last executing test programs:

12.025815639s ago: executing program 3:
prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffe000/0x2000)=nil)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
lseek(r0, 0x1000000, 0x0)

11.881983648s ago: executing program 3:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, 0xfffffffffffffffe, 0x9)

11.752891196s ago: executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001000000018000180140002006e657464657673696d300000000000000800060000080000080007"], 0x3c}}, 0x0)

11.701351615s ago: executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
setsockopt$inet6_int(r0, 0x29, 0x38, &(0x7f0000001740)=0x6, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

11.482041578s ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = socket(0x10, 0x3, 0x0)
write(r1, &(0x7f0000000000)="240000001a005f0214f9f407000904008100000000000001000a00000800040001000000", 0x24)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000680)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x30, 0x0, 0x1, 0x3, 0x0, 0x0, {0x7, 0x0, 0x2}, [@CTA_LABELS_MASK={0x8, 0x17, [0x2]}, @CTA_MARK_MASK={0x8}, @CTA_NAT_DST={0xc, 0xd, 0x0, 0x1, [@CTA_NAT_V4_MAXIP={0x8, 0x2, @remote}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x4c010)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
timer_create(0x0, 0x0, &(0x7f0000000240))
timer_gettime(0x0, &(0x7f0000000280))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000007800000000000000445bd8a9433a630a3d4138b3310999bba908056f368dfe8d2619734f190dbe0ddff83969581f35035268d96c9d96bcb41500b92c13c6a7f69f5daa850b4831299b7e19154206f8fc4d6b29abbff8b1344c761168ca1ef87a2b0cd3296de1520b0db1200017ed9d9e24d6a4413bc3948a707a23644d056d301c350136d2e342963fca03f3d6e7a3f266f632eb62106d70b963948f6ed0a74776cbd9aacba7040f4e15927cf2551ac472ecc69e944700000000000000000000a48cd255e3fd675a06068f05fc289ac67a04a52573c1ebe535c4aeb540c1be127afc7ffbe5baafc98388a19b20c6b3a84af8e0a6475c6984132a11746d5283c3c3d4f29aa6b73de47a893c8e12c30dedbf1881e2d9721420420afd631123d3e9d39f9d62ca90452d43240a8c81bc13b34f3e9f5081f16ab6dfe9d56ff7ce7d6e53b95753fbbaee89e397dc9d471c9570922cb8431adbfaa682759aae9d80b0c70914669f2038702d8188a59858ec55810d7a57a9c1b1d1b84e07"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
sync_file_range(r4, 0x0, 0x0, 0x0)

11.222964477s ago: executing program 3:
r0 = syz_open_dev$video4linux(&(0x7f0000000040), 0x7ffffffffffffffb, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc040564a, &(0x7f0000000000)={0x0, 0x1, 0x101c, 0xffffffffffffffff, 0x0, 0x0})

2.608789336s ago: executing program 1:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='mmap_lock_acquire_returned\x00', r0}, 0x10)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f00000001c0)=0x4, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000140), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000080), 0x10)

2.437438535s ago: executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$SO_TIMESTAMP(r0, 0x1, 0x4d, 0x0, &(0x7f0000000080))

2.333634533s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x7f}, 0x48)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x81}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r1}, @generic={0x2d}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @exit]}, &(0x7f0000000000)='GPL\x00', 0xc}, 0x80)

2.216590616s ago: executing program 1:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000100), &(0x7f0000000140)=0x4)

2.145628075s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1e, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000000000000bfa30000000000001403000000feffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7040000050000006a0af2fe00000000850000007c000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac66ad029d1c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d6f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804d4a69bf9bc5fa77ee293fbd165a5a7c31de7910d1ed4065a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db3503680e5e5971ff4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dacfeb47479321a0574fb304bc2a1681989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f3de8726c2a61ec45c19f97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde0745db06753a7ac7fe13cab6692422a46e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9bdce38c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c5f1e24d9f679e4fbe948dfb4cc4af05c28308241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5490f6589880ed6eea7b9c670012be05e7de0940313c5870786554df2623d58f5ace92d028f2c71a6ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77962a2cd8a104e16b77d5f7f13b1640d43e11801140caf1a8b1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b905fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af0a77fbcf2cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c026ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf34117a82a96b2ced73abb8e4bb718d6ee7aebf9ef40662d7836d252c566f5ee938a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c74f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7eee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab50fe82d5a96b09c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cdfba05e3633be3f00000001762e5f5a3a0bc33fdbe28a5ffc83f2f08544eb2794e7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5d81e750d50515a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f85d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d801002653c4d9818708e27c89b552d3fcd11ebce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff2a8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4000000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b850580994484305d7a1759782ae57773e0d8b0ab900edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0bd91e328b6a6f732a91f0e2e9120be61e58c79d497247d278888901d44bf77ff246605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c2d0836395fe39f0e11c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc71300000000000021000000b12f0ec0412268860027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b50f3ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861ddb54684cb73e7aeefae47fa09fd88e6043bd52ae84c1bb0c8a6b769f952283a1f4e3842edb3d42c68a2102fa1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e81163bde261fd00000000007271e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d1b8b90bc0df4c4b51b1f922a44ec675203bf8d1548e49262727c3de6daab3b4ed15aa99802e45d0620617e839b5237ddfcf103c91e61d174e3be6c9fd47398797e3b814e751ff31ecb42de6dd9d6b88121aaa680c236a303914e00150e1ec3f144ebc28287d5b51cfb8cabb844d12b140767d0fc24425590024b2e431722392489e3d43b3e31438a0138988083c47c61384d54e9a40fba01cac6e59ec82edc764840fe551c1d57442970cd8e59b9f41094e158c0a1ee855d8515599685486c2a21fa1c107531a0db8306441e8408b34aa90e9736e672d74cb8e78f8bdb93a23d024fc200796836ab396911a56231e953efad6cd83db32ffc595d970108e9547ea0000002730d5d1b70fe8b458ac1651135037b6cb9c8053299f77ab84c5b9fd2f764c3caa9c69377c397d310ddc7bc4bfa165def7b49e28ef196ae263b6829a8419d8860f56c86c288964ac4bc19839d96ff24b981c3a4fd6f93a000000ea9d6b06dafae4c91177"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0xa}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, 0x0, &(0x7f0000000000)='\x00', 0x0}, 0x50)

2.073870733s ago: executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x8001000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x290, 0xd0, 0x18c, 0x148, 0xd0, 0x0, 0x1f8, 0x2a8, 0x2a8, 0x1f8, 0x2a8, 0x3, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 'gretap0\x00', 'veth0_to_bond\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x6, 0x2, 0x3, 0xe, 0x3]}, {0xffffffffffffffff}}}}, {{@ip={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'veth1\x00', 'bridge0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@rateest={{0x68}, {'rose0\x00', 'geneve1\x00'}}, @common=@inet=@tos={{0x28}}]}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2f0)

2.067636487s ago: executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002180)='/proc/cpuinfo\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000004f00)={0x2020}, 0x2020)
socket(0x10, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r3, 0x1080420)
keyctl$join(0x1, &(0x7f0000000900)={'syz', 0x3})
keyctl$join(0x1, &(0x7f0000000240)={'syz', 0x3})
preadv(r0, &(0x7f0000004ec0)=[{&(0x7f0000004bc0)=""/68, 0x44}], 0x1, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000a80)={0x2020}, 0x2020)

1.907464283s ago: executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000380)='./file0\x00', 0x804, &(0x7f0000000640)={[{@shortname_lower}, {@shortname_lower}, {@utf8no}, {@utf8no}, {@shortname_win95}, {@rodir}, {@rodir}, {@utf8no}, {@fat=@time_offset={'time_offset', 0x3d, 0xfffffffffffffe28}}, {@fat=@codepage={'codepage', 0x3d, '950'}}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@shortname_winnt}, {@shortname_mixed}, {@numtail}]}, 0x1, 0x276, &(0x7f00000003c0)="$eJzs3UFqG1cYB/BvLMmW2oW06KoUPNAuujJ2T2BTXCg1FFq0aLtoTS1DsYTBBkGTEMWrnCAnyHmyCblADpCQXbwwmSDPSFbCyEaJbJnk99vo8d77z/vezCCtZvTPN72DvcPj/ZN7z6NeT2JpMzbjNIlWLMXIgyj17GV5PwBwy51mWbzKciulM2pTktWlay0MALg2k7//i64FALgZv//x5y9bOzvbv6VpPaL3sN9OIv/Mx7f247/oRifWoxlnEdlY3v7p553tqKZDrfiuN+i3h8ne30+K42+9iDjPb0QzWuX5jTQ3kR/027X4olh/sxudXx9HM74qz/9Qko/2cnz/7UT9a9GMp//GYXRjr6htlL+/kaY/Zo9e3/1r2DvMJ4N+e2U8r5hdudELAwAAAAAAAAAAAAAAAAAAAADAJ20tHWu9+/6dytn5+Nq08Tw/7f1Ag4n386ynaZol+fyLfDW+rkZ1kXsHAAAAAAAAAAAAAAAAAACA2+L4/zsHu91u52iujdFj/SVD8Waea63OmopKUVo3iZhtrVqRvHpyZcZdNIb1dI6SaszvEiTjnsbk0Grkaw17GnljouejV6/HeWN0dx3sJnFFql52k8yhkZXcfpWpqeX3exrFDkomNy5ZffnLD6o5a04ZSiKiNj6Zlx+nNt9zeFPfQAAAAAAAAAAAAAAAAAAAwMjFQ78lgycLKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFuDi//9naAyK8LQ5WWXYqEbRs+AtAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bl4GwAA//95LWni")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000280), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x40942, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)

1.75603921s ago: executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r2, &(0x7f00000002c0)={&(0x7f0000000040), 0xc, 0x0, 0x1, 0x0, 0x0, 0x20046054}, 0x80)
unshare(0x6020400)
pselect6(0x40, &(0x7f0000000300), 0x0, 0x0, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00'})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00'})
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB], 0x54}}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ipvlan1\x00', <r6=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000000)={@private2, 0x0, r6})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="6c0000001000390400"/20, @ANYRES32=r6, @ANYBLOB="01"], 0x6c}}, 0x0)

1.600980708s ago: executing program 0:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@union={0x0, 0x0, 0x0, 0xf, 0x1, 0x6c}]}}, 0x0, 0x26}, 0x20)

1.326632224s ago: executing program 0:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x62)

1.176139598s ago: executing program 0:
unshare(0x400)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000800)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3000000071000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0c00018008000100000004000c0002"], 0x30}}, 0x0)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r3, 0x0, 0x0)
r4 = syz_open_dev$swradio(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_G_FMT(r4, 0xc0d05604, &(0x7f0000000180)={0x3, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0, 0x1}})
syz_open_dev$sndpcmc(0x0, 0xfffffffffffffffd, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'caif0\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r6, &(0x7f0000000000)=0xfe8e, 0x12)

1.072171345s ago: executing program 4:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x7dca, &(0x7f0000000340), &(0x7f0000000140), &(0x7f0000000100))
r2 = io_uring_setup(0x5adc, &(0x7f00000003c0))
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000480)={'#! ', '', [], 0xa, "4c8512bb74b0da7387615ab2c9eed2de568043564a6173ff54ea3c92dc030bc8ec5a8bd1640322b9384478249f"}, 0x31)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0x1a, 0x20000028, r3)

928.029317ms ago: executing program 0:
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000005600)='./bus\x00', 0x0, &(0x7f0000000100)={[{@compress_force}, {@compress_algo={'compress', 0x3d, 'zstd'}}, {@ssd}, {@nodatacow}]}, 0x1, 0x559d, &(0x7f0000005680)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMGrcjR/FiH6yxrif7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Max/9MYj/umiJ0eP2jBvwPJXDv/vH9YfumzRO//rT89ed9ve8763ftWSJZV/en7jSZO/c8PhjRtWTnghhJbOcmVJ8bLTF6/4waoLvvGtB0+76e5395y9tCpTbyYe+nb8Kc/cuTK2+tt+IawsC6EiHRhcmwQqM/drY30Da0PYKWwOZEu09UlKpBsOj9WEsDBsDmSr+lFNCLU5gXG/fGT1vI7E9TUh7B9CqE638e/VSRs16UBjVRLokw5Mq0gCH3ycyAZWlScB2GrxzZB90S9vyc9Q33W5Iq+/ym3Wsc9Xeni9YqK+eL63jt3OncpRlX6gZauetoLq2C4K3h5rvNt6wLutYDtf42nL/SKV+Yby8eZQdSif1DZ5wqz2mfGR8tDU1KtYTdvpeX5x4yUTtyTdY16HsQP12+R1+Pj5A+9c0Dhm15sf3jD59apnF2xtN4tt3u2tOmRecz3meYxG+jzpAW+/gm9JDb50hRBuP37T2799aez//dWDTw9+75tDzxrywitD627+7rR+f332/6m8ZerGgvl//SfP/+PLOd6W5+WOrX5Yl8zN4yO1MfF2XTI3BwAAgB6jJ+w1fWPEQW/Xrmt4eN+vr5h83qJ5r51+7p+rftp3wkEnnjL0+3fcOPW0gvl/Q2nH/+Mh/9rc0a4JYWRn4or+Ieze+XgSWBq7c1b/EPbpTLXkB45NBdaEsEdnYlC2qlSJ3rFEQyrwRl0mMDIVWBsDLanA4hi4JhW4MgaWpwITY2BNKnBcDIQp+eM4qC4zjpIDNTHQmmzE5fEshD/UxdZS2+qlbFUAAADbSGZ2WJl/N+dch63NEKeXy2u6yxDPwC6aoTpVQ3oGm51WFa2horsayrurITvuOZ88/IKay7qrueA0jLL8DO8deN/c1Q/8249vnHDYUwd92HrGy+tXPTp6U6+/e2fMjy8dN3/Y+IL5f/Mnz/+ru+hIWcHx/xDGdv6NucszkfZsvLUlLwMAAACwFSpeW3ryL+Z+VLbkZ+ds3P8vTxt3de8V++47YO3B9/2/hjcHHL9q/4L5/8jSzv+P+0R65WQO6+JuiKn9Q2jODyTVjigMJEe9+2YCAAAA0BNkj8dnj4VPydwmp2in59OF+Vu2MH888D+yy/yDx129rnn17adMGXHomjWbztj15WUbntpl/3deOPDk00+4f2rDPQXz/5bSzv/vk3+bdGJt7MV1/UPonRN4PPayI9CpIQbWH5MfyIx/bdwAV8WqMicmZKu6KpZojYHmVGBhsRLPZEvsnh/IPFnZxq/IjmNKpkROAAAAAD5zcXdAPC4fz/9/+tx+j/7jslsueXDJutD37OW/uOzo4QPnD+791rRnDnnkb989eWrB/L91y87/75wHF5ze3943hCEVIfRK/zBgXZ9kYcAYqC3LJH7cJ6mrV7qqy/uEMKJjYOmqNmTW/69IrzH4XE1SVQzsvu8dGxs7ErfXhDAkN/DC+EXDOxKzUoFs439VE8LeHaNNN76id9J4ZbrxG3uH8JWcQLaqib1D6GisKl3Vo9WZ6xikq1peHcLOOYFsVYdXhzA7ANBTxf+lk3IfvHD2xVMntLe3zdiOibgTvyZMntLe1jRxWvuk6iJ9mpTqc946RnMLx1TqpW9ezqxRdNeopv6lpLM/FGzObSuzI7/gzMHM/fhlqLJznMMq8+4ekh7ygfsVNhFyvkoVG3L5dh5yn9xKNj+JBfXH/FWhb+g968K2GU0XTZg5c8bQ5G+p2Yclf+NxpmRbDU1vqz5d9a2El0fR5bJSPu22asytZMjM86YPuXD2xYOnnDfh7Laz284/bPhhRxwx7NBDhw/pGFRz8rebkTZ2VXNqpB8vKnFY23CkX67IqeSz+NCQkJDoaYlVv9vj5aN3Wfq9FbcsnvHz9qPafv71nXces6Tqmy9suvSy/Z/+Hx8UzP+nf/L8P37qxA/+zPoMxY7/18fD/Mnjmw/zt8bAwlKP/9cXO5qfPTGgIRWYEwNzHOYHAADgiyHujox7M+NO6Ufm7/Yvd467b8z89Qc/ue65svV9Dv77D39fXnnZuP9yzAMNt333bwrm/3NK+/3/Nlr/P7t0/ahiy/wPiiWai63/n17mP7v+/5xi6/+nl/nPrv+/8HNY/39WNpDaJH+w/j8AAPBF8Nmt/9/t8v7pCwQUZOh2ef/0BQIKMnS7jH+pFwjY4vX/H2k4aORPVn/nN43LLpj2zn8bct/oAXs2/O6Rva6cNHXk6NEjBv9Lwfz/mtLm/xbuBwAAgB3HAROPfWrjpL2Pvfp/3rbTHj9p/fauh+3y/WVHts3ftH7i39z27jl/XTD/X1ja/P+zX/8vFDv/v6FYoKXYwoDW/wMAAKCHKrb+39Abv3X5q4uPu/+ey6eNam0dP/uKq/dbfUD1qeGl0fMb/mLGvR8VzP+Xlzb/j6ddlOfljr35sC5Z0y6k17R7uy77kwEAAADoGcpDU1NliXnzFkY99tO3+WJmKdBPSud68sH9nn/gqyNOnL+46urXynYb9vFT1888+Piv/fDVjXtdcse55+1XMP9fU9r8P+93GY+fP/DOBY1jdv3w5oc3TH696tkFm4//AwAAANtPqfslAAAAAAAAAAAAAACAz98JD//k6rcnLvnanIW/3PWnvcY+u3zDrDlNs2uvf/WH1/7qiDsfHlfw+/8wtrNcsd//x+v+xd8XfCkvd2y1+/X/MvfHjb57dueShevqQtgvNzD18qk7hcy1+Q/IDaw+fdBuHYnL0yUeeuW41zoSZ6YDJw4e8H5H4shUoDUukrhHOhCvqvh+v1QgLq/4XDoQt8fydKAqE/hev2QcZelt9WZtsq3K0tvqxdoQ+ucEsttqZW3SRll6gNenAtkBXpAOxAGelAmUp3t1d9+kVzFQG4ve2jfpFQAAO6z4LbAyTJ7S3tYcv8LH2y9X5N9GeUuWzS2stqzE5l/OLE1216im/qWke6W/i26+1nhlqO4YwtCCr6u5Wco6R7ltaulm032pyJC7W+2tvEi5tC3ddFXFR1STjKhp4rT2SZXdDvyQ7rMMq+g2y9CCyU5ulvLOTVpCLSX0pYQRlbhtSuhyvF8empp6pXJ9NQbrQ57uXhGl/l4/d52/Yq+C3DxPvtn+1BP//PzKfR7/89Nnf/BXk7596byzznj3yHOq/+E/lz39XwfuXDD/ry9t/l+dO673MxcDmBOvrDeifwitJY4IAAAAvvjOOf+V+d999No31rc0vjZtyLWr/3X2jRdX1C298i9ffOhvN42/+sytjb/58zv2eXjyhGe+dO4hy054fZ+DL2s88637/mLeuAev6nvLD+ff8YOC+X9DafP/uAcrcyg42duxJl7//4r+IXReWr8+CSyNwz2rfwj7dKZaYonkgvqjYonmJLA07jAZFEu0tuRX1TsGlqcCb9RlAmtSgbUxkNlLcUfI7Mq5ti6E4Z2psfklpscS9anAN2OgIRVoioHmVKBfDIxMBX7fLxNoSQWejIEwJX9b3dcvs60AAAC2RGaeVZl/N6TnecsrustQ1l2GPt1lKO8uQ3V3GYqNIt6/N2aoTJ28UpaTqTJda02qloIM8WL4W9yvggzhmfyc6YIFTcfzD7LnG5TlZ3jg5K/ec9WCyYPKf/XR2qWt790/ccWts49eec5Df/fEpH0X3XX93gXz/+bS5v998m+T1tfG+f/m6/8lgcdj966Lp443xMD6Y/IDmR0Da+Nk96psVS2ZEplJ+1WxxMgYaEgFpsfAyFSgdWwmsHC3/EBmpp1t/Ips41MyJXICAAAA8JmLOwjibpo4///jsmePeqxi0V3/+ur4u+6d89Y99/70nntuvXf07Zu+/twVF7970UcF8/+Rpc3/Y3t9cxu7Mvbmt/1CWFm2uTfZwODaJBD3Y9TGn8cPrA1hp5wdHNkSbX2SElWphsNjNckv1KvSVf2oJlljIN4f98tHVs/rSFxfE8L+OXtfsm38e3XSRk060FiVBPqkA9MqkkDc85MNrCpPArDVsnsF4wsqc6pLVn3X5Yq8/r4o1wRND69gH2gX+br6zdX2Up1+ILNPNWvLnraC6tguCt4ea7zbeuK7rd67LfeLVOYbysebQ9WhfFLb5Amz2mfGR3J/yVpgOz3Pub9SLSW9DV6Hcz59b7tXne5Ac+rjo7nrcl2/DstidY+fP/DOBY1jdr354Q2TX696dkHJ3Sgi/lD4maoB9bmbd3urDpnXXI/7PGnxedIT/w00eNpCCBsuPeG6kVXTr1g5+pAj93rttFOqZ7437+/vf+mBd/f9xxUTh31tQMH8v6W0+X9F6rbTH+PGvLB/CAfmbNx1cfMf3z/5HMwJJJ+SOxcGkkPur9YV/eQEAACAbS27uyO7v2BK5jY5ITw9Ty7M37KF+eP+ipFd5i+13z8adMpe9+9297hrTz3qpn/+zdh+G8e/uOSYFa1HNS49+mf/6cyaeQXz/9ZPnv/3TnXT8X/H/9lOHP/v0o6+K7p3+oE5W7UruqA6tgvH/7u0o7/bHP/vkuP/jv93xfH/bjj+36Ud/Wkr+JY03ZeuEMKwMWcMrr1r8BPvD1z96yeemvJvc1sn3PONq27Z8+Nv1y9eUL9r34L5//TS5v/W/+t60b7s+n+txdb/m15s/b851v8DAAC2qyILzaXneQWr9xVkSK/eV5Ch2wUCu11i0Pp/W7z+32NHHTl++ejFv16z95gDLus7d+6puzx504stM9+vue2D93f7xYGjCub/c0qb/8eXQ9/c1nvK+n8NY4tUdU0MTLcwIAAAADuiYjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HztfsN1449prj7pN8dfWjP6+w+tO6D6mldOvXTZhFsnfeX28wfNWrFkSeWfnt940uTv3HB444aVE14IYUpnubKkeNnpi1f8YNUF3/jWg6fddPe7e85eWp2ptzJzu2de7tjqh3UhLMx5pDYm3q7ruLM5MG703bMrOhLr6kLYLzcw9fKpO3UkFteFcEBuYPXpg3brSFyeLvHQK8e91pE4Mx04cfCA9zsSR2YCZenu/kO/pLtl6e7O6xdC/5xAtrvn9suvKtvGCZlAebqNf6pN2oiB2lj0xtqkjRhojyWm9A5hSEUIvdJV/aw6qapXuqr/XZ1U1Std1WXVIYwIIVSkq/p1VVJVRXrkz1QlVcXA7vvesbGxI7GoKoQhuYEXxi8a3pGYkQpkGz+lKoS9O14y6cbvq0war0w3fkNlCF8JIVSlS2yqSEpUpUtsqAhh55zA5o1YEcLswBdD/PSZlPvghbMvnjqhvb1txnZMVGXaqgmTp7S3NU2c1j6pOtWnYspy0h/P/fRjf3njJRM7bu8a1dS/lHRFplxlZ5eHVebdPWRH733sV5/cSjY/HwX1x/xVoW/oPevCthlNF02YOXPG0ORvqdmHJX97ZaLJthraU7ZVY24lQ2aeN33IhbMvHjzlvAlnt53ddv5hww874ohhhx46fEjHoJqTv9tipIs++5F+uSKnks/i/S8hIdHTEuV5n27NO/rneMEX/c0drQzVnR/QBdOK3CxlnaPcFoM+9lOO+NN8Tel2REMLJg4FWYZ1n+WQgsnE5iw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+9bW7F5X8xsulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//y85Ijg=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
fsetxattr$security_capability(r0, &(0x7f0000000240), &(0x7f0000000280)=@v3, 0x18, 0x0)
write$cgroup_freezer_state(r0, &(0x7f0000000000)='FREEZING\x00', 0x9)

