last executing test programs:

8.06898154s ago: executing program 0 (id=1158):
openat(0xffffffffffffff9c, &(0x7f0000002400)='./file1\x00', 0x6142, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
ftruncate(r0, 0x0)

7.903068605s ago: executing program 0 (id=1159):
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000800)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

7.833465338s ago: executing program 0 (id=1161):
r0 = memfd_create(&(0x7f0000000480)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o8\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\xa3\xd9\x9a@\xdb #\xf8\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HOA\xc8\x80kR\xfc\xcb[\xc7%\x88 \xeeQR\x9f\x81\x8b\xdc\xc7\xdc\xde\x04\x00\x00\x00\x11)W\x9c\x82\x91\x17\xd8\xda@4\x9f\xf5\xc5\xe3\x8d.\xd1=\xcf\xbf\x81\b\x8d%K\x1d\xe7_\xde\x87\xdd\xc1\xf0\x91\x1a!\x9c\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\x9d\xb8\x89\xf5a2\x00;\xe5\xc81P[\x94\x98\x12\xac\xa4\xec>\xc9\xf2/\x13{\x1a\x7f\x00\x00\x00\x00+\x00\x02\xaa;*\x89\xb1\xa8\x8a\x13[\xfb\xe8\tX\xb7KV\x90\xc3D\x82`\xea\x16\xc6\xcef\xab\x05\x19\x96\xb9_6*-\xf3\x8c\x9a\x15\x9c\xf5\xb4O\x17@d\x81+\xf6\xe6+\xed\r\xd2\xb3\xaa\x9b\x7fC\'\xa2\xf6\x12\xa1\x15Punfo\x7f\x92G\x0e.\xce\xd8h\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1%)\x85\xc7O]\'9\x92\xad\xfbJ\x02\x1d\x91-\xc3\x0e\t&\xbdq\x06`T\xc8\x92\xaf\xad#\xd8b\x90\xeb\x05\x9f\t5\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x93D\x8d~\x01\t\x00\x00\xaa\xb2\xb1\x03m\x82+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xa7\xf6\xcaA\x90T\x1b\xe6\xb9\xe7\xff\xc5H\x04\x8d\xca\xad\x17UlY\x9a}\r4\xac\x93\xac\v2\xc6\xf9\xbe\xfeI\x8b\xd4/`\xab\x1e\xcf\x7f\b\x94 2.{\xc1\xbe\x9bth~\xcb\xb9E\x10W\xed\xed51[\xc5\xeb2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\xdem\xe3)q:3\xfa*\x98o\'f\xbcY\x8e?\xf9\x84y\x89Y\x1c]\xad$\x7fp\xf1\xa3\x99[\xff\x1f\x94\xc2\xdb\xbaG\xa6UD\x88Y6\x11Y\xd4\xd1\xde\x9a{]\xe2\x98W\xb9\x13\x17<\x8b!?\x8e\xbc\xae\xf9\xcc\b\x90n\x15\x7f\xd5WS\xfbN\xec)B\xe7R\xa5\xd7O\x83\x80}\xcc5\x99\xdb\xd6\xbd\x9c\x05l\xfc.\xf4\xbbeF\xa3\xea}\xf1\x8bz\xca\xad\x82\xd9IRV5\xa77\'\x1a\x1c\x89\xef:\xee\x10\xb2\xd6\xc8\xf4\xb5\xdd\xd8c!@JRY\xa3|Pjk\xdc\xa5d\xc2\xecn\xc9X\xfc\xd4D\x13\"\xb2\x06\xbd&\xf86\xddXv\xc9\x1322L\xaa\xa4\xb67\x89D\x93L\xc0\xa41\xf9sNG\x02\x83\xe6Bl\xd2\x02\xfb[\x82\xc0I\xb7\xf6 \xa2\xa1}\xee}\x00\x00\x00\x00\'\xc7J\xca\xdf:\x8ft\xe0\xf8\a\xf6\xf6\xa6\x88\xfd\xc2\xa9\x14\xf3\xe1}\r.\a\x97~A\x16lR\x96\xf0\xaa,;+\xa6\x1eD\xbb1\xe3\xb7-\x96\xc1\x19\x85\xe8\x9b\xfb4\x97\x9d\xdf;*S\xcf\xad\xe3\n\xac\x85\xacVI\xf1\x8b\xa0g\ap\xe3m\xac\xa5\x8fly\x95\b1L\xd91\x06\xeb(\xe9\xad\x81\x7f!\x9d%n7\xb9\xf3\x83\x1fN\xbf]\xa0\xd8\xd6**\xe3\x89\xa1V\x9cCN\x92c\x83\x8c\xf7\xfa\x95p\x92\xdag\xa9\x03\xd7\x8f\x8b\x91\xc7+\xa4\x01$\xe7\x12\xc6>\xf0*\xee\xcb.q\xa6\xe3\"\x1b\x88_y?\x96\xab|\x853\xa7\xf1\"\x8b\xde\xc5_Rtg\xcc,s\"]\xcd?\x80\xa8|?\xaf\xdc^3L\xf5I<\xa4\xe5\x8c\x14Re\xb9|\x1d\xb5\xeb8\x82\xf0\x84\xe1h\xc3\xb9\xc6\x7fY\xa6\x92;V\xe7+\xb9\"', 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='gid_map\x00')
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0)
fallocate(r0, 0x0, 0x0, 0x800000b)
pwritev(r1, &(0x7f0000000240), 0x0, 0x0, 0x0)
symlink(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='.\x00')

6.672008025s ago: executing program 0 (id=1170):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
mlockall(0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffffffb}]})
write(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x0, 0x800000000004, @thr={0x0, 0x0}}, 0x0)
openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare(0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

5.778543294s ago: executing program 0 (id=1174):
r0 = memfd_create(&(0x7f00000006c0)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2>\xa1\x9c\x86x\x1c\x9f\x97\x87\xd9c\xecR\xd6\xe8\xf3Y\x121p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x00M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a{8=\xef*\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xb0\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8Y\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO\xb3\xb3\xd4\b`\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fX\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb7\x85\x90\xb7\x1b0\xce\xd7!\x8fD\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \xe2\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\xf2w\x91\x9f\xe4\xa8\xbdF\xf5\x02s\xee\b\xbc\xaf\xd0\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\xbc\x95&\x14\x1e\x97\xce\x83>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd\xe9\xaf\x12<\xd7\xe1$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2t\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xebN\x94\x12\x04\x95o\xd6\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xaf\tC\x1cq\xaa\x92,Li\r\x95Z\x89\"\xaf]\x95\xb9b_\xe4\xba\xd4\x93\xab\xe1\xf50\xeb&\x1d\x88\xd3\x8f+\xbe\x81<z\xf2\xe8\xf4\x93\xe6h\x97\x7f\xaf\xc5\x06g\fI\xa58\xf5\x18x\xc9\xb9\x03\t\x06\x96gf5\xb0\xc8\x86\x14\xe2\x01\x1f\x80\xe7Ol\xba\x93\xaa\x15\x87I7W\x87\xc4;p\xc5\x1e\"K5r\xec6\xac\xf0;\xf8 \xad\xc9\xf0\x16\xce\x17\xa1%f\x12\x80\x03N[qz\xf0q\xbd\xb8s\xe5>N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02\xaa\xc7\xeb1;\x86b\x8f\x12{k#c\x1d@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca`<_}\'\xce\x81\xb3O\xae\xa1\xbfwcN,\xf2#\x16\xc4\xad\a&\xb1U\x83w\xd0K\xaa\xdf\x84\xe5\xe4\xdb\xa3G(\x7fv\x93\xb8m\x96\xd89Kb\xa9\x852\xb9\xcaG\x8b\x11\x16\x16\xeeI\x14\xcb\xe4\x9a\x1e\xb6^\xa3\xaa^\xdc\xcfo\xfb\xd6<\xa2\xc6\xbdj\xc4\xb1B\xf3S}\xfeI\xe2e\xec}o\xcfB\xa6\x877\'\x80\x82\t\xec\xc1&\xb8\xa9\x82&\xb8XQ8M@\xaa\x1f\vj\x9aW\xec\x92\x19\xdb^\x9d\x94\x87-&\x00/z\xa2\xd7\x01\\\t\xae~\xed\no\x1a\x9cKG^+\xc9\xe0v\xc0\x96\xc4\xcc\xb7\xdd\xdf\xf9\x01\x91\xe5\to[\x97\xbe\x110\x93\x14\xf8\x8a\x8d\xeb\t\xe7?/C\xaa\xd9\xc4\xc9', 0x0)
write(r0, &(0x7f0000000140)='/', 0x1)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x100000c, 0x11, r0, 0x0)
umount2(&(0x7f0000000300)='./file0\x00', 0x0)

4.824200965s ago: executing program 0 (id=1179):
r0 = memfd_create(&(0x7f00000004c0)='\x01\fD\xd1\x1e\x803\x00\x00\xbf\xecs \xc5\xb55nVg\x1b\xa3\x8a\xcc\xf2!PmENs\xe5\x83rz\xc0\x03\x00\x00\x00\xd1\x8e\x81\n\xc0\xb3Ac\xfe(\x00\x13\xaeZ\x8bp\x1e\xdc\x18\xddf\xe9\xe1\t\bR) \xa9P\x02\x00\xe1-q \xb3\x80\xb9\xdfj\xed\xb9_o\xa6\x04\xf5\x9f\x04\xf1\xd5\xe3\xfa\xfd\x161\x13rCc\x84\xa6y\xb7\xbe\xf5\xcc\a\fM\xa9\xcbX\x891\xed\a\xf9\xa6\xd8\xd0\x03\x00\x00\x00\x00\x00\x00\x00\']\by\xb5\xbcI\xbf\xac*\xb4\xed\xf0^\xd35\xeb=\xc7\x82;\xb32;\xc5\xa3\xc8\xb9\xf2\xe5\xf4\x93[\x91F\x83?\xfe\xd9\x7ffvQ\xff\xc0\x8f\xe4\xb8\xa3\xbf\xceAT\x17\xc6\x81\xc0m}O\xfd\xe0\x05$\xcd\xfdkMu\x9bQ\xd8z\xe0\xd6\xe2\xbe\xf4\xd5\x16\x94\xe0\xbf0\xde\xcaS/\xf7\xeb\x89bmX0\x94T\x10\x9dx@\xce:]\xb68\xa2W\xcb\x86\b\x03s\xb4q>\xe88\x19\x1a\x14Z\xf3\xd7\x92\xe4bT\xc1.\xfc\xd4\xcay)$\n\x05\xd1\xc5V\x91\xe3W\x10r\x9b~n`z\x8c\x16c\xa1d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x89\xba\xad!\xfe\xdb\xe9\x8d\xffI\x8a=\x81\xc8\x9f\x17N\x80\x06\xc7\xbe\xf2\x9b\x86Z\xc8\xf8\x16)\xef\xab\xbaD8\xecd\\\x10\x10btN\xd0g!\xcc\xbe\xcd\xb7\x16\x19\x89\xceBy|\xe0\x12\x92`Y\x06\x17\xc8mt\xc4d\xd4{\xaa/+9\x87\xf5L\xa9+4\x12Z\x15\xc8\nb}\x15\xc3^r\x03{\xb2\n\x02\xc7;\xdd\xac\xec\xde\x14#`\xcc\xaa\x0f\xdc\x8b\x9a3\n9\x11\xe8Y;@7Cl\xe7\x90\x17\xbb\x9c\xfb\xcc\xb7\'\xf4\xff\xd0\xc2+\xc6)\x15\"\xff\'L\x06\xc2\x8bC\xc7\xee\xb9\xa2B\x7f\'\nU4w\x9c\x15 \"lR\xf1\xbe\xe6', 0x0)
r1 = dup(r0)
write$binfmt_aout(r0, &(0x7f00000006c0)={{}, "", ['\x00']}, 0x120)
sendfile(r0, r1, &(0x7f0000000080), 0x20000080000001)
r2 = memfd_create(&(0x7f00000004c0)='\x01\fD\xd1\x1e\x803\x00\x00\xbf\xecs \xc5\xb55nVg\x1b\xa3\x8a\xcc\xf2!PmENs\xe5\x83rz\xc0\x03\x00\x00\x00\xd1\x8e\x81\n\xc0\xb3Ac\xfe(\x00\x13\xaeZ\x8bp\x1e\xdc\x18\xddf\xe9\xe1\t\bR) \xa9P\x02\x00\xe1-q \xb3\x80\xb9\xdfj\xed\xb9_o\xa6\x04\xf5\x9f\x04\xf1\xd5\xe3\xfa\xfd\x161\x13rCc\x84\xa6y\xb7\xbe\xf5\xcc\a\fM\xa9\xcbX\x891\xed\a\xf9\xa6\xd8\xd0\x03\x00\x00\x00\x00\x00\x00\x00\']\by\xb5\xbcI\xbf\xac*\xb4\xed\xf0^\xd35\xeb=\xc7\x82;\xb32;\xc5\xa3\xc8\xb9\xf2\xe5\xf4\x93[\x91F\x83?\xfe\xd9\x7ffvQ\xff\xc0\x8f\xe4\xb8\xa3\xbf\xceAT\x17\xc6\x81\xc0m}O\xfd\xe0\x05$\xcd\xfdkMu\x9bQ\xd8z\xe0\xd6\xe2\xbe\xf4\xd5\x16\x94\xe0\xbf0\xde\xcaS/\xf7\xeb\x89bmX0\x94T\x10\x9dx@\xce:]\xb68\xa2W\xcb\x86\b\x03s\xb4q>\xe88\x19\x1a\x14Z\xf3\xd7\x92\xe4bT\xc1.\xfc\xd4\xcay)$\n\x05\xd1\xc5V\x91\xe3W\x10r\x9b~n`z\x8c\x16c\xa1d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x89\xba\xad!\xfe\xdb\xe9\x8d\xffI\x8a=\x81\xc8\x9f\x17N\x80\x06\xc7\xbe\xf2\x9b\x86Z\xc8\xf8\x16)\xef\xab\xbaD8\xecd\\\x10\x10btN\xd0g!\xcc\xbe\xcd\xb7\x16\x19\x89\xceBy|\xe0\x12\x92`Y\x06\x17\xc8mt\xc4d\xd4{\xaa/+9\x87\xf5L\xa9+4\x12Z\x15\xc8\nb}\x15\xc3^r\x03{\xb2\n\x02\xc7;\xdd\xac\xec\xde\x14#`\xcc\xaa\x0f\xdc\x8b\x9a3\n9\x11\xe8Y;@7Cl\xe7\x90\x17\xbb\x9c\xfb\xcc\xb7\'\xf4\xff\xd0\xc2+\xc6)\x15\"\xff\'L\x06\xc2\x8bC\xc7\xee\xb9\xa2B\x7f\'\nU4w\x9c\x15 \"lR\xf1\xbe\xe6', 0x0)
r3 = dup(r2)
write$binfmt_aout(r2, &(0x7f00000006c0), 0x20)
sendfile(r2, r3, &(0x7f0000000080), 0x20000080000001)
ftruncate(r3, 0x0)

3.486548828s ago: executing program 1 (id=1194):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_read_part_table(0x403a, &(0x7f0000004040)="$eJzs0D1KA2EQBuBZQbCxsBAs5wiyspZ6AQ+hrAsKi40/mCLN5l6BXCNFjpArJLAJSbtFElI8T/O98DHDy7x8fv3+Zz1qs8y39ifv8+M9y6rK76bOx4c4gWKXrmISRXRxE5dDBl+vF8tjFjsXt3dxsY1Fn1bxvP99mm1u2L8RMe6G7p1Pm79DdwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM0OHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADByQAAAAAgv6/bkegAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8FAAD//8QZE0c=")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040))
timer_create(0x0, 0x0, &(0x7f0000bbdffc))

3.080806361s ago: executing program 3 (id=1197):
mkdir(0x0, 0x101)
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
syz_mount_image$vfat(&(0x7f0000000540), &(0x7f0000000040)='./file1\x00', 0xa18c14, &(0x7f0000000080)=ANY=[@ANYBLOB='uni_xlate=1,iocharset=cp437,shortname=wodepage=1250,utf8=0,shortname=win95,shortname=win95,nonumtail=0,shortname=lower,shortname=mixed,rodir,rodir,nonumtail=0,\x00\x00\x00\x00\x00\x00\x00'], 0x81, 0x29b, &(0x7f0000000580)="$eJzs3c9qK1UYAPBv0iRNVEgWrkRwQBeuwr33CW6QChezUrLQjV5sC5KEQgMB/2Dsyr3gynfwHXwAN76BC5eCO7sQR5KZSdI0bY3EVOrvt5kvc74v509OWyjMyUevjgbHZ+PTiy9+jkYjicrTeBqXSbSjEqWvAgB4SC6zLH7LcnflVqMeEVmreFXZw/AAgH/BNn//AYCH4b33P3in2+sdvZumjYjR15N+Evk1b++exicxjJN4FK34IyJbyOOXnvWOopqm5T8DJs3oR4w+/LF43f01Yl7/OFrRXq+vF1npXLwxmk76s55n11q8kER0syRPeRKteDkiq0XxJvnl7We9oyfp9fro1+PN178rxv/nSXSiFT99HGcxjOP5Wyzrv3ycpm9l3/7+eT6DfkQynfQP53lL2cFePhAAAAAAAAAAAAAAAAAAAAAAAP4XOulCe/X8nPI0wE5nc/uN5wMVJ/xMV87XeZSmaXmMz6Rfi7y+Gq9Uo3p/MwcAAAAAAAAAAAAAAAAAAID/jvGnnw2eD4cn51eCH7JZ0Lw1Zz2ortwpH+u/u2pzMPg+YvuqvxPEQTG0YXKti6Rs2kFfh9skNzd1GpWb1rA6jHzw32w/sNd2NcFbg3J3DZ4ncUdyY/MmWdl15TY8HydbbMhsw9Id3FhV39Hc6y/+0/LmxoWazbi2WMyrVY3ZJ7lyp7bjn5Q1yc5/9wAAAAAAAAAAAAAAAAAAAFctH/qNX641XtzLkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg75bf/78Ior1+Zz2YFsXzO5Xbkw/Pxxu6be95mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxwfwUAAP//5OlVhQ==")
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000800)='./file2\x00', 0x404a, &(0x7f0000000880), 0x1, 0x751, &(0x7f0000000000)="$eJzs3c1rXFUfB/DfvZNJ0pfnSSqlWhEccFFBnTS19W3VVlGoIqLiukM6LaXTpiQRTOwidelCBAWX6n9RcNONa8FF1a2uFIpUu6koI3demiGZSWKYzEXv5wN3cs49k5zzzSU5984d5gRQWJXsIY04HBFnk4ipzv4kIsqt0ljEyfbz7t25NvfHnWtzSTSbb/2atJ6T7Yue78ns61QmI+Lb00k8UNrY7+LyyqVao1Ff6NRnli5fnVlcXnnq4uXahfqF+pVjx0/MPnviuWeOPz+sqKVDZ558/dAHL976qvnmKy99c2I1yYKNtRt7cwxLJSr3fye9si5fHnZnOSl18vTmTMZyHBD/SNpzDA/FVJRi7eBNxdff5To4AGBXNEsRTQCgYBLzPwAUTPd1gHt3rs11t3xfkRit26eidaNyY/6xONn6OtUsR8Te35O1OyOV9v2u6SH0X4mIG3ffuZVtsUv3ITezej0iHuqXv3V3NKZbd3HX5e/cMzo6hP4r6+r/pvwnh9B/3vkBKKabp9oT2cb5L+3Mb/3nv8k+c9dO5D3/DT7/W8tf6pM/O/97Y5t9fPHRIw8Oaus9/8u2rP/uueAo3L4e8fDY4POfLH8yIP/ZbfZx4+f3a4Pa8s7f/DLiSN/rn7V3tCWbvz9x5vzFRv1o+7FvH5/MnPlwUP9558+O/94B+bc6/le32cdfB388Paht6/zpL+PJ263SeGfPe7WlpYXZiPHktY37j20+lu5zuj8jy//4Y5v//ffLn10Trm4z/+ev/vbZzvPvriz/uR0e/4+32cef8z9NDmrLOz8AAAAAAAAAAAAAAAAAAAAAAAAAjEIaEfsjSav3y2larbbX8D4Ye9PG/OLSE+fn371yLmuLmI5y2v2ky6l2Pcnqs53Pw+/Wj62rPx0RByLi04k9rXp1br5xLu/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCxb936/3cn2uv/AwD/cZN5DwAAGDnzPwAUj/kfAIrH/A8AxWP+B4DiMf8DQPGY/wEAAAAAAAAAAAAAAAAAAAAAYKQOPHrzhyQiVl/Y09oy4522cq4jA3ZbmvcAgNyU8h4AkJuxvAcA5MY1PpBs0T7wI8JXXUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFAcRw5b/x+Kyvr/UFxW74Tisv4/FJdrfMD6/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsLX9rS1Jq521wPdHmlarEf+LiOkoJ+cvNupHI+L/EfH9RHkiq8/mPWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGLLF5ZVLtUajvqCgoKBwv5D3fyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYvbVFv/MeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHlaXF65VGs06gu7WMg7IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAw/R0AAP//8lssMw==")
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000400)={0xaa, 0x13})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b48090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f3b0063090890e0878f0e1ac6e7049b074a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000095802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

