expect packet loss!
[  429.197814][T10196] loop0: detected capacity change from 0 to 1024
[  429.311249][T10196] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  436.055036][ T9834] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  436.345057][ T9834] usb 2-1: Using ep0 maxpacket: 8
[  436.376193][ T9834] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  436.407732][ T9834] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  436.423746][ T9834] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  436.444631][ T9834] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  436.464328][ T9834] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  436.489736][ T9834] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  436.519458][ T9834] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  436.542857][ T9834] usb 2-1: config 0 descriptor??
[  436.621610][ T5802] Bluetooth: hci4: urb ffff88801e30b000 submission failed (90)
[  436.832170][ T9834] usb 2-1: USB disconnect, device number 12
[  437.773423][T10270] xt_hashlimit: max too large, truncated to 1048576
[  437.780287][T10270] xt_hashlimit: invalid interval
[  438.846095][ T7747] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  438.934754][T10290] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1402'.
[  439.084483][ T7747] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  439.121437][ T7747] usb 4-1: config 0 interface 0 has no altsetting 0
[  439.159666][ T7747] usb 4-1: New USB device found, idVendor=056a, idProduct=00ba, bcdDevice= 0.00
[  439.205351][ T7747] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.264758][ T7747] usb 4-1: config 0 descriptor??
[  439.738737][ T7747] wacom 0003:056A:00BA.0006: Unknown device_type for 'HID 056a:00ba'. Assuming pen.
[  439.773490][ T7747] wacom 0003:056A:00BA.0006: hidraw0: USB HID v10.00 Device [HID 056a:00ba] on usb-dummy_hcd.3-1/input0
[  439.779789][ T7747] input: Wacom Intuos4 8x13 Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:00BA.0006/input/input9
[  440.079810][ T7747] usb 4-1: USB disconnect, device number 8
[  440.400825][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  440.407356][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  442.325195][    T8] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  442.553389][    T8] usb 2-1: config 0 has an invalid interface number: 156 but max is 0
[  442.587649][    T8] usb 2-1: config 0 has no interface number 0
[  442.610848][    T8] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  442.673059][    T8] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  442.715344][    T8] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  442.768331][    T8] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  442.807431][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.869913][T10335] loop0: detected capacity change from 0 to 2048
[  442.926000][    T8] usb 2-1: config 0 descriptor??
[  442.943726][T10335] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  442.953910][    T8] gspca_main: spca561-2.14.0 probing abcd:cdee
[  443.117123][T10335] UDF-fs: Scanning with blocksize 512 failed
[  443.541404][T10337] loop3: detected capacity change from 0 to 256
[  443.558244][    T8] spca561: probe of 2-1:0.156 failed with error -22
[  443.578042][T10335] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  443.623709][    T8] usb 2-1: Quirk or no altest; falling back to MIDI 1.0
[  443.671980][    T8] usb 2-1: MIDIStreaming interface descriptor not found
[  443.824233][   T28] audit: type=1800 audit(1757192948.242:97): pid=10337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1413" name="file1" dev="loop3" ino=1048639 res=0 errno=0
[  443.880754][T10337] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  443.890147][T10337] FAT-fs (loop3): Filesystem has been set read-only
[  444.058037][    T8] snd-usb-audio: probe of 2-1:0.156 failed with error -12
[  444.073718][    T8] usb 2-1: USB disconnect, device number 13
[  450.500950][   T28] audit: type=1326 audit(1757192954.922:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10406 comm="syz.2.1440" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0486d8ebe9 code=0x0
[  454.019404][T10428] loop3: detected capacity change from 0 to 2048
[  454.075276][T10428] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  455.826932][T10454] loop3: detected capacity change from 0 to 8
[  461.057351][T10477] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1461'.
[  465.630880][T10520] loop1: detected capacity change from 0 to 1024
[  466.104815][ T7054] hfsplus: b-tree write err: -5, ino 4
[  468.634959][    C0] vkms_vblank_simulate: vblank timer overrun
[  471.253513][T10564] kvm: pic: non byte write
[  471.302656][T10568] loop0: detected capacity change from 0 to 1024
[  471.336171][T10568] EXT4-fs: Ignoring removed nobh option
[  471.341814][T10568] EXT4-fs: Ignoring removed bh option
[  471.379548][T10568] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  471.463637][T10568] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  471.974471][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  472.811527][T10592] loop0: detected capacity change from 0 to 16
[  472.924109][T10592] erofs: (device loop0): mounted with root inode @ nid 36.
[  477.133293][T10639] kvm: pic: non byte write
[  477.277973][T10648] loop0: detected capacity change from 0 to 1024
[  478.451829][T10662] loop3: detected capacity change from 0 to 512
[  478.476670][T10662] EXT4-fs: Ignoring removed nobh option
[  478.498408][T10662] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  478.745337][T10662] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1519: iget: bad i_size value: 38620345925642
[  478.794845][T10662] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1519: couldn't read orphan inode 15 (err -117)
[  478.813206][T10662] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  479.695129][T10662] EXT4-fs (loop3): shut down requested (0)
[  479.726895][T10672] EXT4-fs error (device loop3): empty_inline_dir:1857: inode #12: block 7: comm syz.3.1519: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=4278190093, rec_len=255, size=60 fake=0
[  479.780904][T10672] EXT4-fs warning (device loop3): empty_inline_dir:1864: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60
[  480.810568][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.201671][T10711] loop3: detected capacity change from 0 to 2048
[  485.160803][T10711] Alternate GPT is invalid, using primary GPT.
[  485.166189][T10718] loop0: detected capacity change from 0 to 256
[  485.248786][T10711]  loop3: p1 p2 p3
[  485.263787][   T28] audit: type=1800 audit(1757192989.682:99): pid=10718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1532" name="file1" dev="loop0" ino=1048640 res=0 errno=0
[  485.277137][T10718] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  485.361705][ T5901] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  485.384788][T10718] FAT-fs (loop0): Filesystem has been set read-only
[  485.441997][ T6352] udevd[6352]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  485.447984][T10719] loop3: detected capacity change from 0 to 512
[  485.473605][ T8455] udevd[8455]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  485.490993][ T5901] udevd[5901]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  485.517866][T10719] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  485.576096][T10719] ext4 filesystem being mounted at /409/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  485.768490][T10706] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  485.930356][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  488.446186][T10748] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  493.955311][T10797] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  502.956739][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  503.035176][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  503.169468][T10868] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  505.156757][T10898] loop3: detected capacity change from 0 to 16
[  505.288432][T10898] erofs: (device loop3): mounted with root inode @ nid 36.
[  505.368414][T10898] erofs: (device loop3): z_erofs_readahead: readahead error at folio 2 @ nid 89
[  505.437753][   T50] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  505.450626][T10898] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  505.508178][   T28] audit: type=1800 audit(1757193009.932:100): pid=10898 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1588" name="file3" dev="loop3" ino=89 res=0 errno=0
[  505.895984][T10911] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  507.185341][T10924] fuse: Bad value for 'fd'
[  508.059111][T10941] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  508.459974][T10946] loop1: detected capacity change from 0 to 512
[  508.479579][T10946] EXT4-fs (loop1): Test dummy encryption mode enabled
[  508.488860][T10946] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  508.626751][T10946] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.1603: bad orphan inode 131083
[  508.705139][T10946] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  509.659763][ T5792] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  510.991085][T10983] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  511.328170][T10987] kvm: pic: non byte write
[  511.642246][T10994] fuse: Bad value for 'fd'
[  511.995023][ T5802] Bluetooth: hci3: command 0x0406 tx timeout
[  515.230151][T11031] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  515.693412][T11037] loop3: detected capacity change from 0 to 512
[  515.720708][T11037] EXT4-fs (loop3): Test dummy encryption mode enabled
[  515.730085][T11037] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  515.769621][T11037] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.1632: bad orphan inode 131083
[  515.797383][T11037] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  516.815841][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  518.137541][T11050] loop0: detected capacity change from 0 to 1024
[  518.298525][T11050] hfsplus: unable to parse mount options
[  519.072837][T11069] loop0: detected capacity change from 0 to 512
[  519.086662][T11069] EXT4-fs (loop0): Test dummy encryption mode enabled
[  519.093731][T11069] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  519.122378][T11069] EXT4-fs error (device loop0): ext4_orphan_get:1425: comm syz.0.1642: bad orphan inode 131083
[  519.137892][T11069] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  520.118041][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  520.467493][T11084] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  526.920866][T11144] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  528.412146][T11163] loop1: detected capacity change from 0 to 512
[  528.489160][T11163] EXT4-fs (loop1): 1 truncate cleaned up
[  528.505818][T11163] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  528.628077][T11163] EXT4-fs (loop1): Online resizing not supported with sparse_super2
[  528.788905][ T5792] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  531.824428][T11191] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  539.226752][T11241] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  539.440087][T11243] loop3: detected capacity change from 0 to 512
[  539.465177][T11243] EXT4-fs (loop3): Test dummy encryption mode enabled
[  539.479605][T11243] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  539.514061][T11243] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.1694: bad orphan inode 131083
[  539.548121][T11243] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  543.598204][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  544.355211][T11279] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1701'.
[  545.141646][T11289] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  550.329445][T11309] loop3: detected capacity change from 0 to 256
[  550.395214][   T28] audit: type=1800 audit(1757193054.812:101): pid=11309 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1711" name="file1" dev="loop3" ino=1048641 res=0 errno=0
[  550.405216][T11309] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  550.445077][T11309] FAT-fs (loop3): Filesystem has been set read-only
[  551.353933][T11317] xt_hashlimit: max too large, truncated to 1048576
[  551.391678][T11317] xt_hashlimit: invalid interval
[  551.450213][T11316] loop3: detected capacity change from 0 to 128
[  551.501030][T11316] EXT4-fs (loop3): Test dummy encryption mode enabled
[  551.582198][T11316] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  551.713420][T11316] ext4 filesystem being mounted at /456/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  553.693291][ T5788] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  556.155047][T11340] Bluetooth: hci3: command 0x0406 tx timeout
[  557.238048][T11360] loop0: detected capacity change from 0 to 128
[  557.275800][T11362] loop1: detected capacity change from 0 to 16
[  557.366893][T11362] erofs: (device loop1): mounted with root inode @ nid 36.
[  559.491737][T11369] xt_hashlimit: max too large, truncated to 1048576
[  559.498795][T11369] xt_hashlimit: invalid interval
[  559.521651][T11380] loop3: detected capacity change from 0 to 256
[  559.759368][   T28] audit: type=1800 audit(1757193064.182:102): pid=11380 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1722" name="file1" dev="loop3" ino=1048643 res=0 errno=0
[  559.805265][T11380] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  559.830433][T11380] FAT-fs (loop3): Filesystem has been set read-only
[  562.414611][T11398] loop0: detected capacity change from 0 to 128
[  562.445216][T11398] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  562.461598][T11398] ext4 filesystem being mounted at /434/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  563.873348][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  563.879760][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  563.988231][ T5799] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  566.955434][T11427] xt_hashlimit: max too large, truncated to 1048576
[  566.962122][T11427] xt_hashlimit: invalid interval
[  571.121159][T11468] fuse: Bad value for 'fd'
[  571.529649][T11476] loop1: detected capacity change from 0 to 256
[  571.580607][   T28] audit: type=1800 audit(1757193076.002:103): pid=11476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1753" name="file1" dev="loop1" ino=1048644 res=0 errno=0
[  571.606592][T11476] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  571.633594][T11476] FAT-fs (loop1): Filesystem has been set read-only
[  572.596616][T11473] xt_hashlimit: max too large, truncated to 1048576
[  572.630587][T11473] xt_hashlimit: invalid interval
[  575.952875][T11503] fuse: Bad value for 'fd'
[  576.657027][   T28] audit: type=1326 audit(1757193081.072:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11507 comm="syz.2.1765" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0486d8ebe9 code=0x0
[  579.360359][T11530] loop3: detected capacity change from 0 to 512
[  579.534762][T11535] fuse: Bad value for 'fd'
[  579.549408][T11530] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  579.631906][T11530] ext4 filesystem being mounted at /471/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  579.708892][T11530] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #2: comm syz.3.1771: corrupted inode contents
[  579.738949][T11530] EXT4-fs error (device loop3): ext4_dirty_inode:6106: inode #2: comm syz.3.1771: mark_inode_dirty error
[  579.759280][T11530] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #2: comm syz.3.1771: corrupted inode contents
[  579.928908][T11530] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.1771: mark_inode_dirty error
[  579.990876][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  586.615100][ T5531] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  586.828286][ T5531] usb 1-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  586.894717][ T5531] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  586.983519][ T5531] usb 1-1: Product: syz
[  587.047566][ T5531] usb 1-1: Manufacturer: syz
[  587.089147][ T5531] usb 1-1: SerialNumber: syz
[  587.140184][ T5531] usb 1-1: config 0 descriptor??
[  588.272677][ T5531] asix 1-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  588.476137][ T5531] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  588.530998][ T5531] asix 1-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  588.562095][ T5531] asix: probe of 1-1:0.0 failed with error -71
[  588.580390][ T5531] usb 1-1: USB disconnect, device number 6
[  590.607715][T11632] xt_CT: You must specify a L4 protocol and not use inversions on it
[  590.961792][T11636] loop1: detected capacity change from 0 to 256
[  598.541790][T11688] loop0: detected capacity change from 0 to 512
[  598.576127][T11688] EXT4-fs: Ignoring removed orlov option
[  598.585036][T11688] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  598.652381][T11688] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  598.727546][T11688] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2244: inode #15: comm syz.0.1817: corrupted in-inode xattr: e_value size too large
[  598.783620][T11688] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.1817: couldn't read orphan inode 15 (err -117)
[  598.824759][T11688] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  599.271222][T11701] xt_CT: You must specify a L4 protocol and not use inversions on it
[  600.271546][T11711] loop3: detected capacity change from 0 to 1024
[  601.035242][ T5802] Bluetooth: hci3: command 0x0406 tx timeout
[  601.505915][T11721] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  602.362754][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  606.099351][T11752] loop3: detected capacity change from 0 to 256
[  606.218431][T11756] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  606.750826][T11763] loop1: detected capacity change from 0 to 2048
[  606.844950][T11763] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  612.757073][T11801] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  617.057889][T11819] loop1: detected capacity change from 0 to 1024
[  617.179368][T11819] EXT4-fs: Ignoring removed nobh option
[  617.225014][T11819] EXT4-fs: Ignoring removed bh option
[  617.275006][T11819] EXT4-fs: Mount option(s) incompatible with ext3
[  618.373171][ T5901] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  618.773492][T11831] xt_hashlimit: max too large, truncated to 1048576
[  618.780229][T11831] xt_hashlimit: invalid interval
[  619.013319][T11836] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  621.764739][T11850] loop1: detected capacity change from 0 to 256
[  621.815010][   T28] audit: type=1800 audit(1757193126.222:105): pid=11850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1863" name="file1" dev="loop1" ino=1048646 res=0 errno=0
[  621.838291][T11850] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  621.847393][T11850] FAT-fs (loop1): Filesystem has been set read-only
[  622.077675][T11865] xt_hashlimit: max too large, truncated to 1048576
[  622.084371][T11865] xt_hashlimit: invalid interval
[  624.733220][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  624.739866][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  627.904336][T11899] xt_hashlimit: max too large, truncated to 1048576
[  627.911106][T11899] xt_hashlimit: invalid interval
[  628.530430][T11902] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  630.476128][T11916] loop1: detected capacity change from 0 to 512
[  630.634020][T11916] EXT4-fs (loop1): Test dummy encryption mode enabled
[  630.649786][T11916] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  631.430407][T11916] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.1881: bad orphan inode 131083
[  631.462593][T11916] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  631.977893][ T5792] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  633.486525][T11942] xt_hashlimit: max too large, truncated to 1048576
[  633.493254][T11942] xt_hashlimit: invalid interval
[  633.693762][T11943] netlink: 'syz.1.1889': attribute type 6 has an invalid length.