882.796239ms ago: executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$sock_linger(r0, 0x1, 0x22, 0x0, 0x17)

803.905649ms ago: executing program 4:
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4000}, 0x20)
connect$l2tp6(r0, 0x0, 0x0)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
r2 = socket$inet6_sctp(0xa, 0x0, 0x84)
bind$inet6(r2, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000080)={'syztnl2\x00', <r3=>0x0, 0x0, 0x40, 0x80, 0x20, {{0x7, 0x4, 0x2, 0xc, 0x1c, 0x68, 0x0, 0x80, 0x2f, 0x0, @multicast1, @dev={0xac, 0x14, 0x14, 0x14}, {[@end, @lsrr={0x83, 0x7, 0x5, [@initdev={0xac, 0x1e, 0x1, 0x0}]}]}}}}})
r4 = open(&(0x7f0000000180)='./bus\x00', 0x26a27e, 0x0)
timerfd_settime(r4, 0x0, &(0x7f00000002c0)={{0x0, 0x3938700}, {0x77359400}}, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x301c40a, &(0x7f00000004c0)=ANY=[@ANYBLOB="726f6469722c73686f72746e616d653d77696e39352c6e6f6e756d7461696c3d302c757466383d302c696f636861727365743d63703836362c696f636861727365743d63703733372c756e695f786c6174653d302c73686f72746e616d653d6d697865642c756e695f786c6174653d302c636f6465706167653d3836322c756e695f786c6174653d312c757466383d302c0000695f786c6174653d302c726f6469722c696f636861727365743d6d6163726f6d616e2c6572726f72733d636f6e74696e75652c756e695f786c6174653d312c636865636b3d7374726963742c006b86246297ff4fcfb9326a646d98b9c850db13f78f3c9d836b0602860201d2431726761c0ffc6e0f0cc1c0df3206ce6f17ffa128e77bcf87fd5aaa0f7206b8bde975cbe3adf787a8d908481d5e8b271915d0352756e1f8efb214819f083c0fcd918dc1517b59afc00fd0d7406fb6b3c858b48f557628abdd45fba8048c6e120000d9014b5a582c197029b6eaecf9e7b3b0d51bff4b61df3c4612c7e0f1fb63"], 0x6, 0x2d5, &(0x7f0000000680)="$eJzs3T+LHGUcB/Df7O3tTrTYLaxEcEALq5BLa7OHJCBeZdhCLfQwCcjtIiRw4B+cTWUl2FhY+AoEwRdi4zsQbAU7IwRGZnYmM5vbXPbk9sTc59PcM8883+f5zdxwO1fccx+9Mj+6ncXdB1/+FmmaRG8Sk3iYxDh60VgUS/nycPJtAAD/Zw+LIv6sP9/PkksiIt1eWQDAFm32+d9vmz9fSFkAwBbdeu/9d/YPDm68m2Vp3Jx/fTwtf7Mvvy7P79+NT2IWd+JajOJRRPWisBvV20LZvFkURd7PSuN4fZ4fT8vk/MNf6vn3/4io8nsxinHV9fhto8q/fXBjL1vq5POyjhfq9Sdl/nqM4qXH4ZX89TX5mA7ijdc69V+NUfz6cXwas7hdFdHmv9rLsreK7/764oOyvDKf5MfTYTWuVex0j65czLcHAAAAAAAAAAAAAAAAAAAAAIDn1NV675xhVPv3lF31/js7j8qD3cga49X9eZb5pJmouz9QURR5ET80++tcy7KsqAe2+X683O9uLAgAAAAAAAAAAAAAAAAAAACX1/3PPj86nM3u3DuXRrMbQD8i/r4V8W/nmXR6Xo3TBw/rNQ9ns17dXB3T7/bETjMmiTi1jPIizum2PKtx5UTNdePHnzaaJ4lY1D3psxfdXb/WeTaap+voMFl/D4fR9KT1Q/L9IKIdM4inLbFY7Rk8rYwizvL4DdaeGm0W/6a+2nKeF6uevDm1OJmK5InCkqQz5s3fl3PVPcmTVzGo7uq6MiJtGm18dUy60fMc6TJ+8mdFYrcOAAAAAAAAAAAAAAAAAADYqvavf9ecfHBqtFcMt1YWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyo9v//n6GR1+ENBg/i3v3/+BIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4BP4JAAD//47KXt4=")
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r5, &(0x7f0000000180), 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{}, {}]}, [{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {0x40000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x9, 0x0, 0x7fffffff, 0x0, r0, 0xa000000, '\x00', r3, r4, 0x4}, 0x48)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x84, 0x0, 0x0)
bind$l2tp6(r1, &(0x7f00000024c0)={0xa, 0x7, 0x0, @dev={0xfe, 0x80, '\x00', 0xb}, 0x8}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ipvs(0x0, r4)
sendmsg$IPVS_CMD_SET_SERVICE(r4, &(0x7f0000001340)={&(0x7f0000000380), 0xc, &(0x7f0000001300)={0x0, 0x14}}, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x33, &(0x7f0000001380), 0x0)

763.791456ms ago: executing program 2:
r0 = socket(0x1e, 0x5, 0x0)
connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1}}}, 0x10)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004400), 0x400000000000203, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
syz_io_uring_setup(0x2b06, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x1, 0x4e}, &(0x7f0000ffd000), &(0x7f0000ffe000))
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r3, 0x1, 0x0, 0x0, {{0x45}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}}, 0x0)

617.605402ms ago: executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000080)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0xa}, [@RTA_DST={0x8, 0x1d, @loopback}]}, 0x24}}, 0x0)

461.935736ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x20001400)

398.515306ms ago: executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet_MCAST_LEAVE_GROUP(r1, 0x0, 0x2d, &(0x7f00000013c0)={0x0, {{0x2, 0x0, @multicast2}}}, 0x88)

196.475624ms ago: executing program 4:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x6, 0x4, &(0x7f0000009300)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x55}]}, &(0x7f0000009380)='syzkaller\x00', 0x9}, 0x90)

183.231175ms ago: executing program 2:
syz_emit_ethernet(0xda, &(0x7f0000001600)={@local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x2a, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @private, @local, {[@cipso={0x86, 0x2a, 0x0, [{0x0, 0xd, "5e000000ff000000000000"}, {0x0, 0x5, "4eb8a6"}, {0x0, 0x12, "9606053d0006ff00800000b61af93a93"}]}, @lsrr={0x83, 0x13, 0x0, [@dev, @loopback, @loopback, @multicast2]}, @cipso={0x86, 0x4c, 0x0, [{0x0, 0x7, "4b6cefc500"}, {0x0, 0xc, "df61168c24ac88ad078c"}, {0x0, 0xa, "2189ea43a2149b84"}, {0x0, 0x12, "ffd11634eea26b0faffa0dea2e903528"}, {0x0, 0x9, "02a20948fd7406"}, {0x0, 0xe, "ccf0294e2a3bdb4aa40b249e"}]}, @timestamp={0x44, 0x8, 0x0, 0x0, 0x0, [0x0]}]}}, "a815a23da43974ff"}}}}}, 0x0)

99.823519ms ago: executing program 2:
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000180)='./file0\x00', 0x8, &(0x7f0000000500)={[{@shortname_win95}, {@shortname_win95}, {@fat=@sys_immutable}, {@fat=@tz_utc}, {@shortname_mixed}, {@numtail}, {@uni_xlate}, {@fat=@codepage={'codepage', 0x3d, '863'}}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}]}, 0x1, 0x223, &(0x7f0000000280)="$eJzs3TFrE2EYB/CnttVSkHQQiiJ44uIU2op7ilQQA4qSQSeLTVGaWDAQ0KF180voV9DRVXAQV7+ACFIFF7t1ECLtxcbWi43U5Ir9/ZY+9H3/d897CQkXyJs7p+tLC8uNxfX1tRgbG4qRUpRiYygm4kgMR+pJZNgaLGWNAAAH3EarFd9aqbx7AQAGo+v7f+ZNPwDwP+jx/v/6AFsCAPrM5/8AcPjcvHX76my5PHcjScYi6k+blWYl/ZuOzy7G/ahFNaaiEN8jWtvS+vKV8txUsunzRFTqq+38arMyvDM/HYWYyM5PJ6md+dEYb+c/jEc1ZqIQJ7LzM5n5o3H+3C/nL0Yh3t+N5ajFQmxmO/mV6SS5dK28K39sax4AAAAAAAAAAAAAAAAAAAAAAPRDMdmWuX9PsdhtPM33vj/Q7v15RuLUSL5rBwAAAAAAAAAAAAAAAAAAgIOi8ejx0nytVn34p+LBuxdv9prTYzHUPu9+j7P/4vjZT8+6zRn+u+vzb4vXZ/K8LD0Wb9funbzQmLyYWxujEfH7f7o+tb4WIvrUz8tcH4ufq95z8uTz0vyrlY9fej3ywF+KAAAAAAAAAAAAAAAAAADg0Ot86TfvTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP53f/+9fkfcaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgRwAAAP//st+ejg==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="00020201"], 0x18)
sendmmsg$inet6(r0, &(0x7f00000007c0)=[{{&(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x9}, 0x7a, &(0x7f00000005c0)=[{&(0x7f0000000300)='Y', 0x1}], 0x1}}], 0x44, 0x8040)

0s ago: executing program 4:
syz_mount_image$minix(&(0x7f0000000040), &(0x7f0000000140)='./file1\x00', 0x42, &(0x7f0000000540)=ANY=[], 0xd, 0x1a4, &(0x7f0000000640)="$eJzs271u2lAUwPFj7GKgX7S0HapKRerQLsVAW6Ru7aNQcBGqaaKQBcRA8gJ5hrxfGKIsmULk648oBoNCAIP8/w3Y3HM/zgWudIRkAZBav6QsmmiScd98yBXPSlrSKQHYkql/vZkCSB/92ruWk04EwJZNfouq/S8uRy3Rs2FdENy58XEQz5gz9cPkROS94ce1nOSj9cW5yOdgvFaIDr9yWwph/GkknFXzf/kUrP9MnssLeSlFeSWvpeSv3w7Hv3to+TO7IQAAUkCTyrJ4TIcn6jUvf7uOXVU9I/58V73ceC12/qyK1xfG9Y/x+ZlqfKV14LQX7gPArMzK59+jh+d/PmPJ+QeQnP5g+K/pOPbRDtzk7uczNUU2uKi5C1ve3xtToi3GWmbOx4ZOZV7I/dGsc18j/2Bs9jMcR1vcajrJ79TwVtf9NPhfDEgB67h3aPUHw6/dXrNjd+z/9Wr1Z+PHt1qjbqnK3lpc3wPYX3dlQNKZAAAAAAAAAAAAAACAVb2Rt0mnAAAAAGBLlj4YJIbX8REPGCW9RwAAds5tAAAA//8YBw3V")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ftruncate(r0, 0xc17a)
write$binfmt_script(r0, &(0x7f00000001c0)={'#! ', './file0'}, 0xb)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000a80)={0x0, 0x0, "bdd7aa65c0b3c56efbe64b0d04fefb0daa34c469b08d47157ca423c77479db1d4ec7477f82f5f84425c4ad6b81b3fc2bf0af934a6458ac563f3e50f5613f1843ba208a673539f19dace38f6998541029990da712514334cb5eabfdfd154a18b4c5e7279efce5c0e14b0270bbab7366c3eeaceac42f4775202bd20c2b7e056da18e0d22c65ca3fc5b6f9cd6af8ff4abda702b2c133d63d7513cb2c3555e0c94d3eaed652e0f429700c0eebbb72b40a0eb05ab4adc56e3bc47c59f0460be58e41695ac1324c80b1514d369dd76fd9c15a30571c9cf64c95309f5647b3feb66790374a1051e6875fc78f861ce320c43cf8bab9aeb1210d300", "d0168fc8c7b7daa09153ce090dfcb7642796b40e0e856f7e4ac23d2aa1e7ca61d2bbff648ec52d3ccca5b6cf00788aafaa24acc294cd2a8a7dbacd67bb671ea1656e7829190cab20c33f339c34ab0348858acb6a685e31c0ca0bd057920890722d1cd30b9e3402ed3df16aa32f1ea7e56977b39fc905c5bc9dc8462d07edd1c9ccba71b6eab38b2a6602d5ce984f169f5f4cca38dcb63cd97e779a45e2fa2675fd5dd9b413c5ace58eecd36858247057e57e2d4a0f23a851c8f4178ce361c9c87e7d2243362643e9c3b147fc7d24c8b70ec7d2528a6185599c605aace8fc92bae2874529c96e3d100e7dcffd54130659eadb569ec64d1b3225334f2e87387d2aba0da172fb4bef511b196df29eb0de31693556e8db924f0ffd8219f94ceba10451bd357519f25b664595814a3406fe0c3bb3021b6b1a19363181a72a4173f14e7739c8f69fef3092bdda35737b56c77318eb6fa013aad36033d180185a0b566808385039664faa3ec5c907dd02c6ddfad1ba64e9884358c961b6cd87f2f66526685f6ff7c48db2313d51c4713cb6801b2e2567c8f51703808ca51a1889b8da5be593f63daf15b64d29e5add4377fa7090466f62ec53d5eba8ca03e169d23821c55e2937863c3e8907966f1fc4dc5accb39392896a9fa14efd387e08f729e4f9ac33945d7c02cf0927b63bdfda9446b2e9191163ad4a3df683c21ba33d5a64fb81d403963329a370997544391c688f96be57239c712e7509b9bf76f51afe6757d35c9f3afcdf128fc23224a240e60bf0ae1c8bad18abcf8cd3014f94b9d3dfc62877b9f69946f8fbb3b50ea1d27ba6b521daa450bc52b9aca7ecfea080c3175988aa7b43657ed4b65b401da8e1411707efebd475fbed5cdf40003f4a8c4cc28b0b5d11ff2aeb67f246f1786cd007ca60f4b142204c5ef1830eb0ab880d95a58e58aa74e81d4a037c6bfc0424ec48c005fe6b0fe5f9ce0d68059f93d3fdcc8f1d526d8729562c72a9bacf7446d344409ec9308815c7d297f8658bf94f8e91e8e7986aaef134935257bf1a95678de883dafe68e72228efc056e0a15a89ff8cfba688c6b462aff81896d54108a125745fd34364a8b4987dbeb00fdaee026f38f5077e908b570ed55d1144ce2f3ed76779d8344071b7e10524bc45c7dce3320a11ba29126f28440c8cc064aff124e5ea497e73ede1966b7b0a2b5ef8a7e7156a4e52660bf1d4157b57cb6e4ebc289b8ea62dfcde08f90c8a7fd48e7cdfa267ab515c23b343261521a3b138a824d28afc2d86364b8ec8b0dc8ecb0a61742c841f2cb1d48130bc1f3f681d60a207e34d7a0ce70d1f947622ba7016b9840d89d5a1af5099836e964ae471e9b4a60d63f06bac2c3908bc1fad8bb918b52797f36639a6b714c020046ea305abdd71d31d0ae693abd9fee72e52a4cb5b2210cc2df31b9e42242ddcc2138444a2e54b8eae01e9fd9becf83990b675e3c150e93272736da625217cac2ef0c706b6466eeab2deb9f5b89b0119e5f6b0245a49b2d71658bc51161bd8adfdbaa01e5c6271a7a78788bd0ad33a860c6281f3009280532e7f4ae5db42878424c00efb93909321c44f94f10cb9899862f29a85017ad543d716f2d6797a8c18f5d82f0a3206a32f209873ac0f78af506bd1d4be76b2784cdeb65ab2560de032181fb9c83280090356a82ad44e9c88e1fd1ec8ec1ffa5f5298a654d385817862f9f50760db66c72cfedaecb98f4c7e096a8397b3b1f9f3e099b0c2e6a7894af7d70b058df00a3d94780b209a9b6866e07c535036045c8909e0a2b074fc464ee6f478662127572635b876c3219cad3403c68020ec5a32892f7c6a8107400974118fcd292fae80d53005b6c3fc7f55a992740188cf6c424fbe7944c7a19e234a024e795917d374ef2a550eec874f8ef30ac6dd7af70f0dcd0b9734732f45d1879d36048b18d8519b2188a2df1e394feb3c1c927ecefb7e8ea590fd449c7f9d34e0a7485fabc9dfaa141b3e90db1ac9ec43fa0b0cdb5009d396512aaa3dc511e7c794685ea51326b39d32b90fd93643ff869d8319d5272b37f018b0e67d3a4a8e5cf76866944a5eb677fe175c72c0639a716f8474dbff484679949a3c48dd429fa41e8c2758ec6a1ec66b85ee492cf30813b8b399d098518e5a188727e27f2c99130fbbcb7d96b6646c475abfa7721beab509aef88cdaab64b00b6a2623cb101bca4ebaf20aa0f04ffd2fe816ad3048b593cf1b7641e4c628c8963f6d8b113f85be012707249cee155cb96fe8737b8d0a7854f334a439e4310d2d60ad2ebb7d6bb52e5b222dec4a8c7b0d81221f1c4e0b1843bbe84c79c1840da4e658f44fa5fc1a2ce3a935055a6931845af2fd3770b71ae7576cb9e58ca6c07cd79fb6e6f367e9feaa19594dd1a18b2dd9e7b5010fa7f43a266b6f47a379e21c7d9edb1bbdc82446ac7ebd65ba4d0c3fbdb1f336c3e2f15f81ed780f2fa29d9ef0fdc5ed4c7c90498e9ea6d2a267670208463bc17c92fb75f33aae1b64b6ed7cc64834570d252023628bcc50a164d4f2336b667f080e8621d897db77f608fd12ac2e3528ea8ee4ba011fc3e391d8539af813b5603929764de67eb40494e0d9ade2cece368b409caed4a9665c125aa0d3c6d9f8e3782ff211516d0b8125f8060f79d4e4c9ba63fef0cb146c0b5029f973e09239dbef7132454f378c60657a08d59e987218806f9ad57cdb86dd4ef189c478e2c849f948601bb5a305775518d2864bfc811081730584306f402ec4b70bcf596eef45ea0e3eb7799118671aed48bfa1093d86889cddf8c53f33b0d2c4f284eb9bc82b06e9d4c6c56b6a2bf45fee09845a21806bb48a49bf2db747a933bddc2fcc188fd980669b4669feb0b648c891bc360b5da9443753d4a85dc4df01e9a68c9f8e785693c2a33d37a2f798917d95e8b095b10d54f5fe986ce23a3e7e07046f1eee98c35bee792eed0f0c3a1b6cfdc740e0f7ffdd3802754f6b2e136b4c6f9c3bfbb14e9ef94038a531c7da7c6337fba949258c9b2fbddcdf03c1e5824f50bf114700a47f6dade947ef07601035539a045d59f7b9cfed4749e88ca052a9e0fc3bc8cade142eb64bbeb05d061787c931f3f407dfa7499712ea4ff39ca1c2327ebf781e2b09d7f8c8e4a9246fd1d47c6c881a6ca1af2c89e9a78d62e385fac9e1b0157b9190e089e111a8f534e079e8dddfdb7e171116b86ffa70c48525e438fc7191a237869be1a6791343fe79b0956be6b31bf7b38f00b4afa7d0524166927971370af59d8e5dcf33eff14eb11e673557bb3c407aea6f21fa9d6d4494d12b47dbe769940eb487dc006c11dccc0cf80224fc3b0553a57d07d5bfb173912d6533f3026d8afb533b3d136acfe4f0e812a7d09308e66eb25bcc0505e32cbf7ea6936218412412ccf855b846f9dad294eb7ef44a318f89397ecdad3b80efb3ab2d675f7496736e07b66c0b4e7d6d7a008cbfba72440b6ac2f35fb21ad2b7a6fb4e933ae77c37c1b89af42e6b65fb92a14c076379327219faa31d24fff95e5955b50ea65409ede3f46bc16607f2ecec6b895263d895db2c666d6567eef7e6beb4f2cba619c4b6873cdc6b7561c5dd57bc20258d9213153d0adc50e697e7fafa4909f45b2cad1a267b08a1dd06c2bd9b01079bb6f7bfa7d396539cf2e4c2c63145f9f30d82b2262531afca9c1691cd229e5575696c531e2e4873b5935815459a983cc41ab4d5cb7bfefbd7068675fa3c22d9ab3f50bba1c24f37d39ae839d1de9764b22658e99ca911ff837f0c9e74aa456767292325a61a01556537e27567d1e703fa6d8d0d9d7df2685bdcb9659c4ca1627e48477473bb708cf5c73961e8b9d99cc8ab7bb0e304aafb989189e55f2adef6f7ec507407577f9569f7f050f83ae3506d5e642db1efc7d3eb0c3c501983acefc96bf04bc3add14bb5a9e2a85586dd57c52b2ea6ba09d2b22c25c4e51f7e87e6f6cfbde97bf02e5fb6ab68fe67af9a3aefad9bcd1cfd35d3c0fa1af7b9cf66b5920eb7de4c36b054a03f4ffa48a864e2c7a1228950886d776535f829a3302a13d9de7b99d33ceda1aa4b60abc7a15b9ad7071b93d9ba1feeecc8d7469f062004137726bc994a8ca39b8ed6e8b750deac5ae23a465930200e6bc38c26fae035dccc6d629954771843ea20dc412355d58d334e92c7246aa1ed55d149cf3164d9e928f698925132eb0a3e1b8e2d06b9b1d56580a5d26fc6f6ad9060871e62c0cc817d5ba4521f95507700ae74b694cdd16269102d7486d45fc55db0f1cb239d266244a78fe3b6eb5e8581268d1c13b4b1043f4df263b9cb543d470427501256138d12377f3a117cfd227436f87c8c0acd1b11ee3be5bb349b127e2211549118fba19e68e01de7179042f8b0f369410f74755bf61895b240a271caa8222ce6b431b746a0470db5c6f5c2df543deee86832e5c9f3932221001949171c014e0373c18128792a20d0d49670d584b0c240d800245f302440e304433e70a2418483b8687a5342a1e229ef83bd015086426830ea28da4f2f88be9626d2d000b29973c1ab5af69fa1a0e56cee5770bde69f69d9a19e03eddc541e403ec200c491785929935d14b63c5794bf0eca38889a68ed0a258eb7c63540fb3194e3e60d3cf960da25389b8c35d39e9829b50d4026599d1a9110cfd1b51d51a943ba523a8c2958c5272f4c86c2662f2a4859f470660009fbf2dc388de8523ecc7895c3fe1c47a76af1b4f76252434d3aca051a6e73099f747958fff28691fdaeeb8b4f35110cfcfdff4dd14c31dc43838c582bbd4077a3b40bf6e275470117887911e8a4494d5d604f29b587ed1f224f5fdff4801a78fd9daeb13eb436472e16b8576ae08c7a81b78d9223170e70879358e36dc0ac8a3ce8ab201b85dbf26a8756e8f3098a39828254c40755e8f2c59c37d12e40ac7a3acf5c826202337b6b055bdb204804859599ddb5153a9a65aeaaf3da40d7ad58d927d5ee3f5f0c8587c4cd6a9dc4af955912d6e1fc1a5f99c803758f14b24e604f366768872e436a4e30758f86570f67ce6703ca17687406504cb381d5d06782d31aaa9cbff259223d15d7e8ba8b9ed8c0d67d6037dcd007f79f33794438b4b11578cd5ac524e6e917ad0027b61c39a6a6b5d6cdf08fe63d8d5c347cb1dc4124c1adf23e8bc3bffba797b0c36c430d62ddc7312e3e51af687e14bafd48e120d5482a7b5107f17da843bd61ddf215e4ab91e93f3d1a1ed21d5ece59a1186e59dd7a062cd9884bacc0b12a15138b9fed834e6eaff1c0629381b9504a364d20e86291b5781eb79a780a02dee55efd2f9eaffe0c5074fb9c3314500176215fd11a455da5be3cf5397b7d69e1d9747c826c311131923930d13126651b71decb140717c6434bb1311ba31e3"})
fdatasync(r0)
symlinkat(&(0x7f00000001c0)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file6\x00')