2.51165531s ago: executing program 1 (id=1202):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file0\x00', 0x40, &(0x7f00000005c0), 0x1, 0x583, &(0x7f0000000bc0)="$eJzs3U9oHFUYAPBvZhNr22haUFDpoahQoXST9I9WT+lVLBR6ELzEsNmGkE02Zje1CT2k9yIWFJVeqicFPSoiHsSLR69eFM+CaFFpepDIZHf7J8mu27TZLdnfD2b73rzpfu9l9ns7M8ywAfSsg9lLGvF0RJxJIgbvaOuLeuPB2nYr1y8WbvZFIYnV1bN/JJFExI3rFwuN7ZP6v3sjYjkinoqI7/sjDqcb41YWl6bHS6XifL0+VJ2ZG6osLh2ZmhmfLE4WZ4+99PKJk8dPjBwdeWBjvfzLlXcu//jqtSuffXFgufD+eBKjMVBvu3McD1Ltb9Ifo+vWH9+OYF2UNG3ZZOfz0MjV87w/Ip6MwcjVsx7Y+VZ3RawCPSq55/zfHeYM2AkaxwHZ+W9j6eTxx++naicgWdyV+lJr6atdm4hH185N9vyV3HVmkp1v7utkR9mRli9FxHBf38bPf1L//G3d8IPoINvqu1O1HbVx/6fZ/n/r8/p26+efgca10/vUmP9WNsx/6a35L9dk/jvTZox/3/j1o6bxL0U8s2n85Fb8ZJP4aUS82Wb8q69/fbJZ2+rHEYdi8/gNSevrw0PnpkrF4drrpjG+PXTglVbj39Mk/miL8Wfr5toc/1c/fPnscov4LzzXev9vFj87Bn+3zfj7b3z6WrO2LP5Ek/G3ip+tu9Zm/BdHD/7c5qYAAAAAAAAAAMA9SNfuZUvS/K1ymubztWd4n4g9aalcqR4+V16Ynajd87Yv+tPGnVaDtXqS1Ufq9+M26kfX1Y9FxP6IeC+3e62eL5RLE90ePAAAAAAAAAAAAAAAAAAAADwk9q57/v/vXO35f6BH+Mlv6F3yH3rX3fmfdK0fQOf5/ofeJf+hdzXL/5vfdLgjQMc1/f7v72w/gM5z/A+9S/5D75L/0LvkPwAAAAAAAAAAAAAAAAAAAAAAAAAAbIszp09ny+rN6xcLWX3i/OLCdPn8kYliZTo/s1DIF8rzc/nJcnmyVMwXyjP/936lcnluOGYXLgxVi5XqUGVxaWymvDBbHZuaGZ8sjhX9oggAAAAAAAAAAAAAAAAAAABsNLC2JGk+ItK1cprm8xGPRcS+6E/OTZWKwxHxeET8lOvfldVHut1pAAAAAAAAAAAAAAAAAAAA2GEqi0vT46VScb51IW1jm51XiIjldWvu7X3G/ulcn7PObum/J8v3FT2Jbu8mhW368AMAAAAAAAAAAAAAAAAAAB11+6HfbvcEAAAAAAAAAAAAAAAAAAAAeln6W/aaRMShwecH1rc+kqzkIj4ZzMpvXz37wYXxanV+JFv/Z26tPSKqH9bXH+1C94G2NfK0kccAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAbZXFpenxUqk4v8XCrjbep8tDBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANiS/wIAAP//7YjRGA==")
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000240)=ANY=[], 0x835, 0x0)

2.408146713s ago: executing program 2 (id=1203):
r0 = socket$inet(0x2, 0x3, 0x7)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'sit0\x00', &(0x7f00000003c0)=@ethtool_dump={0x3e}})

2.306984536s ago: executing program 3 (id=1204):
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2.152425771s ago: executing program 2 (id=1205):
r0 = memfd_create(&(0x7f00000004c0)='\x01\fD\xd1\x1e\x803\x00\x00\xbf\xecs \xc5\xb55nVg\x1b\xa3\x8a\xcc\xf2!PmENs\xe5\x83rz\xc0\x03\x00\x00\x00\xd1\x8e\x81\n\xc0\xb3Ac\xfe(\x00\x13\xaeZ\x8bp\x1e\xdc\x18\xddf\xe9\xe1\t\bR) \xa9P\x02\x00\xe1-q \xb3\x80\xb9\xdfj\xed\xb9_o\xa6\x04\xf5\x9f\x04\xf1\xd5\xe3\xfa\xfd\x161\x13rCc\x84\xa6y\xb7\xbe\xf5\xcc\a\fM\xa9\xcbX\x891\xed\a\xf9\xa6\xd8\xd0\x03\x00\x00\x00\x00\x00\x00\x00\']\by\xb5\xbcI\xbf\xac*\xb4\xed\xf0^\xd35\xeb=\xc7\x82;\xb32;\xc5\xa3\xc8\xb9\xf2\xe5\xf4\x93[\x91F\x83?\xfe\xd9\x7ffvQ\xff\xc0\x8f\xe4\xb8\xa3\xbf\xceAT\x17\xc6\x81\xc0m}O\xfd\xe0\x05$\xcd\xfdkMu\x9bQ\xd8z\xe0\xd6\xe2\xbe\xf4\xd5\x16\x94\xe0\xbf0\xde\xcaS/\xf7\xeb\x89bmX0\x94T\x10\x9dx@\xce:]\xb68\xa2W\xcb\x86\b\x03s\xb4q>\xe88\x19\x1a\x14Z\xf3\xd7\x92\xe4bT\xc1.\xfc\xd4\xcay)$\n\x05\xd1\xc5V\x91\xe3W\x10r\x9b~n`z\x8c\x16c\xa1d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x89\xba\xad!\xfe\xdb\xe9\x8d\xffI\x8a=\x81\xc8\x9f\x17N\x80\x06\xc7\xbe\xf2\x9b\x86Z\xc8\xf8\x16)\xef\xab\xbaD8\xecd\\\x10\x10btN\xd0g!\xcc\xbe\xcd\xb7\x16\x19\x89\xceBy|\xe0\x12\x92`Y\x06\x17\xc8mt\xc4d\xd4{\xaa/+9\x87\xf5L\xa9+4\x12Z\x15\xc8\nb}\x15\xc3^r\x03{\xb2\n\x02\xc7;\xdd\xac\xec\xde\x14#`\xcc\xaa\x0f\xdc\x8b\x9a3\n9\x11\xe8Y;@7Cl\xe7\x90\x17\xbb\x9c\xfb\xcc\xb7\'\xf4\xff\xd0\xc2+\xc6)\x15\"\xff\'L\x06\xc2\x8bC\xc7\xee\xb9\xa2B\x7f\'\nU4w\x9c\x15 \"lR\xf1\xbe\xe6', 0x0)
r1 = dup(r0)
write$binfmt_aout(r0, &(0x7f00000006c0)={{}, "", ['\x00']}, 0x120)
sendfile(r0, r1, &(0x7f0000000080), 0x20000080000001)
r2 = memfd_create(&(0x7f00000004c0)='\x01\fD\xd1\x1e\x803\x00\x00\xbf\xecs \xc5\xb55nVg\x1b\xa3\x8a\xcc\xf2!PmENs\xe5\x83rz\xc0\x03\x00\x00\x00\xd1\x8e\x81\n\xc0\xb3Ac\xfe(\x00\x13\xaeZ\x8bp\x1e\xdc\x18\xddf\xe9\xe1\t\bR) \xa9P\x02\x00\xe1-q \xb3\x80\xb9\xdfj\xed\xb9_o\xa6\x04\xf5\x9f\x04\xf1\xd5\xe3\xfa\xfd\x161\x13rCc\x84\xa6y\xb7\xbe\xf5\xcc\a\fM\xa9\xcbX\x891\xed\a\xf9\xa6\xd8\xd0\x03\x00\x00\x00\x00\x00\x00\x00\']\by\xb5\xbcI\xbf\xac*\xb4\xed\xf0^\xd35\xeb=\xc7\x82;\xb32;\xc5\xa3\xc8\xb9\xf2\xe5\xf4\x93[\x91F\x83?\xfe\xd9\x7ffvQ\xff\xc0\x8f\xe4\xb8\xa3\xbf\xceAT\x17\xc6\x81\xc0m}O\xfd\xe0\x05$\xcd\xfdkMu\x9bQ\xd8z\xe0\xd6\xe2\xbe\xf4\xd5\x16\x94\xe0\xbf0\xde\xcaS/\xf7\xeb\x89bmX0\x94T\x10\x9dx@\xce:]\xb68\xa2W\xcb\x86\b\x03s\xb4q>\xe88\x19\x1a\x14Z\xf3\xd7\x92\xe4bT\xc1.\xfc\xd4\xcay)$\n\x05\xd1\xc5V\x91\xe3W\x10r\x9b~n`z\x8c\x16c\xa1d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x89\xba\xad!\xfe\xdb\xe9\x8d\xffI\x8a=\x81\xc8\x9f\x17N\x80\x06\xc7\xbe\xf2\x9b\x86Z\xc8\xf8\x16)\xef\xab\xbaD8\xecd\\\x10\x10btN\xd0g!\xcc\xbe\xcd\xb7\x16\x19\x89\xceBy|\xe0\x12\x92`Y\x06\x17\xc8mt\xc4d\xd4{\xaa/+9\x87\xf5L\xa9+4\x12Z\x15\xc8\nb}\x15\xc3^r\x03{\xb2\n\x02\xc7;\xdd\xac\xec\xde\x14#`\xcc\xaa\x0f\xdc\x8b\x9a3\n9\x11\xe8Y;@7Cl\xe7\x90\x17\xbb\x9c\xfb\xcc\xb7\'\xf4\xff\xd0\xc2+\xc6)\x15\"\xff\'L\x06\xc2\x8bC\xc7\xee\xb9\xa2B\x7f\'\nU4w\x9c\x15 \"lR\xf1\xbe\xe6', 0x0)
r3 = dup(r2)
write$binfmt_aout(r2, &(0x7f00000006c0), 0x20)
sendfile(r2, r3, &(0x7f0000000080), 0x20000080000001)
ftruncate(r3, 0x0)

1.987541566s ago: executing program 1 (id=1207):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
recvmmsg(r1, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40, 0x0)
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x1000824, &(0x7f0000000300)=ANY=[@ANYRES32, @ANYRESHEX=r0, @ANYBLOB="b50f2cc59315a3787e57014a91085610806c92e849b9a910af2a710a33e2d6d66a733a96", @ANYBLOB='[T', @ANYRESOCT=r1, @ANYRES16=r0, @ANYRES16, @ANYRESDEC, @ANYBLOB="2ee4df9cacbce1b9a9c97e47fa783d7f85199ce2fb5276d13a31d6b7bd42cadb574b9991bf1aa7dc52cdcb8e7c281c72c092938710b0fe"], 0x1, 0x1ea, &(0x7f0000000480)="$eJzslU1rE0EYx3+zO2kSzaFnTwWL9qI2WxC/gQWvfgBDutbixpduQBMKRi+9eBC/RMFP4UHQuwcRwUs9KOih4qkikdl5ZpyQwFqphcD+ITwv87xm53nmVn4/rwO/Dna6LFJA0eKDUmjgvLK6wwVLvwsdCz5rK7dF/0LoJ6H5YPj2qWWHtztZlm7ngxJGKSizycZYRtIzaaRnJHOWpaHfPNETGsVM4wj4q36OhTHZpo76sW1p2uvZhKY+y0Z8OYHi/51ZOsK9sZ1a5kdr8kp8Oe7Cavzv3sFrfrbKP9P75/ZzzrSJxb05NSnzxkRH8sqR9ZVffRzxrRDeHex0DXNDtpjRbdifG4nCxgivApszGkagYsY+joaGyq4VPjV69y7lg+GFrV5nM91M7yTJ2uXV16dlRMePYCtLV1VQhhlq3F4CzJw2g/Ma8PHP+YgAKijN4BQo2bk+pFvOK2cDxyZEgW8Yw8Z96fPXRRfT4zrnaAAPRmoJEuy/tYyJprlpWltHEYvQ1kGdcEhEozi42L2bbeyiUM5tD+1jtPepeSERwSRK16749neFLgtdF7ondF+oe7vcm6SLCF9FWhnBAg87/f528XhZzusSr0sWfeZIsrrXULlK6lSoUKFChQoVKswJfgcAAP//kSFBFw==")
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000200)='./bus/file0\x00', 0x0)
mkdir(&(0x7f0000000240)='./file0/file0\x00', 0x0)
mount(&(0x7f0000000040)=@filename='./bus/file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x3000, 0x0)
rmdir(&(0x7f00000000c0)='./bus/file0\x00')
chdir(&(0x7f00000001c0)='./file0\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
syz_read_part_table(0x5d1, &(0x7f0000001180)="$eJzs2z9I22kYB/An1lBoB5dOndoOHY4uLR2boS1J2tJCSOtSbmihpRQzpVCIXKDQDppBMYM4uohcFv9MxgxOioJwm4iDh+Dgcocugos57nwPDu7/nR5X+Hzgx8Pv937f98kzZHyDz1pPfN/tdjMR0T3/24nuH+zub+ULD6+U7pafRWRiICK+Xh3s+3El8/PudOq19L6d3qcmL3SGDx5kW1tPD6+/WG70pPUP6bk43e4/lQE5UzO5lb6Pn6rFkVru7Waxvju0sf5kdj9fbj9uNOceZe+/SrnVVHtTfRe1GIyBeBmVqMTrqJ5S/4nWzs3jy8XWwps7R4XO6NKtlCv9yzn/av/3V8eeN+v3bsxfGr9dW1wr7507yVV+598FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/y0xupe/jp2pxpJZ7u1ms7w5trD+Z3c+X248bzblH2fuvUm411d5U30UtBmMgXkYlMvE6qr86uecf9Z9o7dw8vlxsLby5c1TojC7dSrnSKcz6p/0js/v+6tjzZv3ejflL47dri2vlvXMnucr5M/oBAAAAAAAAAAAAAAAAAAAAEBH5wsMrpbvlZxGZ+DJ644vvvvrp4n433XfPpNy1VLfT96nJC53hgwfZ1tbTw+svlhvfpu8f0nNxut3/yz5L3/xXE/F3/BAAAP//rXqXRQ==")
openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x101, 0x100}})

1.987447226s ago: executing program 3 (id=1208):
socket(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
stat(0x0, 0x0)