[  633.948397][T11951] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  636.390886][T11973] loop3: detected capacity change from 0 to 512
[  636.541282][T11973] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1897: casefold flag without casefold feature
[  636.559742][T11973] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1897: couldn't read orphan inode 15 (err -117)
[  636.573615][T11973] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  637.079877][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  637.378698][T11984] loop3: detected capacity change from 0 to 512
[  637.391062][T11982] loop1: detected capacity change from 0 to 256
[  637.396925][T11984] EXT4-fs: Ignoring removed orlov option
[  637.425454][T11984] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  637.465040][T11984] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  637.482716][T11984] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.1898: corrupted in-inode xattr: e_value size too large
[  637.496916][ T5901] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  637.542794][T11984] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1898: couldn't read orphan inode 15 (err -117)
[  637.581203][T11984] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  637.675109][ T5876] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  637.884914][ T5876] usb 3-1: Using ep0 maxpacket: 8
[  637.892500][ T5876] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  637.915653][ T5876] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  637.939560][ T5876] usb 3-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  637.971410][ T5876] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  637.998235][ T5876] usb 3-1: config 0 descriptor??
[  638.218028][T11996] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  638.256292][T11997] xt_CT: You must specify a L4 protocol and not use inversions on it
[  638.438812][ T5876] glorious 0003:258A:0036.0007: item fetching failed at offset 0/2
[  638.468333][ T5876] glorious: probe of 0003:258A:0036.0007 failed with error -22
[  638.636514][ T5876] usb 3-1: USB disconnect, device number 7
[  640.010046][T12005] loop0: detected capacity change from 0 to 4096
[  640.018122][T12005] EXT4-fs: Ignoring removed mblk_io_submit option
[  640.044680][T12005] EXT4-fs (loop0): Test dummy encryption mode enabled
[  640.117079][T12005] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  640.372930][T12005] fscrypt (loop0): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  640.471181][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  641.685744][ T5802] Bluetooth: hci3: command 0x0406 tx timeout
[  643.023962][T12035] loop0: detected capacity change from 0 to 512
[  643.286641][T12035] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  643.365893][T12035] ext4 filesystem being mounted at /477/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  643.579820][T12044] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  643.712690][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  643.734518][T12047] loop1: detected capacity change from 0 to 512
[  643.745605][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  644.043696][T12047] EXT4-fs (loop1): 1 orphan inode deleted
[  644.055890][   T58] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  644.127165][T12047] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  644.419122][   T58] EXT4-fs error (device loop1): ext4_release_dquot:6976: comm kworker/u4:4: Failed to release dquot type 1
[  644.446573][T12047] ext4 filesystem being mounted at /444/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  644.879086][ T5792] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  645.494314][T12069] loop1: detected capacity change from 0 to 128
[  647.345807][T12082] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  648.321009][T12086] loop0: detected capacity change from 0 to 512
[  648.388075][T12086] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e01c, mo2=0002]
[  648.429049][T12086] System zones: 1-12
[  648.485131][T12086] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.1929: Directory hole found for htree index block 0
[  648.578542][T12086] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -117
[  648.615111][T12086] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.1929: Directory hole found for htree index block 0
[  648.675124][T12086] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  648.711050][T12086] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  648.930413][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  650.188575][T12108] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  650.246323][T12109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1936'.
[  655.825903][T12147] xt_hashlimit: max too large, truncated to 1048576
[  655.832626][T12147] xt_hashlimit: invalid interval
[  656.905110][   T23] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  657.230020][   T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  658.039875][   T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  658.064884][   T23] usb 1-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  658.074008][   T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  658.206097][   T23] usb 1-1: config 0 descriptor??
[  658.902709][   T23] hid-led 0003:1D34:000A.0008: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.0-1/input0
[  658.984070][   T23] hid-led 0003:1D34:000A.0008: Dream Cheeky Webmail Notifier initialized
[  659.158798][    T8] usb 1-1: USB disconnect, device number 7
[  659.196056][T12162] fido_id[12162]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory
[  660.988250][   T28] audit: type=1326 audit(1757193165.412:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12170 comm="syz.0.1960" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2a1378ebe9 code=0x0
[  666.882278][T11340] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  666.893784][T11340] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  666.905044][T11340] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  666.914362][T11340] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  666.930298][T11340] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  666.955321][T11340] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  667.016473][T12217] loop0: detected capacity change from 0 to 1024
[  667.126225][T12217] EXT4-fs: Ignoring removed orlov option
[  667.131963][T12217] EXT4-fs: Ignoring removed nomblk_io_submit option
[  667.502246][T12214] chnl_net:caif_netlink_parms(): no params data found
[  667.520802][T12217] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  668.156643][T12214] bridge0: port 1(bridge_slave_0) entered blocking state
[  668.189992][T12214] bridge0: port 1(bridge_slave_0) entered disabled state
[  668.215600][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  668.252502][T12214] bridge_slave_0: entered allmulticast mode
[  668.262148][T12214] bridge_slave_0: entered promiscuous mode
[  668.474947][T12214] bridge0: port 2(bridge_slave_1) entered blocking state
[  668.652348][T12214] bridge0: port 2(bridge_slave_1) entered disabled state
[  668.845083][T12214] bridge_slave_1: entered allmulticast mode
[  668.878144][T12214] bridge_slave_1: entered promiscuous mode
[  669.054954][T11340] Bluetooth: hci4: command tx timeout
[  669.383311][ T7054] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  670.118270][T12214] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  670.510647][ T7054] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  670.587499][T12214] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  671.134905][T11340] Bluetooth: hci4: command tx timeout
[  671.320389][T12247] loop0: detected capacity change from 0 to 2048
[  671.402398][ T7054] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  671.431765][ T5901] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  671.606893][T12214] team0: Port device team_slave_0 added
[  671.678621][ T9786] Trying to write to read-only block-device loop2
[  671.706515][ T7054] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  671.758656][T12214] team0: Port device team_slave_1 added
[  671.936486][T12214] batman_adv: batadv0: Adding interface: batadv_slave_0
[  671.943501][T12214] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  672.023513][T12214] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  672.027665][ T2134] usb 3-1: new full-speed USB device number 8 using dummy_hcd
[  672.049138][T12214] batman_adv: batadv0: Adding interface: batadv_slave_1
[  672.056237][T12214] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  672.082547][T12214] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  672.155052][T12214] hsr_slave_0: entered promiscuous mode
[  672.161836][T12214] hsr_slave_1: entered promiscuous mode
[  672.171269][T12214] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  672.179878][T12214] Cannot create hsr debugfs directory
[  672.241480][ T2134] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  672.270200][ T2134] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  672.325537][ T2134] usb 3-1: config 0 descriptor??
[  672.334289][ T2134] cp210x 3-1:0.0: cp210x converter detected
[  672.772509][ T2134] usb 3-1: cp210x converter now attached to ttyUSB0
[  672.982286][ T2134] usb 3-1: USB disconnect, device number 8
[  673.033135][ T2134] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  673.118443][ T2134] cp210x 3-1:0.0: device disconnected
[  673.205848][T11340] Bluetooth: hci4: command tx timeout
[  675.154997][T12214] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  675.211037][T12214] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  675.257665][T12214] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  675.275122][T11340] Bluetooth: hci4: command tx timeout
[  675.301554][T12214] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  676.368383][T12310] loop0: detected capacity change from 0 to 128
[  676.392956][T12310] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  678.300587][ T7054] hsr_slave_0: left promiscuous mode
[  678.389543][ T7054] hsr_slave_1: left promiscuous mode
[  678.688627][ T7054] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  678.823480][ T7054] batman_adv: batadv0: Removing interface: batadv_slave_0
[  678.974350][ T7054] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  679.090568][ T7054] batman_adv: batadv0: Removing interface: batadv_slave_1
[  679.108117][ T7054] bridge_slave_1: left allmulticast mode
[  679.108143][ T7054] bridge_slave_1: left promiscuous mode
[  679.110617][ T7054] bridge0: port 2(bridge_slave_1) entered disabled state
[  679.149623][ T7054] bridge_slave_0: left allmulticast mode
[  679.154168][ T7054] bridge0: port 1(bridge_slave_0) entered disabled state
[  679.224165][ T7054] veth1_macvtap: left promiscuous mode
[  679.224528][ T7054] veth0_macvtap: left promiscuous mode
[  679.224720][ T7054] veth1_vlan: left promiscuous mode
[  679.226306][ T7054] veth0_vlan: left promiscuous mode
[  681.009237][ T7054] team0 (unregistering): Port device team_slave_1 removed
[  681.386907][ T7054] team0 (unregistering): Port device team_slave_0 removed
[  682.471864][ T7054] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  682.758024][ T7054] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  683.157462][T12362] fuse: Bad value for 'fd'
[  683.172333][T12356] process '/newroot/516/file0' started with executable stack
[  686.162398][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  686.168952][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  686.541979][T12373] loop0: detected capacity change from 0 to 512
[  686.563724][T12373] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  686.631616][T12373] EXT4-fs (loop0): 1 truncate cleaned up
[  686.643089][T12373] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  686.723959][T12373] syz.0.2014 (pid 12373) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  686.840997][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  687.002663][ T7054] bond0 (unregistering): Released all slaves
[  688.233743][T12214] 8021q: adding VLAN 0 to HW filter on device bond0
[  689.628247][T12214] 8021q: adding VLAN 0 to HW filter on device team0
[  689.869964][ T1124] bridge0: port 1(bridge_slave_0) entered blocking state
[  689.877244][ T1124] bridge0: port 1(bridge_slave_0) entered forwarding state
[  689.936920][ T1124] bridge0: port 2(bridge_slave_1) entered blocking state
[  689.945341][ T1124] bridge0: port 2(bridge_slave_1) entered forwarding state
[  690.748818][T12214] 8021q: adding VLAN 0 to HW filter on device batadv0
[  691.656617][T12214] veth0_vlan: entered promiscuous mode
[  691.710491][T12214] veth1_vlan: entered promiscuous mode
[  691.819665][T12214] veth0_macvtap: entered promiscuous mode
[  691.858794][T12214] veth1_macvtap: entered promiscuous mode
[  691.926700][T12214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  691.959534][T12214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  691.980760][T12214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  691.991977][T12214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  692.003168][T12214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  692.014165][T12214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  692.031730][T12214] batman_adv: batadv0: Interface activated: batadv_slave_0
[  692.059021][T12214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  692.072943][T12214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  692.094959][T12214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  692.116232][T12214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  692.137098][T12214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  692.160578][T12214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  692.185186][T12214] batman_adv: batadv0: Interface activated: batadv_slave_1
[  692.230428][T12214] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  692.254344][T12214] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  692.275135][T12214] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  692.298455][T12214] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  692.564361][ T7054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  692.594437][ T7054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  692.650926][ T7054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  692.682327][ T7054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  693.546351][T12457] xt_hashlimit: max too large, truncated to 1048576
[  693.553692][T12457] xt_hashlimit: invalid interval
[  696.021026][T12477] loop4: detected capacity change from 0 to 256
[  696.420969][   T28] audit: type=1800 audit(1757193200.842:107): pid=12477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2028" name="file1" dev="loop4" ino=1048654 res=0 errno=0
[  700.055413][T12516] syz_tun: entered allmulticast mode
[  700.086104][T12520] xt_hashlimit: max too large, truncated to 1048576
[  700.092783][T12520] xt_hashlimit: invalid interval
[  700.097842][T12515] syz_tun: left allmulticast mode
[  700.325152][    T8] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  700.366789][T12526] loop4: detected capacity change from 0 to 512
[  700.400609][T12526] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  700.453278][T12526] EXT4-fs (loop4): 1 truncate cleaned up
[  700.472650][T12526] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  700.515012][    T8] usb 3-1: Using ep0 maxpacket: 16
[  700.526931][    T8] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  700.543457][    T8] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  700.565740][    T8] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  700.584502][    T8] usb 3-1: config 1 has no interface number 1
[  700.592271][    T8] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  700.609567][    T8] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  700.628570][    T8] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  700.638233][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  700.652763][    T8] usb 3-1: Product: syz
[  700.660595][    T8] usb 3-1: Manufacturer: syz
[  700.766490][T12214] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  700.781012][    T8] usb 3-1: SerialNumber: syz
[  700.962675][T12535] loop0: detected capacity change from 0 to 2048
[  701.017236][T12535] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  701.490766][T12545] loop4: detected capacity change from 0 to 128
[  701.555464][T12545] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  701.627060][T12545] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  703.215373][ T9834] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  703.285404][    T8] usb 3-1: USB disconnect, device number 9
[  703.311003][T12563] loop4: detected capacity change from 0 to 512
[  703.343632][T12563] EXT4-fs: Ignoring removed orlov option
[  703.388910][T12563] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  703.420759][T12563] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  703.430040][ T9834] usb 1-1: Using ep0 maxpacket: 8
[  703.449192][ T9834] usb 1-1: unable to get BOS descriptor or descriptor too short
[  703.466499][ T9834] usb 1-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  703.476542][T12563] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.2047: corrupted in-inode xattr: e_value size too large
[  703.490434][ T9834] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5
[  703.500288][ T9834] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  703.522401][ T9834] usb 1-1: Product: syz
[  703.533971][ T9834] usb 1-1: Manufacturer: syz
[  703.557217][ T9834] usb 1-1: SerialNumber: syz
[  703.573154][T12563] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.2047: couldn't read orphan inode 15 (err -117)
[  703.626688][T12563] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  704.149904][T12571] xt_CT: You must specify a L4 protocol and not use inversions on it
[  704.595440][ T9834] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[  704.998933][ T9834] snd-usb-audio: probe of 1-1:8.0 failed with error -2
[  705.040022][ T9834] usb 1-1: USB disconnect, device number 8
[  705.094524][T12377] udevd[12377]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:8.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  706.084256][T12591] xt_hashlimit: max too large, truncated to 1048576
[  706.091118][T12591] xt_hashlimit: invalid interval
[  706.492325][T12214] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  709.095084][T12611] loop0: detected capacity change from 0 to 128
[  709.352371][T12611] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  709.393164][T12611] ext4 filesystem being mounted at /517/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  709.685557][T12611] EXT4-fs (loop0): shut down requested (1)
[  709.722678][T12611] fscrypt (loop0, inode 12): Error -5 getting encryption context
[  709.879099][ T5799] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  710.716745][T12634] xt_CT: You must specify a L4 protocol and not use inversions on it
[  711.361026][T12631] loop0: detected capacity change from 0 to 2048
[  711.440268][T12631] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  711.468225][T12631] ext4 filesystem being mounted at /519/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  712.574185][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  713.637057][T12661] fuse: Bad value for 'fd'
[  713.820089][T12665] input: syz1 as /devices/virtual/input/input12
[  714.369043][T12677] loop0: detected capacity change from 0 to 256
[  714.452797][   T28] audit: type=1800 audit(1757193218.872:108): pid=12677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2069" name="file1" dev="loop0" ino=1048655 res=0 errno=0
[  715.797867][T12702] fuse: Bad value for 'fd'
[  716.023828][T12706] xt_CT: You must specify a L4 protocol and not use inversions on it
[  716.713971][T12709] loop4: detected capacity change from 0 to 1024
[  720.193115][T12746] fuse: Bad value for 'fd'
[  721.832597][T12769] xt_CT: You must specify a L4 protocol and not use inversions on it
[  724.138706][T12787] loop0: detected capacity change from 0 to 1024
[  727.700366][   T58] hfsplus: bad catalog file entry
[  727.944952][   T58] hfsplus: b-tree write err: -5, ino 3
[  728.517031][T12833] xt_CT: You must specify a L4 protocol and not use inversions on it
[  733.005043][T12871] loop4: detected capacity change from 0 to 2048
[  733.045584][T12871] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  733.204923][   T28] audit: type=1800 audit(1757193237.622:109): pid=12871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2114" name="file1" dev="loop4" ino=1415 res=0 errno=0
[  733.279401][T12869] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2113'.