kernel console output (not intermixed with test programs):

peed DVB-T Receiver'
[  291.719390][   T45] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input21
[  291.735485][   T45] dvb-usb: schedule remote query interval to 50 msecs.
[  291.742827][   T45] dvb-usb: bulk message failed: -22 (2/0)
[  291.751196][   T45] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Receiver successfully initialized and connected.
[  291.789056][   T45] usb 4-1: USB disconnect, device number 11
[  291.805912][  T784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11
[  291.829375][  T784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  291.846593][  T784] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  291.861283][  T784] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  291.868540][   T45] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Re successfully deinitialized and disconnected.
[  291.902951][  T784] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.923749][  T784] usb 5-1: config 0 descriptor??
[  291.929511][ T9593] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  293.067534][  T784] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  293.086918][  T784] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving
[  293.205763][  T784] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  293.320294][ T9626] input: syz1 as /devices/virtual/input/input22
[  293.375050][  T784] usb 5-1: USB disconnect, device number 8
[  293.583243][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  293.583261][   T30] audit: type=1400 audit(2000000089.772:226): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=9641 comm="syz-executor.1" saddr=172.30.0.2 daddr=172.20.20.170 netif=wpan0
[  293.660560][ T9647] loop2: detected capacity change from 0 to 1024
[  293.701965][ T9647] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  293.737350][ T9647] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.992294][ T9033] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.235855][   T30] audit: type=1800 audit(2000000090.302:227): pid=9659 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1940 res=0 errno=0
[  295.063930][ T9668] loop2: detected capacity change from 0 to 2048
[  295.092573][ T8222] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  295.108936][ T9668] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  295.302445][ T8222] usb 2-1: Using ep0 maxpacket: 8
[  295.319104][ T8222] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0038, bcdDevice=7d.78
[  295.337723][ T8222] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.358726][ T8222] usb 2-1: Product: syz
[  295.367621][ T8222] usb 2-1: Manufacturer: syz
[  295.373984][ T8222] usb 2-1: SerialNumber: syz
[  295.390125][ T8222] usb 2-1: config 0 descriptor??
[  295.404396][ T8222] dvb-usb: found a 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' in warm state.
[  295.426400][ T8222] dvb-usb: bulk message failed: -22 (2/0)
[  295.436910][ T8222] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  295.467336][ T8222] dvbdev: DVB: registering new adapter (TerraTec/qanu USB2.0 Highspeed DVB-T Receiver)
[  295.477893][ T8222] usb 2-1: media controller created
[  295.555866][ T8222] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  295.557051][ T9678] loop4: detected capacity change from 0 to 8192
[  295.592615][ T8222] dvb-usb: bulk message failed: -22 (1/0)
[  295.617303][ T8222] dvb-usb: no frontend was attached by 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver'
[  295.630980][ T9678] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  295.652303][ T9683] loop2: detected capacity change from 0 to 16
[  295.664852][ T8222] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input23
[  295.682974][ T9678] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  295.705170][ T9678] FAT-fs (loop4): Filesystem has been set read-only
[  295.714137][ T9683] erofs: (device loop2): mounted with root inode @ nid 36.
[  295.723189][ T8222] dvb-usb: schedule remote query interval to 50 msecs.
[  295.731527][ T8222] dvb-usb: bulk message failed: -22 (2/0)
[  295.743073][ T8222] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Receiver successfully initialized and connected.
[  295.757716][ T9690] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  295.785228][ T5147] dvb-usb: bulk message failed: -22 (1/0)
[  295.792525][ T5147] dvb-usb: error while querying for an remote control event.
[  295.803817][ T8222] usb 2-1: USB disconnect, device number 10
[  295.887455][ T8222] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Re successfully deinitialized and disconnected.
[  296.084778][ T9695] loop4: detected capacity change from 0 to 1024
[  296.120595][ T9695] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  296.159564][ T9695] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.164610][ T9671] loop0: detected capacity change from 0 to 32768
[  296.221877][ T9698] loop3: detected capacity change from 0 to 4096
[  296.233248][ T9698] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  296.253535][ T9698] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  296.285860][ T9698] ntfs3: loop3: Failed to initialize $Extend/$ObjId.
[  296.304245][ T9671] XFS: ikeep mount option is deprecated.
[  296.342775][ T9671] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  296.373611][ T9214] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.587077][ T9671] XFS (loop0): Ending clean mount
[  296.617953][ T9671] XFS (loop0): Quotacheck needed: Please wait.
[  296.685517][ T9671] XFS (loop0): Quotacheck: Done.
[  296.748388][ T6851] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  296.783348][ T9723] loop1: detected capacity change from 0 to 2048
[  296.831176][ T9723] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  298.071008][ T9743] loop1: detected capacity change from 0 to 16
[  298.137794][ T9745] loop2: detected capacity change from 0 to 4096
[  298.158854][ T9741] loop0: detected capacity change from 0 to 8192
[  298.161481][ T9743] erofs: (device loop1): mounted with root inode @ nid 36.
[  298.177815][ T9745] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512).
[  298.187735][ T9743] syz-executor.1: attempt to access beyond end of device
[  298.187735][ T9743] loop1: rw=0, sector=34359738360, nr_sectors = 8 limit=16
[  298.200553][ T9741] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  298.218472][ T9745] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  298.241738][ T9745] ntfs3: loop2: Failed to initialize $Extend/$ObjId.
[  298.279930][ T9741] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  298.294692][ T9741] FAT-fs (loop0): Filesystem has been set read-only
[  298.320159][ T9741] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  298.559639][ T9761] loop4: detected capacity change from 0 to 512
[  298.597015][ T9765] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  298.633935][ T9761] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  298.647341][ T9761] ext4 filesystem being mounted at /root/syzkaller-testdir2536310390/syzkaller.Z57sz2/18/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  298.853936][ T9780] loop2: detected capacity change from 0 to 16
[  298.880854][ T9780] erofs: (device loop2): mounted with root inode @ nid 36.
[  298.890976][ T9214] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.939955][ T9780] syz-executor.2: attempt to access beyond end of device
[  298.939955][ T9780] loop2: rw=0, sector=34359738360, nr_sectors = 8 limit=16
[  299.111968][ T9792] loop4: detected capacity change from 0 to 4096
[  299.120695][ T9792] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512).
[  299.149051][ T9792] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  299.176637][ T9792] ntfs3: loop4: Failed to initialize $Extend/$ObjId.
[  299.373867][ T9804] binder: BINDER_SET_CONTEXT_MGR already set
[  299.396634][ T9804] binder: 9801:9804 ioctl 4018620d 20000040 returned -16
[  299.506767][ T9810] loop2: detected capacity change from 0 to 512
[  299.564631][ T9810] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  299.652497][ T9810] ext4 filesystem being mounted at /root/syzkaller-testdir499545333/syzkaller.xiUlLd/39/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  299.874060][ T9033] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.080951][ T9830] input: syz1 as /devices/virtual/input/input24
[  300.389918][ T9842] loop0: detected capacity change from 0 to 2048
[  300.432909][ T9842] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  300.608708][ T9821] loop4: detected capacity change from 0 to 32768
[  300.765246][ T9861] loop2: detected capacity change from 0 to 2048
[  300.820594][ T9861] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.823252][ T9821] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  300.882510][   T30] audit: type=1800 audit(2000000097.062:228): pid=9861 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="file2" dev="loop2" ino=16 res=0 errno=0
[  300.885079][ T9836] loop3: detected capacity change from 0 to 32768
[  300.929702][ T9836] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (9836)
[  300.930088][ T9821] bcachefs (loop4): recovering from clean shutdown, journal seq 10
[  300.952726][ T9033] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.992409][ T9836] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  301.008922][ T9836] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  301.018356][ T9836] BTRFS info (device loop3): using free-space-tree
[  301.051131][ T9821] bcachefs (loop4): alloc_read... done
[  301.072482][ T9821] bcachefs (loop4): stripes_read... done
[  301.079891][ T9821] bcachefs (loop4): snapshots_read... done
[  301.109883][ T9821] bcachefs (loop4): journal_replay... done
[  301.121586][ T9821] bcachefs (loop4): resume_logged_ops... done
[  301.122045][ T9836] BTRFS info (device loop3): rebuilding free space tree
[  301.130324][ T9821] bcachefs (loop4): going read-write
[  301.156832][ T9836] BTRFS warning (device loop3): get dev_stats failed, device not found
[  301.166182][ T9821] bcachefs (loop4): done starting filesystem
[  301.189980][ T9192] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  301.210761][   T30] audit: type=1326 audit(2000000097.402:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9880 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9727cf69 code=0x7ffc0000
[  301.233294][   T30] audit: type=1326 audit(2000000097.402:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9880 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9727cf69 code=0x7ffc0000
[  301.256021][   T30] audit: type=1326 audit(2000000097.402:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9880 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c9727cf69 code=0x7ffc0000
[  301.287682][   T30] audit: type=1326 audit(2000000097.402:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9880 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9727cf69 code=0x7ffc0000
[  301.381698][   T30] audit: type=1326 audit(2000000097.412:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9880 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f1c9727bc0c code=0x7ffc0000
[  301.500566][ T9821] syz-executor.4 (9821) used greatest stack depth: 13784 bytes left
[  301.523811][   T30] audit: type=1326 audit(2000000097.412:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9880 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1c9727bcaf code=0x7ffc0000
[  301.593552][   T30] audit: type=1326 audit(2000000097.412:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9880 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9727cf69 code=0x7ffc0000
[  301.681354][   T30] audit: type=1326 audit(2000000097.422:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9880 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f1c9727bc0c code=0x7ffc0000
[  301.713406][   T30] audit: type=1326 audit(2000000097.422:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9880 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1c9727bcaf code=0x7ffc0000
[  301.910439][ T9896] input: syz1 as /devices/virtual/input/input25
[  301.940837][ T9899] loop1: detected capacity change from 0 to 1024
[  301.964621][ T9214] bcachefs (loop4): shutting down
[  301.969674][ T9214] bcachefs (loop4): going read-only
[  301.991867][ T9899] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  301.993148][ T9214] bcachefs (loop4): finished waiting for writes to stop
[  302.034824][ T9214] bcachefs (loop4): flushing journal and stopping allocators, journal seq 13
[  302.067572][ T9899] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.101402][ T9214] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 14
[  302.141703][ T9214] bcachefs (loop4): shutdown complete, journal seq 15
[  302.156825][ T9214] bcachefs (loop4): marking filesystem clean
[  302.169032][ T9256] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.245399][ T9214] bcachefs (loop4): shutdown complete
[  302.273192][ T9912] fscrypt (sda1, inode 1959): Direct key flag not allowed with different contents and filenames modes
[  302.663879][ T9922] loop1: detected capacity change from 0 to 16
[  302.700465][ T9922] erofs: (device loop1): mounted with root inode @ nid 36.
[  304.241013][ T9947] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  304.267230][ T9947] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  304.382134][ T9914] loop0: detected capacity change from 0 to 32768
[  304.396370][ T9914] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (9914)
[  304.423254][ T9914] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  304.444978][ T9914] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  304.466916][ T9914] BTRFS info (device loop0): using free-space-tree
[  304.528170][ T9957] nvme_fabrics: missing parameter 'transport=%s'
[  304.551905][ T9957] nvme_fabrics: missing parameter 'nqn=%s'
[  304.579682][ T9914] BTRFS info (device loop0): rebuilding free space tree
[  304.708610][ T9984] fscrypt (sda1, inode 1956): Direct key flag not allowed with different contents and filenames modes
[  304.719891][ T9914] BTRFS warning (device loop0): get dev_stats failed, device not found
[  304.787230][ T6851] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  305.057746][ T9998] syz-executor.2 uses obsolete (PF_INET,SOCK_PACKET)
[  309.559529][T10032] loop1: detected capacity change from 0 to 4096
[  309.585117][T10032] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512).
[  309.646141][T10032] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  309.700029][T10032] ntfs3: loop1: Failed to initialize $Extend/$ObjId.
[  309.786390][T10039] loop4: detected capacity change from 0 to 16
[  309.826438][T10039] erofs: (device loop4): mounted with root inode @ nid 36.
[  310.610998][T10063] rdma_op ffff88802e8701f0 conn xmit_rdma 0000000000000000
[  310.704708][T10038] loop2: detected capacity change from 0 to 32768
[  310.719712][T10038] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (10038)
[  310.790095][T10038] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  310.821906][T10045] loop3: detected capacity change from 0 to 40427
[  310.824662][T10038] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  310.831172][T10045] F2FS-fs (loop3): Invalid segment count (1)
[  310.850734][T10045] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  310.859454][T10045] F2FS-fs (loop3): Unrecognized mount option "whint_mode=fs-based" or missing value
[  310.892946][T10038] BTRFS info (device loop2): using free-space-tree
[  311.169249][T10100] netlink: 'syz-executor.1': attribute type 6 has an invalid length.
[  311.186344][T10100] netlink: 14557 bytes leftover after parsing attributes in process `syz-executor.1'.
[  311.246889][T10038] loop2: detected capacity change from 32768 to 0
[  311.297889][   T11] loop: Write error at byte offset 9223372036860125183, length 4096.
[  311.313831][    C1] I/O error, dev loop2, sector 10448 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  311.324101][    C1] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 1, rd 0, flush 0, corrupt 0, gen 0
[  311.592981][   T11] kworker/u8:0: attempt to access beyond end of device
[  311.592981][   T11] loop2: rw=4097, sector=10448, nr_sectors = 8 limit=0
[  311.652792][   T11] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 2, rd 0, flush 0, corrupt 0, gen 0
[  311.663647][   T11] kworker/u8:0: attempt to access beyond end of device
[  311.663647][   T11] loop2: rw=4097, sector=10456, nr_sectors = 8 limit=0
[  312.024493][   T11] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 3, rd 0, flush 0, corrupt 0, gen 0
[  312.053220][T10113] loop0: detected capacity change from 0 to 4096
[  312.205367][   T11] kworker/u8:0: attempt to access beyond end of device
[  312.205367][   T11] loop2: rw=4097, sector=10464, nr_sectors = 8 limit=0
[  312.281684][T10113] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[  312.336540][   T11] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 4, rd 0, flush 0, corrupt 0, gen 0
[  312.387714][   T11] kworker/u8:0: attempt to access beyond end of device
[  312.387714][   T11] loop2: rw=4097, sector=13448, nr_sectors = 8 limit=0
[  312.449320][   T11] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 5, rd 0, flush 0, corrupt 0, gen 0
[  312.506051][ T9033] BTRFS error (device loop2 state A): Transaction aborted (error -5)
[  312.506987][T10113] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  312.530394][ T9033] BTRFS: error (device loop2 state A) in btrfs_start_dirty_block_groups:3421: errno=-5 IO failure
[  312.579487][T10113] ntfs3: loop0: Failed to initialize $Extend/$ObjId.
[  312.590246][T10136] rdma_op ffff88807d5f61f0 conn xmit_rdma 0000000000000000
[  312.626690][ T9033] BTRFS info (device loop2 state EA): forced readonly
[  312.646009][ T9033] BTRFS info (device loop2 state EA): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  313.345231][ T5234] kernel read not supported for file /input/event3 (pid: 5234 comm: kworker/1:6)
[  313.508514][T10138] loop3: detected capacity change from 0 to 32768
[  313.522927][T10154] input: syz1 as /devices/virtual/input/input26
[  313.558006][T10138] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (10138)
[  313.615274][T10138] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  313.645384][T10138] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  313.661477][T10138] BTRFS info (device loop3): using free-space-tree
[  314.858773][T10138] BTRFS info (device loop3): rebuilding free space tree
[  314.931383][T10182] loop4: detected capacity change from 0 to 16
[  314.934071][T10184] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  314.952071][T10138] BTRFS warning (device loop3): get dev_stats failed, device not found
[  314.989065][T10182] erofs: (device loop4): mounted with root inode @ nid 36.
[  315.040502][ T9192] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  315.080720][T10140] loop1: detected capacity change from 0 to 40427
[  315.142805][T10140] F2FS-fs (loop1): Invalid segment count (1)
[  315.165558][T10140] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  315.217688][T10140] F2FS-fs (loop1): Unrecognized mount option "whint_mode=fs-based" or missing value
[  315.349089][T10147] loop0: detected capacity change from 0 to 32768
[  315.366352][T10147] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (10147)
[  315.409993][T10147] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  315.442625][T10147] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  315.492072][T10147] BTRFS info (device loop0): using free-space-tree
[  315.812261][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  315.812278][   T30] audit: type=1326 audit(2000000112.002:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10215 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb10027cf69 code=0x0
[  315.832613][T10147] loop0: detected capacity change from 32768 to 0
[  315.871749][T10223] syz-executor.0: attempt to access beyond end of device
[  315.871749][T10223] loop0: rw=2049, sector=10440, nr_sectors = 8 limit=0
[  315.889497][T10223] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 1, rd 0, flush 0, corrupt 0, gen 0
[  316.028229][T10230] loop4: detected capacity change from 0 to 8
[  316.065854][T10230] squashfs: Unknown parameter ''
[  316.173280][   T12] kworker/u8:1: attempt to access beyond end of device
[  316.173280][   T12] loop0: rw=4097, sector=10440, nr_sectors = 8 limit=0
[  316.212718][   T12] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 2, rd 0, flush 0, corrupt 0, gen 0
[  316.232583][   T12] kworker/u8:1: attempt to access beyond end of device
[  316.232583][   T12] loop0: rw=4097, sector=10448, nr_sectors = 8 limit=0
[  316.260770][   T12] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 3, rd 0, flush 0, corrupt 0, gen 0
[  316.284833][   T12] kworker/u8:1: attempt to access beyond end of device
[  316.284833][   T12] loop0: rw=4097, sector=13448, nr_sectors = 8 limit=0
[  316.316798][   T12] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 4, rd 0, flush 0, corrupt 0, gen 0
[  316.339053][ T6851] BTRFS error (device loop0 state A): Transaction aborted (error -5)
[  316.358285][ T6851] BTRFS: error (device loop0 state A) in __btrfs_free_extent:3222: errno=-5 IO failure
[  316.385672][ T6851] BTRFS info (device loop0 state EA): forced readonly
[  316.395486][ T6851] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 5296128 num_bytes 12288 type 178 action 2 ref_mod 1: -5
[  316.409644][ T6851] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2211: errno=-5 IO failure
[  316.428038][ T6851] BTRFS info (device loop0 state EA): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  316.732776][T10219] loop2: detected capacity change from 0 to 32768
[  316.994361][T10247] loop0: detected capacity change from 0 to 256
[  317.147964][T10247] FAT-fs (loop0): Directory bread(block 64) failed
[  317.174994][T10247] FAT-fs (loop0): Directory bread(block 65) failed
[  317.187572][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  317.197231][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  317.216534][T10247] FAT-fs (loop0): Directory bread(block 66) failed
[  317.224840][T10256] loop4: detected capacity change from 0 to 2048
[  317.236592][T10256] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  317.244345][T10247] FAT-fs (loop0): Directory bread(block 67) failed
[  317.270860][T10247] FAT-fs (loop0): Directory bread(block 68) failed
[  317.288618][T10247] FAT-fs (loop0): Directory bread(block 69) failed
[  317.302723][T10247] FAT-fs (loop0): Directory bread(block 70) failed
[  317.324097][T10263] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  317.324596][T10256] syz-executor.4: attempt to access beyond end of device