1.765544074s ago: executing program 3 (id=1210):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x33}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000058850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x14, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1.466954933s ago: executing program 3 (id=1211):
socketpair$unix(0x1, 0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$TUNSETDEBUG(0xffffffffffffffff, 0x8906, 0x0)
timer_create(0x3, &(0x7f00000001c0)={0x0, 0x0, 0x1, @thr={0x0, 0x0}}, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x30c)
r0 = mq_open(&(0x7f0000000680)=',--\\\x97-\x00Y\x9eo1X\xbf\x0fvV\a\xa3y\xc3<\x12im\xef*^;\xbb{\v\x005\x94v\xd0@<\x01\x00H\x01\xbco5L\xc4\xf9\xf6\xb1g\x0eVEh:\x13\x9b\xaex\x00\x00\x8d\r\xf9\xae\x97\xe3_\xb0\x990\x0f\xfd\xc7\x01\'%\x1aHu\xdb\x00\xa4\xfb\xcaM\x18w\x0e\xa1\x82\x16\xe1\xef|\xf7*\xf8\t8\xc0\xc6q\xce.\xd2\xa2\xf55\x06\x03d\xa9|q)6X=\x89-z\xf4\xa0\xc5HO\x8f\xcdU\xba\xdb\x8bP\x86\xb0(J6\x82\x85\xbe\xc6A\xab&\x04\x8f\xfd\xab8L\x99\xaf\x8e\xd6\x1d\x00\xe0{\xe8\xcc\x15\xa9\xc0\x970\x1f[\xdbqK\x96b\xd7\xb5\x93$\xd1\xc0{K\x8c5\xaa3`b2\x99{n/\xb8\xf7\x91U\xfd\xf8A :?aOgY3\xb4:U\x10\xa9\xaa\xbc\xf0\xe0\xb1\x19\xf3\xc4\xf1O\xe8R\"\xa3Q\xcc\x06\x84\xe1\x90\xcd.5\xedD\xa9\x89W&\xf7\xcb\xbf\xd9\xdaoQ\xa3|\xea\xbf\xe6A\x97\x0f\xa4*QOlI\x00U\x94\xfe/a\xcc\xe7\",\v\xec-\xdb3\a\x91\x11\xc1\x91\xc30)B\x02\xa7\x1e{\x1e\x9dSI!\xafA\xa8\xd4uj\xd6~\x1ae\x8cBjx\xc2\xfa\xf2\xc3\x1d#\xe7\xe0l5\xfa\xf8\'\x8b\xc9\xf5\xc9\x00a\x10\xb1}\x82\xbe\xfa\foZ5\xa7-\x959\x01\x8d\xb4\xebs\xa0\x89\xa9\xd7\x99\n\xbf\x94\x00\xe31\xb8\x8a\x13;\x98d\x04\xf4+\xd4\xe2U\xfa\v\x18\xcfP\xe6~\xfc\x9e\x0e\xfb\xcfB\x9f\xab{l(\x1cl\xab\xda\xf4<\xc5\xe1\xde\xc2hI{\xa3\xd1\x94\xf0\x18\xbf\x87~\xcb)TN\x95w\x06\r\xb0\xab\xb0j/\xf0\x05`&An\x06\x89\xd6a\xb1\xdfsZ\xbc\x87Q3B\xcc\t\x8c|\x03\xf2KD)\r\xfa)\x13\xf8I%\xbc\x05\x01\r\xa5t\x8c\xe4\x99\x1e3N\x86p;h,l\x92c\xff\x92J\x938\x84D8\xae3ic\xcb:u\xf3\xe1\xcd\xf2\xc3\xc9\xd8\xfc\x1ez\xf7A\xb67!\b?\xa1e\xf3L\xd6};\x86\\\b^\xeb\xe7\xa9\xf7\x88\xc8\x8b\xe5\xe4\xc5\x0f\x89\xff\n\v\x83_\x85\x02\xf7Z\xa8\xae\n:\xf8\x90D\x7f}\xcb\x14\xe9h?\x8d\x16\xa5\x8a\xc0\xa1\xb3\xa6\xbfb\xd3\xd3^\x06\x01\xcdP\xaah\xbd\x9bn<\xd8wY\x12=\x92\x8a\x10\xf1M', 0x40, 0x0, 0x0)
socket$inet6(0xa, 0xa, 0x0)
poll(0x0, 0x0, 0x64)
rt_sigreturn()
gettid()
timer_create(0x0, &(0x7f0000533fa0), 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r0, 0x5421, &(0x7f0000000180))

1.274696989s ago: executing program 4 (id=1213):
semget(0x0, 0x3, 0x390)

1.190938452s ago: executing program 4 (id=1214):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
write$binfmt_script(r2, &(0x7f0000000340), 0xffffff46)
r3 = dup3(r2, r1, 0x0)
sendmsg$netlink(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001340)={0x10}, 0x10}], 0x1}, 0x0)
close(r1)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x3938700}}, 0x0)

1.190777672s ago: executing program 3 (id=1215):
r0 = gettid()
r1 = signalfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
readv(r1, 0x0, 0x0)
close(r1)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
rt_sigreturn()
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
mlockall(0x1)
poll(0x0, 0x0, 0x200001)

1.143559563s ago: executing program 1 (id=1216):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file0\x00', 0x40, &(0x7f00000005c0), 0x1, 0x583, &(0x7f0000000bc0)="$eJzs3U9oHFUYAPBvZhNr22haUFDpoahQoXST9I9WT+lVLBR6ELzEsNmGkE02Zje1CT2k9yIWFJVeqicFPSoiHsSLR69eFM+CaFFpepDIZHf7J8mu27TZLdnfD2b73rzpfu9l9ns7M8ywAfSsg9lLGvF0RJxJIgbvaOuLeuPB2nYr1y8WbvZFIYnV1bN/JJFExI3rFwuN7ZP6v3sjYjkinoqI7/sjDqcb41YWl6bHS6XifL0+VJ2ZG6osLh2ZmhmfLE4WZ4+99PKJk8dPjBwdeWBjvfzLlXcu//jqtSuffXFgufD+eBKjMVBvu3McD1Ltb9Ifo+vWH9+OYF2UNG3ZZOfz0MjV87w/Ip6MwcjVsx7Y+VZ3RawCPSq55/zfHeYM2AkaxwHZ+W9j6eTxx++naicgWdyV+lJr6atdm4hH185N9vyV3HVmkp1v7utkR9mRli9FxHBf38bPf1L//G3d8IPoINvqu1O1HbVx/6fZ/n/r8/p26+efgca10/vUmP9WNsx/6a35L9dk/jvTZox/3/j1o6bxL0U8s2n85Fb8ZJP4aUS82Wb8q69/fbJZ2+rHEYdi8/gNSevrw0PnpkrF4drrpjG+PXTglVbj39Mk/miL8Wfr5toc/1c/fPnscov4LzzXev9vFj87Bn+3zfj7b3z6WrO2LP5Ek/G3ip+tu9Zm/BdHD/7c5qYAAAAAAAAAAMA9SNfuZUvS/K1ymubztWd4n4g9aalcqR4+V16Ynajd87Yv+tPGnVaDtXqS1Ufq9+M26kfX1Y9FxP6IeC+3e62eL5RLE90ePAAAAAAAAAAAAAAAAAAAADwk9q57/v/vXO35f6BH+Mlv6F3yH3rX3fmfdK0fQOf5/ofeJf+hdzXL/5vfdLgjQMc1/f7v72w/gM5z/A+9S/5D75L/0LvkPwAAAAAAAAAAAAAAAAAAAAAAAAAAbIszp09ny+rN6xcLWX3i/OLCdPn8kYliZTo/s1DIF8rzc/nJcnmyVMwXyjP/936lcnluOGYXLgxVi5XqUGVxaWymvDBbHZuaGZ8sjhX9oggAAAAAAAAAAAAAAAAAAABsNLC2JGk+ItK1cprm8xGPRcS+6E/OTZWKwxHxeET8lOvfldVHut1pAAAAAAAAAAAAAAAAAAAA2GEqi0vT46VScb51IW1jm51XiIjldWvu7X3G/ulcn7PObum/J8v3FT2Jbu8mhW368AMAAAAAAAAAAAAAAAAAAB11+6HfbvcEAAAAAAAAAAAAAAAAAAAAeln6W/aaRMShwecH1rc+kqzkIj4ZzMpvXz37wYXxanV+JFv/Z26tPSKqH9bXH+1C94G2NfK0kccAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAbZXFpenxUqk4v8XCrjbep8tDBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANiS/wIAAP//7YjRGA==")
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000240)=ANY=[], 0x835, 0x0)

1.025959658s ago: executing program 4 (id=1217):
openat$incfs(0xffffffffffffffff, &(0x7f0000000080)='.pending_reads\x00', 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc))
pipe2(&(0x7f0000000140)={<r1=>0xffffffffffffffff}, 0x0)
read$char_usb(r1, &(0x7f0000000840)=""/171, 0xab)
close(r1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$FUSE_NOTIFY_STORE(r2, &(0x7f00000004c0)=ANY=[], 0x2b)
dup3(r2, r1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
recvmsg(r3, &(0x7f0000000140)={&(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r4=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, 0x0}, 0x0)
close(r4)
rt_sigreturn()
clock_gettime(0x0, &(0x7f0000000000)={<r5=>0x0, <r6=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x77359400}, {r5, r6+60000000}}, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)

918.820601ms ago: executing program 2 (id=1218):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
write$binfmt_script(r2, &(0x7f0000000340), 0xffffff46)
r3 = dup3(r2, r1, 0x0)
sendmsg$netlink(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001340)={0x10}, 0x10}], 0x1}, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x3938700}}, 0x0)

750.803936ms ago: executing program 4 (id=1219):
socket(0x1, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
dup3(r0, 0xffffffffffffffff, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(0xffffffffffffffff, 0x10e, 0x3, 0x0, 0x0)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
rt_sigreturn()
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/fscaps', 0x0, 0x0)
creat(&(0x7f0000004040)='./file0\x00', 0x0)
futex(&(0x7f0000004080)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
rt_sigreturn()
syz_read_part_table(0x4019, &(0x7f0000000000)="$eJzszzEOAUEAheE3G1FwA5fQqInSUbbRSTQaV1E5hkTjIC7gBBqSJRNBu99XzUtm/mTG1+MySZlu1u02L5rOedEkJcnssUv65/3Pl2R+SjL6JTLsjvZWvTP4WNjta6lvPdurw+T8z3sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLMDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQwAAACAMH/rPNoPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALwUAAD//xe4ClM=")
r1 = eventfd(0x0)
eventfd(0x0)
write$eventfd(r1, &(0x7f0000000000)=0xffffffffffffff81, 0x8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000003080))
write$cgroup_freezer_state(r1, &(0x7f0000000080)='FREEZING\x00', 0x9)

655.520859ms ago: executing program 2 (id=1220):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{}, {0x0, 0x3938700}}, 0x0)
poll(0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r1, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838)
r2 = dup(r1)
write$P9_RGETATTR(r2, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
close(r2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
dup3(r4, r3, 0x80000)
rt_sigreturn()
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'macvlan0\x00', 0x1})
pread64(r5, 0x0, 0x0, 0x0)

620.38306ms ago: executing program 4 (id=1221):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xffffffffffffffff, 0x4031, 0xffffffffffffffff, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

280.224512ms ago: executing program 2 (id=1222):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
write$binfmt_script(r2, &(0x7f0000000340), 0xffffff46)
dup3(r2, r1, 0x0)
sendmsg$netlink(r1, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)=ANY=[], 0x10}], 0x1}, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x2, 0x0, 0x0)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r3, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef)
recvmsg(0xffffffffffffffff, &(0x7f0000001300)={&(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @local}, 0x80, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
rt_sigreturn()
ioctl$F2FS_IOC_GET_FEATURES(0xffffffffffffffff, 0x5451, 0x0)
listen(r3, 0x0)

279.416911ms ago: executing program 1 (id=1223):
io_setup(0x6, &(0x7f00000000c0)=<r0=>0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/profiling', 0x1a1081, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000001500)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000100)='9', 0x1}])

119.713287ms ago: executing program 4 (id=1224):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @broadcast}, 0x10)
rt_sigreturn()
memfd_create(&(0x7f0000000080)='}\xa4-}{\x00\xaa\x81\xde\xac\xc0\xe8\xf1v\xbd\xd2\xd4\x03[t\xe8\x92\x9d\xc2\xdep\x11y\xf7\xb0\x90\v\xb9\x9f\x12\xfc\x8c\x19\xf7v\xdb\r\xf4\xce\xdb\xf8Cw\xe6c\xd1\xe9\xe1\x8e\x1bKn\x9c{[\xbe|\x13\x97{\x12z\xea(\xb8\xc7\xca\x9a\x17)\xfcl\xe9\x87\xe7\xf5U\xc9@\xeb<s>\x02\x90\'\x8d\xccd\x05\xf7zJ\x8f+\\\x16\x9e\x10t^\xb7\x90\xa7\x8f \xc0#\xeb&s\xc6\x11\xfb\xc3\x1fp\xeb^\x82\x8a\x1d\xe3\x93\xfdt\x86-\b*c2\xe6\xd4\xc6\xf9\x172\xf7', 0x0)
r1 = socket$inet_icmp(0x2, 0x2, 0x1)
r2 = socket(0x1, 0x3, 0x0)
recvmsg$inet_nvme(r2, &(0x7f0000000000)={&(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, 0x0}, 0x0)
close(r3)
ioctl$KDGKBMETA(r1, 0x5450, 0x0)
shutdown(r0, 0x0)

588.13µs ago: executing program 2 (id=1225):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = socket(0x1, 0x5, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
recvmsg(r1, &(0x7f0000000100)={&(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, 0x0}, 0x0)
close(r2)
rt_sigreturn()
ioctl$KDGETKEYCODE(r0, 0x5450, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(0xffffffffffffffff, &(0x7f0000002340)=ANY=[], 0x28)

0s ago: executing program 1 (id=1226):
syz_read_part_table(0x4019, &(0x7f0000000000)="$eJzszzEOAUEAheE3G1FwA5fQqInSUbbRSTQaV1E5hkTjIC7gBBqSJRNBu99XzUtm/mTG1+MySZlu1u02L5rOedEkJcnssUv65/3Pl2R+SjL6JTLsjvZWvTP4WNjta6lvPdurw+T8z3sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLMDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQwAAACAMH/rPNoPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALwUAAD//xe4ClM=")
r0 = eventfd(0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
write$cgroup_freezer_state(r0, &(0x7f0000000080)='FREEZING\x00', 0x9)

kernel console output (not intermixed with test programs):