[  734.668450][T12902] loop4: detected capacity change from 0 to 128
[  734.780698][T12902] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  735.264882][   T23] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  735.464886][   T23] usb 1-1: Using ep0 maxpacket: 32
[  735.485470][   T23] usb 1-1: config 5 contains an unexpected descriptor of type 0x2, skipping
[  735.504594][   T23] usb 1-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  735.530658][   T23] usb 1-1: config 5 has 1 interface, different from the descriptor's value: 2
[  735.553453][   T23] usb 1-1: config 5 interface 0 altsetting 255 endpoint 0xD has invalid wMaxPacketSize 0
[  735.567705][   T23] usb 1-1: config 5 interface 0 altsetting 255 has a duplicate endpoint with address 0x9, skipping
[  735.578814][   T23] usb 1-1: config 5 interface 0 altsetting 255 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  735.590214][   T23] usb 1-1: config 5 interface 0 altsetting 255 endpoint 0x84 has invalid wMaxPacketSize 0
[  735.601265][   T23] usb 1-1: config 5 interface 0 has no altsetting 0
[  735.610771][   T23] usb 1-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=9f.21
[  735.620289][   T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  735.631534][   T23] usb 1-1: Product: syz
[  735.631556][   T23] usb 1-1: Manufacturer: syz
[  735.631573][   T23] usb 1-1: SerialNumber: syz
[  735.878486][   T23] usb 1-1: USB disconnect, device number 9
[  737.140173][T12943] loop4: detected capacity change from 0 to 1024
[  737.370006][T12943] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  737.459138][   T28] audit: type=1800 audit(1757193241.882:110): pid=12943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2137" name="file1" dev="loop4" ino=15 res=0 errno=0
[  738.550703][T12214] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  740.758943][T13008] fuse: Unknown parameter 'use00000000000000000000'
[  740.831223][T13010] loop0: detected capacity change from 0 to 512
[  740.901763][T13010] EXT4-fs error (device loop0): ext4_orphan_get:1425: comm syz.0.2152: bad orphan inode 15
[  740.997022][T13010] ext4_test_bit(bit=14, block=18) = 1
[  741.002493][T13010] is_bad_inode(inode)=0
[  741.020786][T13010] NEXT_ORPHAN(inode)=1023
[  741.040035][T13010] max_ino=32
[  741.053563][T13010] i_nlink=0
[  741.075067][T13010] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2983: inode #15: comm syz.0.2152: corrupted xattr block 19: invalid header
[  741.118299][T13010] EXT4-fs warning (device loop0): ext4_evict_inode:272: xattr delete (err -117)
[  741.143752][T13010] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[  741.172853][T13010] ext4 filesystem being mounted at /538/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  741.331503][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[  742.653776][T13045] fuse: Unknown parameter 'use00000000000000000000'
[  747.242070][T13081] netlink: 165 bytes leftover after parsing attributes in process `syz.1.2170'.
[  747.423350][T13088] fuse: Unknown parameter 'use00000000000000000000'
[  747.602381][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  747.608894][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  747.852853][T13096] bridge: RTM_NEWNEIGH with unconfigured vlan 3 on bridge_slave_0
[  748.679274][T13103] loop4: detected capacity change from 0 to 1024
[  748.803008][T13103] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  749.696784][T12214] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  749.888160][T13125] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2185'.
[  751.271531][T13148] netlink: 360 bytes leftover after parsing attributes in process `syz.1.2190'.
[  752.371143][T13159] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input13
[  755.736737][T13206] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2207'.
[  755.788322][   T23] IPVS: starting estimator thread 0...
[  755.915846][T13207] IPVS: using max 20 ests per chain, 48000 per kthread
[  756.333214][T13206] bridge0: port 2(bridge_slave_1) entered disabled state
[  756.343367][T13206] bridge0: port 1(bridge_slave_0) entered disabled state
[  756.721166][T13206] A link change request failed with some changes committed already. Interface nlmon0 may have been left with an inconsistent configuration, please check.
[  760.244734][T13291] tipc: Started in network mode
[  760.250111][T13291] tipc: Node identity 6a2718c67e49, cluster identity 4711
[  760.257695][T13291] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  760.265912][T13291] syzkaller0: entered promiscuous mode
[  760.470304][T13291] syzkaller0: entered allmulticast mode
[  760.885818][T13291] tipc: Resetting bearer <eth:syzkaller0>
[  760.957997][T13290] tipc: Resetting bearer <eth:syzkaller0>
[  761.107527][T13290] tipc: Disabling bearer <eth:syzkaller0>
[  761.577295][T13306] xt_hashlimit: max too large, truncated to 1048576
[  761.588879][T13306] xt_hashlimit: invalid interval
[  762.634079][T13312] netlink: 'syz.2.2229': attribute type 1 has an invalid length.
[  762.811594][T13312] 8021q: adding VLAN 0 to HW filter on device bond1
[  762.849220][T13317] bond1: (slave geneve2): making interface the new active one
[  763.115733][T13317] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  765.703764][T13328] loop4: detected capacity change from 0 to 512
[  766.827387][T13328] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  766.905013][T13328] ext4 filesystem being mounted at /49/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  767.364903][T13328] EXT4-fs error (device loop4): ext4_do_update_inode:5230: inode #2: comm syz.4.2233: corrupted inode contents
[  767.614844][T13328] EXT4-fs error (device loop4): ext4_dirty_inode:6106: inode #2: comm syz.4.2233: mark_inode_dirty error
[  767.651322][T13328] EXT4-fs error (device loop4): ext4_do_update_inode:5230: inode #2: comm syz.4.2233: corrupted inode contents
[  767.718840][T13328] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.2233: mark_inode_dirty error
[  767.939805][T12214] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  768.125645][T13362] loop4: detected capacity change from 0 to 128
[  768.197989][T13362] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  768.309492][T13362] ext4 filesystem being mounted at /50/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  769.577180][T12214] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  771.977697][T13410] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2251'.
[  773.174942][ T5802] Bluetooth: hci4: command tx timeout
[  775.107063][T13447] tipc: Started in network mode
[  775.112118][T13447] tipc: Node identity fffeffff, cluster identity 4711
[  775.123980][T13447] tipc: Node number set to 4294901759
[  775.435588][T13455] bridge: RTM_NEWNEIGH with invalid ether address
[  775.444213][T13455] bridge: RTM_NEWNEIGH with invalid ether address
[  775.957126][T13469] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2270'.
[  776.219248][T13471] nbd0: detected capacity change from 0 to 63
[  776.541350][ T5802] block nbd0: Receive control failed (result -104)
[  780.302666][T13520] netlink: 'syz.0.2287': attribute type 10 has an invalid length.
[  780.321787][T13520] veth0_vlan: entered allmulticast mode
[  780.494088][T13520] veth0_vlan: left promiscuous mode
[  780.535011][T13520] veth0_vlan: entered promiscuous mode
[  780.576983][T13520] team0: Device veth0_vlan failed to register rx_handler
[  781.259314][T13537] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2291'.
[  783.680523][T13560] netlink: 380 bytes leftover after parsing attributes in process `syz.0.2299'.
[  783.859391][T13563] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2300'.