[  317.324596][T10256] loop4: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  317.339486][T10247] FAT-fs (loop0): Directory bread(block 71) failed
[  317.390282][T10247] FAT-fs (loop0): Directory bread(block 72) failed
[  317.404460][T10266] mkiss: ax0: crc mode is auto.
[  317.419601][T10247] FAT-fs (loop0): Directory bread(block 73) failed
[  317.469497][   T30] audit: type=1800 audit(2000000113.662:242): pid=10256 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=18 res=0 errno=0
[  317.963574][T10285] hub 6-0:1.0: USB hub found
[  317.978970][T10285] hub 6-0:1.0: 1 port detected
[  318.734025][T10291] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma?
[  319.081275][T10302] loop2: detected capacity change from 0 to 2048
[  319.091084][   T30] audit: type=1800 audit(2000000115.282:243): pid=10304 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1964 res=0 errno=0
[  319.106875][T10302] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  319.219892][T10306] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  319.231406][T10302] syz-executor.2: attempt to access beyond end of device
[  319.231406][T10302] loop2: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  319.350440][   T30] audit: type=1800 audit(2000000115.532:244): pid=10302 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=18 res=0 errno=0
[  319.567997][T10277] loop4: detected capacity change from 0 to 32768
[  320.010303][T10320] loop2: detected capacity change from 0 to 32768
[  320.209384][T10320] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  320.650125][T10320] XFS (loop2): Ending clean mount
[  320.665010][T10320] XFS (loop2): Quotacheck needed: Please wait.
[  320.800272][T10320] XFS (loop2): Quotacheck: Done.
[  320.964843][T10336] loop1: detected capacity change from 0 to 16
[  320.999785][T10336] erofs: (device loop1): mounted with root inode @ nid 36.
[  321.089116][ T9033] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  321.255151][T10345] loop3: detected capacity change from 0 to 2048
[  321.288531][T10345] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  321.392090][T10348] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  321.392552][T10345] syz-executor.3: attempt to access beyond end of device
[  321.392552][T10345] loop3: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  321.513281][   T30] audit: type=1800 audit(2000000117.712:245): pid=10345 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=18 res=0 errno=0
[  321.536389][T10351] loop0: detected capacity change from 0 to 256
[  321.660923][T10351] FAT-fs (loop0): Directory bread(block 64) failed
[  321.693155][T10351] FAT-fs (loop0): Directory bread(block 65) failed
[  321.742733][T10351] FAT-fs (loop0): Directory bread(block 66) failed
[  321.749477][   T30] audit: type=1804 audit(2000000117.892:246): pid=10357 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2536310390/syzkaller.Z57sz2/47/bus" dev="sda1" ino=1964 res=1 errno=0
[  321.783749][T10351] FAT-fs (loop0): Directory bread(block 67) failed
[  321.808572][T10351] FAT-fs (loop0): Directory bread(block 68) failed
[  321.823773][T10353] loop2: detected capacity change from 0 to 8192
[  321.854529][T10351] FAT-fs (loop0): Directory bread(block 69) failed
[  321.861184][   T30] audit: type=1804 audit(2000000118.032:247): pid=10357 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir2536310390/syzkaller.Z57sz2/47/bus" dev="sda1" ino=1964 res=1 errno=0
[  321.894435][T10351] FAT-fs (loop0): Directory bread(block 70) failed
[  321.926432][T10353] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  321.934529][T10351] FAT-fs (loop0): Directory bread(block 71) failed
[  321.947629][T10351] FAT-fs (loop0): Directory bread(block 72) failed
[  321.956391][T10351] FAT-fs (loop0): Directory bread(block 73) failed
[  322.255653][   T30] audit: type=1800 audit(2000000118.422:248): pid=10365 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1966 res=0 errno=0
[  323.007943][T10371] loop1: detected capacity change from 0 to 256
[  323.027027][T10371] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  323.054527][T10371] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  323.095511][T10371] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  323.435560][T10380] loop0: detected capacity change from 0 to 32768
[  323.502336][T10381] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  323.594958][T10388] fuse: Bad value for 'fd'
[  323.608154][T10380] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  323.673407][T10380] XFS (loop0): Ending clean mount
[  323.681500][T10380] XFS (loop0): Quotacheck needed: Please wait.
[  323.841643][T10380] XFS (loop0): Quotacheck: Done.
[  324.031410][ T6851] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  324.075125][T10400] hub 6-0:1.0: USB hub found
[  324.084477][T10400] hub 6-0:1.0: 1 port detected
[  324.269347][   T30] audit: type=1800 audit(2000000120.452:249): pid=10407 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1961 res=0 errno=0
[  324.553415][T10417] loop3: detected capacity change from 0 to 256
[  324.591574][T10417] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  324.613436][T10417] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  324.669298][T10417] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  324.890775][T10435] loop2: detected capacity change from 0 to 128
[  324.895032][T10436] loop0: detected capacity change from 0 to 256
[  324.913590][T10435] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  325.368843][T10455] loop3: detected capacity change from 0 to 64
[  325.488388][ T5113] Bluetooth: hci5: sending frame failed (-49)
[  325.496957][ T5101] Bluetooth: hci5: Entering manufacturer mode failed (-49)
[  325.865286][ T9033] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  325.893212][ T5147] kernel write not supported for file bpf-prog (pid: 5147 comm: kworker/1:4)
[  326.239476][T10482] loop2: detected capacity change from 0 to 256
[  326.245164][T10478] loop4: detected capacity change from 0 to 4096
[  326.677573][T10494] loop2: detected capacity change from 0 to 4096
[  326.740044][T10496] loop4: detected capacity change from 0 to 8192
[  326.758217][T10496] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  326.918080][T10455] overlayfs: missing 'lowerdir'
[  326.939856][T10455] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  327.204138][ T2529] kernel write not supported for file bpf-prog (pid: 2529 comm: kworker/1:2)
[  327.313663][T10505] loop3: detected capacity change from 0 to 2048
[  327.369639][T10509] loop0: detected capacity change from 0 to 128
[  327.383679][T10505] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  327.389932][T10509] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  327.411862][T10509] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  327.551497][T10516] hub 6-0:1.0: USB hub found
[  327.558658][T10516] hub 6-0:1.0: 1 port detected
[  327.696426][T10520] loop3: detected capacity change from 0 to 256
[  327.728326][T10520] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  327.782287][T10520] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  328.254546][ T5150] kernel write not supported for file bpf-prog (pid: 5150 comm: kworker/0:5)
[  328.413046][T10548] loop2: detected capacity change from 0 to 128
[  328.438805][T10548] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  328.465697][T10548] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  328.575703][T10551] fuse: Bad value for 'fd'
[  328.608631][T10524] loop0: detected capacity change from 0 to 32768
[  328.685574][T10524] gfs2: fsid=statfs_quantum: Trying to join cluster "lock_nolock", "statfs_quantum"
[  328.722446][T10524] gfs2: fsid=statfs_quantum: Now mounting FS (format 1801)...
[  328.827363][T10524] gfs2: fsid=statfs_quantum.s: journal 0 mapped with 16 extents in 1ms
[  329.170027][T10524] gfs2: fsid=statfs_quantum.s: first mount done, others may mount
[  329.275262][   T30] audit: type=1326 audit(2000000125.472:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10572 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3f82a7cf69 code=0x0
[  329.460352][T10583] loop3: detected capacity change from 0 to 8
[  329.485824][T10583] squashfs: Unknown parameter ''
[  330.363636][ T5147] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  330.602653][ T5147] usb 3-1: Using ep0 maxpacket: 16
[  330.616790][T10586] loop4: detected capacity change from 0 to 40427
[  330.635523][ T5147] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  330.655851][ T5147] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  330.688984][ T5147] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  330.723666][T10586] F2FS-fs (loop4): Found nat_bits in checkpoint
[  330.731956][ T5147] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  330.741271][ T5147] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.763670][ T5147] usb 3-1: config 0 descriptor??
[  330.997040][T10586] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  331.060223][   T30] audit: type=1800 audit(2000000127.252:251): pid=10586 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=10 res=0 errno=0
[  331.113657][T10586] syz-executor.4: attempt to access beyond end of device
[  331.113657][T10586] loop4: rw=0, sector=78784, nr_sectors = 8 limit=40427
[  331.166279][T10586] syz-executor.4: attempt to access beyond end of device
[  331.166279][T10586] loop4: rw=0, sector=78784, nr_sectors = 8 limit=40427
[  331.234886][T10586] syz-executor.4: attempt to access beyond end of device
[  331.234886][T10586] loop4: rw=0, sector=78784, nr_sectors = 8 limit=40427
[  331.264770][ T5147] usbhid 3-1:0.0: can't add hid device: -71
[  331.270789][ T5147] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  331.322656][ T5147] usb 3-1: USB disconnect, device number 5
[  331.367604][ T9214] syz-executor.4: attempt to access beyond end of device
[  331.367604][ T9214] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  331.422535][ T9214] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  331.458775][T10612] loop0: detected capacity change from 0 to 32768
[  331.493466][T10612] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (10612)
[  331.529253][ T5113] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  331.540593][ T5113] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  331.551274][ T5113] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  331.559826][ T5113] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  331.563175][T10612] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  331.579208][ T5113] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  331.591286][ T5113] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  331.602028][T10612] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  331.637827][T10612] BTRFS info (device loop0): using free-space-tree
[  331.684041][T10611] loop3: detected capacity change from 0 to 32768
[  331.755533][T10611] gfs2: fsid=statfs_quantum: Trying to join cluster "lock_nolock", "statfs_quantum"
[  331.770507][T10611] gfs2: fsid=statfs_quantum: Now mounting FS (format 1801)...
[  331.784069][T10611] gfs2: fsid=statfs_quantum.s: journal 0 mapped with 16 extents in 0ms
[  331.785942][T10612] BTRFS info (device loop0): rebuilding free space tree
[  332.025084][T10619] chnl_net:caif_netlink_parms(): no params data found
[  332.062432][T10611] gfs2: fsid=statfs_quantum.s: first mount done, others may mount
[  332.344906][ T6851] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  332.360241][T10619] bridge0: port 1(bridge_slave_0) entered blocking state
[  332.377961][T10619] bridge0: port 1(bridge_slave_0) entered disabled state
[  332.391266][T10619] bridge_slave_0: entered allmulticast mode
[  332.400624][T10619] bridge_slave_0: entered promiscuous mode
[  332.428148][T10619] bridge0: port 2(bridge_slave_1) entered blocking state
[  332.435469][T10619] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.442894][T10619] bridge_slave_1: entered allmulticast mode
[  332.449872][T10654] loop2: detected capacity change from 0 to 8192
[  332.450547][T10619] bridge_slave_1: entered promiscuous mode
[  332.502976][T10654] REISERFS warning (device loop2): super-6515 reiserfs_parse_options: journaled quota format not specified.
[  332.646663][T10619] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  332.705727][T10619] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  332.866887][T10619] team0: Port device team_slave_0 added
[  332.901106][T10619] team0: Port device team_slave_1 added
[  333.109564][T10619] batman_adv: batadv0: Adding interface: batadv_slave_0
[  333.128357][T10619] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  333.189154][T10619] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  333.213501][T10619] batman_adv: batadv0: Adding interface: batadv_slave_1
[  333.220903][ T2529] kernel write not supported for file bpf-prog (pid: 2529 comm: kworker/1:2)
[  333.230733][T10619] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  333.292430][T10619] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  333.314705][ T9192] syz-executor.3 (9192) used greatest stack depth: 11864 bytes left
[  333.457423][T10619] hsr_slave_0: entered promiscuous mode
[  333.510731][T10619] hsr_slave_1: entered promiscuous mode
[  333.521727][T10619] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  333.553008][T10619] Cannot create hsr debugfs directory
[  333.662957][ T5101] Bluetooth: hci1: command tx timeout
[  333.686837][T10684] TCP: Unexpected MD5 Hash found for 172.20.20.187.0->224.0.0.1.20002 [] 
[  333.772464][T10668] loop4: detected capacity change from 0 to 32768
[  333.822890][T10668] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (10668)
[  333.895458][T10668] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  333.921542][T10691] loop2: detected capacity change from 0 to 64
[  333.938894][T10668] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  333.963281][T10668] BTRFS info (device loop4): using free-space-tree
[  333.985457][T10619] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.007216][ T5113] Bluetooth: hci2: sending frame failed (-49)
[  334.015179][ T5101] Bluetooth: hci2: Entering manufacturer mode failed (-49)
[  334.196658][T10619] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.211271][T10712] loop0: detected capacity change from 0 to 1024
[  334.443823][ T9214] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  334.445760][T10619] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.490859][ T5113] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  334.503729][ T5113] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  334.523555][ T5113] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  334.550498][ T5113] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  334.561110][ T5113] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  334.572704][ T5113] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  334.696179][T10619] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.134760][T10730] loop4: detected capacity change from 0 to 512
[  335.192888][T10730] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.204047][T10619] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  335.222596][T10730] ext4 filesystem being mounted at /root/syzkaller-testdir2536310390/syzkaller.Z57sz2/72/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  335.287108][T10619] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  335.316456][T10619] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  335.377458][T10619] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  335.390887][ T9214] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.430192][   T30] audit: type=1326 audit(2000000131.622:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10737 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc05267cf69 code=0x0
[  335.508926][T10716] chnl_net:caif_netlink_parms(): no params data found
[  335.583421][T10742] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  335.641825][T10691] overlayfs: missing 'lowerdir'
[  335.654970][T10691] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  335.743809][ T5101] Bluetooth: hci1: command tx timeout
[  335.750726][T10716] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.766198][T10716] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.792331][T10716] bridge_slave_0: entered allmulticast mode
[  335.809461][T10716] bridge_slave_0: entered promiscuous mode
[  335.810169][T10749] loop4: detected capacity change from 0 to 1024
[  335.823656][T10749] hfsplus: session requires an argument
[  335.829228][T10749] hfsplus: unable to parse mount options
[  335.843452][T10619] 8021q: adding VLAN 0 to HW filter on device bond0
[  335.866993][T10716] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.892264][T10716] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.910393][T10716] bridge_slave_1: entered allmulticast mode
[  335.933349][T10716] bridge_slave_1: entered promiscuous mode
[  336.002311][T10716] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  336.027181][T10716] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  336.083817][T10757] loop4: detected capacity change from 0 to 1024
[  336.095034][T10619] 8021q: adding VLAN 0 to HW filter on device team0
[  336.120542][T10716] team0: Port device team_slave_0 added
[  336.147269][T10716] team0: Port device team_slave_1 added
[  336.183275][ T5147] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.190448][ T5147] bridge0: port 1(bridge_slave_0) entered forwarding state
[  336.201963][T10757] EXT4-fs: Ignoring removed orlov option
[  336.218292][T10757] EXT4-fs (loop4): Test dummy encryption mode enabled
[  336.232704][    T9] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  336.242914][T10757] EXT4-fs (loop4): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  336.281570][T10757] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  336.321074][ T2529] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.328223][ T2529] bridge0: port 2(bridge_slave_1) entered forwarding state
[  336.339323][T10716] batman_adv: batadv0: Adding interface: batadv_slave_0
[  336.349014][T10716] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.406656][T10716] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  336.432577][    T9] usb 3-1: Using ep0 maxpacket: 16
[  336.440452][T10716] batman_adv: batadv0: Adding interface: batadv_slave_1
[  336.447810][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  336.459129][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  336.463804][T10716] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.482491][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  336.504495][T10716] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  336.528103][    T9] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  336.564688][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  336.619232][    T9] usb 3-1: config 0 descriptor??
[  336.642524][ T5101] Bluetooth: hci5: command tx timeout
[  336.653470][T10757] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  336.750472][T10716] hsr_slave_0: entered promiscuous mode
[  336.776424][T10716] hsr_slave_1: entered promiscuous mode
[  336.802930][T10716] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  336.825845][ T9214] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.826880][T10716] Cannot create hsr debugfs directory
[  337.110732][    T9] usbhid 3-1:0.0: can't add hid device: -71
[  337.129994][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  337.146599][    T9] usb 3-1: USB disconnect, device number 6
[  337.299389][T10769] loop0: detected capacity change from 0 to 32768
[  337.320742][T10716] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.544913][T10769] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  337.556562][T10716] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.828418][ T5101] Bluetooth: hci1: command tx timeout
[  338.406240][T10769] XFS (loop0): Ending clean mount
[  338.424861][T10769] XFS (loop0): Quotacheck needed: Please wait.
[  338.444596][T10716] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.519007][T10769] XFS (loop0): Quotacheck: Done.
[  338.611588][T10716] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.655839][T10619] 8021q: adding VLAN 0 to HW filter on device batadv0
[  338.686410][ T6851] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  338.702683][ T5101] Bluetooth: hci5: command tx timeout
[  338.840667][T10619] veth0_vlan: entered promiscuous mode
[  338.928709][T10810] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  338.932145][T10619] veth1_vlan: entered promiscuous mode
[  339.037055][T10619] veth0_macvtap: entered promiscuous mode
[  339.100210][T10814] loop4: detected capacity change from 0 to 512
[  339.108010][T10619] veth1_macvtap: entered promiscuous mode
[  339.148854][T10716] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  339.159304][T10814] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002]
[  339.183343][T10814] System zones: 0-2, 18-18, 34-35
[  339.200639][T10716] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  339.220305][T10814] Quota error (device loop4): v2_read_file_info: Free block number 2130706432 out of range (1, 6).
[  339.248760][T10716] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  339.262880][T10814] EXT4-fs warning (device loop4): ext4_enable_quotas:7078: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  339.280267][T10814] EXT4-fs (loop4): mount failed
[  339.286928][T10619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.298140][T10619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.324039][T10619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.336012][T10619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.345879][T10619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.356384][T10619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.371011][T10619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.383950][T10619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.400129][T10619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.410688][T10619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.420547][T10619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.432102][T10619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.444201][T10619] batman_adv: batadv0: Interface activated: batadv_slave_0
[  339.458550][T10822] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  339.511487][T10716] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  339.551090][T10619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.570615][T10619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.602253][T10829] loop4: detected capacity change from 0 to 1024