 T8469] BTRFS info (device loop0): use zlib compression, level 3
[  375.570084][ T8469] BTRFS info (device loop0): using free space tree
[  375.607951][ T8469] BTRFS info (device loop0): has skinny extents
[  375.611540][   T26] audit: type=1804 audit(1719722107.649:69): pid=8448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.786" name="/root/syzkaller.hOlofP/159/bus/bus" dev="loop1" ino=10 res=1 errno=0
[  375.653416][ T3503] attempt to access beyond end of device
[  375.653416][ T3503] loop1: rw=2049, want=45112, limit=40427
[  375.808188][ T8501] loop2: detected capacity change from 0 to 512
[  375.889982][ T8469] BTRFS info (device loop0): enabling ssd optimizations
[  375.913562][ T8501] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  375.925195][ T8501] ext4 filesystem being mounted at /root/syzkaller.tGrW1V/158/bus supports timestamps until 2038 (0x7fffffff)
[  375.960100][ T3750] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  376.002067][ T3750] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  376.054316][ T3750] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  376.142382][ T3750] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  376.887795][    T7] usb 4-1: USB disconnect, device number 32
[  377.179245][ T8512] loop1: detected capacity change from 0 to 2048
[  377.207247][ T8514] loop2: detected capacity change from 0 to 1024
[  377.290162][ T8518] loop4: detected capacity change from 0 to 2048
[  377.339960][ T8512] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  378.228490][ T8518] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  378.240962][ T8512] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  378.286410][ T8518] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  378.463739][ T1375] ieee802154 phy0 wpan0: encryption failed: -22
[  378.470100][ T1375] ieee802154 phy1 wpan1: encryption failed: -22
[  378.741532][    T7] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  378.783065][ T3838] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  379.059607][ T8529] loop3: detected capacity change from 0 to 32768
[  379.127765][ T8529] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.798 (8529)
[  379.130540][ T8536] loop0: detected capacity change from 0 to 32768
[  379.167065][ T8529] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  379.178557][ T8529] BTRFS info (device loop3): use zlib compression, level 3
[  379.186295][ T8529] BTRFS info (device loop3): using free space tree
[  379.193903][ T8529] BTRFS info (device loop3): has skinny extents
[  379.219178][ T8536] BTRFS warning: duplicate device /dev/loop0 devid 1 generation 8 scanned by syz.0.800 (8536)
[  379.241118][ T6536] BTRFS warning: duplicate device /dev/loop0 devid 1 generation 8 scanned by udevd (6536)
[  379.321950][    T7] usb 2-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice= 2.f0
[  379.332106][    T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.340126][    T7] usb 2-1: Product: syz
[  379.358654][    T7] usb 2-1: Manufacturer: syz
[  379.364116][    T7] usb 2-1: SerialNumber: syz
[  379.372282][    T7] usb 2-1: config 0 descriptor??
[  379.390018][ T8529] BTRFS info (device loop3): enabling ssd optimizations
[  379.401811][ T3838] usb 5-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice= 2.f0
[  379.421464][ T3838] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.433902][    T7] cdc_ether 2-1:0.0: invalid descriptor buffer length
[  379.440705][    T7] usb 2-1: bad CDC descriptors
[  379.445837][ T3838] usb 5-1: Product: syz
[  379.450022][ T3838] usb 5-1: Manufacturer: syz
[  380.072978][ T8538] loop2: detected capacity change from 0 to 40427
[  380.273255][    T7] pcwd_usb: This driver only supports 1 device
[  380.282399][ T3838] usb 5-1: SerialNumber: syz
[  380.290484][ T3838] usb 5-1: config 0 descriptor??
[  380.297795][    T7] usb 2-1: USB disconnect, device number 31
[  380.322674][ T3838] usb 5-1: can't set config #0, error -71
[  380.334297][ T3838] usb 5-1: USB disconnect, device number 41
[  380.451857][ T8538] F2FS-fs (loop2): invalid crc value
[  380.523321][ T8538] F2FS-fs (loop2): Found nat_bits in checkpoint
[  380.539283][ T8574] loop4: detected capacity change from 0 to 512
[  380.641711][ T8581] loop1: detected capacity change from 0 to 256
[  380.645184][ T8574] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  380.659196][ T8574] ext4 filesystem being mounted at /root/syzkaller.AmZFOV/91/bus supports timestamps until 2038 (0x7fffffff)
[  380.713148][ T8538] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[  380.748850][ T8575] loop0: detected capacity change from 0 to 256
[  380.834793][ T8575] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x38db593b, utbl_chksum : 0xe619d30d)
[  380.857192][ T8581] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xc14df490, utbl_chksum : 0xe619d30d)
[  380.869825][ T8538] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  381.288571][ T8586] attempt to access beyond end of device
[  381.288571][ T8586] loop2: rw=2049, want=77832, limit=40427
[  381.581733][ T3502] attempt to access beyond end of device
[  381.581733][ T3502] loop2: rw=2049, want=45112, limit=40427
[  381.808126][ T8593] loop4: detected capacity change from 0 to 1024
[  382.736069][ T3592] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.850044][ T3592] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.964383][ T3592] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.981354][    T7] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  383.079688][ T3592] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.233301][ T8598] loop0: detected capacity change from 0 to 32768
[  383.276235][ T3756] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  383.314869][ T8598] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.812 (8598)
[  383.367095][    T7] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  383.388306][    T7] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  383.408760][    T7] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  383.431480][    T7] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  383.449102][    T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.497210][    T7] usb 4-1: config 0 descriptor??
[  383.520315][ T8598] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  383.547421][ T8598] BTRFS info (device loop0): use zlib compression, level 3
[  383.560454][ T8598] BTRFS info (device loop0): using free space tree
[  383.575403][ T8598] BTRFS info (device loop0): has skinny extents
[  383.652919][ T3756] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  383.685927][ T3756] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  383.728366][ T3756] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  383.751495][ T3756] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  383.766228][ T3756] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.791464][ T3756] usb 3-1: config 0 descriptor??
[  383.899016][ T8598] BTRFS info (device loop0): enabling ssd optimizations
[  383.910877][ T8605] chnl_net:caif_netlink_parms(): no params data found
[  384.006005][    T7] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  384.037357][    T7] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  384.071918][    T7] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  384.135726][    T7] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  384.278921][ T8644] loop4: detected capacity change from 0 to 2048
[  384.298457][ T3756] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  384.319474][ T3756] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  384.327626][ T3835] usb 4-1: USB disconnect, device number 33
[  384.334726][ T3756] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  384.379262][ T3756] plantronics 0003:047F:FFFF.0005: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  384.412798][ T8644] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  384.456097][ T8644] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  384.760609][ T8605] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.781924][ T3547] usb 3-1: USB disconnect, device number 38
[  384.802129][ T8605] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.810598][ T8605] device bridge_slave_0 entered promiscuous mode
[  384.829780][ T8650] loop0: detected capacity change from 0 to 2048
[  384.906555][ T8650] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  384.918305][ T8605] bridge0: port 2(bridge_slave_1) entered blocking state
[  384.953577][ T8605] bridge0: port 2(bridge_slave_1) entered disabled state
[  384.964031][ T8650] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  384.973145][ T3748] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  384.991684][ T8605] device bridge_slave_1 entered promiscuous mode
[  385.165042][ T8605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  385.203413][ T8605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  385.267806][ T8605] team0: Port device team_slave_0 added
[  385.281126][ T3595] Bluetooth: hci3: command 0x0409 tx timeout
[  385.294472][ T8605] team0: Port device team_slave_1 added
[  385.382172][ T8605] batman_adv: batadv0: Adding interface: batadv_slave_0
[  385.398511][ T3547] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  385.401728][ T8605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  385.471677][ T8605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  385.519044][ T3748] usb 5-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice= 2.f0
[  385.529589][ T8605] batman_adv: batadv0: Adding interface: batadv_slave_1
[  385.545402][ T3748] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  385.557923][ T8605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  385.604674][ T3748] usb 5-1: Product: syz
[  385.616511][ T3748] usb 5-1: Manufacturer: syz
[  385.621149][ T3748] usb 5-1: SerialNumber: syz
[  385.639132][ T3748] usb 5-1: config 0 descriptor??
[  385.648525][ T8605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  385.692356][ T3748] cdc_ether 5-1:0.0: invalid descriptor buffer length
[  385.699170][ T3748] usb 5-1: bad CDC descriptors
[  385.719366][ T3748] pcwd_usb: This driver only supports 1 device
[  385.875855][ T8605] device hsr_slave_0 entered promiscuous mode
[  385.899825][ T8657] loop3: detected capacity change from 0 to 32768
[  385.914177][ T8605] device hsr_slave_1 entered promiscuous mode
[  385.923979][ T3748] usb 5-1: USB disconnect, device number 42
[  385.948160][ T8605] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  385.961645][ T3547] usb 1-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice= 2.f0
[  385.980985][ T3547] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  385.989358][ T8657] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.818 (8657)
[  385.990101][ T8605] Cannot create hsr debugfs directory
[  386.018743][ T3547] usb 1-1: Product: syz
[  386.024951][ T3547] usb 1-1: Manufacturer: syz
[  386.029661][ T3547] usb 1-1: SerialNumber: syz
[  386.044122][ T3547] usb 1-1: config 0 descriptor??
[  386.079472][ T8657] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  386.088753][ T8657] BTRFS info (device loop3): use zlib compression, level 3
[  386.098676][ T3547] cdc_ether 1-1:0.0: invalid descriptor buffer length
[  386.112304][ T3547] usb 1-1: bad CDC descriptors
[  386.119165][ T3547] pcwd_usb: This driver only supports 1 device
[  386.136721][ T8657] BTRFS info (device loop3): using free space tree
[  386.148944][ T8657] BTRFS info (device loop3): has skinny extents
[  386.265397][ T3592] device hsr_slave_0 left promiscuous mode
[  386.276027][ T8673] loop2: detected capacity change from 0 to 32768
[  386.292235][ T3592] device hsr_slave_1 left promiscuous mode
[  386.350036][ T8657] BTRFS info (device loop3): enabling ssd optimizations
[  386.364616][ T8673] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by syz.2.819 (8673)
[  386.423357][ T3592] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  386.446939][ T3521] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by udevd (3521)
[  386.474387][ T3748] usb 1-1: USB disconnect, device number 29
[  386.481525][ T3592] batman_adv: batadv0: Removing interface: batadv_slave_0
[  386.549751][ T3592] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  386.587225][ T3592] batman_adv: batadv0: Removing interface: batadv_slave_1
[  386.625984][ T3592] bridge0: port 3(bond0) entered disabled state
[  386.660098][ T3592] device bridge_slave_1 left promiscuous mode
[  386.711443][ T3592] bridge0: port 2(bridge_slave_1) entered disabled state
[  386.736668][ T3592] device bridge_slave_0 left promiscuous mode
[  386.764661][ T3592] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.941640][ T3592] device veth1_macvtap left promiscuous mode
[  386.951778][ T3592] device veth0_macvtap left promiscuous mode
[  386.957885][ T3592] device veth1_vlan left promiscuous mode
[  387.009820][ T3592] device veth0_vlan left promiscuous mode
[  387.331397][ T3748] Bluetooth: hci3: command 0x041b tx timeout
[  387.424041][ T8716] loop0: detected capacity change from 0 to 512
[  387.571896][ T8716] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  387.583075][ T8716] ext4 filesystem being mounted at /root/syzkaller.HtlLNS/179/bus supports timestamps until 2038 (0x7fffffff)
[  388.665354][ T8711] loop4: detected capacity change from 0 to 40427
[  388.794912][ T3592] team0 (unregistering): Port device team_slave_1 removed
[  388.806442][ T8711] F2FS-fs (loop4): invalid crc value
[  388.818456][ T3592] team0 (unregistering): Port device team_slave_0 removed
[  388.869055][ T3592] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  388.908676][ T8711] F2FS-fs (loop4): Found nat_bits in checkpoint
[  388.915467][ T3592] device bond_slave_1 left promiscuous mode
[  388.927834][ T8730] loop0: detected capacity change from 0 to 1024
[  388.945781][ T8714] loop2: detected capacity change from 0 to 40427
[  388.960004][ T3592] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  388.976716][ T3592] device bond_slave_0 left promiscuous mode
[  388.993756][ T8711] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0
[  389.026658][ T8711] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  389.044160][ T8714] F2FS-fs (loop2): invalid crc value
[  389.074866][ T8711] attempt to access beyond end of device
[  389.074866][ T8711] loop4: rw=2049, want=77832, limit=40427
[  389.100755][ T8714] F2FS-fs (loop2): Found nat_bits in checkpoint
[  389.140182][ T5879] attempt to access beyond end of device
[  389.140182][ T5879] loop4: rw=2049, want=45112, limit=40427
[  389.268695][ T8714] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[  389.286128][ T8714] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  389.778745][ T8714] attempt to access beyond end of device
[  389.778745][ T8714] loop2: rw=2049, want=77832, limit=40427
[  389.908745][ T3592] bond0 (unregistering): Released all slaves
[  389.980920][ T3502] attempt to access beyond end of device
[  389.980920][ T3502] loop2: rw=2049, want=45112, limit=40427
[  390.018516][ T3548] Bluetooth: hci3: command 0x040f tx timeout
[  390.561424][ T3748] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  390.921869][ T3748] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  390.941342][ T8605] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  390.957264][ T3748] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  390.962266][ T8605] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  390.978769][ T3748] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  391.007400][ T8605] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  391.024996][ T3748] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  391.034450][ T3756] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  391.049203][ T8605] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  391.079635][ T3748] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.113159][ T3748] usb 1-1: config 0 descriptor??
[  391.248475][ T8764] loop3: detected capacity change from 0 to 2048
[  391.313813][ T8605] 8021q: adding VLAN 0 to HW filter on device bond0
[  391.344038][ T8749] loop4: detected capacity change from 0 to 32768
[  391.367338][ T3754] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  391.382868][ T8764] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  391.400071][ T3754] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  391.408949][ T3756] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  391.428893][ T8749] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.825 (8749)
[  391.429367][ T3756] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  391.450257][ T8764] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  391.459141][ T3756] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  391.482212][ T8605] 8021q: adding VLAN 0 to HW filter on device team0
[  391.507123][ T3756] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  391.558249][ T3756] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.586099][ T8605] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  391.599286][ T3748] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  391.622608][ T3756] usb 3-1: config 0 descriptor??
[  391.631170][ T3748] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  391.656694][ T3748] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  391.664811][ T8605] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  391.703677][ T3748] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  391.768886][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  391.783997][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  391.794082][ T3748] bridge0: port 1(bridge_slave_0) entered blocking state
[  391.802058][ T3748] bridge0: port 1(bridge_slave_0) entered forwarding state
[  391.802305][ T8749] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  391.810037][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  391.847795][ T8749] BTRFS info (device loop4): use zlib compression, level 3
[  391.862153][ T8749] BTRFS info (device loop4): using free space tree
[  391.862506][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  391.883743][ T8749] BTRFS info (device loop4): has skinny extents
[  391.921980][ T3748] bridge0: port 2(bridge_slave_1) entered blocking state
[  391.929302][ T3748] bridge0: port 2(bridge_slave_1) entered forwarding state
[  391.977223][ T3548] usb 1-1: USB disconnect, device number 30
[  391.981919][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  392.012552][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  392.023325][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  392.036769][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  392.049983][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  392.059272][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  392.065217][ T3838] Bluetooth: hci3: command 0x0419 tx timeout
[  392.068876][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  392.082313][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  392.091449][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  392.100163][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  392.109704][ T3754] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  392.117992][ T3754] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  392.126322][ T3754] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  392.151408][ T8749] BTRFS info (device loop4): enabling ssd optimizations
[  392.294734][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  392.307896][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  392.340036][ T8605] 8021q: adding VLAN 0 to HW filter on device batadv0
[  392.361603][ T3756] usbhid 3-1:0.0: can't add hid device: -71
[  392.367634][ T3756] usbhid: probe of 3-1:0.0 failed with error -71
[  392.374689][ T3748] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  392.399764][ T3756] usb 3-1: USB disconnect, device number 39
[  392.422425][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  392.449141][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  392.505675][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  392.540576][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  392.581056][ T8605] device veth0_vlan entered promiscuous mode
[  392.594278][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  392.602511][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  392.617613][ T8605] device veth1_vlan entered promiscuous mode
[  392.665264][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  392.675750][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  392.706248][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  392.736619][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  392.780190][ T8605] device veth0_macvtap entered promiscuous mode
[  392.838700][ T8605] device veth1_macvtap entered promiscuous mode
[  392.911616][ T3748] usb 4-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice= 2.f0
[  392.920788][ T3748] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.930929][ T8605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  392.966283][ T3748] usb 4-1: Product: syz
[  392.970495][ T3748] usb 4-1: Manufacturer: syz
[  392.975201][ T8605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.982253][ T8810] loop2: detected capacity change from 0 to 512
[  393.005830][ T3748] usb 4-1: SerialNumber: syz
[  393.011686][ T8605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  393.038291][ T3748] usb 4-1: config 0 descriptor??
[  393.050376][ T8605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.083332][ T3748] cdc_ether 4-1:0.0: invalid descriptor buffer length
[  393.091044][ T8605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  393.108517][ T3748] usb 4-1: bad CDC descriptors
[  393.115369][ T3748] pcwd_usb: This driver only supports 1 device
[  393.147338][ T8605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.180508][ T8605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  393.219992][ T8605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.243011][ T8605] batman_adv: batadv0: Interface activated: batadv_slave_0
[  393.277384][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  393.307855][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  393.327905][ T3548] usb 4-1: USB disconnect, device number 34
[  393.332700][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  393.392039][ T3748] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  393.431868][ T8810] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  393.443064][ T8810] ext4 filesystem being mounted at /root/syzkaller.tGrW1V/165/bus supports timestamps until 2038 (0x7fffffff)
[  393.645488][ T8605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  393.691475][ T8605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.991325][ T8605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.031519][ T8605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.071416][ T8605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.118202][ T8605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.158754][ T8605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.219114][ T8605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.239478][ T8806] loop0: detected capacity change from 0 to 32768
[  394.247643][ T8605] batman_adv: batadv0: Interface activated: batadv_slave_1
[  394.282179][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  394.291075][ T3750] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  394.351990][ T8605] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  394.359390][ T8806] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.832 (8806)
[  394.372937][ T8605] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  394.391377][ T8605] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  394.446412][ T8605] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  394.453076][ T8806] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  394.473947][ T8818] loop4: detected capacity change from 0 to 32768
[  394.489877][ T8806] BTRFS info (device loop0): use zlib compression, level 3
[  394.521063][ T8806] BTRFS info (device loop0): using free space tree