[  788.055387][T13602] fuse: Unknown parameter '0x0000000000000003'
[  789.521700][T13511] Set syz1 is full, maxelem 65536 reached
[  789.552871][T10709] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  790.060439][T11340] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  790.072778][T11340] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  790.081992][T11340] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  790.097717][T11340] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  790.116189][T11340] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  790.124417][T11340] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  790.613216][T13616] chnl_net:caif_netlink_parms(): no params data found
[  790.869438][ T1091] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  790.982888][ T1091] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  791.279457][ T1091] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  791.295758][ T1091] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  791.377505][T13637] fuse: Unknown parameter '0x0000000000000003'
[  791.417117][ T1091] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  791.444427][ T1091] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  791.773167][ T1091] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  791.794653][ T1091] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  791.831098][T13616] bridge0: port 1(bridge_slave_0) entered blocking state
[  791.838889][T13616] bridge0: port 1(bridge_slave_0) entered disabled state
[  791.847112][T13616] bridge_slave_0: entered allmulticast mode
[  791.862594][T13616] bridge_slave_0: entered promiscuous mode
[  791.935470][T13616] bridge0: port 2(bridge_slave_1) entered blocking state
[  791.956969][T13616] bridge0: port 2(bridge_slave_1) entered disabled state
[  791.984103][T13616] bridge_slave_1: entered allmulticast mode
[  791.991742][T13616] bridge_slave_1: entered promiscuous mode
[  792.089464][T13616] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  792.121345][T13616] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  792.210759][T13616] team0: Port device team_slave_0 added
[  792.260572][T11340] Bluetooth: hci0: command tx timeout
[  792.282359][T13616] team0: Port device team_slave_1 added
[  792.491322][T13616] batman_adv: batadv0: Adding interface: batadv_slave_0
[  792.522742][T13616] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  792.580895][T13616] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  792.975009][T13616] batman_adv: batadv0: Adding interface: batadv_slave_1
[  793.060730][T13616] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  793.113414][T13616] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  793.272475][ T1091] tipc: Left network mode
[  793.327585][T13663] fuse: Unknown parameter '0x0000000000000003'
[  793.618273][T13616] hsr_slave_0: entered promiscuous mode
[  793.643210][T13616] hsr_slave_1: entered promiscuous mode
[  793.654375][T13616] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  793.668361][T13616] Cannot create hsr debugfs directory
[  794.315202][T11340] Bluetooth: hci0: command tx timeout
[  795.357871][T13707] fuse: Unknown parameter '0x0000000000000003'
[  795.957925][ T1091] hsr_slave_0: left promiscuous mode
[  795.989890][ T1091] hsr_slave_1: left promiscuous mode
[  796.005940][ T1091] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  796.013443][ T1091] batman_adv: batadv0: Removing interface: batadv_slave_0
[  796.022118][ T1091] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  796.029898][ T1091] batman_adv: batadv0: Removing interface: batadv_slave_1
[  796.038534][ T1091] bridge_slave_1: left allmulticast mode
[  796.044268][ T1091] bridge_slave_1: left promiscuous mode
[  796.054478][ T1091] bridge0: port 2(bridge_slave_1) entered disabled state
[  796.067084][ T1091] bridge_slave_0: left allmulticast mode
[  796.072887][ T1091] bridge_slave_0: left promiscuous mode
[  796.079650][ T1091] bridge0: port 1(bridge_slave_0) entered disabled state
[  796.127311][ T1091] veth1_macvtap: left promiscuous mode
[  796.133492][ T1091] veth0_macvtap: left promiscuous mode
[  796.139872][ T1091] veth1_vlan: left promiscuous mode
[  796.145471][ T1091] veth0_vlan: left promiscuous mode
[  796.355010][ T1091] bond1 (unregistering): (slave geneve2): Releasing active interface
[  796.406782][T11340] Bluetooth: hci0: command tx timeout
[  796.576821][ T1091] bond1 (unregistering): Released all slaves
[  797.114515][ T1091] team0 (unregistering): Port device team_slave_1 removed
[  797.172531][ T1091] team0 (unregistering): Port device team_slave_0 removed
[  797.226770][ T1091] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  797.282333][ T1091] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  797.877210][ T1091] bond0 (unregistering): Released all slaves
[  798.070021][T13616] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  798.109869][T13616] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  798.135029][T13616] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  798.161634][T13616] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  798.505082][T11340] Bluetooth: hci0: command tx timeout
[  798.641480][T13737] fuse: Unknown parameter '0x0000000000000003'
[  798.949465][T13616] 8021q: adding VLAN 0 to HW filter on device bond0
[  799.012474][T13616] 8021q: adding VLAN 0 to HW filter on device team0
[  799.132117][ T1105] bridge0: port 1(bridge_slave_0) entered blocking state
[  799.139425][ T1105] bridge0: port 1(bridge_slave_0) entered forwarding state
[  799.229131][ T1105] bridge0: port 2(bridge_slave_1) entered blocking state
[  799.236431][ T1105] bridge0: port 2(bridge_slave_1) entered forwarding state
[  801.142344][T13616] 8021q: adding VLAN 0 to HW filter on device batadv0
[  801.323048][T13616] veth0_vlan: entered promiscuous mode
[  801.676956][T13616] veth1_vlan: entered promiscuous mode
[  801.833937][T13783] fuse: Unknown parameter 'fd0x0000000000000003'
[  801.846233][T13616] veth0_macvtap: entered promiscuous mode
[  801.889759][T13616] veth1_macvtap: entered promiscuous mode
[  801.957721][T13616] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  801.986090][T13616] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  802.011242][T13616] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  802.026170][T13616] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  802.036510][T13616] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  802.054956][T13616] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  802.263518][T13616] batman_adv: batadv0: Interface activated: batadv_slave_0
[  802.293694][T13616] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  802.306808][T13616] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  802.323785][T13616] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  802.324410][ T5802] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  802.343872][T13616] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  802.354127][ T5802] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  802.374954][T13616] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  802.385814][T13616] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  802.402565][T13616] batman_adv: batadv0: Interface activated: batadv_slave_1
[  802.573543][ T5802] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  802.590261][ T5802] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  802.602701][ T5802] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  802.617318][ T5802] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  802.718850][T13616] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  802.903590][T13616] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  802.912889][T13616] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  802.927940][T13616] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  804.088445][ T1091] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  804.127758][ T1091] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  804.283908][ T1105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  804.333644][ T1105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  804.631780][T13792] chnl_net:caif_netlink_parms(): no params data found
[  804.683700][T13822] tipc: Started in network mode
[  804.703003][T13822] tipc: Node identity 8a437bfdc92e, cluster identity 4711
[  804.720711][T13822] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  804.750702][T13820] syzkaller0: entered promiscuous mode
[  804.764689][T13820] syzkaller0: entered allmulticast mode
[  804.809603][ T5802] Bluetooth: hci2: command tx timeout
[  805.262942][T13831] tipc: Resetting bearer <eth:syzkaller0>
[  805.339563][T13838] fuse: Unknown parameter 'fd0x0000000000000003'
[  805.371031][T13819] tipc: Resetting bearer <eth:syzkaller0>
[  805.440644][T13819] tipc: Disabling bearer <eth:syzkaller0>
[  805.846402][T13792] bridge0: port 1(bridge_slave_0) entered blocking state
[  805.853954][T13792] bridge0: port 1(bridge_slave_0) entered disabled state
[  805.861773][T13792] bridge_slave_0: entered allmulticast mode
[  805.882095][T13792] bridge_slave_0: entered promiscuous mode
[  805.918471][T13792] bridge0: port 2(bridge_slave_1) entered blocking state
[  806.269715][T13792] bridge0: port 2(bridge_slave_1) entered disabled state
[  806.591125][T13792] bridge_slave_1: entered allmulticast mode
[  806.667903][T13792] bridge_slave_1: entered promiscuous mode
[  806.875573][ T5802] Bluetooth: hci2: command tx timeout
[  807.110237][T13792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  807.172141][T13792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  807.190314][   T54] block nbd0: Possible stuck request ffff8880219b8000: control (read@0,1024B). Runtime 30 seconds
[  807.203639][   T54] block nbd0: Possible stuck request ffff8880219b8200: control (read@1024,1024B). Runtime 30 seconds
[  807.215673][   T54] block nbd0: Possible stuck request ffff8880219b8400: control (read@2048,1024B). Runtime 30 seconds
[  807.226721][   T54] block nbd0: Possible stuck request ffff8880219b8600: control (read@3072,1024B). Runtime 30 seconds
[  807.309831][T13871] fuse: Unknown parameter 'fd0x0000000000000003'
[  807.551308][T13881] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  807.590954][T13792] team0: Port device team_slave_0 added
[  807.689028][T13792] team0: Port device team_slave_1 added
[  808.538310][T13878] tipc: Resetting bearer <eth:syzkaller0>
[  808.677930][   T23] tipc: Node number set to 1131248637
[  808.993327][ T5802] Bluetooth: hci2: command tx timeout
[  809.060193][T13872] tipc: Disabling bearer <eth:syzkaller0>
[  809.068209][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  809.074578][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  809.605484][T13792] batman_adv: batadv0: Adding interface: batadv_slave_0
[  809.622900][T13792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  809.670067][T13792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  809.821612][T13792] batman_adv: batadv0: Adding interface: batadv_slave_1
[  809.871317][T13792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  810.149876][T13792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  810.996757][T13792] hsr_slave_0: entered promiscuous mode
[  811.025821][T13792] hsr_slave_1: entered promiscuous mode
[  811.053412][T13792] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  811.089192][T13792] Cannot create hsr debugfs directory
[  811.529251][ T5802] Bluetooth: hci2: command tx timeout
[  813.242792][T13792] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  813.264456][T13792] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  813.315292][T13792] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  813.342112][T13792] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  814.128741][T13792] 8021q: adding VLAN 0 to HW filter on device bond0
[  814.374629][T13792] 8021q: adding VLAN 0 to HW filter on device team0
[  814.472670][ T1124] bridge0: port 1(bridge_slave_0) entered blocking state
[  814.479945][ T1124] bridge0: port 1(bridge_slave_0) entered forwarding state
[  814.516977][ T1124] bridge0: port 2(bridge_slave_1) entered blocking state
[  814.524232][ T1124] bridge0: port 2(bridge_slave_1) entered forwarding state
[  814.636237][T13962] syz.2.2395 (13962) used greatest stack depth: 17960 bytes left
[  814.877932][T13792] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  814.888423][T13792] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  814.946702][T13976] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2398'.
[  815.957620][T13792] 8021q: adding VLAN 0 to HW filter on device batadv0
[  816.063656][T13989] sctp: [Deprecated]: syz.0.2402 (pid 13989) Use of struct sctp_assoc_value in delayed_ack socket option.
[  816.063656][T13989] Use struct sctp_sack_info instead
[  817.471659][T13792] veth0_vlan: entered promiscuous mode
[  817.518029][T13792] veth1_vlan: entered promiscuous mode
[  817.628804][T13792] veth0_macvtap: entered promiscuous mode
[  817.703367][T13792] veth1_macvtap: entered promiscuous mode
[  817.773773][T13792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  817.785208][T13792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  817.816438][T13792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  817.840536][T13792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  817.851950][T13792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  817.865113][T13792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  817.885124][T13792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  817.908171][T13792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  817.921050][T13792] batman_adv: batadv0: Interface activated: batadv_slave_0
[  817.932987][T13792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  817.943941][T13792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  817.954396][T13792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  818.135161][T13792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.145485][T13792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  818.602597][T13792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.704888][T13792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  818.724641][T13792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.737083][T13792] batman_adv: batadv0: Interface activated: batadv_slave_1
[  818.799454][T13792] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  818.821914][T13792] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  818.843729][T13792] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  818.891300][T13792] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  819.184482][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  819.199119][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  819.448603][ T7054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  819.607634][T14035] bridge0: entered allmulticast mode
[  819.615366][T14035] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2415'.
[  819.624711][T14035] bridge_slave_1: left allmulticast mode
[  819.630643][T14035] bridge_slave_1: left promiscuous mode
[  819.637151][T14035] bridge0: port 2(bridge_slave_1) entered disabled state
[  819.645509][ T7054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  819.780552][T14035] bridge_slave_0: left allmulticast mode
[  819.848303][T14035] bridge_slave_0: left promiscuous mode
[  819.917805][T14035] bridge0: port 1(bridge_slave_0) entered disabled state
[  820.340674][T14035] bridge0 (unregistering): left allmulticast mode
[  820.818013][T14042] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2417'.
[  826.087531][ T5802] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  826.099850][ T5802] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  826.108991][ T5802] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  826.118800][T14082] bridge0: port 2(bridge_slave_1) entered disabled state
[  826.123088][ T5802] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  826.126811][T14082] bridge0: port 1(bridge_slave_0) entered disabled state
[  826.134175][ T5802] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  826.149720][ T5802] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  826.430735][T14082] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  826.463681][T14082] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  826.816977][T14082] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  826.829938][T14082] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  826.839379][T14082] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  826.850683][T14082] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  828.385527][ T5802] Bluetooth: hci5: command tx timeout
[  830.271467][   T58] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  830.394997][ T5802] Bluetooth: hci5: command tx timeout
[  831.297157][   T58] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  831.665917][   T58] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  831.720553][T14137] bridge0: entered allmulticast mode
[  831.756364][T14137] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2443'.
[  831.800444][T14137] bridge_slave_1: left allmulticast mode
[  831.829932][T14137] bridge_slave_1: left promiscuous mode
[  831.846441][T14137] bridge0: port 2(bridge_slave_1) entered disabled state
[  832.069725][T14137] bridge_slave_0: left allmulticast mode
[  832.105724][T14137] bridge_slave_0: left promiscuous mode
[  832.138350][T14137] bridge0: port 1(bridge_slave_0) entered disabled state
[  832.475882][ T5802] Bluetooth: hci5: command tx timeout
[  834.266127][T14137] bridge0 (unregistering): left allmulticast mode
[  834.368230][   T58] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  834.423337][T14091] chnl_net:caif_netlink_parms(): no params data found
[  834.561529][ T5802] Bluetooth: hci5: command tx timeout
[  834.714604][T14162] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2449'.
[  835.002825][T14162] team0 (unregistering): Port device team_slave_0 removed
[  835.025096][T14162] team0 (unregistering): Port device team_slave_1 removed
[  835.961513][T14091] bridge0: port 1(bridge_slave_0) entered blocking state
[  835.982506][T14091] bridge0: port 1(bridge_slave_0) entered disabled state
[  836.002548][T14091] bridge_slave_0: entered allmulticast mode
[  836.020349][T14091] bridge_slave_0: entered promiscuous mode
[  836.191474][T14091] bridge0: port 2(bridge_slave_1) entered blocking state
[  836.203863][T14091] bridge0: port 2(bridge_slave_1) entered disabled state
[  836.220468][T14091] bridge_slave_1: entered allmulticast mode
[  836.239361][T14091] bridge_slave_1: entered promiscuous mode
[  837.323900][T11340] Bluetooth: hci5: command tx timeout
[  837.355660][   T58] tipc: Left network mode
[  837.619350][T14091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  837.642557][T14091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  837.835522][   T54] block nbd0: Possible stuck request ffff8880219b8000: control (read@0,1024B). Runtime 60 seconds
[  837.850595][   T54] block nbd0: Possible stuck request ffff8880219b8200: control (read@1024,1024B). Runtime 60 seconds
[  837.861596][   T54] block nbd0: Possible stuck request ffff8880219b8400: control (read@2048,1024B). Runtime 60 seconds
[  837.872592][   T54] block nbd0: Possible stuck request ffff8880219b8600: control (read@3072,1024B). Runtime 60 seconds
[  837.889085][T14091] team0: Port device team_slave_0 added
[  838.039922][T14091] team0: Port device team_slave_1 added
[  838.322360][T14091] batman_adv: batadv0: Adding interface: batadv_slave_0
[  838.359160][T14091] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  838.496950][T14091] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  838.593395][T14091] batman_adv: batadv0: Adding interface: batadv_slave_1
[  838.632218][T14091] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  838.709355][T14091] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  838.907437][T14091] hsr_slave_0: entered promiscuous mode
[  838.920422][T14091] hsr_slave_1: entered promiscuous mode
[  838.929140][T14091] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  838.939477][T14091] Cannot create hsr debugfs directory
[  840.615446][ T5802] Bluetooth: hci5: command tx timeout
[  840.766193][   T58] hsr_slave_0: left promiscuous mode
[  840.867857][   T58] hsr_slave_1: left promiscuous mode
[  841.170352][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  841.188486][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[  841.204620][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  841.213258][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[  841.223712][   T58] bridge_slave_1: left allmulticast mode
[  841.229599][   T58] bridge_slave_1: left promiscuous mode
[  841.235430][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[  841.244326][   T58] bridge_slave_0: left allmulticast mode
[  841.250339][   T58] bridge_slave_0: left promiscuous mode
[  841.257204][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[  841.307032][   T58] veth1_macvtap: left promiscuous mode
[  841.314183][   T58] veth0_macvtap: left promiscuous mode
[  841.329113][   T58] veth1_vlan: left promiscuous mode
[  842.372174][   T58] team0 (unregistering): Port device team_slave_1 removed
[  842.427970][   T58] team0 (unregistering): Port device team_slave_0 removed
[  842.483759][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  842.541602][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  843.169049][   T58] bond0 (unregistering): Released all slaves
[  844.075967][T14256] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2471'.
[  845.680186][T14091] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  845.697193][T14269] ipvlan0: mtu less than device minimum
[  845.702864][T14091] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  845.732527][T14091] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  845.758117][T14264] tipc: Started in network mode
[  845.763784][T14264] tipc: Node identity 528cc2cc519f, cluster identity 4711
[  845.771755][T14264] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  845.780569][T14091] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  845.796967][T14272] syzkaller0: entered promiscuous mode
[  845.802549][T14272] syzkaller0: entered allmulticast mode
[  845.942296][T14264] tipc: Resetting bearer <eth:syzkaller0>
[  846.015115][T14263] tipc: Resetting bearer <eth:syzkaller0>
[  846.086504][T14263] tipc: Disabling bearer <eth:syzkaller0>
[  846.294549][T14091] 8021q: adding VLAN 0 to HW filter on device bond0
[  846.354142][T14091] 8021q: adding VLAN 0 to HW filter on device team0
[  846.398112][ T1124] bridge0: port 1(bridge_slave_0) entered blocking state
[  846.405360][ T1124] bridge0: port 1(bridge_slave_0) entered forwarding state
[  846.481588][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[  846.489228][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[  846.685388][T14293] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2480'.