[  339.602480][T10619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.619291][T10619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.629341][T10829] hfsplus: session requires an argument
[  339.629411][T10619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.649501][T10829] hfsplus: unable to parse mount options
[  339.660602][T10619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.679612][T10619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.701120][T10619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.710976][T10619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.731669][T10619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.741517][T10619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.752183][T10619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.764834][T10619] batman_adv: batadv0: Interface activated: batadv_slave_1
[  339.777879][    T9] kernel write not supported for file /snd/seq (pid: 9 comm: kworker/0:1)
[  339.781366][T10619] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  339.806631][T10619] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  339.819644][T10619] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  339.839582][T10619] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  339.917990][ T5101] Bluetooth: hci1: command tx timeout
[  339.926152][T10836] loop0: detected capacity change from 0 to 2048
[  339.950048][T10836] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  340.025179][T10838] loop4: detected capacity change from 0 to 2048
[  340.045891][T10838] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  340.148251][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.161971][T10716] 8021q: adding VLAN 0 to HW filter on device bond0
[  340.175946][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.266895][T10716] 8021q: adding VLAN 0 to HW filter on device team0
[  340.300820][ T5234] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.308135][ T5234] bridge0: port 1(bridge_slave_0) entered forwarding state
[  340.341141][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.364599][ T5234] bridge0: port 2(bridge_slave_1) entered blocking state
[  340.371797][ T5234] bridge0: port 2(bridge_slave_1) entered forwarding state
[  340.385768][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.469146][   T30] audit: type=1800 audit(2000000136.662:253): pid=10840 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1959 res=0 errno=0
[  340.598356][T10716] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  340.641796][T10851] ebtables: ebtables: counters copy to user failed while replacing table
[  340.782828][ T5101] Bluetooth: hci5: command tx timeout
[  340.807780][   T30] audit: type=1800 audit(2000000137.002:254): pid=10860 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1944 res=0 errno=0
[  340.818252][T10862] loop1: detected capacity change from 0 to 256
[  340.889416][T10862] FAT-fs (loop1): Directory bread(block 64) failed
[  340.920456][T10862] FAT-fs (loop1): Directory bread(block 65) failed
[  340.952662][T10857] loop4: detected capacity change from 0 to 4096
[  340.967828][T10862] FAT-fs (loop1): Directory bread(block 66) failed
[  340.990001][T10862] FAT-fs (loop1): Directory bread(block 67) failed
[  340.997302][T10857] ntfs3: Unknown parameter 'nohidmen'
[  341.010600][T10862] FAT-fs (loop1): Directory bread(block 68) failed
[  341.037450][T10862] FAT-fs (loop1): Directory bread(block 69) failed
[  341.048721][T10862] FAT-fs (loop1): Directory bread(block 70) failed
[  341.100842][T10862] FAT-fs (loop1): Directory bread(block 71) failed
[  341.181535][T10862] FAT-fs (loop1): Directory bread(block 72) failed
[  341.190158][T10862] FAT-fs (loop1): Directory bread(block 73) failed
[  341.248347][T10716] 8021q: adding VLAN 0 to HW filter on device batadv0
[  341.398685][T10716] veth0_vlan: entered promiscuous mode
[  341.447310][T10716] veth1_vlan: entered promiscuous mode
[  341.567268][T10716] veth0_macvtap: entered promiscuous mode
[  341.594418][T10716] veth1_macvtap: entered promiscuous mode
[  341.608928][T10879] loop1: detected capacity change from 0 to 2048
[  341.654540][T10716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.681672][T10879] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  341.691841][T10716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.720534][T10716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.748465][T10716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.769827][T10716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.781444][T10716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.798802][T10716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.821091][T10716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.882389][T10716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.916592][T10716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.946754][T10716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.969610][T10716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.980588][T10716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.996161][T10889] ebtables: ebtables: counters copy to user failed while replacing table
[  342.001023][T10716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.017150][T10716] batman_adv: batadv0: Interface activated: batadv_slave_0
[  342.099964][T10716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  342.111945][T10716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.122768][T10716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  342.133317][T10716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.150157][T10716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  342.160774][T10716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.170685][T10716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  342.181568][T10716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.191565][T10716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  342.205692][T10716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.216745][T10716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  342.228713][T10716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.238619][T10716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  342.252194][T10716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.274297][T10716] batman_adv: batadv0: Interface activated: batadv_slave_1
[  342.308212][T10716] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  342.353141][T10716] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  342.363472][T10716] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  342.372641][T10716] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  342.510319][T10896] loop4: detected capacity change from 0 to 4096
[  342.531084][T10896] ntfs3: Unknown parameter 'nohidmen'
[  342.573106][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.599813][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  342.683166][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.707801][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  342.751171][T10900] loop2: detected capacity change from 0 to 512
[  342.812680][T10900] EXT4-fs (loop2): blocks per group (255) and clusters per group (8192) inconsistent
[  342.862718][ T5101] Bluetooth: hci5: command tx timeout
[  343.432492][ T5153] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  343.665375][ T5153] usb 1-1: config 0 has an invalid interface number: 156 but max is 0
[  343.697928][ T5153] usb 1-1: config 0 has no interface number 0
[  343.724273][ T5153] usb 1-1: config 0 interface 156 has no altsetting 0
[  343.753378][ T5153] usb 1-1: New USB device found, idVendor=257a, idProduct=2609, bcdDevice=7e.22
[  343.782257][ T5153] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.805955][ T5153] usb 1-1: config 0 descriptor??
[  343.820277][ T5153] hub 1-1:0.156: bad descriptor, ignoring hub
[  343.834498][ T5153] hub 1-1:0.156: probe with driver hub failed with error -5
[  343.843417][T10894] loop1: detected capacity change from 0 to 40427
[  343.856308][ T5153] option 1-1:0.156: GSM modem (1-port) converter detected
[  343.876343][T10894] F2FS-fs (loop1): Found nat_bits in checkpoint
[  343.933989][T10918] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  343.974300][T10894] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  344.008458][   T30] audit: type=1800 audit(2000000140.202:255): pid=10894 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=10 res=0 errno=0
[  344.012637][T10894] syz-executor.1: attempt to access beyond end of device
[  344.012637][T10894] loop1: rw=0, sector=78784, nr_sectors = 8 limit=40427
[  344.072998][T10894] syz-executor.1: attempt to access beyond end of device
[  344.072998][T10894] loop1: rw=0, sector=78784, nr_sectors = 8 limit=40427
[  344.103272][ T5153] kernel write not supported for file /snd/seq (pid: 5153 comm: kworker/0:7)
[  344.112326][T10894] syz-executor.1: attempt to access beyond end of device
[  344.112326][T10894] loop1: rw=0, sector=78784, nr_sectors = 8 limit=40427
[  344.143698][T10913] loop4: detected capacity change from 0 to 32768
[  344.152730][T10913] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (10913)
[  344.172838][  T784] usb 1-1: USB disconnect, device number 7
[  344.180921][  T784] option 1-1:0.156: device disconnected
[  344.181608][T10921] loop2: detected capacity change from 0 to 2048
[  344.197091][T10913] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  344.220011][T10913] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  344.230034][T10619] syz-executor.1: attempt to access beyond end of device
[  344.230034][T10619] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  344.244508][T10913] BTRFS info (device loop4): using free-space-tree
[  344.251167][T10619] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  344.256404][T10921] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  344.428216][ T9214] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  345.202854][T10953] mmap: syz-executor.1 (10953) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  345.499105][T10938] loop2: detected capacity change from 0 to 40427
[  345.576012][T10938] F2FS-fs (loop2): Found nat_bits in checkpoint
[  345.577686][   T51] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.794397][T10938] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  345.879173][T10940] loop0: detected capacity change from 0 to 40427
[  345.897382][T10940] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  345.918325][T10940] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  345.960215][T10940] F2FS-fs (loop0): invalid crc value
[  346.008206][T10940] F2FS-fs (loop0): Found nat_bits in checkpoint
[  346.223110][T10940] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  346.230443][T10940] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  346.341687][T10940] syz-executor.0: attempt to access beyond end of device
[  346.341687][T10940] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  346.404688][ T5113] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  346.418235][ T5113] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  346.427274][ T5113] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  346.435309][ T5113] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  346.458889][   T51] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.479265][ T5113] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  346.501890][ T5113] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  346.684297][ T9033] syz-executor.2: attempt to access beyond end of device
[  346.684297][ T9033] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  346.715080][   T51] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.727957][ T9033] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  346.761530][   T30] audit: type=1326 audit(2000000142.952:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb10027cf69 code=0x7ffc0000
[  346.814035][ T6851] syz-executor.0: attempt to access beyond end of device
[  346.814035][ T6851] loop0: rw=2051, sector=45096, nr_sectors = 8 limit=40427
[  346.872451][   T30] audit: type=1326 audit(2000000142.982:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb10027cf69 code=0x7ffc0000
[  346.909583][ T6851] F2FS-fs (loop0): Issue discard(5637, 5637, 1) failed, ret: -5
[  346.942847][   T30] audit: type=1326 audit(2000000142.982:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb10027cf69 code=0x7ffc0000
[  346.970201][   T51] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.998523][   T30] audit: type=1326 audit(2000000142.982:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb10027cf69 code=0x7ffc0000
[  347.060531][T10988] loop4: detected capacity change from 0 to 2048
[  347.064569][   T30] audit: type=1326 audit(2000000142.982:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb10027cf69 code=0x7ffc0000
[  347.146906][   T30] audit: type=1326 audit(2000000142.982:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb10027a6e7 code=0x7ffc0000
[  347.163638][T10974] loop1: detected capacity change from 0 to 32768
[  347.206897][T10974] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (10974)
[  347.215533][   T30] audit: type=1326 audit(2000000142.982:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1002403b9 code=0x7ffc0000
[  347.258899][   T30] audit: type=1326 audit(2000000142.982:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb10027a6e7 code=0x7ffc0000
[  347.291844][T10988] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  347.298158][   T30] audit: type=1326 audit(2000000142.982:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1002403b9 code=0x7ffc0000
[  347.328029][T10974] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  347.335187][   T30] audit: type=1326 audit(2000000142.982:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10985 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb10027a6e7 code=0x7ffc0000
[  347.344696][T10974] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  347.382809][T10988] ext4 filesystem being mounted at /root/syzkaller-testdir2536310390/syzkaller.Z57sz2/109/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  347.405439][T10974] BTRFS info (device loop1): using free-space-tree
[  347.484129][T10988] fs-verity: sha512 using implementation "sha512-avx2"
[  347.569142][   T51] bridge_slave_1: left allmulticast mode
[  347.576257][   T51] bridge_slave_1: left promiscuous mode
[  347.582417][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.693048][   T51] bridge_slave_0: left allmulticast mode
[  347.698820][   T51] bridge_slave_0: left promiscuous mode
[  347.721434][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  347.744949][ T9214] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.987262][T10619] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  348.043404][T11018] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  348.260172][ T2529] kernel write not supported for file /snd/seq (pid: 2529 comm: kworker/1:2)
[  348.368340][T11028] loop2: detected capacity change from 0 to 2048
[  348.431506][T11028] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  348.632598][ T5113] Bluetooth: hci2: command tx timeout
[  348.889034][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  348.920724][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  348.948128][   T51] bond0 (unregistering): Released all slaves
[  348.961943][T11027] loop4: detected capacity change from 0 to 32768
[  348.991276][T11011] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  348.998461][T11027] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  349.261704][T10978] chnl_net:caif_netlink_parms(): no params data found
[  349.270800][T11027] XFS (loop4): Ending clean mount
[  349.286781][T11027] XFS (loop4): Quotacheck needed: Please wait.
[  349.418903][T11027] XFS (loop4): Quotacheck: Done.
[  349.606914][ T9214] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  349.730901][   T51] hsr_slave_0: left promiscuous mode
[  349.785856][   T51] hsr_slave_1: left promiscuous mode
[  349.874999][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  349.904875][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  349.946032][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  349.973718][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  350.116855][   T51] veth1_macvtap: left promiscuous mode
[  350.148254][   T51] veth0_macvtap: left promiscuous mode
[  350.157572][   T51] veth1_vlan: left promiscuous mode
[  350.172598][   T51] veth0_vlan: left promiscuous mode
[  350.249660][T11045] loop2: detected capacity change from 0 to 40427
[  350.318482][T11045] F2FS-fs (loop2): Found nat_bits in checkpoint
[  350.493663][T11045] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  350.712401][ T5113] Bluetooth: hci2: command tx timeout
[  351.239091][ T9033] syz-executor.2: attempt to access beyond end of device
[  351.239091][ T9033] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  351.267524][ T9033] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  351.432713][ T2529] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  351.649207][ T2529] usb 1-1: Using ep0 maxpacket: 32
[  351.665017][ T2529] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11
[  351.699937][ T2529] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  351.721179][ T2529] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  351.754686][ T2529] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.797773][ T2529] usb 1-1: config 0 descriptor??
[  351.803680][T11080] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  351.816022][ T2529] hub 1-1:0.0: USB hub found
[  352.058787][ T2529] hub 1-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  352.087046][   T51] team0 (unregistering): Port device team_slave_1 removed
[  352.189908][   T51] team0 (unregistering): Port device team_slave_0 removed
[  352.241178][T11090] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  352.286038][ T2529] usbhid 1-1:0.0: can't add hid device: -71
[  352.292202][ T2529] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  352.364870][ T2529] usb 1-1: USB disconnect, device number 8
[  352.784149][ T5113] Bluetooth: hci2: command tx timeout
[  352.957459][T11105] loop4: detected capacity change from 0 to 256
[  353.027223][T11105] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  353.237933][T11110] loop4: detected capacity change from 0 to 128
[  353.620787][T10978] bridge0: port 1(bridge_slave_0) entered blocking state
[  353.629190][T10978] bridge0: port 1(bridge_slave_0) entered disabled state
[  353.636894][T10978] bridge_slave_0: entered allmulticast mode
[  353.645575][T10978] bridge_slave_0: entered promiscuous mode
[  353.655599][T10978] bridge0: port 2(bridge_slave_1) entered blocking state
[  353.665856][T10978] bridge0: port 2(bridge_slave_1) entered disabled state
[  353.674583][T10978] bridge_slave_1: entered allmulticast mode
[  353.682183][T10978] bridge_slave_1: entered promiscuous mode
[  353.848291][T11137] loop1: detected capacity change from 0 to 128
[  353.861820][T10978] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  353.889223][T10978] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  353.900504][T11137] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  353.939790][T11137] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  354.006778][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  354.006795][   T30] audit: type=1804 audit(2000000150.202:281): pid=11137 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2628557632/syzkaller.9urmv7/20/file1/bus" dev="loop1" ino=1048710 res=1 errno=0
[  354.055447][T10978] team0: Port device team_slave_0 added
[  354.077435][T10978] team0: Port device team_slave_1 added
[  354.139314][T10978] batman_adv: batadv0: Adding interface: batadv_slave_0
[  354.153378][T10978] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.179262][    C0] vkms_vblank_simulate: vblank timer overrun
[  354.214418][T10978] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  354.217136][T11147] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  354.269030][T10978] batman_adv: batadv0: Adding interface: batadv_slave_1
[  354.322443][T10978] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.348339][    C0] vkms_vblank_simulate: vblank timer overrun
[  354.370072][T10978] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  354.492255][T10978] hsr_slave_0: entered promiscuous mode
[  354.506803][T10978] hsr_slave_1: entered promiscuous mode
[  354.527594][T10978] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  354.539122][T10978] Cannot create hsr debugfs directory
[  354.710745][   T30] audit: type=1326 audit(2000000150.892:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11161 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9727cf69 code=0x7ffc0000
[  354.777936][   T30] audit: type=1326 audit(2000000150.892:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11161 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9727cf69 code=0x7ffc0000
[  354.856536][   T30] audit: type=1326 audit(2000000150.902:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11161 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c9727cf69 code=0x7ffc0000
[  354.878617][    C0] vkms_vblank_simulate: vblank timer overrun
[  354.882550][ T5113] Bluetooth: hci2: command tx timeout
[  354.896182][T11169] loop2: detected capacity change from 0 to 1024
[  354.949780][T11166] loop4: detected capacity change from 0 to 4096
[  354.976944][   T30] audit: type=1326 audit(2000000150.902:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11161 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9727cf69 code=0x7ffc0000
[  355.004999][T11166] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512).
[  355.015251][   T30] audit: type=1326 audit(2000000150.902:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11161 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9727cf69 code=0x7ffc0000
[  355.097013][   T30] audit: type=1326 audit(2000000150.902:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11161 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=86 compat=0 ip=0x7f1c9727cf69 code=0x7ffc0000
[  355.097120][T11166] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  355.156154][   T30] audit: type=1326 audit(2000000150.902:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11161 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9727cf69 code=0x7ffc0000
[  355.178253][    C0] vkms_vblank_simulate: vblank timer overrun