[  394.589642][ T8818] BTRFS warning: duplicate device /dev/loop4 devid 1 generation 8 scanned by syz.4.831 (8818)
[  394.606548][ T8806] BTRFS info (device loop0): has skinny extents
[  394.630790][ T3521] BTRFS warning: duplicate device /dev/loop4 devid 1 generation 8 scanned by udevd (3521)
[  394.749506][ T8845] loop3: detected capacity change from 0 to 2048
[  394.761223][ T3692] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  394.772542][ T3692] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  394.858658][ T5591] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  394.869805][ T8845] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  394.889823][ T8845] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  394.950072][ T3670] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  394.967696][ T5591] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  395.068400][ T3670] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  395.171903][ T8806] BTRFS info (device loop0): enabling ssd optimizations
[  396.151904][ T3670] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  396.240619][ T8880] loop4: detected capacity change from 0 to 1024
[  397.422539][ T3670] usb 4-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice= 2.f0
[  397.437048][ T3670] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.448332][ T3670] usb 4-1: Product: syz
[  397.457141][ T3670] usb 4-1: Manufacturer: syz
[  397.465293][ T3670] usb 4-1: SerialNumber: syz
[  397.480228][ T3670] usb 4-1: config 0 descriptor??
[  397.527032][ T3670] cdc_ether 4-1:0.0: invalid descriptor buffer length
[  397.544525][ T3670] usb 4-1: bad CDC descriptors
[  397.551062][ T3670] pcwd_usb: This driver only supports 1 device
[  397.655119][ T8841] loop2: detected capacity change from 0 to 40427
[  397.700605][ T1066] usb 4-1: USB disconnect, device number 35
[  398.291862][ T1066] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  398.368693][ T8912] loop0: detected capacity change from 0 to 16
[  398.592730][ T8912] loop0: detected capacity change from 0 to 512
[  398.651501][ T1066] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  398.682286][ T1066] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  398.715788][ T8903] loop3: detected capacity change from 0 to 32768
[  398.725063][ T1066] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  398.748515][ T1066] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  398.768740][ T1066] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  398.790914][ T1066] usb 2-1: config 0 descriptor??
[  398.799323][ T8903] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.840 (8903)
[  398.867354][ T8903] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  398.891361][ T8903] BTRFS info (device loop3): use zlib compression, level 3
[  398.935321][ T8927] loop0: detected capacity change from 0 to 512
[  398.949938][ T8903] BTRFS info (device loop3): using free space tree
[  398.967226][ T8903] BTRFS info (device loop3): has skinny extents
[  399.084819][ T8920] loop2: detected capacity change from 0 to 40427
[  399.110191][ T8927] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  399.122592][ T8927] ext4 filesystem being mounted at /root/syzkaller.HtlLNS/186/bus supports timestamps until 2038 (0x7fffffff)
[  399.164060][ T8920] F2FS-fs (loop2): invalid crc value
[  399.205155][ T8945] loop4: detected capacity change from 0 to 2048
[  399.293936][ T8920] F2FS-fs (loop2): Found nat_bits in checkpoint
[  399.350566][ T8945] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  399.362129][ T8903] BTRFS info (device loop3): enabling ssd optimizations
[  399.412405][ T8945] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  399.813614][ T8920] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[  399.900869][ T8920] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  400.071547][ T1066] usbhid 2-1:0.0: can't add hid device: -71
[  400.077617][ T1066] usbhid: probe of 2-1:0.0 failed with error -71
[  400.090712][ T8920] attempt to access beyond end of device
[  400.090712][ T8920] loop2: rw=2049, want=77832, limit=40427
[  400.114875][ T1066] usb 2-1: USB disconnect, device number 32
[  400.350017][ T3502] attempt to access beyond end of device
[  400.350017][ T3502] loop2: rw=2049, want=45112, limit=40427
[  400.501635][ T4094] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  400.873737][ T8962] loop1: detected capacity change from 0 to 32768
[  400.950991][ T8962] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.848 (8962)
[  401.020073][ T8962] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  401.067934][ T8962] BTRFS info (device loop1): use zlib compression, level 3
[  401.088207][ T8962] BTRFS info (device loop1): using free space tree
[  401.095791][ T8962] BTRFS info (device loop1): has skinny extents
[  401.174752][ T8964] loop3: detected capacity change from 0 to 32768
[  401.387504][ T8964] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 scanned by syz.3.846 (8964)
[  401.913873][ T8966] loop0: detected capacity change from 0 to 32768
[  401.943218][ T4094] usb 5-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice= 2.f0
[  401.986317][ T4094] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  401.994415][ T4094] usb 5-1: Product: syz
[  401.999172][ T4094] usb 5-1: Manufacturer: syz
[  402.011331][ T4094] usb 5-1: SerialNumber: syz
[  402.022824][ T4094] usb 5-1: config 0 descriptor??
[  402.031558][ T6536] BTRFS warning: duplicate device /dev/loop0 devid 1 generation 8 scanned by udevd (6536)
[  402.071888][ T8966] BTRFS warning: duplicate device /dev/loop0 devid 1 generation 8 scanned by syz.0.847 (8966)
[  402.078123][ T8964] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  402.095695][ T8964] BTRFS info (device loop3): using free space tree
[  402.104172][ T8964] BTRFS info (device loop3): has skinny extents
[  402.111902][ T4094] usb 5-1: can't set config #0, error -71
[  402.141898][ T8989] loop2: detected capacity change from 0 to 8192
[  402.147685][ T4094] usb 5-1: USB disconnect, device number 43
[  402.166671][ T8962] BTRFS info (device loop1): enabling ssd optimizations
[  402.272301][ T8989] REISERFS warning (device loop2): super-6502 reiserfs_getopt: unknown mount option "euid=00000000000000000000"
[  402.391079][ T8964] BTRFS info (device loop3): enabling ssd optimizations
[  403.040458][ T9024] loop0: detected capacity change from 0 to 2048
[  403.236499][ T9024] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  403.277567][ T9024] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  403.300872][ T9030] loop2: detected capacity change from 0 to 1024
[  403.689918][ T9014] loop4: detected capacity change from 0 to 40427
[  403.965210][ T9014] F2FS-fs (loop4): invalid crc value
[  404.173466][ T9014] F2FS-fs (loop4): Found nat_bits in checkpoint
[  404.362661][ T9014] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0
[  404.389492][ T9014] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  404.430231][ T9014] attempt to access beyond end of device
[  404.430231][ T9014] loop4: rw=2049, want=77832, limit=40427
[  404.491494][ T5879] attempt to access beyond end of device
[  404.491494][ T5879] loop4: rw=2049, want=45112, limit=40427
[  404.539647][ T9046] loop1: detected capacity change from 0 to 512
[  404.551531][ T3563] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  404.591089][ T9046] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  404.602574][ T9046] ext4 filesystem being mounted at /root/syzkaller.XIAsj3/6/bus supports timestamps until 2038 (0x7fffffff)
[  404.871521][ T1066] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  405.242125][ T1066] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  405.343620][ T1066] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  405.437659][ T1066] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  405.501523][ T1066] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  405.539418][ T1066] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.577754][ T1066] usb 4-1: config 0 descriptor??
[  405.649150][ T9048] loop2: detected capacity change from 0 to 32768
[  405.701436][ T9048] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.856 (9048)
[  406.291874][ T3563] usb 1-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice= 2.f0
[  406.345065][ T3563] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.440632][ T3563] usb 1-1: Product: syz
[  406.491807][ T3563] usb 1-1: Manufacturer: syz
[  406.570955][ T3563] usb 1-1: config 0 descriptor??
[  406.597999][ T9048] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  406.651510][ T3563] usb 1-1: can't set config #0, error -71
[  406.667696][ T9048] BTRFS info (device loop2): use zlib compression, level 3
[  406.691325][ T9048] BTRFS info (device loop2): using free space tree
[  406.692627][ T3563] usb 1-1: USB disconnect, device number 31
[  406.697897][ T9048] BTRFS info (device loop2): has skinny extents
[  406.754982][ T9064] loop1: detected capacity change from 0 to 2048
[  406.829728][ T9048] BTRFS info (device loop2): enabling ssd optimizations
[  406.891447][ T1066] usbhid 4-1:0.0: can't add hid device: -71
[  406.897470][ T1066] usbhid: probe of 4-1:0.0 failed with error -71
[  406.898588][ T9064] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  406.916688][ T1066] usb 4-1: USB disconnect, device number 36
[  407.043263][ T9064] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  407.063023][ T9055] loop4: detected capacity change from 0 to 40427
[  407.131799][ T9055] F2FS-fs (loop4): invalid crc value
[  407.180472][ T9055] F2FS-fs (loop4): Found nat_bits in checkpoint
[  407.328186][ T9055] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0
[  407.356355][ T9055] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  407.461594][ T1066] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  407.527346][ T9055] attempt to access beyond end of device
[  407.527346][ T9055] loop4: rw=2049, want=77832, limit=40427
[  407.661247][ T5879] attempt to access beyond end of device
[  407.661247][ T5879] loop4: rw=2049, want=45112, limit=40427
[  407.959680][ T9083] loop0: detected capacity change from 0 to 32768
[  407.991638][ T1066] usb 2-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice= 2.f0
[  408.011400][ T1066] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.019529][ T1066] usb 2-1: Product: syz
[  408.046556][ T9083] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.862 (9083)
[  408.061528][ T1066] usb 2-1: Manufacturer: syz
[  408.066187][ T1066] usb 2-1: SerialNumber: syz
[  408.082873][ T1066] usb 2-1: config 0 descriptor??
[  408.130868][ T9083] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  408.148454][ T1066] cdc_ether 2-1:0.0: invalid descriptor buffer length
[  408.161606][ T1066] usb 2-1: bad CDC descriptors
[  408.168030][ T9083] BTRFS info (device loop0): use zlib compression, level 3
[  408.181632][ T1066] pcwd_usb: This driver only supports 1 device
[  408.201182][ T9093] loop2: detected capacity change from 0 to 32768
[  408.209253][ T9083] BTRFS info (device loop0): using free space tree
[  408.217614][ T9083] BTRFS info (device loop0): has skinny extents
[  408.286312][ T9093] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 scanned by syz.2.863 (9093)
[  408.372129][ T9091] loop3: detected capacity change from 0 to 32768
[  408.399154][ T3984] usb 2-1: USB disconnect, device number 33
[  408.414359][ T9091] BTRFS warning: duplicate device /dev/loop3 devid 1 generation 8 scanned by syz.3.864 (9091)
[  408.421607][ T9093] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  408.458964][ T9093] BTRFS info (device loop2): using free space tree
[  408.485913][ T9093] BTRFS info (device loop2): has skinny extents
[  408.508786][ T9083] BTRFS info (device loop0): enabling ssd optimizations
[  408.667258][ T9093] BTRFS info (device loop2): enabling ssd optimizations
[  408.903275][ T9142] loop4: detected capacity change from 0 to 1024
[  409.921556][ T9150] loop3: detected capacity change from 0 to 512
[  410.043459][ T9146] loop2: detected capacity change from 0 to 1024
[  411.066299][ T9150] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  411.259315][ T9150] ext4 filesystem being mounted at /root/syzkaller.RBMX2S/36/bus supports timestamps until 2038 (0x7fffffff)
[  411.651457][ T4096] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  412.071592][ T4096] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  412.086726][ T9177] loop2: detected capacity change from 0 to 4096
[  412.101319][ T4096] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  412.141315][ T4096] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  412.165445][ T9177] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  412.174785][ T4096] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  412.231316][ T4096] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  412.264450][ T4096] usb 5-1: config 0 descriptor??
[  412.279472][ T9177] ntfs: (device loop2): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  412.321184][ T9177] ntfs: (device loop2): ntfs_read_locked_inode(): $DATA attribute is missing.
[  412.347223][ T9166] loop1: detected capacity change from 0 to 32768
[  412.360606][ T9177] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  412.411500][ T9177] ntfs: (device loop2): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  412.420594][ T9166] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.873 (9166)
[  412.479084][ T9166] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  412.496295][ T9177] ntfs: volume version 3.1.
[  412.501329][ T9166] BTRFS info (device loop1): use zlib compression, level 3
[  412.508567][ T9166] BTRFS info (device loop1): using free space tree
[  412.545319][ T9166] BTRFS info (device loop1): has skinny extents
[  412.676327][ T9174] loop0: detected capacity change from 0 to 40427
[  412.772192][ T9166] BTRFS info (device loop1): enabling ssd optimizations
[  412.792235][ T9174] F2FS-fs (loop0): invalid crc value
[  412.937195][ T9174] F2FS-fs (loop0): Found nat_bits in checkpoint
[  413.001595][ T4096] usbhid 5-1:0.0: can't add hid device: -71
[  413.007837][ T4096] usbhid: probe of 5-1:0.0 failed with error -71
[  413.075322][ T4096] usb 5-1: USB disconnect, device number 44
[  413.094135][ T9174] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0
[  413.121866][ T9174] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  413.183204][ T9174] attempt to access beyond end of device
[  413.183204][ T9174] loop0: rw=2049, want=77832, limit=40427
[  413.375253][ T3501] attempt to access beyond end of device
[  413.375253][ T3501] loop0: rw=2049, want=45112, limit=40427
[  413.664705][ T9207] loop3: detected capacity change from 0 to 2048
[  413.783182][ T9207] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  413.833914][ T9207] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  414.761491][ T3753] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  415.695852][ T9203] loop4: detected capacity change from 0 to 32768
[  415.751974][ T9226] loop2: detected capacity change from 0 to 1024
[  415.821510][ T3595] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  416.063025][ T9203] loop4: detected capacity change from 0 to 256
[  416.071341][ T3595] usb 1-1: Using ep0 maxpacket: 16
[  416.085389][ T9217] loop1: detected capacity change from 0 to 32768
[  416.123972][ T9203] exfat: Bad value for 'uid'
[  416.129562][ T9217] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.882 (9217)
[  416.202934][ T3753] usb 4-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice= 2.f0
[  416.255957][ T3753] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  416.372749][ T3753] usb 4-1: Product: syz
[  416.394039][ T9203] openvswitch: netlink: Message has 171 unknown bytes.
[  416.432869][ T3753] usb 4-1: Manufacturer: syz
[  416.504399][ T3753] usb 4-1: SerialNumber: syz
[  416.823521][ T3753] usb 4-1: config 0 descriptor??
[  416.841549][ T9217] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  416.851916][ T3753] usb 4-1: can't set config #0, error -71
[  416.869007][ T9217] BTRFS info (device loop1): use zlib compression, level 3
[  416.888916][ T3753] usb 4-1: USB disconnect, device number 37
[  416.917030][ T9217] BTRFS info (device loop1): using free space tree
[  416.992750][ T3595] usb 1-1: config 1 interface 0 altsetting 254 bulk endpoint 0x1 has invalid maxpacket 1023
[  417.005849][ T9217] BTRFS info (device loop1): has skinny extents
[  417.014817][ T3595] usb 1-1: config 1 interface 0 altsetting 254 bulk endpoint 0x82 has invalid maxpacket 64
[  417.044979][ T9231] loop4: detected capacity change from 0 to 1024
[  417.047488][ T3595] usb 1-1: config 1 interface 0 altsetting 254 has 2 endpoint descriptors, different from the interface descriptor's value: 4
[  417.126212][ T3595] usb 1-1: config 1 interface 0 has no altsetting 0
[  417.171553][ T9241] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  417.331667][ T3595] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  417.394426][ T3595] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  417.440075][ T9217] BTRFS info (device loop1): enabling ssd optimizations
[  418.117986][ T3595] usb 1-1: Product: syz
[  418.122530][ T3595] usb 1-1: Manufacturer: syz
[  418.127360][ T3595] usb 1-1: SerialNumber: syz
[  418.151959][ T3595] usb 1-1: can't set config #1, error -71
[  418.171588][ T3595] usb 1-1: USB disconnect, device number 32
[  418.540391][ T9265] loop1: detected capacity change from 0 to 512
[  418.566499][ T9244] loop3: detected capacity change from 0 to 32768
[  418.596307][ T3595] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  418.627159][ T9244] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.887 (9244)
[  418.679956][ T9244] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  418.710536][ T9244] BTRFS info (device loop3): use zlib compression, level 3
[  418.721125][ T9265] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  418.730811][ T9244] BTRFS info (device loop3): using free space tree
[  418.732796][ T9265] ext4 filesystem being mounted at /root/syzkaller.XIAsj3/14/bus supports timestamps until 2038 (0x7fffffff)
[  418.761554][ T9244] BTRFS info (device loop3): has skinny extents
[  419.538959][ T9244] BTRFS info (device loop3): enabling ssd optimizations
[  419.637006][ T9253] loop2: detected capacity change from 0 to 40427
[  419.658231][ T3595] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  419.690469][ T3595] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  419.731192][ T3595] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  419.759909][ T9263] loop4: detected capacity change from 0 to 32768
[  419.799689][ T9253] F2FS-fs (loop2): invalid crc value
[  419.805105][ T3595] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  419.821236][ T3595] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  419.878251][ T9263] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 scanned by syz.4.891 (9263)
[  419.901174][ T9253] F2FS-fs (loop2): Found nat_bits in checkpoint
[  419.969835][ T9253] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[  419.989164][ T9253] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  420.000495][ T3595] usb 1-1: config 0 descriptor??
[  420.036783][ T9263] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  420.062779][ T9253] attempt to access beyond end of device
[  420.062779][ T9253] loop2: rw=2049, want=77832, limit=40427
[  420.092022][ T9263] BTRFS info (device loop4): using free space tree
[  420.098745][ T9263] BTRFS info (device loop4): has skinny extents
[  421.057081][ T3502] attempt to access beyond end of device
[  421.057081][ T3502] loop2: rw=2049, want=45112, limit=40427
[  421.081727][ T3595] usbhid 1-1:0.0: can't add hid device: -71
[  421.093404][ T3595] usbhid: probe of 1-1:0.0 failed with error -71
[  421.128287][ T9263] BTRFS info (device loop4): enabling ssd optimizations
[  421.157877][ T3595] usb 1-1: USB disconnect, device number 33
[  421.356161][ T9320] loop3: detected capacity change from 0 to 2048
[  421.455180][ T9320] GPT:first_usable_lbas don't match.
[  421.460525][ T9320] GPT:34 != 290
[  421.480193][ T9320] GPT: Use GNU Parted to correct GPT errors.
[  421.486760][ T9320]  loop3: p1 p2 p3
[  421.702641][ T9325] loop0: detected capacity change from 0 to 2048
[  421.780765][ T9325] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  421.877426][ T9325] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  422.060044][ T5967] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.180562][ T9323] loop1: detected capacity change from 0 to 32768
[  422.201910][ T5967] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.072737][ T3984] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  423.131437][ T9323] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.895 (9323)
[  423.194407][ T5967] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.206367][ T9335] loop2: detected capacity change from 0 to 1024
[  423.224653][ T9323] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  423.244927][ T9323] BTRFS info (device loop1): use zlib compression, level 3
[  423.261418][ T9323] BTRFS info (device loop1): using free space tree
[  423.278297][ T9323] BTRFS info (device loop1): has skinny extents
[  423.300007][ T5967] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.352659][ T9327] loop4: detected capacity change from 0 to 32768
[  424.322061][ T9323] BTRFS error (device loop1): open_ctree failed
[  424.351912][ T3984] usb 1-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice= 2.f0
[  424.395384][ T3984] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.408475][ T9327] loop4: detected capacity change from 0 to 256
[  424.450383][ T9360] loop2: detected capacity change from 0 to 512
[  424.471243][ T3984] usb 1-1: Product: syz
[  424.476166][ T3984] usb 1-1: Manufacturer: syz
[  424.480778][ T3984] usb 1-1: SerialNumber: syz
[  424.486125][ T9327] exfat: Bad value for 'uid'
[  424.507598][ T3984] usb 1-1: config 0 descriptor??
[  424.553327][ T9327] openvswitch: netlink: Message has 171 unknown bytes.
[  424.562398][ T3984] cdc_ether 1-1:0.0: invalid descriptor buffer length
[  424.569205][ T3984] usb 1-1: bad CDC descriptors
[  424.586899][ T3984] pcwd_usb: This driver only supports 1 device
[  424.602063][ T9360] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  424.613264][ T9360] ext4 filesystem being mounted at /root/syzkaller.tGrW1V/183/bus supports timestamps until 2038 (0x7fffffff)
[  424.644899][ T9345] chnl_net:caif_netlink_parms(): no params data found
[  424.719722][ T3756] usb 1-1: USB disconnect, device number 34
[  425.406529][ T9345] bridge0: port 1(bridge_slave_0) entered blocking state
[  425.487232][ T9345] bridge0: port 1(bridge_slave_0) entered disabled state
[  425.527930][ T9345] device bridge_slave_0 entered promiscuous mode
[  425.585528][ T3839] Bluetooth: hci2: command 0x0409 tx timeout
[  425.593652][ T9345] bridge0: port 2(bridge_slave_1) entered blocking state
[  425.600746][ T9345] bridge0: port 2(bridge_slave_1) entered disabled state
[  425.710928][ T9345] device bridge_slave_1 entered promiscuous mode
[  425.832789][ T9345] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  425.950069][ T9345] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  426.913366][ T9345] team0: Port device team_slave_0 added
[  426.928766][ T9397] loop0: detected capacity change from 0 to 512
[  426.942294][ T9345] team0: Port device team_slave_1 added
[  427.016798][ T9345] batman_adv: batadv0: Adding interface: batadv_slave_0
[  427.031329][ T9345] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  427.085145][ T9397] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  427.096658][ T9397] ext4 filesystem being mounted at /root/syzkaller.HtlLNS/195/bus supports timestamps until 2038 (0x7fffffff)
[  427.105931][ T9401] loop2: detected capacity change from 0 to 64
[  427.115134][ T9345] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  427.184564][ T9345] batman_adv: batadv0: Adding interface: batadv_slave_1
[  427.248943][ T9373] loop4: detected capacity change from 0 to 40427