[  846.726992][T14293] sctp: [Deprecated]: syz.2.2480 (pid 14293) Use of int in max_burst socket option.
[  846.726992][T14293] Use struct sctp_assoc_value instead
[  847.553852][T14091] 8021q: adding VLAN 0 to HW filter on device batadv0
[  848.420613][T14091] veth0_vlan: entered promiscuous mode
[  848.470740][T14091] veth1_vlan: entered promiscuous mode
[  848.656150][T14091] veth0_macvtap: entered promiscuous mode
[  848.729810][T14091] veth1_macvtap: entered promiscuous mode
[  848.788507][T14091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  848.814898][T14091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  848.833994][T14091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  848.860695][T14330] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2488'.
[  848.870420][T14091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  848.900632][T14330] sctp: [Deprecated]: syz.5.2488 (pid 14330) Use of int in max_burst socket option.
[  848.900632][T14330] Use struct sctp_assoc_value instead
[  848.918822][T14091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  848.932296][T14091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  848.964141][T14091] batman_adv: batadv0: Interface activated: batadv_slave_0
[  848.976624][T14091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  848.989711][T14091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  849.008371][T14091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  849.021862][T14091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  849.032444][T14091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  849.043628][T14091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  849.074475][T14091] batman_adv: batadv0: Interface activated: batadv_slave_1
[  849.132447][T14091] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  849.161922][T14091] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  849.191489][T14091] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  849.245227][T14091] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  849.564665][ T1124] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  849.602945][ T1124] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  849.776184][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  849.814782][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  850.190955][T14350] xt_CT: You must specify a L4 protocol and not use inversions on it
[  853.488096][T14392] syz_tun: entered allmulticast mode
[  853.581833][T14391] syz_tun: left allmulticast mode
[  856.028365][T14428] tipc: Started in network mode
[  856.033315][T14428] tipc: Node identity 5e7a284cd05a, cluster identity 4711
[  856.056892][T14428] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  856.072257][T14428] syzkaller0: entered promiscuous mode
[  856.085458][T14428] syzkaller0: entered allmulticast mode
[  856.126349][T14428] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  856.223993][T14428] tipc: Resetting bearer <eth:syzkaller0>
[  856.267634][T14427] tipc: Resetting bearer <eth:syzkaller0>
[  856.356085][T14427] tipc: Disabling bearer <eth:syzkaller0>
[  857.257470][T14449] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2524'.
[  857.568478][T14456] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2526'.
[  858.138165][T14463] tipc: Started in network mode
[  858.165519][T14463] tipc: Node identity 5ee69998d58b, cluster identity 4711
[  858.186929][T14463] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  858.234211][T14465] syzkaller0: entered promiscuous mode
[  858.257364][T14465] syzkaller0: entered allmulticast mode
[  858.316362][T14463] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  858.492319][T14463] tipc: Resetting bearer <eth:syzkaller0>
[  858.547532][T14461] tipc: Resetting bearer <eth:syzkaller0>
[  858.781398][T14461] tipc: Disabling bearer <eth:syzkaller0>
[  859.980740][T14475] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  860.038847][T14475] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  860.207597][T14475] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  860.217928][T14475] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  860.226920][T14475] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  860.237684][T14475] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  860.764187][T14496] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  860.784366][T14497] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2540'.
[  860.821217][T14497] 8021q: adding VLAN 0 to HW filter on device bond1
[  860.830195][T14496] syzkaller0: entered promiscuous mode
[  860.837247][T14496] syzkaller0: entered allmulticast mode
[  860.854433][T14496] tipc: Resetting bearer <eth:syzkaller0>
[  860.875882][T14493] tipc: Resetting bearer <eth:syzkaller0>
[  860.911666][T14493] tipc: Disabling bearer <eth:syzkaller0>
[  861.479107][T14506] syz_tun: entered allmulticast mode
[  861.498409][T14505] syz_tun: left allmulticast mode
[  862.797891][T14514] vxcan1: tx address claim with dlc 0
[  864.293463][T14534] syzkaller1: entered promiscuous mode
[  864.308292][T14534] syzkaller1: entered allmulticast mode
[  864.778869][T14540] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2556'.
[  867.468842][T14572] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2562'.
[  868.780358][   T54] block nbd0: Possible stuck request ffff8880219b8000: control (read@0,1024B). Runtime 90 seconds
[  868.791393][   T54] block nbd0: Possible stuck request ffff8880219b8200: control (read@1024,1024B). Runtime 90 seconds
[  868.802888][   T54] block nbd0: Possible stuck request ffff8880219b8400: control (read@2048,1024B). Runtime 90 seconds
[  868.813961][   T54] block nbd0: Possible stuck request ffff8880219b8600: control (read@3072,1024B). Runtime 90 seconds
[  868.863628][T14578] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  868.892943][T14578] syzkaller0: entered promiscuous mode
[  868.899316][T14578] syzkaller0: entered allmulticast mode
[  868.923249][T14578] tipc: Resetting bearer <eth:syzkaller0>
[  868.947922][T14575] tipc: Resetting bearer <eth:syzkaller0>
[  869.073187][T14575] tipc: Disabling bearer <eth:syzkaller0>
[  870.271066][T14605] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  870.434592][T14605] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  870.480561][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  870.487416][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  870.867057][T14605] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  870.886412][T14605] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  870.897735][T14605] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  870.912107][T14605] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  871.404498][T14629] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  871.451358][T14629] syzkaller0: entered promiscuous mode
[  871.505380][T14629] syzkaller0: entered allmulticast mode
[  871.550756][T14629] tipc: Resetting bearer <eth:syzkaller0>
[  871.714387][T14627] tipc: Resetting bearer <eth:syzkaller0>
[  871.755219][T11340] Bluetooth: hci5: command tx timeout
[  871.829462][T14636] xt_CT: You must specify a L4 protocol and not use inversions on it
[  872.466419][ T5844] tipc: Node number set to 2384472140
[  872.497999][T14627] tipc: Disabling bearer <eth:syzkaller0>
[  872.778941][T14642] bridge0: port 2(bridge_slave_1) entered disabled state
[  872.786558][T14642] bridge0: port 1(bridge_slave_0) entered disabled state
[  873.453066][T14642] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  873.554690][T14642] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  873.941370][T14642] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  873.952562][T14642] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  873.962178][T14642] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  873.971715][T14642] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  874.601496][T14666] syz_tun: entered allmulticast mode
[  874.753711][T14670] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  874.784465][T14670] syzkaller0: entered promiscuous mode
[  874.794635][T14670] syzkaller0: entered allmulticast mode
[  874.805765][T14672] netlink: 84 bytes leftover after parsing attributes in process `syz.4.2603'.
[  874.811859][T14670] tipc: Resetting bearer <eth:syzkaller0>
[  874.823685][T14669] tipc: Resetting bearer <eth:syzkaller0>
[  874.859454][T14669] tipc: Disabling bearer <eth:syzkaller0>
[  876.521267][T14697] xt_CT: You must specify a L4 protocol and not use inversions on it
[  877.601283][T14708] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2612'.
[  878.124218][T14715] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  878.131927][T14715] syzkaller0: entered promiscuous mode
[  878.137914][T14715] syzkaller0: entered allmulticast mode
[  878.150377][T14715] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  878.181134][T14715] tipc: Resetting bearer <eth:syzkaller0>
[  878.190340][T14714] tipc: Resetting bearer <eth:syzkaller0>
[  878.215280][T14714] tipc: Disabling bearer <eth:syzkaller0>
[  878.292426][T14721] loop4: detected capacity change from 0 to 128
[  878.305216][T14721] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  878.343036][T14721] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  879.804987][   T28] audit: type=1800 audit(1757193383.862:111): pid=14729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2617" name="file1" dev="loop4" ino=104 res=0 errno=0
[  880.760026][T14751] loop4: detected capacity change from 0 to 128
[  880.796303][T14751] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  880.828368][T14751] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  882.213239][T14759] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  882.270737][T14759] syzkaller0: entered promiscuous mode
[  882.327117][T14759] syzkaller0: entered allmulticast mode
[  882.492546][T14770] tipc: Resetting bearer <eth:syzkaller0>
[  883.071957][T14757] tipc: Resetting bearer <eth:syzkaller0>
[  883.566951][T14757] tipc: Disabling bearer <eth:syzkaller0>
[  883.637144][T14777] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check.
[  884.016737][T14786] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2636'.
[  884.051761][T14785] syz.4.2638: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[  884.075388][T14785] CPU: 0 PID: 14785 Comm: syz.4.2638 Not tainted syzkaller #0
[  884.082935][T14785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  884.093054][T14785] Call Trace:
[  884.096379][T14785]  <TASK>
[  884.099366][T14785]  dump_stack_lvl+0x16c/0x230
[  884.104109][T14785]  ? show_regs_print_info+0x20/0x20
[  884.109356][T14785]  ? load_image+0x3b0/0x3b0
[  884.113896][T14785]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  884.120328][T14785]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[  884.126846][T14785]  warn_alloc+0x210/0x300
[  884.131192][T14785]  ? stack_trace_save+0x9c/0xe0
[  884.136080][T14785]  ? zone_watermark_ok_safe+0x230/0x230
[  884.141671][T14785]  ? kasan_set_track+0x5f/0x70
[  884.146460][T14785]  ? kasan_set_track+0x4e/0x70
[  884.151235][T14785]  ? __kasan_kmalloc+0x8f/0xa0
[  884.156049][T14785]  ? xsk_init_queue+0xb0/0x110
[  884.160830][T14785]  ? xsk_setsockopt+0x43c/0x6f0
[  884.165696][T14785]  ? do_sock_setsockopt+0x175/0x1a0
[  884.170917][T14785]  ? __x64_sys_setsockopt+0x184/0x200
[  884.176314][T14785]  __vmalloc_node_range+0x126/0x1320
[  884.181648][T14785]  ? free_vm_area+0x50/0x50
[  884.186181][T14785]  vmalloc_user+0x74/0x80
[  884.190544][T14785]  ? xskq_create+0xbf/0x170
[  884.195068][T14785]  xskq_create+0xbf/0x170
[  884.199414][T14785]  xsk_init_queue+0xb0/0x110
[  884.204020][T14785]  xsk_setsockopt+0x43c/0x6f0
[  884.208822][T14785]  ? xsk_poll+0x670/0x670
[  884.213184][T14785]  ? __fget_files+0x28/0x4d0
[  884.217801][T14785]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  884.223397][T14785]  ? security_socket_setsockopt+0x7e/0xa0
[  884.229132][T14785]  ? xsk_poll+0x670/0x670
[  884.233481][T14785]  do_sock_setsockopt+0x175/0x1a0
[  884.238540][T14785]  ? __fdget+0x180/0x210
[  884.242802][T14785]  __x64_sys_setsockopt+0x184/0x200
[  884.248029][T14785]  do_syscall_64+0x55/0xb0
[  884.252475][T14785]  ? clear_bhb_loop+0x40/0x90
[  884.257166][T14785]  ? clear_bhb_loop+0x40/0x90
[  884.261856][T14785]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  884.267773][T14785] RIP: 0033:0x7fac03b8ebe9
[  884.272212][T14785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  884.291861][T14785] RSP: 002b:00007fac049ec038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  884.300323][T14785] RAX: ffffffffffffffda RBX: 00007fac03dc5fa0 RCX: 00007fac03b8ebe9
[  884.308326][T14785] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  884.316340][T14785] RBP: 00007fac03c11e19 R08: 0000000000000004 R09: 0000000000000000
[  884.324326][T14785] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  884.332313][T14785] R13: 00007fac03dc6038 R14: 00007fac03dc5fa0 R15: 00007ffdb607c878
[  884.340319][T14785]  </TASK>
[  884.361574][T14785] Mem-Info:
[  884.366921][T14785] active_anon:6234 inactive_anon:0 isolated_anon:0
[  884.366921][T14785]  active_file:18200 inactive_file:40499 isolated_file:0
[  884.366921][T14785]  unevictable:768 dirty:121 writeback:0
[  884.366921][T14785]  slab_reclaimable:10892 slab_unreclaimable:97015
[  884.366921][T14785]  mapped:29672 shmem:1398 pagetables:694
[  884.366921][T14785]  sec_pagetables:0 bounce:0
[  884.366921][T14785]  kernel_misc_reclaimable:0
[  884.366921][T14785]  free:1328076 free_pcp:7530 free_cma:0
[  884.413497][T14785] Node 0 active_anon:24936kB inactive_anon:0kB active_file:72712kB inactive_file:161796kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:118644kB dirty:472kB writeback:0kB shmem:4056kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12732kB pagetables:2776kB sec_pagetables:0kB all_unreclaimable? no
[  884.457444][T14785] Node 1 active_anon:0kB inactive_anon:0kB active_file:88kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:44kB dirty:12kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  884.504768][T14785] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  884.532526][T14785] lowmem_reserve[]: 0 2525 2526 2526 2526
[  884.538498][T14785] Node 0 DMA32 free:1398492kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:24792kB inactive_anon:0kB active_file:72712kB inactive_file:160476kB unevictable:1536kB writepending:472kB present:3129332kB managed:2589592kB mlocked:0kB bounce:0kB free_pcp:17352kB local_pcp:1108kB free_cma:0kB
[  884.573250][T14785] lowmem_reserve[]: 0 0 1 1 1
[  884.578184][T14785] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  884.621678][T14785] lowmem_reserve[]: 0 0 0 0 0
[  884.629369][T14785] Node 1 Normal free:3898180kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:88kB inactive_file:200kB unevictable:1536kB writepending:12kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:13408kB local_pcp:8672kB free_cma:0kB
[  884.658889][T14796] loop2: detected capacity change from 0 to 128
[  884.659478][T14785] lowmem_reserve[]: 0 0 0 0 0
[  884.670308][T14785] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  884.714513][T14785] Node 0 DMA32: 1323*4kB (UME) 1488*8kB (UME) 937*16kB (UME) 726*32kB (UME) 510*64kB (ME) 230*128kB (UME) 137*256kB (UME) 61*512kB (UME) 30*1024kB (UME) 12*2048kB (ME) 283*4096kB (M) = 1398268kB
[  884.750003][T14785] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[  884.763363][T14785] Node 1 Normal: 245*4kB (UME) 62*8kB 
[  884.765993][T12470] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  884.782206][T14785] (UME) 46*16kB (UME) 241*32kB (UE) 62*64kB (UME) 14*128kB (UE) 2*256kB (UE) 2*512kB (ME) 0*1024kB 1*2048kB (E) 947*4096kB (M) = 3898180kB
[  884.807746][T14785] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  884.918347][T14785] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  885.008892][T14785] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  885.020097][T14785] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  885.030680][T14785] 62925 total pagecache pages
[  885.042973][T14785] 1 pages in swap cache
[  885.049400][T14785] Free swap  = 124448kB
[  885.057363][T14785] Total swap = 124996kB
[  885.064844][T14785] 2097051 pages RAM
[  885.072852][T14785] 0 pages HighMem/MovableOnly
[  885.078296][T14785] 416139 pages reserved
[  885.082490][T14785] 0 pages cma reserved
[  885.145418][T14802] loop2: detected capacity change from 0 to 512
[  885.200112][T14802] loop2: detected capacity change from 0 to 2048
[  885.778028][T14810] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  885.785775][T14810] syzkaller0: entered promiscuous mode
[  885.791466][T14810] syzkaller0: entered allmulticast mode
[  885.805418][T14810] tipc: Resetting bearer <eth:syzkaller0>
[  885.820132][T14809] tipc: Resetting bearer <eth:syzkaller0>
[  885.877001][T14809] tipc: Disabling bearer <eth:syzkaller0>
[  886.459894][T14832] loop5: detected capacity change from 0 to 128
[  886.516029][T14832] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  886.564634][T14832] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  887.623695][T14851] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  887.659963][T14851] syzkaller0: entered promiscuous mode
[  887.681906][T14851] syzkaller0: entered allmulticast mode
[  887.726615][T14851] tipc: Resetting bearer <eth:syzkaller0>
[  887.754439][T14850] tipc: Resetting bearer <eth:syzkaller0>
[  887.870146][T14850] tipc: Disabling bearer <eth:syzkaller0>
[  888.029803][T14866] syzkaller1: entered promiscuous mode
[  888.048630][T14866] syzkaller1: entered allmulticast mode
[  888.124047][T14873] loop5: detected capacity change from 0 to 128
[  888.139324][T14873] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  888.208423][T14874] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  888.217958][T14873] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  888.233838][T14875] syzkaller0: entered promiscuous mode
[  888.249726][T14875] syzkaller0: entered allmulticast mode
[  888.338306][T14868] tipc: Resetting bearer <eth:syzkaller0>
[  888.399756][T14867] tipc: Resetting bearer <eth:syzkaller0>
[  888.515105][T14867] tipc: Disabling bearer <eth:syzkaller0>
[  889.365605][T14908] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2683'.