[  355.236133][   T30] audit: type=1326 audit(2000000150.902:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11161 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9727cf69 code=0x7ffc0000
[  355.258222][    C0] vkms_vblank_simulate: vblank timer overrun
[  355.366080][T11185] loop1: detected capacity change from 0 to 16
[  355.384899][T11185] erofs: (device loop1): erofs_superblock_csum_verify: invalid checksum 0x2a061d86, 0xa48ae4e5 expected
[  355.526622][   T29] ntfs3: loop4: ino=5, ntfs3_write_inode failed, -22.
[  355.692390][T11193] loop4: detected capacity change from 0 to 64
[  355.811568][ T5101] Bluetooth: hci5: sending frame failed (-49)
[  355.820374][ T5113] Bluetooth: hci5: Entering manufacturer mode failed (-49)
[  355.835210][T10978] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  355.868745][T10978] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  355.890826][T10978] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  355.902989][T10978] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  356.048643][T10978] 8021q: adding VLAN 0 to HW filter on device bond0
[  356.119397][T10978] 8021q: adding VLAN 0 to HW filter on device team0
[  356.145839][ T5147] bridge0: port 1(bridge_slave_0) entered blocking state
[  356.153117][ T5147] bridge0: port 1(bridge_slave_0) entered forwarding state
[  356.204505][ T5147] bridge0: port 2(bridge_slave_1) entered blocking state
[  356.211763][ T5147] bridge0: port 2(bridge_slave_1) entered forwarding state
[  356.749681][T10978] 8021q: adding VLAN 0 to HW filter on device batadv0
[  357.012541][T10978] veth0_vlan: entered promiscuous mode
[  357.064830][T10978] veth1_vlan: entered promiscuous mode
[  357.176122][T10978] veth0_macvtap: entered promiscuous mode
[  357.209561][T10978] veth1_macvtap: entered promiscuous mode
[  357.266024][T10978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.290976][T10978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.314229][T10978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.336680][T10978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.358333][T10978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.381359][T10978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.403717][T10978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.435799][T10978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.457089][T10978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.481494][T10978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.513427][T10978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.535472][T10978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.557819][T10978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.579783][T10978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.634651][T10978] batman_adv: batadv0: Interface activated: batadv_slave_0
[  357.660875][T11193] overlayfs: missing 'lowerdir'
[  357.690386][T10978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.720541][T10978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.726478][T11193] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  357.755406][T10978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.778779][T10978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.780480][T11211] loop2: detected capacity change from 0 to 40427
[  357.800418][T10978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.826330][T10978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.836475][T10978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.847298][T10978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.854439][T11211] F2FS-fs (loop2): Found nat_bits in checkpoint
[  357.857555][T10978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.876733][T10978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.887137][T10978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.897910][T10978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.909625][T10978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.933319][T10978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.950847][T10978] batman_adv: batadv0: Interface activated: batadv_slave_1
[  358.025360][T10978] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  358.062698][T10978] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  358.087773][T10978] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  358.105346][T10978] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  358.116780][T11211] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  358.459982][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  358.500325][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  358.581778][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  358.607652][T11239] xt_CT: You must specify a L4 protocol and not use inversions on it
[  358.623893][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  358.966681][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  359.143813][ T9033] syz-executor.2: attempt to access beyond end of device
[  359.143813][ T9033] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  359.193618][ T9033] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  359.495618][T11225] loop0: detected capacity change from 0 to 40427
[  359.552579][T11225] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  359.560375][T11225] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  359.609392][T11225] F2FS-fs (loop0): invalid crc value
[  359.623500][T11225] F2FS-fs (loop0): Found nat_bits in checkpoint
[  359.794264][T11225] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  359.801346][T11225] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  359.861077][T11264] loop3: detected capacity change from 0 to 2048
[  359.886554][T11264] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  359.951955][T11225] syz-executor.0: attempt to access beyond end of device
[  359.951955][T11225] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  360.247253][   T30] audit: type=1800 audit(2000000156.442:290): pid=11278 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1955 res=0 errno=0
[  360.266874][ T6851] syz-executor.0: attempt to access beyond end of device
[  360.266874][ T6851] loop0: rw=2051, sector=45096, nr_sectors = 8 limit=40427
[  360.312663][ T6851] F2FS-fs (loop0): Issue discard(5637, 5637, 1) failed, ret: -5
[  360.408128][T11275] loop1: detected capacity change from 0 to 8192
[  360.461685][T11275] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  360.595946][T11290] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  360.791964][T11297] loop4: detected capacity change from 0 to 64
[  360.801718][T11298] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  360.812475][T11298] netlink: 'syz-executor.2': attribute type 30 has an invalid length.
[  360.821023][T11298] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  360.842680][ T5147] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  360.850297][T11298] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  361.049506][ T5147] usb 2-1: config 0 has no interfaces?
[  361.064075][ T5147] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  361.088377][ T5147] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  361.118434][ T5147] usb 2-1: Product: syz
[  361.125161][T11308] input: syz0 as /devices/virtual/input/input27
[  361.126298][ T5147] usb 2-1: Manufacturer: syz
[  361.148238][ T5147] usb 2-1: SerialNumber: syz
[  361.182009][ T5147] usb 2-1: config 0 descriptor??
[  361.331729][T11316] loop4: detected capacity change from 0 to 16
[  361.345088][T11316] erofs: (device loop4): erofs_superblock_csum_verify: invalid checksum 0x2a061d86, 0xa48ae4e5 expected
[  361.384234][T11318] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  361.435629][T11275] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  361.480011][T11275] FAT-fs (loop1): Filesystem has been set read-only
[  361.542825][T11275] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  361.551738][T11275] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  361.580392][ T5147] usb 2-1: USB disconnect, device number 11
[  361.602800][T11322] loop3: detected capacity change from 0 to 64
[  362.593771][T10619] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  362.611828][T11347] loop2: detected capacity change from 0 to 64
[  362.968265][T11351] loop2: detected capacity change from 0 to 2048
[  363.021801][T11328] loop3: detected capacity change from 0 to 32768
[  363.049591][T11351] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  363.103071][T11328] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (11328)
[  363.210753][T11328] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  363.244361][T11328] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  363.300689][T11328] BTRFS info (device loop3): using free-space-tree
[  363.371872][T11339] loop4: detected capacity change from 0 to 32768
[  363.394094][T11339] btrfs: Deprecated parameter 'usebackuproot'
[  363.400261][T11339] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  363.450427][T11339] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (11339)
[  363.519973][T11339] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  363.577523][T11339] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  363.589681][T11372] loop2: detected capacity change from 0 to 256
[  363.673092][T11328] BTRFS info (device loop3): setting incompat feature flag for SIMPLE_QUOTA (0x10000)
[  363.704003][T11345] loop0: detected capacity change from 0 to 32768
[  363.711609][T11345] XFS: noikeep mount option is deprecated.
[  363.794245][T11345] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  363.821478][T11339] BTRFS info (device loop4): rebuilding free space tree
[  363.889214][T11339] BTRFS info (device loop4): disabling free space tree
[  363.896388][T11339] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  363.908970][T11398] loop2: detected capacity change from 0 to 64
[  363.915371][T11339] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  363.926975][T11345] XFS (loop0): Ending clean mount
[  363.955893][T11345] XFS (loop0): Quotacheck needed: Please wait.
[  364.081824][T11345] XFS (loop0): Quotacheck: Done.
[  364.284402][ T9214] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  364.320736][ T6851] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  364.333908][T10978] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  364.489701][T11400] loop2: detected capacity change from 0 to 8192
[  364.595819][T11400] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  364.993212][ T5153] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  365.069579][T11411] input: syz0 as /devices/virtual/input/input28
[  365.186191][ T5153] usb 3-1: config 0 has no interfaces?
[  365.195998][ T5153] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  365.227611][ T5153] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  365.252281][T11413] vlan2: entered promiscuous mode
[  365.255636][ T5153] usb 3-1: Product: syz
[  365.265547][ T5153] usb 3-1: Manufacturer: syz
[  365.273157][T11413] syz_tun: entered promiscuous mode
[  365.273835][ T5153] usb 3-1: SerialNumber: syz
[  365.302803][ T5150] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  365.326696][ T5153] usb 3-1: config 0 descriptor??
[  365.330451][T11413] team0: Port device vlan2 added
[  365.523130][ T5150] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  365.568557][ T5150] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0
[  365.599810][ T5150] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  365.620063][ T5150] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  365.638019][T11429] loop3: detected capacity change from 0 to 1024
[  365.640007][ T5150] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  365.675183][ T5150] usb 1-1: config 0 descriptor??
[  365.705350][T11400] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  365.714040][T11431] loop4: detected capacity change from 0 to 512
[  365.736130][T11431] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  365.757047][T11400] FAT-fs (loop2): Filesystem has been set read-only
[  365.764776][T11400] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  365.774110][T11400] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  365.784149][   T29] hfsplus: b-tree write err: -5, ino 4
[  365.801342][ T2529] usb 3-1: USB disconnect, device number 7
[  365.864952][T11431] EXT4-fs (loop4): 1 orphan inode deleted
[  365.872871][T11431] EXT4-fs (loop4): 1 truncate cleaned up
[  365.894377][T11431] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  366.093434][ T9214] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.101129][ T5150] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[  366.125807][ T5150] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  366.318941][T11448] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  366.351663][T11448] netlink: 'syz-executor.4': attribute type 30 has an invalid length.
[  366.375363][T11448] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  366.388647][ T5150] usb 1-1: USB disconnect, device number 9
[  366.406537][T11448] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  366.671690][ T9033] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  367.043538][T11463] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  367.069680][T11463] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
[  367.248459][T11470] loop4: detected capacity change from 0 to 64
[  367.252653][T11471] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  367.423739][T11473] bond1 (unregistering): Released all slaves
[  368.381355][T11501] sctp: [Deprecated]: syz-executor.2 (pid 11501) Use of struct sctp_assoc_value in delayed_ack socket option.
[  368.381355][T11501] Use struct sctp_sack_info instead
[  368.674185][T11518] loop2: detected capacity change from 0 to 512
[  368.691022][T11518] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  368.709592][T11518] EXT4-fs (loop2): 1 orphan inode deleted
[  368.715658][T11518] EXT4-fs (loop2): 1 truncate cleaned up
[  368.722250][T11518] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  368.827712][ T9033] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.943937][T11479] loop4: detected capacity change from 0 to 32768
[  369.009740][T11523] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.2'.
[  369.120560][T11528] loop2: detected capacity change from 0 to 8
[  369.561585][T11536] sctp: [Deprecated]: syz-executor.3 (pid 11536) Use of struct sctp_assoc_value in delayed_ack socket option.
[  369.561585][T11536] Use struct sctp_sack_info instead
[  369.582890][T11538] loop4: detected capacity change from 0 to 256
[  369.640839][T11538] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001202b, chksum : 0x00f69064, utbl_chksum : 0xe619d30d)
[  370.160803][T11554] vlan2: entered promiscuous mode
[  370.182771][T11554] syz_tun: entered promiscuous mode
[  370.245162][T11554] team0: Port device vlan2 added
[  370.484955][T10978] syz_tun: left promiscuous mode
[  370.706857][T10978] team0: Port device vlan2 removed
[  370.738915][ T5101] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  370.754985][ T5101] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  370.763357][ T5101] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  370.773178][ T5101] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  370.781098][ T5101] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  370.791500][ T5101] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  370.950742][T11548] loop0: detected capacity change from 0 to 32768
[  372.044948][T11576] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.1'.
[  372.104635][T11577] tmpfs: Bad value for 'mpol'
[  372.316285][T11562] chnl_net:caif_netlink_parms(): no params data found
[  372.322664][T11556] loop4: detected capacity change from 0 to 32768
[  372.549592][T11556] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=compression=lz4,nojournal_transaction_names
[  372.584339][T11562] bridge0: port 1(bridge_slave_0) entered blocking state
[  372.591735][T11562] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.592692][T11603] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.1'.
[  372.599093][T11562] bridge_slave_0: entered allmulticast mode
[  372.617162][T11562] bridge_slave_0: entered promiscuous mode
[  372.626611][T11562] bridge0: port 2(bridge_slave_1) entered blocking state
[  372.630526][T11556] bcachefs (loop4): recovering from clean shutdown, journal seq 7
[  372.638682][T11562] bridge0: port 2(bridge_slave_1) entered disabled state
[  372.657955][T11562] bridge_slave_1: entered allmulticast mode
[  372.664318][T11603] openvswitch: netlink: Key type 29 is not supported
[  372.683862][T11562] bridge_slave_1: entered promiscuous mode
[  372.693215][T11556] bcachefs (loop4): alloc_read... done
[  372.741502][T11556] bcachefs (loop4): stripes_read... done
[  372.761968][T11556] bcachefs (loop4): snapshots_read... done
[  372.773722][T11556] bcachefs (loop4): journal_replay... done
[  372.779820][T11556] bcachefs (loop4): resume_logged_ops... done
[  372.786453][T11556] bcachefs (loop4): going read-write
[  372.799142][T11556] bcachefs (loop4): done starting filesystem
[  372.821681][T11562] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  372.848013][T11562] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  372.863962][ T5101] Bluetooth: hci2: command tx timeout
[  373.007384][T11562] team0: Port device team_slave_0 added
[  373.048003][T11562] team0: Port device team_slave_1 added
[  373.115235][ T9214] bcachefs (loop4): shutting down
[  373.120298][ T9214] bcachefs (loop4): going read-only
[  373.212470][ T9214] bcachefs (loop4): finished waiting for writes to stop
[  373.400461][ T9214] bcachefs (loop4): flushing journal and stopping allocators, journal seq 9
[  373.571084][ T9214] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 9
[  373.833969][T11562] batman_adv: batadv0: Adding interface: batadv_slave_0
[  373.853263][ T9214] bcachefs (loop4): shutdown complete, journal seq 10
[  373.875083][T11562] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  373.943377][ T9214] bcachefs (loop4): marking filesystem clean
[  373.962425][T11562] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  374.031893][ T9214] bcachefs (loop4): shutdown complete
[  374.065085][T11562] batman_adv: batadv0: Adding interface: batadv_slave_1
[  374.094972][T11562] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  374.177555][T11562] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  374.387144][T11562] hsr_slave_0: entered promiscuous mode
[  374.420224][T11562] hsr_slave_1: entered promiscuous mode
[  374.454097][T11562] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  374.461720][T11562] Cannot create hsr debugfs directory
[  374.591356][T11616] loop0: detected capacity change from 0 to 32768
[  374.887457][   T30] audit: type=1326 audit(2000000171.072:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11639 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4027cf69 code=0x7ffc0000
[  374.943833][ T5113] Bluetooth: hci2: command tx timeout
[  374.974793][   T30] audit: type=1326 audit(2000000171.072:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11639 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4027cf69 code=0x7ffc0000
[  374.997055][   T30] audit: type=1326 audit(2000000171.072:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11639 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe4027cf69 code=0x7ffc0000
[  375.021401][   T30] audit: type=1326 audit(2000000171.072:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11639 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4027cf69 code=0x7ffc0000
[  375.043466][    C0] vkms_vblank_simulate: vblank timer overrun
[  375.072689][   T30] audit: type=1326 audit(2000000171.072:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11639 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4027cf69 code=0x7ffc0000
[  375.178755][T11562] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.208324][   T30] audit: type=1326 audit(2000000171.122:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11639 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe4027cf69 code=0x7ffc0000
[  375.295578][   T30] audit: type=1326 audit(2000000171.122:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11639 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4027cf69 code=0x7ffc0000
[  375.361356][T11642] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  375.412465][   T30] audit: type=1326 audit(2000000171.122:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11639 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbe4027a6e7 code=0x7ffc0000
[  375.474923][   T30] audit: type=1326 audit(2000000171.122:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11639 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbe402403b9 code=0x7ffc0000
[  375.495183][T11647] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'.
[  375.546839][   T30] audit: type=1326 audit(2000000171.122:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11639 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4027cf69 code=0x7ffc0000
[  375.604976][T11562] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.751630][T11562] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.779015][T11655] tun0: tun_chr_ioctl cmd 2148553947
[  375.912774][T11562] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.965319][T11660] loop4: detected capacity change from 0 to 64
[  376.240398][T11562] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  376.281435][T11562] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  376.326848][T11562] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  376.371266][T11674] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  376.389444][T11562] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  376.400830][T11674] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  376.422509][T11674] netlink: 126008 bytes leftover after parsing attributes in process `syz-executor.4'.
[  376.700341][T11562] 8021q: adding VLAN 0 to HW filter on device bond0
[  376.757298][T11562] 8021q: adding VLAN 0 to HW filter on device team0
[  376.793710][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  376.800820][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  376.854569][ T5150] bridge0: port 2(bridge_slave_1) entered blocking state
[  376.861696][ T5150] bridge0: port 2(bridge_slave_1) entered forwarding state
[  376.993354][T11695] loop0: detected capacity change from 0 to 256
[  377.022555][ T5113] Bluetooth: hci2: command tx timeout