[  427.255924][ T9345] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  427.324592][ T9345] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  427.556258][ T9373] F2FS-fs (loop4): invalid crc value
[  427.651455][ T3984] Bluetooth: hci2: command 0x041b tx timeout
[  427.977916][ T9373] F2FS-fs (loop4): Failed to start F2FS issue_checkpoint_thread (-12)
[  428.093762][ T9345] device hsr_slave_0 entered promiscuous mode
[  428.116923][ T9345] device hsr_slave_1 entered promiscuous mode
[  428.146850][ T9345] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  428.281307][ T9345] Cannot create hsr debugfs directory
[  428.593480][ T9413] loop4: detected capacity change from 0 to 1024
[  429.696363][ T9406] loop2: detected capacity change from 0 to 32768
[  430.021855][ T3839] Bluetooth: hci2: command 0x040f tx timeout
[  430.033786][ T9406] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.909 (9406)
[  430.142094][ T9406] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  430.150984][ T9406] BTRFS info (device loop2): use zlib compression, level 3
[  430.192889][ T9406] BTRFS info (device loop2): using free space tree
[  430.199445][ T9406] BTRFS info (device loop2): has skinny extents
[  430.313865][ T9437] loop4: detected capacity change from 0 to 2048
[  430.575034][ T9406] BTRFS error (device loop2): open_ctree failed
[  430.583652][ T9427] loop0: detected capacity change from 0 to 32768
[  430.607276][ T9437] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  430.629389][ T9437] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  430.671685][ T9427] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.912 (9427)
[  430.713766][ T5967] device hsr_slave_0 left promiscuous mode
[  430.732102][ T5967] device hsr_slave_1 left promiscuous mode
[  430.768002][ T9427] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  430.782205][ T5967] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  430.789906][ T5967] batman_adv: batadv0: Removing interface: batadv_slave_0
[  430.811401][ T9427] BTRFS info (device loop0): use zlib compression, level 3
[  430.818688][ T9427] BTRFS info (device loop0): using free space tree
[  430.842928][ T9427] BTRFS info (device loop0): has skinny extents
[  430.868037][ T5967] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  430.912748][ T5967] batman_adv: batadv0: Removing interface: batadv_slave_1
[  430.953222][ T9467] loop2: detected capacity change from 0 to 512
[  430.977584][ T5967] device bridge_slave_1 left promiscuous mode
[  431.025748][ T5967] bridge0: port 2(bridge_slave_1) entered disabled state
[  431.039514][ T9467] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  431.050761][ T9467] ext4 filesystem being mounted at /root/syzkaller.tGrW1V/187/bus supports timestamps until 2038 (0x7fffffff)
[  431.065905][ T3837] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  431.222518][ T5967] device bridge_slave_0 left promiscuous mode
[  431.239905][ T5967] bridge0: port 1(bridge_slave_0) entered disabled state
[  431.297673][ T5967] device veth1_macvtap left promiscuous mode
[  431.377006][ T9427] BTRFS info (device loop0): enabling ssd optimizations
[  431.438778][ T5967] device veth0_macvtap left promiscuous mode
[  431.523123][ T5967] device veth1_vlan left promiscuous mode
[  431.580323][ T5967] device veth0_vlan left promiscuous mode
[  431.881654][ T3837] usb 5-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice= 2.f0
[  431.911197][ T3837] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  431.919891][ T3837] usb 5-1: Product: syz
[  431.945113][ T3837] usb 5-1: Manufacturer: syz
[  431.949751][ T3837] usb 5-1: SerialNumber: syz
[  432.047580][ T3837] usb 5-1: config 0 descriptor??
[  432.080619][ T3563] Bluetooth: hci2: command 0x0419 tx timeout
[  432.124506][ T3837] cdc_ether 5-1:0.0: invalid descriptor buffer length
[  432.171924][ T3837] usb 5-1: bad CDC descriptors
[  432.218892][ T3837] pcwd_usb: This driver only supports 1 device
[  432.461948][ T3838] usb 5-1: USB disconnect, device number 45
[  432.764975][ T5967] team0 (unregistering): Port device team_slave_1 removed
[  432.804832][ T5967] team0 (unregistering): Port device team_slave_0 removed
[  432.844265][ T5967] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  432.864491][ T5967] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  432.996774][ T5967] bond0 (unregistering): Released all slaves
[  433.972621][ T9497] vivid-008: disconnect
[  434.073673][ T9496] vivid-008: reconnect
[  434.975810][ T9507] loop2: detected capacity change from 0 to 1024
[  435.106381][ T9345] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  435.302502][ T9345] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  435.480819][ T9345] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  435.969539][ T9345] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  436.200518][ T9523] loop2: detected capacity change from 0 to 512
[  436.383523][ T9523] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  436.394889][ T9523] ext4 filesystem being mounted at /root/syzkaller.tGrW1V/190/bus supports timestamps until 2038 (0x7fffffff)
[  436.417056][ T9511] loop1: detected capacity change from 0 to 40427
[  436.531177][ T9503] loop4: detected capacity change from 0 to 32768
[  436.634735][ T9503] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.922 (9503)
[  436.864862][ T9511] F2FS-fs (loop1): invalid crc value
[  437.052680][ T9345] 8021q: adding VLAN 0 to HW filter on device bond0
[  437.112489][ T9511] F2FS-fs (loop1): Found nat_bits in checkpoint
[  437.216637][ T9345] 8021q: adding VLAN 0 to HW filter on device team0
[  437.275050][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  437.293522][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  437.310985][ T9503] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  437.351758][ T9503] BTRFS info (device loop4): use zlib compression, level 3
[  437.391390][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  437.400142][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  437.403615][ T9511] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0
[  437.412406][ T9503] BTRFS info (device loop4): using free space tree
[  437.434414][ T9503] BTRFS info (device loop4): has skinny extents
[  437.451423][ T9511] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  437.461838][ T3756] bridge0: port 1(bridge_slave_0) entered blocking state
[  437.468926][ T3756] bridge0: port 1(bridge_slave_0) entered forwarding state
[  437.504420][ T9511] attempt to access beyond end of device
[  437.504420][ T9511] loop1: rw=2049, want=53264, limit=40427
[  437.527808][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  437.549314][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  437.587703][ T3756] bridge0: port 2(bridge_slave_1) entered blocking state
[  437.594868][ T3756] bridge0: port 2(bridge_slave_1) entered forwarding state
[  437.633145][ T8605] attempt to access beyond end of device
[  437.633145][ T8605] loop1: rw=2049, want=45112, limit=40427
[  437.731500][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  437.740179][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  437.749278][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  437.758415][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  437.769533][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  437.855760][ T3672] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  437.866884][ T3672] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  437.881803][ T9503] BTRFS error (device loop4): open_ctree failed
[  437.893722][ T3672] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  437.909912][ T3672] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  437.929228][ T3672] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  437.977721][ T3672] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  437.992340][ T3672] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  438.020272][ T9345] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  438.063398][ T9518] chnl_net:caif_netlink_parms(): no params data found
[  438.291408][ T3838] Bluetooth: hci1: command 0x0409 tx timeout
[  438.434588][ T9518] bridge0: port 1(bridge_slave_0) entered blocking state
[  438.455329][ T9573] 9pnet: Insufficient options for proto=fd
[  438.463949][ T9518] bridge0: port 1(bridge_slave_0) entered disabled state
[  438.506858][ T9518] device bridge_slave_0 entered promiscuous mode
[  438.544974][ T9518] bridge0: port 2(bridge_slave_1) entered blocking state
[  438.585457][ T9518] bridge0: port 2(bridge_slave_1) entered disabled state
[  438.622076][ T9518] device bridge_slave_1 entered promiscuous mode
[  438.745015][ T9518] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  438.951212][ T9518] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  439.892613][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  439.900306][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  439.910337][ T1375] ieee802154 phy0 wpan0: encryption failed: -22
[  439.918006][ T1375] ieee802154 phy1 wpan1: encryption failed: -22
[  439.933816][ T9345] 8021q: adding VLAN 0 to HW filter on device batadv0
[  439.978755][ T9518] team0: Port device team_slave_0 added
[  440.023267][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  440.032738][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  440.065750][ T9518] team0: Port device team_slave_1 added
[  440.093086][ T9345] device veth0_vlan entered promiscuous mode
[  440.164843][ T9560] loop2: detected capacity change from 0 to 32768
[  440.212676][ T9027] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  440.241457][ T9560] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.926 (9560)
[  440.257126][ T9027] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  440.270823][ T9345] device veth1_vlan entered promiscuous mode
[  440.288943][ T9518] batman_adv: batadv0: Adding interface: batadv_slave_0
[  440.317181][ T9560] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  440.327186][ T9518] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  440.372204][ T3984] Bluetooth: hci1: command 0x041b tx timeout
[  440.393067][ T9560] BTRFS info (device loop2): use zlib compression, level 3
[  440.414918][ T9560] BTRFS info (device loop2): using free space tree
[  440.425085][ T9560] BTRFS info (device loop2): has skinny extents
[  440.434029][ T9518] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  440.458820][ T9027] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  440.469299][ T9027] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  440.489865][ T9027] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  440.532538][ T9518] batman_adv: batadv0: Adding interface: batadv_slave_1
[  440.539915][ T9518] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  440.595687][ T9518] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  440.620104][ T9345] device veth0_macvtap entered promiscuous mode
[  440.673545][ T3984] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  440.682147][ T3984] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  440.745639][ T3984] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  440.756017][ T9560] BTRFS info (device loop2): enabling ssd optimizations
[  440.809656][ T9345] device veth1_macvtap entered promiscuous mode
[  440.881988][ T3984] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  440.900563][ T3984] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  440.984821][ T9518] device hsr_slave_0 entered promiscuous mode
[  441.007824][ T9518] device hsr_slave_1 entered promiscuous mode
[  441.061781][ T9518] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  441.069514][ T9518] Cannot create hsr debugfs directory
[  441.113541][ T9345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.132232][ T9345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.149640][ T9345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.168573][ T9345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.224854][ T9345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.246022][ T9345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.268039][ T9345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.308807][ T9345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.363392][ T9345] batman_adv: batadv0: Interface activated: batadv_slave_0
[  441.384251][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  441.396710][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  441.446396][ T9345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.469886][ T9345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.495166][ T9345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.512597][ T9345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.541385][ T9345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.556235][ T9345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.579703][ T9345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.620960][ T9345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.659472][ T9345] batman_adv: batadv0: Interface activated: batadv_slave_1
[  441.783787][ T4096] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  441.802225][ T4096] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  441.851962][ T9345] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  441.860714][ T9345] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  441.898503][ T9345] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  441.928645][ T9345] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  442.076978][ T9655] loop4: detected capacity change from 0 to 512
[  442.170311][ T9657] loop2: detected capacity change from 0 to 1024
[  442.261361][ T9655] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  442.273252][ T9655] ext4 filesystem being mounted at /root/syzkaller.AmZFOV/119/bus supports timestamps until 2038 (0x7fffffff)
[  442.389551][ T4040] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  442.571448][ T4040] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  442.587774][ T3984] Bluetooth: hci1: command 0x040f tx timeout
[  443.065414][ T9518] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  443.172946][ T9027] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  443.287323][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  443.361351][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  443.380979][ T9518] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  443.419792][ T9675] loop2: detected capacity change from 0 to 512
[  443.433668][ T3673] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  443.514827][ T9675] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  443.526067][ T9675] ext4 filesystem being mounted at /root/syzkaller.tGrW1V/193/bus supports timestamps until 2038 (0x7fffffff)
[  443.643253][ T9679] loop3: detected capacity change from 0 to 256
[  443.765446][ T9665] loop1: detected capacity change from 0 to 32768
[  443.790347][ T9518] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  443.988054][ T9665] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.935 (9665)
[  444.123977][ T9679] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xc14df490, utbl_chksum : 0xe619d30d)
[  444.385725][ T9518] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.493547][ T9665] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  444.542317][ T9665] BTRFS info (device loop1): use zlib compression, level 3
[  444.582349][ T9665] BTRFS info (device loop1): using free space tree
[  444.588908][ T9665] BTRFS info (device loop1): has skinny extents
[  444.621638][ T9027] Bluetooth: hci1: command 0x0419 tx timeout
[  444.671896][ T9686] loop2: detected capacity change from 0 to 16
[  444.850090][ T9665] BTRFS info (device loop1): enabling ssd optimizations
[  445.003823][ T9345] syz-executor (9345) used greatest stack depth: 17792 bytes left
[  445.150236][ T9518] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  445.222070][ T9518] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  445.297727][ T9716] input: syz0 as /devices/virtual/input/input7
[  445.312282][ T9708] mmap: syz.2.939 (9708): VmData 176140288 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  445.327104][ T9518] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  445.370114][ T9518] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  445.852862][ T9728] fuse: Bad value for 'group_id'
[  445.970231][   T26] audit: type=1804 audit(1719722178.079:70): pid=9730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.946" name="/root/syzkaller.AmZFOV/121/file1" dev="sda1" ino=1987 res=1 errno=0
[  446.216923][ T9518] 8021q: adding VLAN 0 to HW filter on device bond0
[  446.248156][ T9737] netlink: 'syz.1.948': attribute type 29 has an invalid length.
[  446.327821][ T9737] netlink: 'syz.1.948': attribute type 29 has an invalid length.
[  446.384981][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  446.393360][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  446.489690][ T3839] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  446.593320][ T9518] 8021q: adding VLAN 0 to HW filter on device team0
[  446.640273][ T3673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  446.652257][ T3673] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  446.671758][ T3673] bridge0: port 1(bridge_slave_0) entered blocking state
[  446.678865][ T3673] bridge0: port 1(bridge_slave_0) entered forwarding state
[  446.722080][ T9723] chnl_net:caif_netlink_parms(): no params data found
[  446.761557][ T3839] usb 5-1: Using ep0 maxpacket: 16
[  446.775881][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  446.794712][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  446.820371][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  446.851308][ T3753] bridge0: port 2(bridge_slave_1) entered blocking state
[  446.858503][ T3753] bridge0: port 2(bridge_slave_1) entered forwarding state
[  446.921762][ T3839] usb 5-1: config 0 has an invalid descriptor of length 123, skipping remainder of the config
[  446.943755][ T3839] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  446.964759][ T3839] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  446.984099][ T3839] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.020506][ T3839] usb 5-1: config 0 descriptor??
[  447.070024][ T3673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  447.090902][ T3673] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  447.122544][ T3673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  447.141931][ T3673] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  447.162300][ T3673] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  447.171216][ T3673] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  447.243331][ T3673] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  447.279131][ T9518] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  447.299176][ T9518] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  447.332322][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  447.391856][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  447.414737][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  447.452363][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  447.495134][ T9755] IPVS: set_ctl: invalid protocol: 0 127.0.0.1:0
[  447.572040][ T3839] usb 5-1: string descriptor 0 read error: -71
[  447.589212][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  447.589332][ T3839] usb 5-1: USB disconnect, device number 46
[  447.610035][ T9723] bridge0: port 1(bridge_slave_0) entered blocking state
[  447.621655][ T9723] bridge0: port 1(bridge_slave_0) entered disabled state
[  447.639354][ T9723] device bridge_slave_0 entered promiscuous mode
[  447.707175][ T9723] bridge0: port 2(bridge_slave_1) entered blocking state
[  447.732734][ T9723] bridge0: port 2(bridge_slave_1) entered disabled state
[  447.756025][ T9763] binder: 9762:9763 ioctl c0306201 0 returned -14
[  447.769575][ T9723] device bridge_slave_1 entered promiscuous mode
[  447.811513][ T5967] device hsr_slave_0 left promiscuous mode
[  447.835845][ T5967] device hsr_slave_1 left promiscuous mode
[  447.862041][ T5967] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  447.889956][ T5967] batman_adv: batadv0: Removing interface: batadv_slave_0
[  447.903276][ T3839] Bluetooth: hci2: command 0x0409 tx timeout
[  447.916788][ T5967] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  447.925628][ T5967] batman_adv: batadv0: Removing interface: batadv_slave_1
[  447.943355][ T5967] bridge0: port 3(bond0) entered disabled state
[  447.953221][ T5967] device bridge_slave_1 left promiscuous mode
[  447.960374][ T5967] bridge0: port 2(bridge_slave_1) entered disabled state
[  447.984788][ T5967] device bridge_slave_0 left promiscuous mode
[  447.991553][ T5967] bridge0: port 1(bridge_slave_0) entered disabled state
[  448.015138][ T5967] device veth1_macvtap left promiscuous mode
[  448.021953][ T5967] device veth0_macvtap left promiscuous mode
[  448.032040][ T5967] device veth1_vlan left promiscuous mode
[  448.046754][ T5967] device veth0_vlan left promiscuous mode
[  448.533406][ T5967] team0 (unregistering): Port device team_slave_1 removed
[  448.549808][ T5967] team0 (unregistering): Port device team_slave_0 removed
[  448.567952][ T5967] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  448.578883][ T5967] device bond_slave_1 left promiscuous mode
[  448.594607][ T5967] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  448.603837][ T5967] device bond_slave_0 left promiscuous mode
[  448.753566][ T5967] bond0 (unregistering): Released all slaves
[  448.835811][ T9774] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  448.853325][ T9774] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  448.862695][ T9723] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  448.883813][ T9723] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  449.001109][ T9723] team0: Port device team_slave_0 added
[  449.020330][ T9723] team0: Port device team_slave_1 added
[  449.086478][ T9723] batman_adv: batadv0: Adding interface: batadv_slave_0
[  449.094294][ T9723] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  449.128627][ T9723] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  449.147570][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  449.155188][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  449.168542][ T9518] 8021q: adding VLAN 0 to HW filter on device batadv0
[  449.177418][ T9723] batman_adv: batadv0: Adding interface: batadv_slave_1
[  449.191326][ T9723] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  449.217798][ T9723] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  449.305803][ T9723] device hsr_slave_0 entered promiscuous mode
[  449.313251][ T9723] device hsr_slave_1 entered promiscuous mode
[  449.361442][ T3673] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  449.391062][ T3837] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  449.400471][ T3837] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  449.436455][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  449.462574][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  449.478994][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  449.488523][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  449.506614][ T9518] device veth0_vlan entered promiscuous mode
[  449.584465][ T9723] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  449.625270][ T9518] device veth1_vlan entered promiscuous mode
[  449.674166][ T9723] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  449.703081][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  449.717228][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  449.725900][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  449.741961][ T3673] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  449.757816][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  449.778967][ T9518] device veth0_macvtap entered promiscuous mode
[  449.797383][ T9723] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  449.840187][ T9518] device veth1_macvtap entered promiscuous mode