[  889.677499][T14923] loop2: detected capacity change from 0 to 128
[  889.731336][T12423] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  890.029075][T14927] loop2: detected capacity change from 0 to 512
[  891.483932][T14956] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2701'.
[  892.324833][T11340] Bluetooth: hci5: command tx timeout
[  896.997169][T14997] netlink: zone id is out of range
[  899.712602][   T54] block nbd0: Possible stuck request ffff8880219b8000: control (read@0,1024B). Runtime 120 seconds
[  899.723505][   T54] block nbd0: Possible stuck request ffff8880219b8200: control (read@1024,1024B). Runtime 120 seconds
[  899.734577][   T54] block nbd0: Possible stuck request ffff8880219b8400: control (read@2048,1024B). Runtime 120 seconds
[  899.746439][   T54] block nbd0: Possible stuck request ffff8880219b8600: control (read@3072,1024B). Runtime 120 seconds
[  899.897122][T15022] loop5: detected capacity change from 0 to 128
[  899.925134][T15022] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  900.034619][T15022] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  901.646102][T15040] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  901.663845][T15040] syzkaller0: entered promiscuous mode
[  901.673625][T15040] syzkaller0: entered allmulticast mode
[  901.692279][T15040] tipc: Resetting bearer <eth:syzkaller0>
[  903.273472][T14089] tipc: Node number set to 2339215768
[  903.305078][T15039] tipc: Resetting bearer <eth:syzkaller0>
[  903.410199][T15039] tipc: Disabling bearer <eth:syzkaller0>
[  904.615252][T15062] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2733'.
[  904.643006][T15062] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2733'.
[  904.821518][T15065] loop5: detected capacity change from 0 to 128
[  904.861395][T15065] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  904.951833][T15065] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  908.812904][T15092] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2744'.
[  908.822752][T15092] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2744'.
[  911.461379][T15104] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  911.486670][T15104] tipc: Resetting bearer <eth:syzkaller0>
[  911.565758][T15103] tipc: Disabling bearer <eth:syzkaller0>
[  912.134344][T15116] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2754'.
[  912.171607][T15116] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2754'.
[  913.513118][T15138] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  913.533609][T15138] tipc: Resetting bearer <eth:syzkaller0>
[  913.633175][T15137] tipc: Disabling bearer <eth:syzkaller0>
[  913.832239][T15146] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  913.853891][T15146] tipc: Resetting bearer <eth:syzkaller0>
[  914.099863][T15143] tipc: Disabling bearer <eth:syzkaller0>
[  914.126973][T15151] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2765'.
[  914.146478][T15151] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2765'.
[  915.936094][T15170] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  915.964369][T15170] syzkaller0: entered promiscuous mode
[  915.993720][T15170] syzkaller0: entered allmulticast mode
[  916.056656][T15170] tipc: Resetting bearer <eth:syzkaller0>
[  916.079887][T15169] tipc: Resetting bearer <eth:syzkaller0>
[  916.125725][T15169] tipc: Disabling bearer <eth:syzkaller0>
[  916.149075][T15175] syzkaller0: entered promiscuous mode
[  916.158473][T15175] syzkaller0: entered allmulticast mode
[  916.339073][T15179] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2774'.
[  916.364877][T15179] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2774'.
[  916.617329][T15183] bridge1: entered promiscuous mode
[  916.622639][T15183] bridge1: entered allmulticast mode
[  917.710225][T15196] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  917.776534][T15196] tipc: Resetting bearer <eth:syzkaller0>
[  917.826096][T15195] tipc: Disabling bearer <eth:syzkaller0>
[  918.404246][T15207] syzkaller0: entered promiscuous mode
[  918.439851][T15207] syzkaller0: entered allmulticast mode
[  918.677026][T15211] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2785'.
[  918.711883][T15213] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2785'.
[  920.853181][T15244] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2798'.
[  920.983418][T15246] syzkaller0: entered promiscuous mode
[  920.989192][T15246] syzkaller0: entered allmulticast mode
[  924.868050][T15289] syzkaller0: entered promiscuous mode
[  924.873716][T15289] syzkaller0: entered allmulticast mode
[  926.448458][T15316] bond0: (slave bond_slave_0): Releasing backup interface
[  926.487480][T15316] bond0: (slave bond_slave_1): Releasing backup interface
[  926.580043][T15316] team0: Port device team_slave_0 removed
[  926.625995][T15316] team0: Port device team_slave_1 removed
[  926.632181][T15316] batman_adv: batadv0: Removing interface: batadv_slave_0
[  926.685407][T15316] batman_adv: batadv0: Removing interface: batadv_slave_1
[  926.789910][T15320] team0: Mode changed to "loadbalance"
[  928.875909][T11340] Bluetooth: hci2: command 0x0406 tx timeout
[  930.142082][   T54] block nbd0: Possible stuck request ffff8880219b8000: control (read@0,1024B). Runtime 150 seconds
[  930.153182][   T54] block nbd0: Possible stuck request ffff8880219b8200: control (read@1024,1024B). Runtime 150 seconds
[  930.164907][   T54] block nbd0: Possible stuck request ffff8880219b8400: control (read@2048,1024B). Runtime 150 seconds
[  930.176113][   T54] block nbd0: Possible stuck request ffff8880219b8600: control (read@3072,1024B). Runtime 150 seconds
[  930.450243][T15390] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2854'.
[  932.020587][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  932.027249][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  932.176810][T15417] bridge: RTM_NEWNEIGH with invalid ether address
[  932.228196][T15417] bridge: RTM_NEWNEIGH with invalid ether address
[  932.303081][T15419] syzkaller1: entered promiscuous mode
[  932.322422][T15419] syzkaller1: entered allmulticast mode
[  935.451821][T15461] syzkaller1: entered promiscuous mode
[  935.458507][T15461] syzkaller1: entered allmulticast mode
[  936.655374][T14089] kernel write not supported for file bpf-prog (pid: 14089 comm: kworker/1:7)
[  936.735665][T15440] syz_tun (unregistering): left allmulticast mode
[  938.273271][T15488] syzkaller1: entered promiscuous mode
[  938.411136][T15488] syzkaller1: entered allmulticast mode
[  939.123644][T15498] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2889'.
[  939.161370][T14727] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  939.165088][T15498] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  939.181204][T14727] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  939.193647][T14727] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  939.203026][T14727] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  939.217050][T14727] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  939.224542][T14727] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  939.364019][T15504] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  939.388779][T15504] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  939.420535][T15504] tipc: Resetting bearer <eth:syzkaller0>
[  939.506178][T15503] tipc: Disabling bearer <eth:syzkaller0>
[  940.461772][T15518] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  940.494047][T15499] chnl_net:caif_netlink_parms(): no params data found
[  940.691058][T15518] tipc: Resetting bearer <eth:syzkaller0>
[  940.795142][T15517] tipc: Disabling bearer <eth:syzkaller0>
[  941.274913][T11340] Bluetooth: hci3: command tx timeout
[  941.512314][T15499] bridge0: port 1(bridge_slave_0) entered blocking state
[  941.552409][T15499] bridge0: port 1(bridge_slave_0) entered disabled state
[  941.602328][T15499] bridge_slave_0: entered allmulticast mode
[  941.624342][T15499] bridge_slave_0: entered promiscuous mode
[  941.649698][T15499] bridge0: port 2(bridge_slave_1) entered blocking state
[  941.676148][T15499] bridge0: port 2(bridge_slave_1) entered disabled state
[  941.683475][T15499] bridge_slave_1: entered allmulticast mode
[  941.722347][T15499] bridge_slave_1: entered promiscuous mode
[  941.802627][T15499] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  941.857179][T15499] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  941.954483][T15499] team0: Port device team_slave_0 added
[  941.987211][T15499] team0: Port device team_slave_1 added
[  942.002689][T15539] loop0: detected capacity change from 0 to 2048
[  942.064306][T15499] batman_adv: batadv0: Adding interface: batadv_slave_0
[  942.086169][T15539]  loop0: p1 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p225 p22
[  942.088147][T15539] loop0: p4 start 65536 is beyond EOD, 
[  942.191938][T15499] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  942.248356][T15539] truncated
[  942.251547][T15539] loop0: p5 start 65536 is beyond EOD, truncated
[  942.285140][T15539] loop0: p6 start 65536 is beyond EOD, truncated
[  942.291582][T15539] loop0: p7 start 65536 is beyond EOD, truncated
[  942.305035][T15499] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  942.311792][T15539] loop0: p8 start 65536 is beyond EOD, truncated
[  942.322219][T15539] loop0: p9 start 65536 is beyond EOD, truncated
[  942.339856][T15539] loop0: p10 start 65536 is beyond EOD, truncated
[  942.347152][T15499] batman_adv: batadv0: Adding interface: batadv_slave_1
[  942.354130][T15499] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  942.393584][T15539] loop0: p11 start 65536 is beyond EOD, truncated
[  942.425180][T15539] loop0: p12 start 65536 is beyond EOD, truncated
[  942.468095][T15539] loop0: p13 start 65536 is beyond EOD, truncated
[  942.559491][T15539] loop0: p14 start 65536 is beyond EOD, truncated
[  942.646018][T15539] loop0: p15 start 65536 is beyond EOD, truncated
[  942.684414][T15499] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  942.831374][T15539] loop0: p16 start 65536 is beyond EOD, truncated
[  942.924870][T15539] loop0: p17 start 65536 is beyond EOD, truncated
[  942.945190][T15539] loop0: p18 start 65536 is beyond EOD, truncated
[  942.986715][T15539] loop0: p19 start 65536 is beyond EOD, truncated
[  943.015667][T15539] loop0: p20 start 65536 is beyond EOD, truncated
[  943.022223][T15539] loop0: p21 start 65536 is beyond EOD, truncated
[  943.062513][T15539] loop0: p22 start 65536 is beyond EOD, truncated
[  943.095157][T15539] loop0: p23 start 65536 is beyond EOD, truncated
[  943.131597][T15539] loop0: p24 start 65536 is beyond EOD, truncated
[  943.148163][T15499] hsr_slave_0: entered promiscuous mode
[  943.162841][T15539] loop0: p25 start 65536 is beyond EOD, truncated
[  943.175810][T15499] hsr_slave_1: entered promiscuous mode
[  943.182233][T15539] loop0: p26 start 65536 is beyond EOD, truncated
[  943.192484][T15499] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  943.200759][T15539] loop0: p27 start 65536 is beyond EOD, truncated
[  943.211239][T15499] Cannot create hsr debugfs directory
[  943.215526][T15539] loop0: p28 start 65536 is beyond EOD, truncated
[  943.223231][T15539] loop0: p29 start 65536 is beyond EOD, truncated
[  943.251760][T15539] loop0: p30 start 65536 is beyond EOD, truncated
[  943.262238][T15539] loop0: p31 start 65536 is beyond EOD, truncated
[  943.273661][T15539] loop0: p32 start 65536 is beyond EOD, truncated
[  943.284322][T15539] loop0: p33 start 65536 is beyond EOD, truncated
[  943.315402][T15539] loop0: p34 start 65536 is beyond EOD, truncated
[  943.321916][T15539] loop0: p35 start 65536 is beyond EOD, truncated
[  943.345928][T15539] loop0: p36 start 65536 is beyond EOD, truncated
[  943.352448][T15539] loop0: p37 start 65536 is beyond EOD, truncated
[  943.356101][T11340] Bluetooth: hci3: command tx timeout
[  943.412481][T15539] loop0: p38 start 65536 is beyond EOD, truncated
[  943.452073][T15539] loop0: p39 start 65536 is beyond EOD, truncated
[  943.473341][T15539] loop0: p40 start 65536 is beyond EOD, truncated
[  943.482043][T15539] loop0: p41 start 65536 is beyond EOD, truncated
[  943.488886][T15539] loop0: p42 start 65536 is beyond EOD, truncated