[  377.055144][T11562] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  377.084510][T11690] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[  377.579858][T11707] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  377.615207][T11707] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  377.644622][T11707] netlink: 126008 bytes leftover after parsing attributes in process `syz-executor.1'.
[  377.694040][T11562] 8021q: adding VLAN 0 to HW filter on device batadv0
[  377.839714][T11562] veth0_vlan: entered promiscuous mode
[  377.883101][T11562] veth1_vlan: entered promiscuous mode
[  377.888300][T11686] loop4: detected capacity change from 0 to 32768
[  377.939176][T11686] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  377.962258][T11686] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  377.974284][T11562] veth0_macvtap: entered promiscuous mode
[  378.025366][T11562] veth1_macvtap: entered promiscuous mode
[  378.055074][T11686] XFS (loop4): Ending clean mount
[  378.114370][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.126736][T11686] XFS (loop4): Quotacheck needed: Please wait.
[  378.165181][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.201781][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.213735][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.224001][T11686] XFS (loop4): Quotacheck: Done.
[  378.229930][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.240989][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.251105][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.261800][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.307809][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.319568][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.329846][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.341581][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.360132][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.370749][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.380699][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.401933][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.418786][ T9214] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  378.436243][T11562] batman_adv: batadv0: Interface activated: batadv_slave_0
[  378.512132][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.532480][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.555369][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.568975][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.585758][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.612388][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.622224][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.629145][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  378.638034][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.647251][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  378.671010][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.681780][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.692864][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.705635][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.715503][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.726015][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.735871][T11562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.748735][T11562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.771983][T11562] batman_adv: batadv0: Interface activated: batadv_slave_1
[  378.822154][T11562] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  378.851438][T11562] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  378.876493][T11562] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  378.922433][T11562] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  379.017347][T11757] loop0: detected capacity change from 0 to 64
[  379.035385][T11755] loop2: detected capacity change from 0 to 164
[  379.103469][ T5101] Bluetooth: hci2: command tx timeout
[  379.259462][T11761] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  379.279646][ T5150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.287992][T11761] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  379.308802][ T5150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.325244][T11761] netlink: 126008 bytes leftover after parsing attributes in process `syz-executor.1'.
[  379.406759][   T29] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.425419][   T29] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.555282][T11773] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.3'.
[  379.947583][T11788] loop1: detected capacity change from 0 to 64
[  380.255226][T11799] loop0: detected capacity change from 0 to 256
[  380.512689][T11803] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.0'.
[  380.649956][T11763] loop4: detected capacity change from 0 to 40427
[  380.677850][T11763] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(262146) root(3)
[  380.706355][ T5101] Bluetooth: hci3: command 0x0406 tx timeout
[  380.712509][T11763] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  380.712596][T11763] F2FS-fs (loop4): Unrecognized mount option "resgid=" or missing value
[  381.760079][T11801] loop1: detected capacity change from 0 to 32768
[  382.914588][T11850] loop4: detected capacity change from 0 to 47
[  382.953293][   T30] kauditd_printk_skb: 64 callbacks suppressed
[  382.953309][   T30] audit: type=1804 audit(2000000179.152:365): pid=11850 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2536310390/syzkaller.Z57sz2/164/file1/file0" dev="loop4" ino=9 res=1 errno=0
[  383.232946][T11828] loop2: detected capacity change from 0 to 32768
[  383.254895][T11828] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (11828)
[  383.297531][T11828] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  383.315984][T11854] loop0: detected capacity change from 0 to 4096
[  383.330158][T11828] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  383.356226][T11854] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  383.358469][T11828] BTRFS info (device loop2): disk space caching is enabled
[  383.499602][T11854] ntfs3: loop0: failed to convert "c46c" to koi8-r
[  383.565149][T11828] BTRFS info (device loop2): rebuilding free space tree
[  383.634833][T11828] BTRFS info (device loop2): disabling free space tree
[  383.641782][T11828] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  383.713337][T11828] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  383.815957][T11847] loop1: detected capacity change from 0 to 32768
[  383.862659][T11847] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (11847)
[  383.935199][T11847] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  383.962997][ T9033] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  383.993105][T11847] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  384.001929][T11847] BTRFS info (device loop1): using free-space-tree
[  384.419789][   T30] audit: type=1800 audit(2000000180.612:366): pid=11847 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=263 res=0 errno=0
[  384.534954][   T30] audit: type=1800 audit(2000000180.652:367): pid=11847 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=263 res=0 errno=0
[  384.731242][T10619] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  384.741383][T11860] loop4: detected capacity change from 0 to 32768
[  384.813335][T11860] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  384.866316][T11860] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  385.162951][T11860] XFS (loop4): Ending clean mount
[  385.219687][T11860] XFS (loop4): Quotacheck needed: Please wait.
[  385.366141][T11860] XFS (loop4): Quotacheck: Done.
[  385.633781][ T9214] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  386.194455][ T5101] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  386.208284][ T5101] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  386.218781][ T5101] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  386.241272][ T5101] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  386.266814][ T5101] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  386.278547][ T5101] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  386.406345][   T29] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.582513][T11948] netlink: 'syz-executor.4': attribute type 11 has an invalid length.
[  386.599730][   T29] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.634220][    T9] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  386.808787][   T29] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.840062][    T9] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  386.870451][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  386.907180][    T9] usb 3-1: config 0 descriptor??
[  386.961035][    T9] cp210x 3-1:0.0: cp210x converter detected
[  386.985875][   T29] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  387.383624][    T9] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[  387.419712][    T9] usb 3-1: cp210x converter now attached to ttyUSB0
[  387.517010][T11935] chnl_net:caif_netlink_parms(): no params data found
[  387.579500][   T29] bridge_slave_1: left allmulticast mode
[  387.586355][   T29] bridge_slave_1: left promiscuous mode
[  387.610566][   T29] bridge0: port 2(bridge_slave_1) entered disabled state
[  387.635622][    T9] usb 3-1: USB disconnect, device number 8
[  387.643294][   T29] bridge_slave_0: left allmulticast mode
[  387.660595][   T29] bridge_slave_0: left promiscuous mode
[  387.669801][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  387.680866][   T29] bridge0: port 1(bridge_slave_0) entered disabled state
[  387.725431][T11978] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  387.736525][    T9] cp210x 3-1:0.0: device disconnected
[  388.246304][T11973] loop1: detected capacity change from 0 to 32768
[  388.382604][ T5113] Bluetooth: hci2: command tx timeout
[  388.405574][T11976] loop0: detected capacity change from 0 to 32768
[  388.745433][   T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  388.758418][   T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  388.771113][   T29] bond0 (unregistering): Released all slaves
[  388.834472][T11982] netlink: 'syz-executor.2': attribute type 8 has an invalid length.
[  389.186824][T11935] bridge0: port 1(bridge_slave_0) entered blocking state
[  389.216593][T11935] bridge0: port 1(bridge_slave_0) entered disabled state
[  389.230037][T11935] bridge_slave_0: entered allmulticast mode
[  389.250256][T11935] bridge_slave_0: entered promiscuous mode
[  389.258134][T11998] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  389.272210][T11935] bridge0: port 2(bridge_slave_1) entered blocking state
[  389.290513][T11935] bridge0: port 2(bridge_slave_1) entered disabled state
[  389.300386][T11935] bridge_slave_1: entered allmulticast mode
[  389.318687][T11935] bridge_slave_1: entered promiscuous mode
[  389.383586][T12000] loop0: detected capacity change from 0 to 256
[  389.429763][T12000] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x19a2be85, utbl_chksum : 0xe619d30d)
[  389.442565][T11984] loop1: detected capacity change from 0 to 32768
[  389.465093][T11984] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (11984)
[  389.488950][T11984] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  389.509796][T11984] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  389.592693][T11984] BTRFS info (device loop1): disk space caching is enabled
[  389.681102][T11935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  389.690581][T12014] loop2: detected capacity change from 0 to 2048
[  389.706401][T12014] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  389.722527][T12014] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  389.735108][T12014] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  389.756741][T11984] BTRFS info (device loop1): rebuilding free space tree
[  389.764123][   T29] hsr_slave_0: left promiscuous mode
[  389.794967][T11984] BTRFS info (device loop1): disabling free space tree
[  389.812758][T11984] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  389.829681][   T29] hsr_slave_1: left promiscuous mode
[  389.838351][T11984] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  389.864529][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  389.899894][   T29] batman_adv: batadv0: Removing interface: batadv_slave_0
[  389.934485][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  389.963919][   T29] batman_adv: batadv0: Removing interface: batadv_slave_1
[  390.039347][   T29] veth1_macvtap: left promiscuous mode
[  390.051906][T10619] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  390.072689][   T29] veth0_macvtap: left promiscuous mode
[  390.080167][   T29] veth1_vlan: left promiscuous mode
[  390.089588][   T29] veth0_vlan: left promiscuous mode
[  390.194930][   T30] audit: type=1326 audit(2000000186.392:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12034 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1c9727cf69 code=0x0
[  390.463549][ T5101] Bluetooth: hci2: command tx timeout
[  390.947805][ T5101] Bluetooth: hci0: command 0x0406 tx timeout
[  391.293054][T12055] loop2: detected capacity change from 0 to 8
[  391.350862][T12055] SQUASHFS error: lzo decompression failed, data probably corrupt
[  391.363474][T12055] SQUASHFS error: Failed to read block 0x91: -5
[  391.369839][T12055] SQUASHFS error: Unable to read metadata cache entry [8f]
[  391.408015][T12055] SQUASHFS error: Unable to read inode 0x11f
[  391.656085][T12061] loop2: detected capacity change from 0 to 64
[  392.311757][T12061] hfs: request for non-existent node 16777216 in B*Tree
[  392.377049][T12061] hfs: request for non-existent node 16777216 in B*Tree
[  392.542618][ T5113] Bluetooth: hci2: command tx timeout
[  392.593382][   T29] team0 (unregistering): Port device team_slave_1 removed
[  392.786315][   T29] team0 (unregistering): Port device team_slave_0 removed
[  393.017904][T12073] loop1: detected capacity change from 0 to 256
[  393.703236][T11935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  394.006496][T11935] team0: Port device team_slave_0 added
[  394.052761][T12097] loop0: detected capacity change from 0 to 256
[  394.061294][T11935] team0: Port device team_slave_1 added
[  394.202500][T11935] batman_adv: batadv0: Adding interface: batadv_slave_0
[  394.228193][T11935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  394.260700][T11935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  394.289255][T12104] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.2'.
[  394.401849][T11935] batman_adv: batadv0: Adding interface: batadv_slave_1
[  394.414707][T11935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  394.487514][T11935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  394.622950][ T5113] Bluetooth: hci2: command tx timeout
[  394.681258][T11935] hsr_slave_0: entered promiscuous mode
[  394.722774][T11935] hsr_slave_1: entered promiscuous mode
[  394.743156][T11935] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  394.750822][T11935] Cannot create hsr debugfs directory
[  395.231522][T12126] loop4: detected capacity change from 0 to 256
[  395.283194][T12126] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  395.295713][T12128] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  395.776391][T11935] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  395.815279][T11935] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  395.819790][T12139] loop2: detected capacity change from 0 to 256
[  395.874843][T11935] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  395.890417][T12141] loop4: detected capacity change from 0 to 47
[  395.921043][T11935] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  395.928482][T12139] Dead loop on virtual device ipvlan1, fix it urgently!
[  395.936190][    C1] BUG: TASK stack guard page was hit at ffffc9000a1c7ff8 (stack is ffffc9000a1c8000..ffffc9000a1d0000)
[  395.936228][    C1] Oops: stack guard page: 0000 [#1] PREEMPT SMP KASAN PTI
[  395.936250][    C1] CPU: 1 PID: 12139 Comm: syz-executor.2 Not tainted 6.10.0-rc2-syzkaller-00097-g2df0193e62cf #0
[  395.936269][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  395.936280][    C1] RIP: 0010:validate_chain+0x119/0x5900
[  395.936309][    C1] Code: 25 00 80 04 00 3d 00 00 04 00 0f 85 7b 04 00 00 81 e3 ff 1f 00 00 48 89 d8 48 c1 e8 06 48 8d 3c c5 80 25 f7 92 be 08 00 00 00 <e8> a2 87 85 00 48 0f a3 1d 8a 0e 84 11 72 66 48 c7 c0 e0 a6 76 94
[  395.936325][    C1] RSP: 0018:ffffc9000a1c8000 EFLAGS: 00010047
[  395.936343][    C1] RAX: 0000000000000000 RBX: 0000000000000027 RCX: 1ffff92001439020
[  395.936355][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff92f72580
[  395.936366][    C1] RBP: ffffc9000a1c8300 R08: ffffffff92f72587 R09: 1ffffffff25ee4b0
[  395.936380][    C1] R10: dffffc0000000000 R11: fffffbfff25ee4b1 R12: dffffc0000000000
[  395.936393][    C1] R13: ffff888026428fb0 R14: 4912ddf75aee0fae R15: ffff888026428000
[  395.936407][    C1] FS:  00007f1c980a56c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  395.936422][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  395.936435][    C1] CR2: ffffc9000a1c7ff8 CR3: 00000000661cc000 CR4: 00000000003506f0
[  395.936450][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  395.936461][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  395.936473][    C1] Call Trace:
[  395.936479][    C1]  <#DF>
[  395.936486][    C1]  ? __die_body+0x88/0xe0
[  395.936513][    C1]  ? die+0xcf/0x110
[  395.936538][    C1]  ? handle_stack_overflow+0x96/0xd0
[  395.936563][    C1]  ? exc_double_fault+0x178/0x1b0
[  395.936594][    C1]  ? asm_exc_double_fault+0x23/0x30
[  395.936626][    C1]  ? validate_chain+0x119/0x5900
[  395.936654][    C1]  </#DF>
[  395.936660][    C1]  <TASK>
[  395.936679][    C1]  ? __pfx_validate_chain+0x10/0x10
[  395.936715][    C1]  ? __pfx_validate_chain+0x10/0x10
[  395.936743][    C1]  ? mark_lock+0x9a/0x350
[  395.936765][    C1]  __lock_acquire+0x1346/0x1fd0
[  395.936793][    C1]  lock_acquire+0x1ed/0x550
[  395.936810][    C1]  ? bad_range+0x5f/0x270
[  395.936839][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  395.936861][    C1]  ? check_new_pages+0xd6/0x3c0
[  395.936892][    C1]  ? bad_range+0x5f/0x270
[  395.936915][    C1]  seqcount_lockdep_reader_access+0x127/0x1e0
[  395.936942][    C1]  ? bad_range+0x5f/0x270
[  395.936967][    C1]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  395.936995][    C1]  ? __pfx_lock_release+0x10/0x10
[  395.937014][    C1]  ? do_raw_spin_trylock+0xc8/0x1f0
[  395.937043][    C1]  bad_range+0x5f/0x270
[  395.937072][    C1]  get_page_from_freelist+0x2e14/0x2ee0
[  395.937096][    C1]  ? validate_chain+0x15b1/0x5900
[  395.937134][    C1]  ? prepare_alloc_pages+0x369/0x5d0
[  395.937160][    C1]  __alloc_pages_noprof+0x256/0x6c0
[  395.937201][    C1]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  395.937245][    C1]  ? ipvlan_queue_xmit+0x9cf/0x11b0
[  395.937276][    C1]  ? arch_stack_walk+0x174/0x1b0
[  395.937310][    C1]  alloc_pages_mpol_noprof+0x3e8/0x680
[  395.937338][    C1]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  395.937360][    C1]  ? stack_trace_save+0x118/0x1d0
[  395.937382][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  395.937402][    C1]  ? alloc_pages_noprof+0x43/0x170
[  395.937427][    C1]  stack_depot_save_flags+0x666/0x830
[  395.937456][    C1]  save_stack+0x109/0x1f0
[  395.937483][    C1]  ? __pfx_save_stack+0x10/0x10
[  395.937506][    C1]  ? post_alloc_hook+0x1f3/0x230
[  395.937526][    C1]  ? get_page_from_freelist+0x2e2d/0x2ee0
[  395.937552][    C1]  ? __alloc_pages_noprof+0x256/0x6c0
[  395.937576][    C1]  ? alloc_pages_mpol_noprof+0x3e8/0x680
[  395.937598][    C1]  ? stack_depot_save_flags+0x666/0x830
[  395.937640][    C1]  ? kasan_save_track+0x51/0x80
[  395.937683][    C1]  ? kasan_save_free_info+0x40/0x50
[  395.937706][    C1]  ? poison_slab_object+0xe0/0x150
[  395.937737][    C1]  ? __kasan_slab_free+0x37/0x60
[  395.937766][    C1]  ? kmem_cache_free_bulk+0x1f8/0x370
[  395.937792][    C1]  ? kfree_skb_list_reason+0x72b/0x7c0
[  395.937813][    C1]  ? __dev_queue_xmit+0x188a/0x3d30
[  395.937833][    C1]  ? ip6_finish_output2+0xfc0/0x1670
[  395.937863][    C1]  ? ip6_fragment+0x1ab7/0x2290
[  395.937889][    C1]  ? ip6_finish_output+0x2b8/0x810
[  395.937915][    C1]  ? ipvlan_queue_xmit+0x9cf/0x11b0
[  395.937948][    C1]  __set_page_owner+0x92/0x800
[  395.937975][    C1]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  395.938008][    C1]  ? __pfx_lock_release+0x10/0x10
[  395.938030][    C1]  ? __pfx___set_page_owner+0x10/0x10
[  395.938054][    C1]  ? do_raw_spin_trylock+0xc8/0x1f0
[  395.938090][    C1]  post_alloc_hook+0x1f3/0x230
[  395.938115][    C1]  get_page_from_freelist+0x2e2d/0x2ee0
[  395.938152][    C1]  ? __pfx_validate_chain+0x10/0x10
[  395.938180][    C1]  ? __lock_acquire+0x1346/0x1fd0
[  395.938209][    C1]  ? prepare_alloc_pages+0x369/0x5d0
[  395.938240][    C1]  __alloc_pages_noprof+0x256/0x6c0
[  395.938268][    C1]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  395.938298][    C1]  ? ip6_finish_output2+0xfc0/0x1670
[  395.938332][    C1]  ? arch_stack_walk+0x174/0x1b0
[  395.938366][    C1]  alloc_pages_mpol_noprof+0x3e8/0x680
[  395.938404][    C1]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  395.938426][    C1]  ? stack_trace_save+0x118/0x1d0
[  395.938457][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  395.938474][    C1]  ? alloc_pages_noprof+0x43/0x170
[  395.938495][    C1]  stack_depot_save_flags+0x666/0x830
[  395.938519][    C1]  kasan_save_track+0x51/0x80
[  395.938543][    C1]  ? kasan_save_track+0x3f/0x80
[  395.938567][    C1]  ? kasan_save_free_info+0x40/0x50
[  395.938588][    C1]  ? poison_slab_object+0xe0/0x150
[  395.938618][    C1]  ? __kasan_slab_free+0x37/0x60
[  395.938642][    C1]  ? kmem_cache_free_bulk+0x1f8/0x370
[  395.938664][    C1]  ? kfree_skb_list_reason+0x72b/0x7c0
[  395.938681][    C1]  ? __dev_queue_xmit+0x188a/0x3d30
[  395.938698][    C1]  ? ip6_finish_output2+0xfc0/0x1670
[  395.938722][    C1]  ? ip6_fragment+0x1ab7/0x2290
[  395.938744][    C1]  ? ip6_finish_output+0x2b8/0x810
[  395.938766][    C1]  ? ipvlan_queue_xmit+0x9cf/0x11b0
[  395.938787][    C1]  ? ipvlan_start_xmit+0x4a/0x150
[  395.938810][    C1]  ? dev_hard_start_xmit+0x27a/0x7e0
[  395.938826][    C1]  ? __dev_queue_xmit+0x1b0e/0x3d30
[  395.938843][    C1]  ? ip6_finish_output2+0xfc0/0x1670
[  395.938868][    C1]  ? ip6_fragment+0x1ab7/0x2290
[  395.938889][    C1]  ? ip6_finish_output+0x2b8/0x810
[  395.938911][    C1]  ? ipvlan_queue_xmit+0x9cf/0x11b0
[  395.938933][    C1]  ? ipvlan_start_xmit+0x4a/0x150
[  395.938955][    C1]  ? dev_hard_start_xmit+0x27a/0x7e0
[  395.938971][    C1]  ? __dev_queue_xmit+0x1b0e/0x3d30