[  449.852981][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  449.864838][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  449.889600][ T9723] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  449.923182][ T3673] usb 2-1: New USB device found, idVendor=6737, idProduct=0001, bcdDevice=5e.f6
[  449.931606][ T3839] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  449.943035][ T9518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  449.961632][ T3673] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  449.969850][ T3673] usb 2-1: Product: syz
[  449.974764][ T9518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  449.981109][ T3673] usb 2-1: Manufacturer: syz
[  449.985123][ T3837] Bluetooth: hci2: command 0x041b tx timeout
[  449.994285][ T3673] usb 2-1: SerialNumber: syz
[  450.006492][ T3673] usb 2-1: config 0 descriptor??
[  450.011323][ T9518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.041387][ T9518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.051233][ T9518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.055449][ T3673] cypress_m8 2-1:0.0: HID->COM RS232 Adapter converter detected
[  450.075468][ T3673] cyphidcom ttyUSB0: required endpoint is missing
[  450.082639][ T9518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.101381][ T9518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.132855][ T9518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.152283][ T9518] batman_adv: batadv0: Interface activated: batadv_slave_0
[  450.161381][ T3550] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  450.170247][ T3550] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  450.191522][ T3839] usb 5-1: Using ep0 maxpacket: 16
[  450.202621][ T9518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.221286][ T9518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.252157][ T9518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.257628][ T3753] usb 2-1: USB disconnect, device number 34
[  450.271607][ T9518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.302082][ T3753] cypress_m8 2-1:0.0: device disconnected
[  450.302579][ T9791] input: syz0 as /devices/virtual/input/input8
[  450.316366][ T3839] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  450.327599][ T9518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.351308][ T3839] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  450.363041][ T3839] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  450.377158][ T9518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.392396][ T3839] usb 5-1: config 0 descriptor??
[  450.405193][ T9518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.418392][ T9518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.440783][ T9518] batman_adv: batadv0: Interface activated: batadv_slave_1
[  450.470932][ T3673] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  450.504302][ T3673] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  450.520557][ T9518] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  450.529930][ T9518] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  450.540895][ T9518] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  450.551047][ T9518] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  450.717792][ T5591] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  450.752242][ T5591] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  450.784548][ T3673] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  450.799149][ T9723] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  450.828968][ T3596] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  450.832969][ T9723] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  450.848669][ T3596] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  450.882755][ T9789] udc-core: couldn't find an available UDC or it's busy
[  450.893446][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  450.902071][ T9789] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  450.931599][ T9723] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  450.972728][ T3839] hid (null): unknown global tag 0xd
[  450.978087][ T3839] hid (null): unknown global tag 0xc
[  450.986813][ T9723] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  450.992717][ T3839] hid (null): unknown global tag 0x83
[  450.999480][ T9804] loop0: detected capacity change from 0 to 1024
[  451.006251][ T3839] hid (null): unknown global tag 0xc
[  451.033676][ T3839] hid-generic 0003:0158:0100.0007: unknown main item tag 0x1
[  451.041123][ T3839] hid-generic 0003:0158:0100.0007: unexpected long global item
[  451.104764][ T3839] hid-generic: probe of 0003:0158:0100.0007 failed with error -22
[  451.108323][ T9807] netlink: 'syz.2.974': attribute type 1 has an invalid length.
[  451.201518][ T3550] usb 5-1: USB disconnect, device number 47
[  451.400432][ T9810] 8021q: adding VLAN 0 to HW filter on device bond1
[  452.174582][ T7752] Bluetooth: hci2: command 0x040f tx timeout
[  452.327864][ T9723] 8021q: adding VLAN 0 to HW filter on device bond0
[  452.348028][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  452.368471][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  452.385611][ T9723] 8021q: adding VLAN 0 to HW filter on device team0
[  452.438741][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  452.464551][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  452.501079][ T3753] bridge0: port 1(bridge_slave_0) entered blocking state
[  452.508263][ T3753] bridge0: port 1(bridge_slave_0) entered forwarding state
[  452.557411][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  452.569176][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  452.582765][ T3612] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  452.606247][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  452.616588][ T3753] bridge0: port 2(bridge_slave_1) entered blocking state
[  452.623722][ T3753] bridge0: port 2(bridge_slave_1) entered forwarding state
[  452.638969][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  452.708802][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  452.719760][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  452.732958][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  452.742312][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  452.752221][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  452.762157][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  452.772238][ T3755] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  452.785124][ T9723] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  452.814756][ T9723] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  452.834238][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  452.842278][ T3612] usb 5-1: Using ep0 maxpacket: 16
[  452.859385][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  452.880748][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  452.961548][ T3612] usb 5-1: config 0 has an invalid descriptor of length 123, skipping remainder of the config
[  452.972350][ T3753] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  452.990194][ T3612] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  453.010720][ T3612] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  453.021942][ T3837] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  453.030790][ T3612] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.053670][ T3612] usb 5-1: config 0 descriptor??
[  453.166873][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  453.175330][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  453.198058][ T9723] 8021q: adding VLAN 0 to HW filter on device batadv0
[  453.242368][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  453.261980][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  453.287217][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  453.297391][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  453.301452][ T3837] usb 3-1: Using ep0 maxpacket: 16
[  453.317928][ T9723] device veth0_vlan entered promiscuous mode
[  453.337163][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  453.349968][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  453.361781][ T3753] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  453.387277][ T9723] device veth1_vlan entered promiscuous mode
[  453.430370][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  453.439528][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  453.448801][ T3837] usb 3-1: config 0 has an invalid descriptor of length 123, skipping remainder of the config
[  453.460255][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  453.472323][ T3837] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  453.482804][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  453.491312][ T3837] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  453.500678][ T3837] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.511921][ T9723] device veth0_macvtap entered promiscuous mode
[  453.523465][ T9723] device veth1_macvtap entered promiscuous mode
[  453.531856][ T3837] usb 3-1: config 0 descriptor??
[  453.538203][ T3753] usb 1-1: New USB device found, idVendor=6737, idProduct=0001, bcdDevice=5e.f6
[  453.561118][ T3753] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  453.592079][ T3612] usb 5-1: string descriptor 0 read error: -71
[  453.610801][ T9723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.629292][ T3612] usb 5-1: USB disconnect, device number 48
[  453.635792][ T3753] usb 1-1: Product: syz
[  453.639975][ T3753] usb 1-1: Manufacturer: syz
[  453.653208][ T3753] usb 1-1: SerialNumber: syz
[  453.660592][ T9723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.681104][ T3753] usb 1-1: config 0 descriptor??
[  453.686553][ T9723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.704721][ T9723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.720239][ T9723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.739582][ T3753] cypress_m8 1-1:0.0: HID->COM RS232 Adapter converter detected
[  453.747494][ T9723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.758804][ T3753] cyphidcom ttyUSB0: required endpoint is missing
[  453.768976][ T9723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.781460][ T9829] udc-core: couldn't find an available UDC or it's busy
[  453.790090][ T9723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.800108][ T9723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.809584][ T9829] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  453.812868][ T9723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.829879][ T9723] batman_adv: batadv0: Interface activated: batadv_slave_0
[  453.863285][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  453.877324][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  453.889591][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  453.900160][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  453.910834][ T9723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  453.925949][ T9723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.959356][ T3607] usb 1-1: USB disconnect, device number 35
[  453.965056][ T9723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  453.966599][ T3607] cypress_m8 1-1:0.0: device disconnected
[  453.979427][ T9723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.998928][ T9723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  454.009908][ T9723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  454.021078][ T9723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  454.032772][ T9723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  454.042820][ T9723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  454.054631][ T9723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  454.066178][ T9723] batman_adv: batadv0: Interface activated: batadv_slave_1
[  454.080680][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  454.081519][ T3837] usb 3-1: string descriptor 0 read error: -71
[  454.104447][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  454.121741][ T9723] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  454.130485][ T9723] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  454.144059][ T9723] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  454.148303][ T3837] usb 3-1: USB disconnect, device number 40
[  454.168804][ T9723] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  454.211809][ T3839] Bluetooth: hci2: command 0x0419 tx timeout
[  454.338116][ T4769] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  454.357570][ T4769] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  454.395275][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  454.443940][ T5591] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  454.457977][ T5591] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  454.477150][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  454.966785][ T9872] vivid-000: disconnect
[  454.972669][ T9871] vivid-000: reconnect
[  455.028168][ T5967] device hsr_slave_0 left promiscuous mode
[  455.053256][ T5967] device hsr_slave_1 left promiscuous mode
[  455.081436][ T3837] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  455.090565][ T5967] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  455.096881][ T3612] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  455.107390][ T5967] batman_adv: batadv0: Removing interface: batadv_slave_0
[  455.220994][ T5967] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  455.259124][ T5967] batman_adv: batadv0: Removing interface: batadv_slave_1
[  455.302668][ T5967] device bridge_slave_1 left promiscuous mode
[  455.351481][ T3612] usb 1-1: Using ep0 maxpacket: 8
[  455.375115][ T5967] bridge0: port 2(bridge_slave_1) entered disabled state
[  455.423272][   T26] audit: type=1804 audit(1719722187.519:71): pid=9884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.998" name="/root/syzkaller.tGrW1V/218/bus" dev="sda1" ino=1996 res=1 errno=0
[  455.552600][ T3612] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  455.624473][ T3612] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  455.734687][ T3612] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  455.881975][ T3612] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  455.956587][ T3612] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  455.976028][ T3612] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  455.995329][ T5967] device bridge_slave_0 left promiscuous mode
[  456.019454][ T5967] bridge0: port 1(bridge_slave_0) entered disabled state
[  456.106386][ T5967] device veth1_macvtap left promiscuous mode
[  456.142165][ T5967] device veth0_macvtap left promiscuous mode
[  456.171519][ T3837] usb 5-1: Using ep0 maxpacket: 16
[  456.208115][ T5967] device veth1_vlan left promiscuous mode
[  456.257919][ T5967] device veth0_vlan left promiscuous mode
[  456.301452][ T3612] usb 1-1: usb_control_msg returned -32
[  456.302553][ T3837] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  456.314588][ T3612] usbtmc 1-1:16.0: can't read capabilities
[  456.593454][ T3837] usb 5-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice= b.55
[  456.741847][ T3837] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.976173][ T3837] usb 5-1: Product: syz
[  456.980389][ T3837] usb 5-1: Manufacturer: syz
[  457.051138][ T3837] usb 5-1: SerialNumber: syz
[  457.142370][ T3837] usb 5-1: config 0 descriptor??
[  457.215148][ T3837] pn533_usb 5-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  457.436859][ T3612] usb 5-1: USB disconnect, device number 49
[  457.531647][ T9900] usbtmc 1-1:16.0: stb usb_control_msg returned -32
[  457.594020][ T3550] usb 1-1: USB disconnect, device number 36
[  457.738619][ T5967] team0 (unregistering): Port device team_slave_1 removed
[  457.756004][ T5967] team0 (unregistering): Port device team_slave_0 removed
[  457.770097][ T5967] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  457.797078][ T5967] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  457.883740][ T5967] bond0 (unregistering): Released all slaves
[  457.939149][ T9913] netlink: 'syz.1.1012': attribute type 4 has an invalid length.
[  459.380027][ T9971] chnl_net:caif_netlink_parms(): no params data found
[  459.693417][ T9971] bridge0: port 1(bridge_slave_0) entered blocking state
[  459.739522][ T9971] bridge0: port 1(bridge_slave_0) entered disabled state
[  459.760997][ T9971] device bridge_slave_0 entered promiscuous mode
[  459.793107][ T9971] bridge0: port 2(bridge_slave_1) entered blocking state
[  459.814203][ T9971] bridge0: port 2(bridge_slave_1) entered disabled state
[  459.867210][ T9971] device bridge_slave_1 entered promiscuous mode
[  459.930800][ T9971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  459.961633][ T9971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  460.053325][ T1066] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  460.082109][ T1066] Bluetooth: hci2: Injecting HCI hardware error event
[  460.115683][ T9971] team0: Port device team_slave_0 added
[  460.130630][ T3510] Bluetooth: hci2: hardware error 0x00
[  460.214351][ T9971] team0: Port device team_slave_1 added
[  460.394286][ T9971] batman_adv: batadv0: Adding interface: batadv_slave_0
[  460.411683][ T9971] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  460.514832][ T9971] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  460.563315][ T9971] batman_adv: batadv0: Adding interface: batadv_slave_1
[  460.619023][ T9971] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  460.712232][ T9971] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  460.748126][T10040] netlink: 'syz.1.1059': attribute type 1 has an invalid length.
[  460.892394][T10041] 8021q: adding VLAN 0 to HW filter on device batadv1
[  460.900967][T10041] bond1: (slave batadv1): Enslaving as a backup interface with an up link
[  460.938923][ T1066] Bluetooth: hci0: command 0x0409 tx timeout
[  460.991516][T10044] 8021q: adding VLAN 0 to HW filter on device bond1
[  461.001122][ T5591] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  461.092221][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  461.124839][ T9971] device hsr_slave_0 entered promiscuous mode
[  461.156602][ T3693] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  461.182617][ T9971] device hsr_slave_1 entered promiscuous mode
[  461.204161][ T9971] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  461.239599][ T9971] Cannot create hsr debugfs directory
[  461.616671][ T9971] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  461.783788][ T9971] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  461.918873][ T9971] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  462.020014][ T9971] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  462.290505][ T9971] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  462.372649][ T9971] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  462.418574][ T9971] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  462.442633][ T9971] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  462.711576][ T9971] 8021q: adding VLAN 0 to HW filter on device bond0
[  462.781183][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  462.792217][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  462.825655][ T9971] 8021q: adding VLAN 0 to HW filter on device team0
[  462.856242][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  462.872333][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  462.898110][ T3753] bridge0: port 1(bridge_slave_0) entered blocking state
[  462.905310][ T3753] bridge0: port 1(bridge_slave_0) entered forwarding state
[  462.965606][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  463.003313][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  463.032654][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  463.041167][ T3753] bridge0: port 2(bridge_slave_1) entered blocking state
[  463.048335][ T3753] bridge0: port 2(bridge_slave_1) entered forwarding state
[  463.081845][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  463.120984][ T3607] Bluetooth: hci0: command 0x041b tx timeout
[  463.197148][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  463.242545][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  463.273426][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  463.310544][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  463.340219][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  463.432061][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  463.450175][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  463.477606][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  463.504488][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  463.538982][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  463.562146][ T9971] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  463.856477][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  463.872199][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  463.906418][ T9971] 8021q: adding VLAN 0 to HW filter on device batadv0
[  463.967156][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  463.992733][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  464.093568][ T7752] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  464.110848][ T7752] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  464.183022][ T9971] device veth0_vlan entered promiscuous mode
[  464.191955][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  464.199883][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  464.256584][ T9971] device veth1_vlan entered promiscuous mode
[  464.395797][ T9971] device veth0_macvtap entered promiscuous mode
[  464.403830][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  464.420792][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  464.453281][ T9971] device veth1_macvtap entered promiscuous mode
[  464.517491][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  464.533155][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  464.600521][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.631299][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.641145][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.688056][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.729573][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.761453][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.791473][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.821426][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.842040][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.891586][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.912055][ T9971] batman_adv: batadv0: Interface activated: batadv_slave_0
[  464.930008][ T3837] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  464.962395][ T3837] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  464.987575][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.026556][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.042647][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.059280][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.071893][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.111312][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.149418][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.171432][ T3612] Bluetooth: hci0: command 0x040f tx timeout
[  465.191627][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.202775][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  465.211318][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.282072][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.304056][ T9971] batman_adv: batadv0: Interface activated: batadv_slave_1
[  465.330511][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  465.363529][ T3839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  465.389955][ T5967] device hsr_slave_0 left promiscuous mode
[  465.431738][ T5967] device hsr_slave_1 left promiscuous mode
[  465.438835][ T5967] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  465.471330][ T5967] batman_adv: batadv0: Removing interface: batadv_slave_0
[  465.498643][ T5967] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  465.558693][ T5967] batman_adv: batadv0: Removing interface: batadv_slave_1
[  465.593517][ T5967] bridge0: port 3(bond0) entered disabled state
[  465.603939][ T5967] device bridge_slave_1 left promiscuous mode