[  943.507691][T15539] loop0: p43 start 65536 is beyond EOD, truncated
[  943.555139][T15539] loop0: p44 start 65536 is beyond EOD, truncated
[  943.569147][T15539] loop0: p45 start 65536 is beyond EOD, truncated
[  943.581792][T15539] loop0: p46 start 65536 is beyond EOD, truncated
[  943.589825][T15539] loop0: p47 start 65536 is beyond EOD, truncated
[  943.602295][T15539] loop0: p48 start 65536 is beyond EOD, truncated
[  943.610347][T15539] loop0: p49 start 65536 is beyond EOD, truncated
[  943.622786][T15539] loop0: p50 start 65536 is beyond EOD, truncated
[  943.634079][T15539] loop0: p51 start 65536 is beyond EOD, truncated
[  943.653276][T15539] loop0: p52 start 65536 is beyond EOD, truncated
[  943.681890][T15539] loop0: p53 start 65536 is beyond EOD, truncated
[  943.704325][T15539] loop0: p54 start 65536 is beyond EOD, truncated
[  943.745052][T15539] loop0: p55 start 65536 is beyond EOD, truncated
[  943.751563][T15539] loop0: p56 start 65536 is beyond EOD, truncated
[  943.780243][T15539] loop0: p57 start 65536 is beyond EOD, truncated
[  943.787507][T15539] loop0: p58 start 65536 is beyond EOD, truncated
[  943.793982][T15539] loop0: p59 start 65536 is beyond EOD, truncated
[  943.800648][T15539] loop0: p60 start 65536 is beyond EOD, truncated
[  943.807208][T15539] loop0: p61 start 65536 is beyond EOD, truncated
[  943.814347][T15539] loop0: p62 start 65536 is beyond EOD, truncated
[  943.820904][T15539] loop0: p63 start 65536 is beyond EOD, truncated
[  943.827455][T15539] loop0: p64 start 65536 is beyond EOD, truncated
[  943.833913][T15539] loop0: p65 start 65536 is beyond EOD, truncated
[  943.840461][T15539] loop0: p66 start 65536 is beyond EOD, truncated
[  943.954989][T15539] loop0: p67 start 65536 is beyond EOD, truncated
[  944.002907][T15539] loop0: p68 start 65536 is beyond EOD, truncated
[  944.135707][T15539] loop0: p69 start 65536 is beyond EOD, truncated
[  944.264499][T15539] loop0: p70 start 65536 is beyond EOD, truncated
[  944.354933][T15539] loop0: p71 start 65536 is beyond EOD, truncated
[  944.374789][T15539] loop0: p72 start 65536 is beyond EOD, truncated
[  944.381291][T15539] loop0: p73 start 65536 is beyond EOD, truncated
[  944.430002][T15539] loop0: p74 start 65536 is beyond EOD, truncated
[  944.455061][T15539] loop0: p75 start 65536 is beyond EOD, truncated
[  944.505034][T15539] loop0: p76 start 65536 is beyond EOD, truncated
[  944.521856][T15539] loop0: p77 start 65536 is beyond EOD, truncated
[  944.544065][T15499] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  944.554920][T15539] loop0: p78 start 65536 is beyond EOD, truncated
[  944.574529][T15539] loop0: p79 start 65536 is beyond EOD, truncated
[  944.579012][T15499] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  944.601635][T15539] loop0: p80 start 65536 is beyond EOD, truncated
[  944.612914][T15499] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  944.620712][T15539] loop0: p81 start 65536 is beyond EOD, truncated
[  944.628503][T15539] loop0: p82 start 65536 is beyond EOD, truncated
[  944.640043][T15499] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  944.646905][T15539] loop0: p83 start 65536 is beyond EOD, truncated
[  944.654228][T15539] loop0: p84 start 65536 is beyond EOD, truncated
[  944.661017][T15539] loop0: p85 start 65536 is beyond EOD, truncated
[  944.667949][T15539] loop0: p86 start 65536 is beyond EOD, truncated
[  944.678083][T15539] loop0: p87 start 65536 is beyond EOD, truncated
[  944.684568][T15539] loop0: p88 start 65536 is beyond EOD, truncated
[  944.695562][T15539] loop0: p89 start 65536 is beyond EOD, truncated
[  944.704626][T15539] loop0: p90 start 65536 is beyond EOD, truncated
[  944.711391][T15539] loop0: p91 start 65536 is beyond EOD, truncated
[  944.733766][T15539] loop0: p92 start 65536 is beyond EOD, truncated
[  944.744883][T15539] loop0: p93 start 65536 is beyond EOD, truncated
[  944.761630][T15539] loop0: p94 start 65536 is beyond EOD, truncated
[  944.771917][T15539] loop0: p95 start 65536 is beyond EOD, truncated
[  944.795008][T15539] loop0: p96 start 65536 is beyond EOD, truncated
[  944.801515][T15539] loop0: p97 start 65536 is beyond EOD, truncated
[  944.827363][T15539] loop0: p98 start 65536 is beyond EOD, truncated
[  944.844284][T15539] loop0: p99 start 65536 is beyond EOD, truncated
[  944.875075][T15539] loop0: p100 start 65536 is beyond EOD, truncated
[  944.889998][T15499] 8021q: adding VLAN 0 to HW filter on device bond0
[  944.896814][T15539] loop0: p101 start 65536 is beyond EOD, truncated
[  944.903380][T15539] loop0: p102 start 65536 is beyond EOD, truncated
[  944.919273][T15539] loop0: p103 start 65536 is beyond EOD, truncated
[  944.935154][T15539] loop0: p104 start 65536 is beyond EOD, truncated
[  944.945914][T15499] 8021q: adding VLAN 0 to HW filter on device team0
[  944.952687][T15539] loop0: p105 start 65536 is beyond EOD, truncated
[  944.968283][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[  944.972925][T15539] loop0: p106 start 65536 is beyond EOD, 
[  944.975467][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[  944.981664][T15539] truncated
[  945.015010][T15539] loop0: p107 start 65536 is beyond EOD, truncated
[  945.034963][T15539] loop0: p108 start 65536 is beyond EOD, truncated
[  945.042713][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[  945.049930][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[  945.057491][T15539] loop0: p109 start 65536 is beyond EOD, truncated
[  945.118655][T15569] xt_CT: You must specify a L4 protocol and not use inversions on it
[  945.138960][T15539] loop0: p110 start 65536 is beyond EOD, truncated
[  945.174191][T15539] loop0: p111 start 65536 is beyond EOD, truncated
[  945.224636][T15539] loop0: p112 start 65536 is beyond EOD, truncated
[  945.276212][T15539] loop0: p113 start 65536 is beyond EOD, truncated
[  945.318743][T15539] loop0: p114 start 65536 is beyond EOD, truncated
[  945.355737][T15539] loop0: p115 start 65536 is beyond EOD, truncated
[  945.396173][T15539] loop0: p116 start 65536 is beyond EOD, truncated
[  945.406920][   T29] INFO: task syz.1.2304:13583 blocked for more than 143 seconds.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  945.439078][   T29]       Not tainted syzkaller #0
[  945.450657][T11340] Bluetooth: hci3: command tx timeout
[  945.469672][T15539] loop0: p117 start 65536 is beyond EOD, truncated
[  945.473118][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  945.485136][   T29] task:syz.1.2304      state:D stack:26952 pid:13583 ppid:5792   flags:0x00004004
[  945.494399][   T29] Call Trace:
[  945.504750][   T29]  <TASK>
[  945.507864][   T29]  __schedule+0x14d2/0x44d0
[  945.512445][   T29]  ? asan.module_dtor+0x20/0x20
[  945.565140][T15539] loop0: p118 start 65536 is beyond EOD, truncated
[  945.572884][   T29]  ? __mutex_lock+0x6b2/0xcc0
[  945.594049][T15539] loop0: p119 start 65536 is beyond EOD, truncated
[  945.604936][   T29]  ? __mutex_trylock_common+0x84/0x250
[  945.632953][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[  945.643788][T15539] loop0: p120 start 65536 is beyond EOD, truncated
[  945.679362][   T29]  schedule+0xbd/0x170
[  945.687897][T15539] loop0: p121 start 65536 is beyond EOD, truncated
[  945.708296][   T29]  schedule_preempt_disabled+0x13/0x20
[  945.730914][T15539] loop0: p122 start 65536 is beyond EOD, truncated
[  945.747558][   T29]  __mutex_lock+0x6b7/0xcc0
[  945.774309][T15539] loop0: p123 start 65536 is beyond EOD, truncated
[  945.793736][T15539] loop0: p124 start 65536 is beyond EOD, truncated
[  945.822793][   T29]  ? __mutex_lock+0x4e8/0xcc0
[  945.844766][T15539] loop0: p125 start 65536 is beyond EOD, truncated
[  945.851380][T15539] loop0: p126 start 65536 is beyond EOD, truncated
[  945.854190][   T29]  ? sync_bdevs+0x1af/0x330
[  945.864854][   T29]  ? mutex_lock_nested+0x20/0x20
[  945.869865][   T29]  ? _atomic_dec_and_lock+0x93/0x120
[  945.882139][   T29]  sync_bdevs+0x1af/0x330
[  945.887370][   T29]  ksys_sync+0xba/0x150
[  945.891610][   T29]  ? sync_filesystem+0x220/0x220
[  945.903482][   T29]  ? syscall_enter_from_user_mode+0x25/0x80
[  945.904865][T15539] loop0: p127 start 65536 is beyond EOD, truncated
[  945.909503][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  945.921729][   T29]  __ia32_sys_sync+0xe/0x20
[  945.926833][T15539] loop0: p128 start 65536 is beyond EOD, truncated
[  945.933398][T15539] loop0: p129 start 65536 is beyond EOD, truncated
[  945.944781][   T29]  do_syscall_64+0x55/0xb0
[  945.949286][   T29]  ? clear_bhb_loop+0x40/0x90
[  945.954034][   T29]  ? clear_bhb_loop+0x40/0x90
[  945.954119][T15539] loop0: p130 start 65536 is beyond EOD, truncated
[  945.966294][T15539] loop0: p131 start 65536 is beyond EOD, truncated
[  945.967497][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  945.972848][T15539] loop0: p132 start 65536 is beyond EOD, truncated
[  945.982421][   T29] RIP: 0033:0x7f7d0898ebe9
[  945.986501][T15539] loop0: p133 start 65536 is beyond EOD, truncated
[  945.994999][   T29] RSP: 002b:00007f7d09891038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[  946.002320][T15539] loop0: p134 start 65536 is beyond EOD, truncated
[  946.012384][   T29] RAX: ffffffffffffffda RBX: 00007f7d08bc6090 RCX: 00007f7d0898ebe9
[  946.012408][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  946.012422][   T29] RBP: 00007f7d08bc6090 R08: 0000000000000000 R09: 0000000000000000
[  946.021478][T15539] loop0: p135 start 65536 is beyond EOD, 
[  946.035800][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  946.037245][T15539] truncated
[  946.042327][   T29] R13: 00007f7d08bc6128 R14: 00007f7d08bc6090 R15: 00007ffc7e2efb08
[  946.050914][T15539] loop0: p136 start 65536 is beyond EOD, 
[  946.061913][   T29]  </TASK>
[  946.062293][T15539] truncated
[  946.068116][   T29] 
[  946.068116][   T29] Showing all locks held in the system:
[  946.091656][   T29] 1 lock held by khungtaskd/29:
[  946.099250][   T29]  #0: ffffffff8cd2fc20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290
[  946.114779][   T29] 3 locks held by kworker/u4:2/42:
[  946.119984][   T29] 2 locks held by getty/5556:
[  946.130246][   T29]  #0: ffff88802cd130a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  946.141461][   T29]  #1: ffffc9000327b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x425/0x1380
[  946.170650][T15539] loop0: p137 start 65536 is beyond EOD, truncated
[  946.184742][   T29] 1 lock held by udevd/12377:
[  946.189490][   T29]  #0: ffff888141b4a4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x121/0x600
[  946.200403][T15539] loop0: p138 start 65536 is beyond EOD, truncated
[  946.214321][T15539] loop0: p139 start 65536 is beyond EOD, truncated
[  946.221626][   T29] 1 lock held by udevd/12470:
[  946.233093][T15539] loop0: p140 start 65536 is beyond EOD, truncated
[  946.240805][   T29]  #0: ffff88814130f4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0xff/0x760
[  946.252357][T15539] loop0: p141 start 65536 is beyond EOD, truncated
[  946.265206][   T29] 1 lock held by syz.1.2304/13583:
[  946.270375][   T29]  #0: ffff888141b4a4c8 (&disk->open_mutex){+.+.}-{3:3}, at: sync_bdevs+0x1af/0x330
[  946.281172][T15539] loop0: p142 start 65536 is beyond EOD, truncated
[  946.295177][T15539] loop0: p143 start 65536 is beyond EOD, truncated
[  946.301757][T15539] loop0: p144 start 65536 is beyond EOD, truncated
[  946.314732][   T29] 3 locks held by kworker/1:7/14089:
[  946.315650][T15539] loop0: p145 start 65536 is beyond EOD, 
[  946.320103][   T29]  #0: ffff888017870938 (
[  946.325902][T15539] truncated
[  946.325912][T15539] loop0: p146 start 65536 is beyond EOD, truncated
[  946.325933][T15539] loop0: p147 start 65536 is beyond EOD, truncated
[  946.325951][T15539] loop0: p148 start 65536 is beyond EOD, truncated
[  946.325970][T15539] loop0: p149 start 65536 is beyond EOD, truncated
[  946.325988][T15539] loop0: p150 start 65536 is beyond EOD, truncated
[  946.326007][T15539] loop0: p151 start 65536 is beyond EOD, truncated
[  946.326025][T15539] loop0: p152 start 65536 is beyond EOD, truncated
[  946.326043][T15539] loop0: p153 start 65536 is beyond EOD, truncated
[  946.326062][T15539] loop0: p154 start 65536 is beyond EOD, truncated
[  946.326080][T15539] loop0: p155 start 65536 is beyond EOD, truncated
[  946.326099][T15539] loop0: p156 start 65536 is beyond EOD, truncated