[  395.938988][    C1]  ? ip6_finish_output2+0xfc0/0x1670
[  395.939013][    C1]  ? ip6_fragment+0x1ab7/0x2290
[  395.939034][    C1]  ? ip6_finish_output+0x2b8/0x810
[  395.939055][    C1]  ? ipvlan_queue_xmit+0x9cf/0x11b0
[  395.939077][    C1]  ? ipvlan_start_xmit+0x4a/0x150
[  395.939100][    C1]  ? dev_hard_start_xmit+0x27a/0x7e0
[  395.939117][    C1]  ? __dev_queue_xmit+0x1b0e/0x3d30
[  395.939133][    C1]  ? ip6_finish_output2+0xfc0/0x1670
[  395.939158][    C1]  ? ip6_fragment+0x1ab7/0x2290
[  395.939180][    C1]  ? ip6_finish_output+0x2b8/0x810
[  395.939202][    C1]  ? ipvlan_queue_xmit+0x9cf/0x11b0
[  395.939224][    C1]  ? ipvlan_start_xmit+0x4a/0x150
[  395.939247][    C1]  ? dev_hard_start_xmit+0x27a/0x7e0
[  395.939263][    C1]  ? __dev_queue_xmit+0x1b0e/0x3d30
[  395.939280][    C1]  ? ip6_finish_output2+0xfc0/0x1670
[  395.939305][    C1]  ? ip6_fragment+0x1ab7/0x2290
[  395.939327][    C1]  ? ip6_finish_output+0x2b8/0x810
[  395.939349][    C1]  ? ipvlan_queue_xmit+0x9cf/0x11b0
[  395.939370][    C1]  ? ipvlan_start_xmit+0x4a/0x150
[  395.939393][    C1]  ? dev_hard_start_xmit+0x27a/0x7e0
[  395.939409][    C1]  ? __dev_queue_xmit+0x1b0e/0x3d30
[  395.939425][    C1]  ? ip6_finish_output2+0xfc0/0x1670
[  395.939450][    C1]  ? ip6_fragment+0x1ab7/0x2290
[  395.939472][    C1]  ? ip6_finish_output+0x2b8/0x810
[  395.939493][    C1]  ? ipvlan_queue_xmit+0x9cf/0x11b0
[  395.939515][    C1]  ? ipvlan_start_xmit+0x4a/0x150
[  395.939538][    C1]  ? dev_hard_start_xmit+0x27a/0x7e0
[  395.939554][    C1]  ? __dev_queue_xmit+0x1b0e/0x3d30
[  395.939571][    C1]  ? ip6_finish_output2+0xfc0/0x1670
[  395.939595][    C1]  ? ip6_fragment+0x1ab7/0x2290
[  395.939622][    C1]  ? ip6_finish_output+0x2b8/0x810
[  395.939644][    C1]  ? ipvlan_queue_xmit+0x9cf/0x11b0
[  395.939666][    C1]  ? ipvlan_start_xmit+0x4a/0x150
[  395.939689][    C1]  ? dev_hard_start_xmit+0x27a/0x7e0
[  395.939705][    C1]  ? __dev_queue_xmit+0x1b0e/0x3d30
[  395.939722][    C1]  ? ip6_finish_output2+0xfc0/0x1670
[  395.939746][    C1]  ? ip6_fragment+0x1ab7/0x2290
[  395.939768][    C1]  ? ip6_finish_output+0x2b8/0x810
[  395.939790][    C1]  ? ipvlan_queue_xmit+0x9cf/0x11b0
[  395.939811][    C1]  ? ipvlan_start_xmit+0x4a/0x150
[  395.939834][    C1]  ? dev_hard_start_xmit+0x27a/0x7e0
[  395.939850][    C1]  ? __dev_queue_xmit+0x1b0e/0x3d30
[  395.939867][    C1]  ? ip6_finish_output2+0xfc0/0x1670
[  395.939891][    C1]  ? __phys_addr+0xba/0x170
[  395.939916][    C1]  ? kfree_skb_list_reason+0x72b/0x7c0
[  395.939933][    C1]  kasan_save_free_info+0x40/0x50
[  395.939955][    C1]  poison_slab_object+0xe0/0x150
[  395.939982][    C1]  __kasan_slab_free+0x37/0x60
[  395.940008][    C1]  kmem_cache_free_bulk+0x1f8/0x370
[  395.940032][    C1]  ? kfree_skb_list_reason+0x72b/0x7c0
[  395.940055][    C1]  kfree_skb_list_reason+0x72b/0x7c0
[  395.940076][    C1]  ? __pfx_kfree_skb_list_reason+0x10/0x10
[  395.940107][    C1]  ? netdev_core_stats_alloc+0x65/0xa0
[  395.940126][    C1]  ? __dev_queue_xmit+0x2d2/0x3d30
[  395.940145][    C1]  __dev_queue_xmit+0x188a/0x3d30
[  395.940171][    C1]  ? __dev_queue_xmit+0x2d2/0x3d30
[  395.940192][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  395.940215][    C1]  ? mark_lock+0x9a/0x350
[  395.940236][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  395.940257][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  395.940275][    C1]  ? __ipv6_neigh_lookup_noref+0x59f/0x730
[  395.940302][    C1]  ? ip6_finish_output2+0xdb4/0x1670
[  395.940330][    C1]  ip6_finish_output2+0xfc0/0x1670
[  395.940355][    C1]  ? rcu_is_watching+0x15/0xb0
[  395.940378][    C1]  ? ip6_finish_output2+0x712/0x1670
[  395.940404][    C1]  ? ip6_fraglist_prepare+0x253/0x700
[  395.940429][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.940454][    C1]  ? ip6_copy_metadata+0x8a6/0xed0
[  395.940483][    C1]  ip6_fragment+0x1ab7/0x2290
[  395.940516][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.940542][    C1]  ? __pfx_ip6_fragment+0x10/0x10
[  395.940567][    C1]  ? __pfx_lock_release+0x10/0x10
[  395.940587][    C1]  ? __pfx_ip6_finish_output+0x10/0x10
[  395.940619][    C1]  ? ip6_mtu+0x81/0x3f0
[  395.940647][    C1]  ip6_finish_output+0x2b8/0x810
[  395.940673][    C1]  ipvlan_queue_xmit+0x9cf/0x11b0
[  395.940702][    C1]  ? __pfx_ipvlan_queue_xmit+0x10/0x10
[  395.940727][    C1]  ? netif_skb_features+0x7f4/0xbb0
[  395.940749][    C1]  ipvlan_start_xmit+0x4a/0x150
[  395.940775][    C1]  dev_hard_start_xmit+0x27a/0x7e0
[  395.940801][    C1]  __dev_queue_xmit+0x1b0e/0x3d30
[  395.940827][    C1]  ? __dev_queue_xmit+0x2d2/0x3d30
[  395.940849][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  395.940871][    C1]  ? mark_lock+0x9a/0x350
[  395.940892][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  395.940912][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  395.940930][    C1]  ? __ipv6_neigh_lookup_noref+0x59f/0x730
[  395.940958][    C1]  ? ip6_finish_output2+0xdb4/0x1670
[  395.940985][    C1]  ip6_finish_output2+0xfc0/0x1670
[  395.941011][    C1]  ? rcu_is_watching+0x15/0xb0
[  395.941032][    C1]  ? ip6_finish_output2+0x712/0x1670
[  395.941059][    C1]  ? ip6_fraglist_prepare+0x253/0x700
[  395.941085][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.941111][    C1]  ? ip6_copy_metadata+0x8a6/0xed0
[  395.941139][    C1]  ip6_fragment+0x1ab7/0x2290
[  395.941172][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.941198][    C1]  ? __pfx_ip6_fragment+0x10/0x10
[  395.941223][    C1]  ? __pfx_lock_release+0x10/0x10
[  395.941243][    C1]  ? __pfx_ip6_finish_output+0x10/0x10
[  395.941270][    C1]  ? ip6_mtu+0x81/0x3f0
[  395.941293][    C1]  ip6_finish_output+0x2b8/0x810
[  395.941319][    C1]  ipvlan_queue_xmit+0x9cf/0x11b0
[  395.941347][    C1]  ? __pfx_ipvlan_queue_xmit+0x10/0x10
[  395.941372][    C1]  ? netif_skb_features+0x7f4/0xbb0
[  395.941393][    C1]  ipvlan_start_xmit+0x4a/0x150
[  395.941419][    C1]  dev_hard_start_xmit+0x27a/0x7e0
[  395.941445][    C1]  __dev_queue_xmit+0x1b0e/0x3d30
[  395.941471][    C1]  ? __dev_queue_xmit+0x2d2/0x3d30
[  395.941493][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  395.941515][    C1]  ? mark_lock+0x9a/0x350
[  395.941537][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  395.941557][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  395.941574][    C1]  ? __ipv6_neigh_lookup_noref+0x59f/0x730
[  395.941602][    C1]  ? ip6_finish_output2+0xdb4/0x1670
[  395.941635][    C1]  ip6_finish_output2+0xfc0/0x1670
[  395.941660][    C1]  ? rcu_is_watching+0x15/0xb0
[  395.941682][    C1]  ? ip6_finish_output2+0x712/0x1670
[  395.941708][    C1]  ? ip6_fraglist_prepare+0x253/0x700
[  395.941733][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.941760][    C1]  ? ip6_copy_metadata+0x8a6/0xed0
[  395.941788][    C1]  ip6_fragment+0x1ab7/0x2290
[  395.941822][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.941848][    C1]  ? __pfx_ip6_fragment+0x10/0x10
[  395.941873][    C1]  ? __pfx_lock_release+0x10/0x10
[  395.941893][    C1]  ? __pfx_ip6_finish_output+0x10/0x10
[  395.941920][    C1]  ? ip6_mtu+0x81/0x3f0
[  395.941943][    C1]  ip6_finish_output+0x2b8/0x810
[  395.941969][    C1]  ipvlan_queue_xmit+0x9cf/0x11b0
[  395.941996][    C1]  ? __pfx_ipvlan_queue_xmit+0x10/0x10
[  395.942021][    C1]  ? netif_skb_features+0x7f4/0xbb0
[  395.942043][    C1]  ipvlan_start_xmit+0x4a/0x150
[  395.942069][    C1]  dev_hard_start_xmit+0x27a/0x7e0
[  395.942095][    C1]  __dev_queue_xmit+0x1b0e/0x3d30
[  395.942121][    C1]  ? __dev_queue_xmit+0x2d2/0x3d30
[  395.942142][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  395.942164][    C1]  ? mark_lock+0x9a/0x350
[  395.942186][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  395.942207][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  395.942224][    C1]  ? __ipv6_neigh_lookup_noref+0x59f/0x730
[  395.942252][    C1]  ? ip6_finish_output2+0xdb4/0x1670
[  395.942280][    C1]  ip6_finish_output2+0xfc0/0x1670
[  395.942305][    C1]  ? rcu_is_watching+0x15/0xb0
[  395.942331][    C1]  ? ip6_finish_output2+0x712/0x1670
[  395.942357][    C1]  ? ip6_fraglist_prepare+0x253/0x700
[  395.942380][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.942406][    C1]  ? ip6_copy_metadata+0x8a6/0xed0
[  395.942435][    C1]  ip6_fragment+0x1ab7/0x2290
[  395.942469][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.942495][    C1]  ? __pfx_ip6_fragment+0x10/0x10
[  395.942520][    C1]  ? __pfx_lock_release+0x10/0x10
[  395.942540][    C1]  ? __pfx_ip6_finish_output+0x10/0x10
[  395.942566][    C1]  ? ip6_mtu+0x81/0x3f0
[  395.942589][    C1]  ip6_finish_output+0x2b8/0x810
[  395.942620][    C1]  ipvlan_queue_xmit+0x9cf/0x11b0
[  395.942648][    C1]  ? __pfx_ipvlan_queue_xmit+0x10/0x10
[  395.942673][    C1]  ? netif_skb_features+0x7f4/0xbb0
[  395.942694][    C1]  ipvlan_start_xmit+0x4a/0x150
[  395.942720][    C1]  dev_hard_start_xmit+0x27a/0x7e0
[  395.942746][    C1]  __dev_queue_xmit+0x1b0e/0x3d30
[  395.942772][    C1]  ? __dev_queue_xmit+0x2d2/0x3d30
[  395.942795][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  395.942816][    C1]  ? mark_lock+0x9a/0x350
[  395.942838][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  395.942858][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  395.942875][    C1]  ? __ipv6_neigh_lookup_noref+0x59f/0x730
[  395.942903][    C1]  ? ip6_finish_output2+0xdb4/0x1670
[  395.942932][    C1]  ip6_finish_output2+0xfc0/0x1670
[  395.942957][    C1]  ? rcu_is_watching+0x15/0xb0
[  395.942978][    C1]  ? ip6_finish_output2+0x712/0x1670
[  395.943005][    C1]  ? ip6_fraglist_prepare+0x253/0x700
[  395.943030][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.943056][    C1]  ? ip6_copy_metadata+0x8a6/0xed0
[  395.943084][    C1]  ip6_fragment+0x1ab7/0x2290
[  395.943118][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.943144][    C1]  ? __pfx_ip6_fragment+0x10/0x10
[  395.943169][    C1]  ? __pfx_lock_release+0x10/0x10
[  395.943188][    C1]  ? __pfx_ip6_finish_output+0x10/0x10
[  395.943215][    C1]  ? ip6_mtu+0x81/0x3f0
[  395.943237][    C1]  ip6_finish_output+0x2b8/0x810
[  395.943263][    C1]  ipvlan_queue_xmit+0x9cf/0x11b0
[  395.943292][    C1]  ? __pfx_ipvlan_queue_xmit+0x10/0x10
[  395.943316][    C1]  ? netif_skb_features+0x7f4/0xbb0
[  395.943338][    C1]  ipvlan_start_xmit+0x4a/0x150
[  395.943365][    C1]  dev_hard_start_xmit+0x27a/0x7e0
[  395.943390][    C1]  __dev_queue_xmit+0x1b0e/0x3d30
[  395.943417][    C1]  ? __dev_queue_xmit+0x2d2/0x3d30
[  395.943439][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  395.943461][    C1]  ? mark_lock+0x9a/0x350
[  395.943483][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  395.943503][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  395.943521][    C1]  ? __ipv6_neigh_lookup_noref+0x59f/0x730
[  395.943549][    C1]  ? ip6_finish_output2+0xdb4/0x1670
[  395.943577][    C1]  ip6_finish_output2+0xfc0/0x1670
[  395.943602][    C1]  ? rcu_is_watching+0x15/0xb0
[  395.943629][    C1]  ? ip6_finish_output2+0x712/0x1670
[  395.943655][    C1]  ? ip6_fraglist_prepare+0x253/0x700
[  395.943681][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.943707][    C1]  ? ip6_copy_metadata+0x8a6/0xed0
[  395.943736][    C1]  ip6_fragment+0x1ab7/0x2290
[  395.943770][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.943796][    C1]  ? __pfx_ip6_fragment+0x10/0x10
[  395.943822][    C1]  ? __pfx_lock_release+0x10/0x10
[  395.943841][    C1]  ? __pfx_ip6_finish_output+0x10/0x10
[  395.943868][    C1]  ? ip6_mtu+0x81/0x3f0
[  395.943891][    C1]  ip6_finish_output+0x2b8/0x810
[  395.943917][    C1]  ipvlan_queue_xmit+0x9cf/0x11b0
[  395.943945][    C1]  ? __pfx_ipvlan_queue_xmit+0x10/0x10
[  395.943970][    C1]  ? netif_skb_features+0x7f4/0xbb0
[  395.943992][    C1]  ipvlan_start_xmit+0x4a/0x150
[  395.944019][    C1]  dev_hard_start_xmit+0x27a/0x7e0
[  395.944044][    C1]  __dev_queue_xmit+0x1b0e/0x3d30
[  395.944070][    C1]  ? __dev_queue_xmit+0x2d2/0x3d30
[  395.944093][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  395.944115][    C1]  ? mark_lock+0x9a/0x350
[  395.944137][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  395.944157][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  395.944175][    C1]  ? __ipv6_neigh_lookup_noref+0x59f/0x730
[  395.944202][    C1]  ? ip6_finish_output2+0xdb4/0x1670
[  395.944230][    C1]  ip6_finish_output2+0xfc0/0x1670
[  395.944256][    C1]  ? rcu_is_watching+0x15/0xb0
[  395.944278][    C1]  ? ip6_finish_output2+0x712/0x1670
[  395.944304][    C1]  ? ip6_fraglist_prepare+0x253/0x700
[  395.944329][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.944355][    C1]  ? ip6_copy_metadata+0x8a6/0xed0
[  395.944385][    C1]  ip6_fragment+0x1ab7/0x2290
[  395.944418][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.944444][    C1]  ? __pfx_ip6_fragment+0x10/0x10
[  395.944470][    C1]  ? __pfx_lock_release+0x10/0x10
[  395.944490][    C1]  ? __pfx_ip6_finish_output+0x10/0x10
[  395.944517][    C1]  ? ip6_mtu+0x81/0x3f0
[  395.944540][    C1]  ip6_finish_output+0x2b8/0x810
[  395.944566][    C1]  ipvlan_queue_xmit+0x9cf/0x11b0
[  395.944594][    C1]  ? __pfx_ipvlan_queue_xmit+0x10/0x10
[  395.944639][    C1]  ? netif_skb_features+0x7f4/0xbb0
[  395.944676][    C1]  ipvlan_start_xmit+0x4a/0x150
[  395.944702][    C1]  dev_hard_start_xmit+0x27a/0x7e0
[  395.944728][    C1]  __dev_queue_xmit+0x1b0e/0x3d30
[  395.944754][    C1]  ? __dev_queue_xmit+0x2d2/0x3d30
[  395.944777][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  395.944797][    C1]  ? mark_lock+0x9a/0x350
[  395.944819][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  395.944840][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  395.944857][    C1]  ? __ipv6_neigh_lookup_noref+0x59f/0x730
[  395.944902][    C1]  ? ip6_finish_output2+0xdb4/0x1670
[  395.944933][    C1]  ip6_finish_output2+0xfc0/0x1670
[  395.944971][    C1]  ? rcu_is_watching+0x15/0xb0
[  395.944992][    C1]  ? ip6_finish_output2+0x712/0x1670
[  395.945019][    C1]  ? ip6_fraglist_prepare+0x253/0x700
[  395.945044][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.945071][    C1]  ? ip6_copy_metadata+0x8a6/0xed0
[  395.945099][    C1]  ip6_fragment+0x1ab7/0x2290
[  395.945132][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.945158][    C1]  ? __pfx_ip6_fragment+0x10/0x10
[  395.945184][    C1]  ? __pfx_lock_release+0x10/0x10
[  395.945204][    C1]  ? __pfx_ip6_finish_output+0x10/0x10
[  395.945231][    C1]  ? ip6_mtu+0x81/0x3f0
[  395.945254][    C1]  ip6_finish_output+0x2b8/0x810
[  395.945279][    C1]  ipvlan_queue_xmit+0x9cf/0x11b0
[  395.945307][    C1]  ? __pfx_ipvlan_queue_xmit+0x10/0x10
[  395.945333][    C1]  ? netif_skb_features+0x7f4/0xbb0
[  395.945354][    C1]  ipvlan_start_xmit+0x4a/0x150
[  395.945379][    C1]  dev_hard_start_xmit+0x27a/0x7e0
[  395.945404][    C1]  __dev_queue_xmit+0x1b0e/0x3d30
[  395.945430][    C1]  ? __dev_queue_xmit+0x2d2/0x3d30
[  395.945451][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  395.945472][    C1]  ? mark_lock+0x9a/0x350
[  395.945494][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  395.945513][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  395.945531][    C1]  ? __ipv6_neigh_lookup_noref+0x59f/0x730
[  395.945557][    C1]  ? ip6_finish_output2+0xdb4/0x1670
[  395.945585][    C1]  ip6_finish_output2+0xfc0/0x1670
[  395.945617][    C1]  ? rcu_is_watching+0x15/0xb0
[  395.945638][    C1]  ? ip6_finish_output2+0x712/0x1670
[  395.945664][    C1]  ? ip6_fraglist_prepare+0x253/0x700
[  395.945689][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.945715][    C1]  ? ip6_copy_metadata+0x8a6/0xed0
[  395.945743][    C1]  ip6_fragment+0x1ab7/0x2290
[  395.945776][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.945800][    C1]  ? __pfx_ip6_fragment+0x10/0x10
[  395.945825][    C1]  ? __pfx_lock_release+0x10/0x10
[  395.945844][    C1]  ? __pfx_ip6_finish_output+0x10/0x10
[  395.945870][    C1]  ? ip6_mtu+0x81/0x3f0
[  395.945893][    C1]  ip6_finish_output+0x2b8/0x810
[  395.945919][    C1]  ipvlan_queue_xmit+0x9cf/0x11b0
[  395.945947][    C1]  ? __pfx_ipvlan_queue_xmit+0x10/0x10
[  395.945971][    C1]  ? netif_skb_features+0x7f4/0xbb0
[  395.945993][    C1]  ipvlan_start_xmit+0x4a/0x150
[  395.946019][    C1]  dev_hard_start_xmit+0x27a/0x7e0
[  395.946044][    C1]  __dev_queue_xmit+0x1b0e/0x3d30
[  395.946069][    C1]  ? __dev_queue_xmit+0x2d2/0x3d30
[  395.946090][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  395.946112][    C1]  ? mark_lock+0x9a/0x350
[  395.946133][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  395.946153][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  395.946171][    C1]  ? __ipv6_neigh_lookup_noref+0x59f/0x730
[  395.946197][    C1]  ? ip6_finish_output2+0xdb4/0x1670
[  395.946224][    C1]  ip6_finish_output2+0xfc0/0x1670
[  395.946249][    C1]  ? skb_copy_bits+0x6d0/0x7a0
[  395.946267][    C1]  ? ip6_finish_output2+0x712/0x1670
[  395.946296][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.946328][    C1]  ip6_fragment+0x139c/0x2290
[  395.946361][    C1]  ? __pfx_ip6_finish_output2+0x10/0x10
[  395.946386][    C1]  ? __pfx_ip6_fragment+0x10/0x10
[  395.946411][    C1]  ? __pfx_lock_release+0x10/0x10
[  395.946435][    C1]  ? ip6_mtu+0x81/0x3f0
[  395.946458][    C1]  ip6_finish_output+0x2b8/0x810
[  395.946484][    C1]  ip6_xmit+0xefe/0x17f0
[  395.946512][    C1]  ? __pfx_ip6_xmit+0x10/0x10
[  395.946547][    C1]  ? sctp_v6_xmit+0x614/0x13f0
[  395.946569][    C1]  sctp_v6_xmit+0x9f2/0x13f0
[  395.946595][    C1]  ? __pfx_sctp_v6_xmit+0x10/0x10
[  395.946622][    C1]  ? __skb_checksum+0x82e/0x910
[  395.946645][    C1]  ? kasan_quarantine_put+0xdc/0x230
[  395.946669][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  395.946693][    C1]  ? sctp_compute_cksum+0x93/0x110
[  395.946719][    C1]  sctp_packet_transmit+0x26ad/0x2ca0
[  395.946760][    C1]  sctp_packet_singleton+0x22c/0x320
[  395.946780][    C1]  ? __pfx_sctp_packet_singleton+0x10/0x10
[  395.946802][    C1]  ? sctp_outq_select_transport+0x474/0x580
[  395.946820][    C1]  ? sctp_transport_burst_limited+0x18c/0x270
[  395.946842][    C1]  sctp_outq_flush+0x6d5/0x3e20
[  395.946869][    C1]  ? rcu_is_watching+0x15/0xb0
[  395.946900][    C1]  ? __pfx_sctp_outq_flush+0x10/0x10
[  395.946931][    C1]  ? sctp_outq_tail+0x67a/0x930
[  395.946958][    C1]  ? sctp_outq_uncork+0x4f/0xb0
[  395.946975][    C1]  sctp_do_sm+0x59cc/0x60c0
[  395.946992][    C1]  ? stack_depot_save_flags+0x29/0x830
[  395.947017][    C1]  ? kasan_save_track+0x51/0x80
[  395.947042][    C1]  ? __kasan_kmalloc+0x98/0xb0
[  395.947057][    C1]  ? sctp_stream_init_ext+0x56/0x180
[  395.947080][    C1]  ? __pfx_sctp_do_sm+0x10/0x10
[  395.947115][    C1]  ? __sk_mem_raise_allocated+0xa5f/0x1140
[  395.947144][    C1]  sctp_primitive_ASSOCIATE+0x95/0xc0
[  395.947171][    C1]  sctp_sendmsg_to_asoc+0xfa5/0x1800
[  395.947194][    C1]  ? sctp_v6_to_sk_saddr+0x101/0x1c0
[  395.947218][    C1]  ? __asan_memcpy+0x40/0x70
[  395.947263][    C1]  ? sctp_assoc_add_peer+0xe3c/0x15c0
[  395.947300][    C1]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  395.947327][    C1]  ? sctp_connect_new_asoc+0x3fe/0x6c0
[  395.947358][    C1]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  395.947386][    C1]  ? sctp_sendmsg+0xbb9/0x3520
[  395.947417][    C1]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  395.947441][    C1]  ? security_sctp_bind_connect+0x90/0xb0
[  395.947470][    C1]  sctp_sendmsg+0x1bc3/0x3520
[  395.947508][    C1]  ? __pfx_sctp_sendmsg+0x10/0x10
[  395.947537][    C1]  ? __pfx_lock_release+0x10/0x10
[  395.947564][    C1]  ? inet_sendmsg+0x330/0x390
[  395.947596][    C1]  __sock_sendmsg+0x1a6/0x270
[  395.947631][    C1]  ____sys_sendmsg+0x525/0x7d0
[  395.947659][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  395.947691][    C1]  __sys_sendmmsg+0x3b2/0x740
[  395.947719][    C1]  ? __pfx___sys_sendmmsg+0x10/0x10
[  395.947772][    C1]  ? __pfx___might_resched+0x10/0x10
[  395.947799][    C1]  ? __might_fault+0xaa/0x120
[  395.947825][    C1]  ? __pfx_lock_release+0x10/0x10
[  395.947850][    C1]  ? do_futex+0x33b/0x560
[  395.947875][    C1]  ? __rseq_handle_notify_resume+0x353/0x14e0
[  395.947909][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  395.947934][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  395.947958][    C1]  ? do_syscall_64+0x100/0x230
[  395.947985][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[  395.948008][    C1]  do_syscall_64+0xf3/0x230
[  395.948033][    C1]  ? clear_bhb_loop+0x35/0x90
[  395.948059][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.948091][    C1] RIP: 0033:0x7f1c9727cf69
[  395.948114][    C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  395.948132][    C1] RSP: 002b:00007f1c980a50c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  395.948155][    C1] RAX: ffffffffffffffda RBX: 00007f1c973b3f80 RCX: 00007f1c9727cf69
[  395.948170][    C1] RDX: 0000000000000044 RSI: 00000000200007c0 RDI: 0000000000000005
[  395.948184][    C1] RBP: 00007f1c972da6fe R08: 0000000000000000 R09: 0000000000000000
[  395.948197][    C1] R10: 0000000000008040 R11: 0000000000000246 R12: 0000000000000000
[  395.948210][    C1] R13: 000000000000000b R14: 00007f1c973b3f80 R15: 00007fffe8b160f8
[  395.948235][    C1]  </TASK>
[  395.948242][    C1] Modules linked in:
[  395.948262][    C1] ---[ end trace 0000000000000000 ]---
[  395.948272][    C1] RIP: 0010:validate_chain+0x119/0x5900
[  395.948301][    C1] Code: 25 00 80 04 00 3d 00 00 04 00 0f 85 7b 04 00 00 81 e3 ff 1f 00 00 48 89 d8 48 c1 e8 06 48 8d 3c c5 80 25 f7 92 be 08 00 00 00 <e8> a2 87 85 00 48 0f a3 1d 8a 0e 84 11 72 66 48 c7 c0 e0 a6 76 94
[  395.948319][    C1] RSP: 0018:ffffc9000a1c8000 EFLAGS: 00010047
[  395.948335][    C1] RAX: 0000000000000000 RBX: 0000000000000027 RCX: 1ffff92001439020
[  395.948348][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff92f72580
[  395.948376][    C1] RBP: ffffc9000a1c8300 R08: ffffffff92f72587 R09: 1ffffffff25ee4b0
[  395.948391][    C1] R10: dffffc0000000000 R11: fffffbfff25ee4b1 R12: dffffc0000000000
[  395.948406][    C1] R13: ffff888026428fb0 R14: 4912ddf75aee0fae R15: ffff888026428000
[  395.948431][    C1] FS:  00007f1c980a56c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  395.948447][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  395.948469][    C1] CR2: ffffc9000a1c7ff8 CR3: 00000000661cc000 CR4: 00000000003506f0
[  395.948485][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  395.948495][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  395.948508][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  395.948790][    C1] Kernel Offset: disabled