[  465.610189][ T5967] bridge0: port 2(bridge_slave_1) entered disabled state
[  465.663222][ T5967] device bridge_slave_0 left promiscuous mode
[  465.679690][ T5967] bridge0: port 1(bridge_slave_0) entered disabled state
[  465.717933][ T5967] device veth1_macvtap left promiscuous mode
[  465.741494][ T5967] device veth0_macvtap left promiscuous mode
[  465.761515][ T5967] device veth1_vlan left promiscuous mode
[  465.767341][ T5967] device veth0_vlan left promiscuous mode
[  466.199895][ T5967] bond1 (unregistering): Released all slaves
[  466.604978][ T5967] team0 (unregistering): Port device team_slave_1 removed
[  466.670309][ T5967] team0 (unregistering): Port device team_slave_0 removed
[  466.717192][ T5967] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  466.746961][ T5967] device bond_slave_1 left promiscuous mode
[  466.792286][ T5967] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  466.832423][ T5967] device bond_slave_0 left promiscuous mode
[  467.125618][ T5967] bond0 (unregistering): Released all slaves
[  467.261281][ T3612] Bluetooth: hci0: command 0x0419 tx timeout
[  467.291591][ T9971] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  467.314154][ T9971] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  467.343105][ T9971] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  467.370860][ T9971] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  467.569791][ T3692] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  467.598621][ T3692] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  467.664840][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  467.687634][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  467.701195][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  467.732757][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  471.414666][T10140] netlink: 71 bytes leftover after parsing attributes in process `syz.2.1086'.
[  482.547542][T10223] kvm: emulating exchange as write
[  483.751411][T10250] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  483.828222][ T3837] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  483.852805][T10250] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  484.263550][ T3837] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[  484.280784][ T3837] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.311750][ T3837] usb 4-1: config 0 descriptor??
[  484.335673][T10259] RDS: rds_bind could not find a transport for ::ffff:172.20.20.0, load rds_tcp or rds_rdma?
[  484.591559][ T3837] ath6kl: Failed to submit usb control message: -71
[  484.598388][ T3837] ath6kl: unable to send the bmi data to the device: -71
[  484.640504][ T3837] ath6kl: Unable to send get target info: -71
[  484.698984][ T3837] ath6kl: Failed to init ath6kl core: -71
[  484.739682][ T3837] ath6kl_usb: probe of 4-1:0.0 failed with error -71
[  484.777473][ T3837] usb 4-1: USB disconnect, device number 38
[  484.859858][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  485.681407][ T3595] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  486.121531][ T3595] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  486.148504][ T3595] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[  486.169773][ T3595] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.212014][ T3595] usb 4-1: config 0 descriptor??
[  486.471396][ T3595] ath6kl: Failed to submit usb control message: -71
[  486.488981][ T3595] ath6kl: unable to send the bmi data to the device: -71
[  486.514662][ T3595] ath6kl: Unable to send get target info: -71
[  486.551966][ T3595] ath6kl: Failed to init ath6kl core: -71
[  486.606468][ T3595] ath6kl_usb: probe of 4-1:0.0 failed with error -71
[  486.639681][ T3595] usb 4-1: USB disconnect, device number 39
[  487.121619][ T3612] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  487.491898][ T3612] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[  487.514721][ T3612] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  487.541692][ T3612] usb 1-1: config 0 descriptor??
[  487.791429][ T3612] ath6kl: Failed to submit usb control message: -71
[  487.800452][ T3612] ath6kl: unable to send the bmi data to the device: -71
[  487.834404][ T3612] ath6kl: Unable to send get target info: -71
[  487.857958][ T3612] ath6kl: Failed to init ath6kl core: -71
[  487.923961][ T3612] ath6kl_usb: probe of 1-1:0.0 failed with error -71
[  487.952167][ T3612] usb 1-1: USB disconnect, device number 37
[  488.470783][   T26] audit: type=1800 audit(1719722220.579:72): pid=10347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1158" name="file1" dev="sda1" ino=2006 res=0 errno=0
[  488.545199][   T26] audit: type=1804 audit(1719722220.629:73): pid=10347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1158" name="/root/syzkaller.TlEAfp/30/file1" dev="sda1" ino=2006 res=1 errno=0
[  489.811956][ T3673] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  490.182793][ T3673] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[  490.202208][ T3673] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  490.248871][ T3673] usb 4-1: config 0 descriptor??
[  490.511422][ T3673] ath6kl: Failed to submit usb control message: -71
[  490.518261][ T3673] ath6kl: unable to send the bmi data to the device: -71
[  490.531218][ T3673] ath6kl: Unable to send get target info: -71
[  490.542081][ T3673] ath6kl: Failed to init ath6kl core: -71
[  490.595002][ T3673] ath6kl_usb: probe of 4-1:0.0 failed with error -71
[  490.622290][ T3673] usb 4-1: USB disconnect, device number 40
[  490.877659][   T26] audit: type=1326 audit(1719722222.989:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10388 comm="syz.2.1173" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1641efbb99 code=0x0
[  493.489639][T10453] loop3: detected capacity change from 0 to 256
[  493.790532][ T4769] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  493.801965][T10453] loop3: detected capacity change from 0 to 2048
[  493.819156][T10445] loop1: detected capacity change from 0 to 32768
[  493.871524][T10445]  loop1: p1 p2 p3
[  493.883850][T10453] EXT4-fs error (device loop3): ext4_fill_super:4840: inode #2: comm syz.3.1197: casefold flag without casefold feature
[  493.920851][ T4769] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  493.921186][T10463] loop2: detected capacity change from 0 to 1024
[  493.934461][T10453] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  493.954369][T10453] EXT4-fs (loop3): Errors on filesystem, clearing orphan list.
[  493.954398][T10453] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  494.046997][T10467] loop1: detected capacity change from 0 to 1024
[  494.055871][ T4769] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  494.062222][T10468] loop4: detected capacity change from 0 to 1024
[  494.087408][ T3592] hfsplus: b-tree write err: -5, ino 4
[  494.123357][T10467] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  494.142987][T10467] ext4 filesystem being mounted at /root/syzkaller.XIAsj3/90/file0 supports timestamps until 2038 (0x7fffffff)
[  494.202791][T10467] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.1202: inode #262275072: comm syz.1.1202: iget: illegal inode #
[  494.266985][ T4769] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  494.288346][T10467] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1202: error while reading EA inode 262275072 err=-117
[  494.308733][ T3592] hfsplus: b-tree write err: -5, ino 4
[  494.387642][ T3493] udevd[3493]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  494.401632][ T3521] udevd[3521]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  494.492575][T10483] mmap: syz.4.1206 (10483) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  494.621455][   T26] audit: type=1326 audit(1719722226.729:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10484 comm="syz.3.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5c3d9db99 code=0x7ffc0000
[  494.683094][   T26] audit: type=1326 audit(1719722226.729:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10484 comm="syz.3.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fd5c3d9db99 code=0x7ffc0000
[  494.692506][T10490] loop1: detected capacity change from 0 to 8
[  494.727455][   T26] audit: type=1326 audit(1719722226.729:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10484 comm="syz.3.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5c3d9db99 code=0x7ffc0000
[  494.823364][T10456] chnl_net:caif_netlink_parms(): no params data found
[  494.839465][   T26] audit: type=1326 audit(1719722226.729:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10484 comm="syz.3.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7fd5c3d9db99 code=0x7ffc0000
[  494.875982][ T3493] udevd[3493]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  494.956621][   T26] audit: type=1326 audit(1719722226.729:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10484 comm="syz.3.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5c3d9db99 code=0x7ffc0000
[  494.980637][T10490] loop1: detected capacity change from 0 to 2048
[  495.032383][   T26] audit: type=1326 audit(1719722226.729:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10484 comm="syz.3.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5c3d9db99 code=0x7ffc0000
[  495.075765][ T2961] Alternate GPT is invalid, using primary GPT.
[  495.092774][ T2961]  loop1: p1 p2 p3
[  495.107306][T10456] bridge0: port 1(bridge_slave_0) entered blocking state
[  495.116291][T10456] bridge0: port 1(bridge_slave_0) entered disabled state
[  495.129039][T10456] device bridge_slave_0 entered promiscuous mode
[  495.183076][T10456] bridge0: port 2(bridge_slave_1) entered blocking state
[  495.191862][T10490] Alternate GPT is invalid, using primary GPT.
[  495.192112][T10456] bridge0: port 2(bridge_slave_1) entered disabled state
[  495.201528][T10490]  loop1: p1 p2 p3
[  495.232735][T10456] device bridge_slave_1 entered promiscuous mode
[  495.365236][ T2961] Alternate GPT is invalid, using primary GPT.
[  495.372739][T10456] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  495.380147][ T2961]  loop1: p1 p2 p3
[  495.412809][T10456] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  495.520635][T10517] loop1: detected capacity change from 0 to 1024
[  495.598356][T10456] team0: Port device team_slave_0 added
[  495.620772][T10456] team0: Port device team_slave_1 added
[  495.652111][ T3595] Bluetooth: hci1: command 0x0409 tx timeout
[  495.744234][T10517] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  495.849992][T10517] ext4 filesystem being mounted at /root/syzkaller.XIAsj3/92/file0 supports timestamps until 2038 (0x7fffffff)
[  495.953568][T10517] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.1216: inode #262275072: comm syz.1.1216: iget: illegal inode #
[  496.010730][T10456] batman_adv: batadv0: Adding interface: batadv_slave_0
[  496.020598][T10517] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1216: error while reading EA inode 262275072 err=-117
[  496.056076][T10456] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  496.092747][T10456] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  496.172466][T10456] batman_adv: batadv0: Adding interface: batadv_slave_1
[  496.179945][T10456] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  496.319393][ T3521] udevd[3521]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  496.329837][ T6536] udevd[6536]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  496.343993][ T3493] udevd[3493]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  496.361295][T10456] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  496.373089][T10541] kernel profiling enabled (shift: 9)
[  496.434738][ T3495] udevd[3495]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  496.460209][ T6536] udevd[6536]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  496.499500][ T3493] udevd[3493]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  496.571001][T10456] device hsr_slave_0 entered promiscuous mode
[  496.571604][    C0] ==================================================================
[  496.585628][    C0] BUG: KASAN: stack-out-of-bounds in profile_pc+0xa4/0xe0
[  496.588583][ T6536] udevd[6536]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  496.592760][    C0] Read of size 8 at addr ffffc9000458f360 by task syz.3.1215/10514
[  496.592781][    C0] 
[  496.592796][    C0] CPU: 0 PID: 10514 Comm: syz.3.1215 Not tainted 5.15.161-syzkaller #0
[  496.592817][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  496.592835][    C0] Call Trace:
[  496.592844][    C0]  <IRQ>
[  496.592853][    C0]  dump_stack_lvl+0x1e3/0x2d0
[  496.641760][    C0]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  496.647393][    C0]  ? _printk+0xd1/0x120
[  496.651549][    C0]  ? __wake_up_klogd+0xcc/0x100
[  496.656394][    C0]  ? panic+0x860/0x860
[  496.660456][    C0]  ? _raw_spin_lock_irqsave+0xdd/0x120
[  496.665935][    C0]  print_address_description+0x63/0x3b0
[  496.671491][    C0]  ? profile_pc+0xa4/0xe0
[  496.675812][    C0]  kasan_report+0x16b/0x1c0
[  496.680317][    C0]  ? profile_pc+0xa4/0xe0
[  496.684641][    C0]  ? trigger_load_balance+0x1d5/0xd90
[  496.690012][    C0]  ? _raw_spin_unlock_irqrestore+0xd4/0x130
[  496.695903][    C0]  profile_pc+0xa4/0xe0
[  496.700067][    C0]  profile_tick+0xd4/0x130
[  496.704476][    C0]  tick_sched_timer+0x390/0x550
[  496.709329][    C0]  ? tick_setup_sched_timer+0x2d0/0x2d0
[  496.714870][    C0]  __hrtimer_run_queues+0x55b/0xcf0
[  496.720071][    C0]  ? hrtimer_interrupt+0x980/0x980
[  496.725261][    C0]  ? ktime_get_update_offsets_now+0x407/0x420
[  496.731334][    C0]  hrtimer_interrupt+0x392/0x980
[  496.736299][    C0]  __sysvec_apic_timer_interrupt+0x139/0x470
[  496.742284][    C0]  sysvec_apic_timer_interrupt+0x8c/0xb0
[  496.747916][    C0]  </IRQ>
[  496.750929][    C0]  <TASK>
[  496.753852][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  496.759850][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd4/0x130
[  496.766367][    C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 62 6c a2 f7 f6 44 24 21 02 75 4e 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 57 ac 2f f7 65 8b 05 d8 b2 da 75 85 c0 74 3f 48 c7 04 24 0e 36
[  496.786005][    C0] RSP: 0018:ffffc9000458f360 EFLAGS: 00000206
[  496.792135][    C0] RAX: 8dee40fe2d283a00 RBX: 1ffff920008b1e70 RCX: ffffffff913f0f03
[  496.800218][    C0] RDX: dffffc0000000000 RSI: ffffffff8a8b2a00 RDI: 0000000000000001
[  496.808182][    C0] RBP: ffffc9000458f3f0 R08: ffffffff8186db40 R09: ffffed100e88c40b
[  496.816148][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  496.824201][    C0] R13: 1ffff920008b1e6c R14: ffffc9000458f380 R15: 0000000000000246
[  496.832171][    C0]  ? trace_hardirqs_on+0x30/0x80
[  496.837112][    C0]  ? _raw_spin_unlock+0x40/0x40
[  496.841982][    C0]  __pagevec_lru_add+0x155a/0x18d0
[  496.847106][    C0]  ? lru_cache_add+0x7e0/0x7e0
[  496.851858][    C0]  ? do_raw_spin_unlock+0x137/0x8b0
[  496.857065][    C0]  ? unlock_page+0x188/0x200
[  496.861656][    C0]  munlock_vma_pages_range+0x28fd/0x3100
[  496.867298][    C0]  ? __munlock_isolation_failed+0x250/0x250
[  496.873203][    C0]  ? rcu_lock_release+0x20/0x20
[  496.878081][    C0]  exit_mmap+0x2d5/0x670
[  496.882320][    C0]  ? vm_brk+0x20/0x20
[  496.886305][    C0]  ? uprobe_clear_state+0x304/0x460
[  496.891503][    C0]  __mmput+0x112/0x3b0
[  496.895569][    C0]  exit_mm+0x688/0x7f0
[  496.899673][    C0]  ? _raw_spin_unlock+0x40/0x40
[  496.904524][    C0]  ? do_exit+0x2480/0x2480
[  496.908939][    C0]  ? taskstats_exit+0x491/0xa10
[  496.913782][    C0]  ? tty_audit_exit+0x150/0x1f0
[  496.918628][    C0]  do_exit+0x626/0x2480
[  496.922783][    C0]  ? put_task_struct+0x80/0x80
[  496.927540][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  496.933521][    C0]  do_group_exit+0x144/0x310
[  496.938106][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  496.943404][    C0]  get_signal+0xc66/0x14e0
[  496.947833][    C0]  arch_do_signal_or_restart+0xc3/0x1890
[  496.953481][    C0]  ? __mm_populate+0x3ea/0x4a0
[  496.958327][    C0]  ? __lock_acquire+0x1ff0/0x1ff0
[  496.963470][    C0]  ? __up_read+0x2b9/0x690
[  496.967899][    C0]  ? up_read+0x20/0x20
[  496.971974][    C0]  ? get_sigframe_size+0x10/0x10
[  496.976925][    C0]  ? populate_vma_page_range+0x215/0x2a0
[  496.982579][    C0]  ? check_vma_flags+0x490/0x490
[  496.987515][    C0]  ? exit_to_user_mode_loop+0x39/0x130
[  496.993185][    C0]  exit_to_user_mode_loop+0x97/0x130
[  496.998554][    C0]  exit_to_user_mode_prepare+0xb1/0x140
[  497.004095][    C0]  syscall_exit_to_user_mode+0x5d/0x240
[  497.009639][    C0]  do_syscall_64+0x47/0xb0
[  497.014049][    C0]  ? clear_bhb_loop+0x15/0x70
[  497.018849][    C0]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  497.024753][    C0] RIP: 0033:0x7fd5c3d9db99
[  497.029289][    C0] Code: Unable to access opcode bytes at RIP 0x7fd5c3d9db6f.
[  497.036651][    C0] RSP: 002b:00007fd5c281e048 EFLAGS: 00040246 ORIG_RAX: 0000000000000097
[  497.045326][    C0] RAX: 0000000000000000 RBX: 00007fd5c3f2bfa0 RCX: 00007fd5c3d9db99
[  497.053394][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  497.061361][    C0] RBP: 00007fd5c3e1e77e R08: 0000000000000000 R09: 0000000000000000
[  497.069426][    C0] R10: 0000000000000000 R11: 0000000000040246 R12: 0000000000000000
[  497.077759][    C0] R13: 000000000000000b R14: 00007fd5c3f2bfa0 R15: 00007ffe640bdaa8
[  497.085737][    C0]  </TASK>
[  497.088752][    C0] 
[  497.091158][    C0] 
[  497.093471][    C0] addr ffffc9000458f360 is located in stack of task syz.3.1215/10514 at offset 0 in frame:
[  497.103437][    C0]  _raw_spin_unlock_irqrestore+0x0/0x130
[  497.109067][    C0] 
[  497.111382][    C0] this frame has 1 object:
[  497.115785][    C0]  [32, 40) 'flags.i.i.i.i'
[  497.115796][    C0] 
[  497.122583][    C0] Memory state around the buggy address:
[  497.128200][    C0]  ffffc9000458f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  497.136248][    C0]  ffffc9000458f280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  497.144302][    C0] >ffffc9000458f300: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
[  497.152348][    C0]                                                        ^
[  497.159530][    C0]  ffffc9000458f380: 00 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
[  497.167579][    C0]  ffffc9000458f400: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
[  497.175716][    C0] ==================================================================
[  497.183764][    C0] Disabling lock debugging due to kernel taint
[  497.189924][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  497.197104][    C0] CPU: 0 PID: 10514 Comm: syz.3.1215 Tainted: G    B             5.15.161-syzkaller #0
[  497.206732][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  497.216777][    C0] Call Trace:
[  497.220048][    C0]  <IRQ>
[  497.222883][    C0]  dump_stack_lvl+0x1e3/0x2d0
[  497.227557][    C0]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  497.233179][    C0]  ? panic+0x860/0x860
[  497.237266][    C0]  ? lock_release+0xb9/0x9a0
[  497.241846][    C0]  ? irq_work_queue+0xcd/0x150
[  497.246603][    C0]  panic+0x318/0x860
[  497.250508][    C0]  ? check_panic_on_warn+0x1d/0xa0
[  497.255611][    C0]  ? fb_is_primary_device+0xd0/0xd0
[  497.260899][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  497.266786][    C0]  ? _raw_spin_unlock+0x40/0x40
[  497.271629][    C0]  check_panic_on_warn+0x7e/0xa0
[  497.276556][    C0]  ? profile_pc+0xa4/0xe0
[  497.280880][    C0]  end_report+0x6d/0xf0
[  497.285024][    C0]  kasan_report+0x18e/0x1c0
[  497.289521][    C0]  ? profile_pc+0xa4/0xe0
[  497.293837][    C0]  ? trigger_load_balance+0x1d5/0xd90
[  497.299198][    C0]  ? _raw_spin_unlock_irqrestore+0xd4/0x130
[  497.305083][    C0]  profile_pc+0xa4/0xe0
[  497.309247][    C0]  profile_tick+0xd4/0x130
[  497.313654][    C0]  tick_sched_timer+0x390/0x550
[  497.318499][    C0]  ? tick_setup_sched_timer+0x2d0/0x2d0
[  497.324034][    C0]  __hrtimer_run_queues+0x55b/0xcf0
[  497.329228][    C0]  ? hrtimer_interrupt+0x980/0x980
[  497.334326][    C0]  ? ktime_get_update_offsets_now+0x407/0x420
[  497.340386][    C0]  hrtimer_interrupt+0x392/0x980
[  497.345318][    C0]  __sysvec_apic_timer_interrupt+0x139/0x470
[  497.351290][    C0]  sysvec_apic_timer_interrupt+0x8c/0xb0
[  497.356915][    C0]  </IRQ>
[  497.359832][    C0]  <TASK>
[  497.362763][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  497.368734][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd4/0x130
[  497.375227][    C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 62 6c a2 f7 f6 44 24 21 02 75 4e 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 57 ac 2f f7 65 8b 05 d8 b2 da 75 85 c0 74 3f 48 c7 04 24 0e 36
[  497.394821][    C0] RSP: 0018:ffffc9000458f360 EFLAGS: 00000206
[  497.400877][    C0] RAX: 8dee40fe2d283a00 RBX: 1ffff920008b1e70 RCX: ffffffff913f0f03
[  497.408836][    C0] RDX: dffffc0000000000 RSI: ffffffff8a8b2a00 RDI: 0000000000000001
[  497.416797][    C0] RBP: ffffc9000458f3f0 R08: ffffffff8186db40 R09: ffffed100e88c40b
[  497.424757][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  497.432717][    C0] R13: 1ffff920008b1e6c R14: ffffc9000458f380 R15: 0000000000000246
[  497.440684][    C0]  ? trace_hardirqs_on+0x30/0x80
[  497.445620][    C0]  ? _raw_spin_unlock+0x40/0x40
[  497.450462][    C0]  __pagevec_lru_add+0x155a/0x18d0
[  497.455568][    C0]  ? lru_cache_add+0x7e0/0x7e0
[  497.460321][    C0]  ? do_raw_spin_unlock+0x137/0x8b0
[  497.465508][    C0]  ? unlock_page+0x188/0x200
[  497.470090][    C0]  munlock_vma_pages_range+0x28fd/0x3100
[  497.475717][    C0]  ? __munlock_isolation_failed+0x250/0x250
[  497.481608][    C0]  ? rcu_lock_release+0x20/0x20
[  497.486456][    C0]  exit_mmap+0x2d5/0x670
[  497.490690][    C0]  ? vm_brk+0x20/0x20
[  497.494661][    C0]  ? uprobe_clear_state+0x304/0x460
[  497.499849][    C0]  __mmput+0x112/0x3b0
[  497.503905][    C0]  exit_mm+0x688/0x7f0
[  497.507969][    C0]  ? _raw_spin_unlock+0x40/0x40
[  497.512820][    C0]  ? do_exit+0x2480/0x2480
[  497.517227][    C0]  ? taskstats_exit+0x491/0xa10
[  497.522065][    C0]  ? tty_audit_exit+0x150/0x1f0
[  497.526907][    C0]  do_exit+0x626/0x2480
[  497.531056][    C0]  ? put_task_struct+0x80/0x80
[  497.535807][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  497.541780][    C0]  do_group_exit+0x144/0x310
[  497.546362][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  497.551550][    C0]  get_signal+0xc66/0x14e0
[  497.555958][    C0]  arch_do_signal_or_restart+0xc3/0x1890
[  497.561591][    C0]  ? __mm_populate+0x3ea/0x4a0
[  497.566354][    C0]  ? __lock_acquire+0x1ff0/0x1ff0
[  497.571368][    C0]  ? __up_read+0x2b9/0x690
[  497.575778][    C0]  ? up_read+0x20/0x20
[  497.579835][    C0]  ? get_sigframe_size+0x10/0x10
[  497.584760][    C0]  ? populate_vma_page_range+0x215/0x2a0
[  497.590384][    C0]  ? check_vma_flags+0x490/0x490
[  497.595308][    C0]  ? exit_to_user_mode_loop+0x39/0x130
[  497.600760][    C0]  exit_to_user_mode_loop+0x97/0x130
[  497.606034][    C0]  exit_to_user_mode_prepare+0xb1/0x140
[  497.611569][    C0]  syscall_exit_to_user_mode+0x5d/0x240
[  497.617103][    C0]  do_syscall_64+0x47/0xb0
[  497.621511][    C0]  ? clear_bhb_loop+0x15/0x70
[  497.626179][    C0]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  497.632059][    C0] RIP: 0033:0x7fd5c3d9db99
[  497.636459][    C0] Code: Unable to access opcode bytes at RIP 0x7fd5c3d9db6f.
[  497.643807][    C0] RSP: 002b:00007fd5c281e048 EFLAGS: 00040246 ORIG_RAX: 0000000000000097
[  497.652211][    C0] RAX: 0000000000000000 RBX: 00007fd5c3f2bfa0 RCX: 00007fd5c3d9db99
[  497.660172][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  497.668127][    C0] RBP: 00007fd5c3e1e77e R08: 0000000000000000 R09: 0000000000000000
[  497.676083][    C0] R10: 0000000000000000 R11: 0000000000040246 R12: 0000000000000000
[  497.684146][    C0] R13: 000000000000000b R14: 00007fd5c3f2bfa0 R15: 00007ffe640bdaa8
[  497.692113][    C0]  </TASK>
[  497.695491][    C0] Kernel Offset: disabled
[  497.699805][    C0] Rebooting in 86400 seconds..