[  946.326118][T15539] loop0: p157 start 65536 is beyond EOD, truncated
[  946.326136][T15539] loop0: p158 start 65536 is beyond EOD, truncated
[  946.326154][T15539] loop0: p159 start 65536 is beyond EOD, truncated
[  946.326172][T15539] loop0: p160 start 65536 is beyond EOD, truncated
[  946.326191][T15539] loop0: p161 start 65536 is beyond EOD, truncated
[  946.326209][T15539] loop0: p162 start 65536 is beyond EOD, truncated
[  946.326229][T15539] loop0: p163 start 65536 is beyond EOD, truncated
[  946.326247][T15539] loop0: p164 start 65536 is beyond EOD, truncated
[  946.326266][T15539] loop0: p165 start 65536 is beyond EOD, truncated
[  946.326283][T15539] loop0: p166 start 65536 is beyond EOD, truncated
[  946.326301][T15539] loop0: p167 start 65536 is beyond EOD, truncated
[  946.326319][T15539] loop0: p168 start 65536 is beyond EOD, truncated
[  946.326338][T15539] loop0: p169 start 65536 is beyond EOD, truncated
[  946.326357][T15539] loop0: p170 start 65536 is beyond EOD, truncated
[  946.326376][T15539] loop0: p171 start 65536 is beyond EOD, 
[  946.345160][   T29] (wq_completion)events
[  946.350112][T15539] truncated
[  946.371599][   T29] ){+.+.}-{0:0}
[  946.373147][T15539] loop0: p172 start 65536 is beyond EOD, 
[  946.388653][   T29] , at: process_scheduled_works+0x957/0x15b0
[  946.399403][T15539] truncated
[  946.399414][T15539] loop0: p173 start 65536 is beyond EOD, truncated
[  946.399437][T15539] loop0: p174 start 65536 is beyond EOD, truncated
[  946.399456][T15539] loop0: p175 start 65536 is beyond EOD, truncated
[  946.399473][T15539] loop0: p176 start 65536 is beyond EOD, truncated
[  946.399490][T15539] loop0: p177 start 65536 is beyond EOD, truncated
[  946.399508][T15539] loop0: p178 start 65536 is beyond EOD, truncated
[  946.399525][T15539] loop0: p179 start 65536 is beyond EOD, truncated
[  946.399543][T15539] loop0: p180 start 65536 is beyond EOD, truncated
[  946.399561][T15539] loop0: p181 start 65536 is beyond EOD, truncated
[  946.399579][T15539] loop0: p182 start 65536 is beyond EOD, truncated
[  946.399597][T15539] loop0: p183 start 65536 is beyond EOD, truncated
[  946.399615][T15539] loop0: p184 start 65536 is beyond EOD, truncated
[  946.399633][T15539] loop0: p185 start 65536 is beyond EOD, truncated
[  946.399652][T15539] loop0: p186 start 65536 is beyond EOD, truncated
[  946.399670][T15539] loop0: p187 start 65536 is beyond EOD, truncated
[  946.399688][T15539] loop0: p188 start 65536 is beyond EOD, truncated
[  946.399707][T15539] loop0: p189 start 65536 is beyond EOD, truncated
[  946.399726][T15539] loop0: p190 start 65536 is beyond EOD, truncated
[  946.399744][T15539] loop0: p191 start 65536 is beyond EOD, truncated
[  946.399762][T15539] loop0: p192 start 65536 is beyond EOD, truncated
[  946.399788][T15539] loop0: p193 start 65536 is beyond EOD, truncated
[  946.399806][T15539] loop0: p194 start 65536 is beyond EOD, truncated
[  946.399825][T15539] loop0: p195 start 65536 is beyond EOD, truncated
[  946.399844][T15539] loop0: p196 start 65536 is beyond EOD, truncated
[  946.399863][T15539] loop0: p197 start 65536 is beyond EOD, 
[  946.427690][   T29]  #1: 
[  946.444453][T15539] truncated
[  946.447021][   T29] ffffc900033b7d00
[  946.452923][T15539] loop0: p198 start 65536 is beyond EOD, 
[  946.467336][   T29]  (
[  946.473127][T15539] truncated
[  946.488383][   T29] free_ipc_work
[  946.492669][T15539] loop0: p199 start 65536 is beyond EOD, 
[  946.504579][   T29] ){+.+.}-{0:0}
[  946.505467][T15539] truncated
[  946.511616][   T29] , at: process_scheduled_works+0x957/0x15b0
[  946.512351][T15539] loop0: p200 start 65536 is beyond EOD, 
[  946.515848][   T29]  #2: ffffffff8cd35bf8 (rcu_state.exp_mutex){+.+.}-{3:3}
[  946.522232][T15539] truncated
[  946.527877][   T29] , at: synchronize_rcu_expedited+0x360/0x830
[  946.531616][T15539] loop0: p201 start 65536 is beyond EOD, 
[  946.550421][   T29] 3 locks held by kworker/1:14/14097:
[  946.550448][   T29] 1 lock held by syz-executor/15499:
[  946.550460][   T29]  #0: ffffffff8cd35bf8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x360/0x830
[  946.550555][   T29] 6 locks held by syz.0.2901/15539:
[  946.550567][   T29] 1 lock held by syz.0.2901/15542:
[  946.550579][   T29]  #0: ffff88814130f4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x121/0x600
[  946.550637][   T29] 1 lock held by syz.2.2910/15571:
[  946.550648][   T29]  #0: ffffffff8dfbc488 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x41/0x1c0
[  946.550739][   T29] 
[  946.573173][T15539] truncated
[  946.694955][   T29] =============================================
[  946.694955][   T29] 
[  946.697507][T15539] loop0: p202 start 65536 is beyond EOD, 
[  946.732478][   T29] NMI backtrace for cpu 0
[  946.805033][T15539] truncated
[  946.814900][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  946.814920][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  946.814932][   T29] Call Trace:
[  946.814941][   T29]  <TASK>
[  946.814951][   T29]  dump_stack_lvl+0x16c/0x230
[  946.814984][   T29]  ? show_regs_print_info+0x20/0x20
[  946.835186][T15539] loop0: p203 start 65536 is beyond EOD, 
[  946.843023][   T29]  ? load_image+0x3b0/0x3b0
[  946.864795][T15539] truncated
[  946.873455][   T29]  nmi_cpu_backtrace+0x39b/0x3d0
[  946.908233][   T29]  ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0
[  946.914452][   T29]  ? _printk+0xd0/0x110
[  946.915143][T15539] loop0: p204 start 65536 is beyond EOD, 
[  946.918624][   T29]  ? load_image+0x3b0/0x3b0
[  946.918652][   T29]  ? load_image+0x3b0/0x3b0
[  946.924360][T15539] truncated
[  946.924371][T15539] loop0: p205 start 65536 is beyond EOD, 
[  946.928860][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  946.928894][   T29]  nmi_trigger_cpumask_backtrace+0x17a/0x2f0
[  946.928925][   T29]  watchdog+0xf41/0xf80
[  946.928952][   T29]  ? watchdog+0x1e1/0xf80
[  946.962894][   T29]  kthread+0x2fa/0x390
[  946.964866][T15539] truncated
[  946.966977][   T29]  ? hungtask_pm_notify+0x90/0x90
[  946.970098][T15539] loop0: p206 start 65536 is beyond EOD, 
[  946.975116][   T29]  ? kthread_blkcg+0xd0/0xd0
[  946.975136][   T29]  ret_from_fork+0x48/0x80
[  946.975158][   T29]  ? kthread_blkcg+0xd0/0xd0
[  946.975178][   T29]  ret_from_fork_asm+0x11/0x20
[  946.975218][   T29]  </TASK>
[  946.994821][T15539] truncated
[  947.000734][   T29] Sending NMI from CPU 0 to CPUs 1:
[  947.011259][    C1] NMI backtrace for cpu 1
[  947.011270][    C1] CPU: 1 PID: 15555 Comm: syz.5.2907 Not tainted syzkaller #0
[  947.011286][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  947.011296][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x30/0x60
[  947.011322][    C1] Code: 04 24 65 48 8b 0d 50 2a 7e 7e 65 8b 15 51 2a 7e 7e 81 e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 1c 16 00 00 00 74 2c <8b> 91 f8 15 00 00 83 fa 02 75 21 48 8b 91 00 16 00 00 48 8b 32 48
[  947.011336][    C1] RSP: 0018:ffffc900033774e0 EFLAGS: 00000246
[  947.011351][    C1] RAX: ffffffff813ad8f9 RBX: ffffc90003377af8 RCX: ffff888022ff8000
[  947.011363][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffc90003377af8
[  947.011373][    C1] RBP: ffffc90003377618 R08: ffff888022ff8000 R09: 0000000000000003
[  947.011384][    C1] R10: 0000000000000004 R11: 0000000000000000 R12: ffffc900033775c8
[  947.011394][    C1] R13: dffffc0000000000 R14: ffffc90003377af8 R15: ffffffff8ece9770
[  947.011406][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  947.011419][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  947.011429][    C1] CR2: 00007fbf85eda263 CR3: 000000002ced5000 CR4: 00000000003506e0
[  947.011444][    C1] Call Trace:
[  947.011449][    C1]  <TASK>
[  947.011454][    C1]  __read_once_word_nocheck+0x9/0x10
[  947.011481][    C1]  unwind_next_frame+0x15f9/0x2970
[  947.011513][    C1]  ? task_work_run+0x1ce/0x250
[  947.011536][    C1]  ? task_work_run+0x1ce/0x250
[  947.011557][    C1]  ? stack_trace_save+0xe0/0xe0
[  947.011575][    C1]  arch_stack_walk+0x144/0x190
[  947.011595][    C1]  ? task_work_run+0x1ce/0x250
[  947.011618][    C1]  stack_trace_save+0x9c/0xe0
[  947.011637][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  947.011661][    C1]  save_stack+0xf7/0x1f0
[  947.011686][    C1]  ? __reset_page_owner+0x190/0x190
[  947.011709][    C1]  ? free_unref_page_prepare+0x7ce/0x8e0
[  947.011740][    C1]  ? free_unref_page+0x32/0x2e0
[  947.011761][    C1]  ? vfree+0x1a6/0x320
[  947.011778][    C1]  ? kcov_close+0x2b/0x50
[  947.011795][    C1]  ? __fput+0x234/0x970
[  947.011816][    C1]  ? task_work_run+0x1ce/0x250
[  947.011842][    C1]  ? page_ext_get+0x22/0x2b0
[  947.011860][    C1]  ? page_ext_get+0x1e2/0x2b0
[  947.011879][    C1]  __reset_page_owner+0x4e/0x190
[  947.011902][    C1]  ? rcu_is_watching+0x15/0xb0
[  947.011925][    C1]  free_unref_page_prepare+0x7ce/0x8e0
[  947.011952][    C1]  free_unref_page+0x32/0x2e0
[  947.011978][    C1]  vfree+0x1a6/0x320
[  947.011998][    C1]  ? kcov_open+0x90/0x90
[  947.012017][    C1]  kcov_close+0x2b/0x50
[  947.012034][    C1]  __fput+0x234/0x970
[  947.012064][    C1]  task_work_run+0x1ce/0x250
[  947.012088][    C1]  ? task_work_cancel+0x240/0x240
[  947.012109][    C1]  ? do_exit+0x906/0x23c0
[  947.012131][    C1]  ? kmem_cache_free+0xf8/0x280
[  947.012157][    C1]  do_exit+0x90b/0x23c0
[  947.012184][    C1]  ? put_task_struct+0xc0/0xc0
[  947.012210][    C1]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  947.012227][    C1]  ? get_signal+0x1068/0x1400
[  947.012252][    C1]  ? lock_chain_count+0x20/0x20
[  947.012269][    C1]  ? _raw_spin_lock_irq+0xaf/0xe0
[  947.012296][    C1]  do_group_exit+0x21b/0x2d0
[  947.012319][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  947.012345][    C1]  get_signal+0x12fc/0x1400
[  947.012381][    C1]  arch_do_signal_or_restart+0x96/0x780
[  947.012408][    C1]  ? get_sigframe_size+0x20/0x20
[  947.012435][    C1]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  947.012456][    C1]  ? exit_to_user_mode_loop+0x3b/0x110
[  947.012480][    C1]  exit_to_user_mode_loop+0x70/0x110
[  947.012504][    C1]  exit_to_user_mode_prepare+0xb1/0x140
[  947.012526][    C1]  syscall_exit_to_user_mode+0x1a/0x50
[  947.012550][    C1]  do_syscall_64+0x61/0xb0
[  947.012568][    C1]  ? clear_bhb_loop+0x40/0x90
[  947.012584][    C1]  ? clear_bhb_loop+0x40/0x90
[  947.012600][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  947.012626][    C1] RIP: 0033:0x7f1d3d98ebe9
[  947.012638][    C1] Code: Unable to access opcode bytes at 0x7f1d3d98ebbf.
[  947.012645][    C1] RSP: 002b:00007f1d3e787038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  947.012660][    C1] RAX: 000000000000000b RBX: 00007f1d3dbc5fa0 RCX: 00007f1d3d98ebe9
[  947.012671][    C1] RDX: 0000000000000651 RSI: 0000200000000000 RDI: 0000000000000006
[  947.012681][    C1] RBP: 00007f1d3da11e19 R08: 0000000000000000 R09: 0000000000000000
[  947.012690][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  947.012700][    C1] R13: 00007f1d3dbc6038 R14: 00007f1d3dbc5fa0 R15: 00007ffc17e43f38
[  947.012720][    C1]  </TASK>
[  947.013515][T15539] loop0: p207 start 65536 is beyond EOD, 
[  947.394985][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[  947.395004][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  947.395027][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  947.395040][   T29] Call Trace:
[  947.395049][   T29]  <TASK>
[  947.395058][   T29]  dump_stack_lvl+0x16c/0x230
[  947.395097][   T29]  ? show_regs_print_info+0x20/0x20
[  947.395127][   T29]  ? load_image+0x3b0/0x3b0
[  947.395163][   T29]  panic+0x2c0/0x710
[  947.395196][   T29]  ? schedule_preempt_disabled+0x20/0x20
[  947.395230][   T29]  ? bpf_jit_dump+0xd0/0xd0
[  947.395272][   T29]  ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0
[  947.395310][   T29]  watchdog+0xf80/0xf80
[  947.395341][   T29]  ? watchdog+0x1e1/0xf80
[  947.395378][   T29]  kthread+0x2fa/0x390
[  947.395397][   T29]  ? hungtask_pm_notify+0x90/0x90
[  947.395427][   T29]  ? kthread_blkcg+0xd0/0xd0
[  947.395448][   T29]  ret_from_fork+0x48/0x80
[  947.395485][   T29]  ? kthread_blkcg+0xd0/0xd0
[  947.395508][   T29]  ret_from_fork_asm+0x11/0x20
[  947.395555][   T29]  </TASK>
[  947.400501][   T29] Kernel Offset: disabled