last executing test programs:

12.973051823s ago: executing program 2 (id=405):
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
openat$dsp(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x1e, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb2, 0x0, 0x0, 0x10, 0x5}, 0x94)

11.612724427s ago: executing program 0 (id=407):
openat$uhid(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
socket$can_bcm(0x1d, 0x2, 0x2)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@bridge_newvlan={0x24, 0x70, 0x239, 0x70bd29, 0x25dfdbfb, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x9, 0x3}}}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004840}, 0x0)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)

10.898268052s ago: executing program 2 (id=409):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
pread64(r0, &(0x7f0000000080)=""/102356, 0x18fd4, 0x200)

9.541332866s ago: executing program 1 (id=411):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x800}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x7ff, '\x00', 0x0, 0x0}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
io_setup(0x23f, &(0x7f0000000380)=<r2=>0x0)
r3 = eventfd2(0xae, 0x1401)
io_cancel(r2, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x2, 0x8001, r0, &(0x7f00000003c0), 0x0, 0x81, 0x0, 0x3, r3}, &(0x7f0000000500))
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000a80)=@raw={'raw\x00', 0x3c1, 0x3, 0x338, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x278, 0x3d8, 0x3d8, 0x278, 0x3d8, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @dev={0xfe, 0x80, '\x00', 0x40}, [0xffffff00, 0xff, 0xffffffff, 0xff], [0xffffffff, 0xffffffff, 0xff000000, 0xffffffff], 'veth0_virt_wifi\x00', 'veth0_to_batadv\x00', {0xff}, {0xff}, 0x29, 0x20, 0x0, 0x20}, 0x0, 0xf8, 0x158, 0x0, {}, [@common=@hl={{0x28}, {0x1, 0x7}}, @common=@inet=@socket2={{0x28}, 0x1}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@private0={0xfc, 0x0, '\x00', 0x1}, [0xff000000, 0xff, 0x0, 0xffffff00], 0x4e22, 0x4e22, 0x4e24, 0x4e22, 0x7, 0x3, 0x1, 0x6, 0x7}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @empty}, @private0={0xfc, 0x0, '\x00', 0x1}, [0x807fff00, 0xff000000, 0xffffff00, 0xffffff00], [0xff000000, 0xffffff00, 0xffffff00, 0xff000000], 'veth1_to_team\x00', 'wg0\x00', {0xff}, {0xff}, 0x3b, 0x72, 0x2, 0xc}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x7, 0x2a7, 0x6fa6, 0xf60, 'snmp\x00', 'syz0\x00', {0x8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x398)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r4, &(0x7f0000001a40)=""/102392, 0x18ff8)
socket(0x40000000015, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3801}, {0x2c}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0xffc0}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8, 0x20}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f00000005c0)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)

8.536882438s ago: executing program 1 (id=412):
write$nci(0xffffffffffffffff, &(0x7f0000000300)=@NCI_OP_RF_INTF_ACTIVATED_NTF={0x1, 0x0, 0x3, 0x5, 0x7, @v={0x2, 0x2, 0x5, 0x6, 0x7, 0x6, 0x1, {0x5, 0x43, "fcfb0c8c76787144"}, 0x3, 0x4, 0x6, 0x9, 0x2, "9ef7"}}, 0x1b)

8.186668622s ago: executing program 2 (id=413):
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0500000003f01f00040000009a00000001"], 0x48)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000ffd000/0x1000)=nil)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_open_dev$loop(0x0, 0xb8a, 0x18b80)
ioctl$BLKPBSZGET(r2, 0x127b, 0x0)
syz_open_dev$dvb_frontend(&(0x7f00000003c0), 0x0, 0xe82)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xff00000000000000, 0x5, 0xfffffffffffffffd, 0x8001, 0x0, 0x1000001000, 0x45}, 0x0, &(0x7f0000000080)={0x3ff, 0x4, 0x100000, 0x9, 0x0, 0x10, 0x80000002, 0xff00000000000000}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

8.185807392s ago: executing program 1 (id=421):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
pread64(r0, &(0x7f0000000080)=""/102356, 0x18fd4, 0x200)

6.818663004s ago: executing program 2 (id=414):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r0, 0x8800000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x4c27e, 0x53)
close(r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
sendfile(r1, r0, 0x0, 0x578410ed)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)

6.596814422s ago: executing program 2 (id=416):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x14, 0x0, 0x111, 0x1}}, 0x20)

6.595628412s ago: executing program 0 (id=417):
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
openat$dsp(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x1e, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000580)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/59, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb2, 0x0, 0x0, 0x10, 0x5}, 0x94)

5.902229151s ago: executing program 2 (id=418):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x2282, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0xa0380, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r3, &(0x7f0000000280)=ANY=[@ANYBLOB="1e030600bc5cb60128"], 0xffdd)
close_range(r0, 0xffffffffffffffff, 0x0)

5.809857594s ago: executing program 3 (id=419):
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0500000003f01f00040000009a00000001"], 0x48)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000ffd000/0x1000)=nil)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$dvb_frontend(&(0x7f00000003c0), 0x0, 0xe82)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xff00000000000000, 0x5, 0xfffffffffffffffd, 0x8001, 0x0, 0x1000001000, 0x45}, 0x0, &(0x7f0000000080)={0x3ff, 0x4, 0x100000, 0x9, 0x0, 0x10, 0x80000002, 0xff00000000000000}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

4.794332293s ago: executing program 0 (id=420):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000009c0)=@newtfilter={0x7c, 0x2c, 0x100, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0xffff}, {0xb, 0xffe0}, {0x6, 0x3}}, [@TCA_RATE={0x6, 0x5, {0x4, 0x1}}, @filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_FROM={0x8, 0x3, 0x41}]}}, @filter_kind_options=@f_u32={{0x8}, {0x30, 0x2, [@TCA_U32_LINK={0x8, 0x3, 0x2c0000}, @TCA_U32_INDEV={0x14, 0x8, 'team0\x00'}, @TCA_U32_DIVISOR={0x8, 0x4, 0xfe}, @TCA_U32_LINK={0x8, 0x3, 0x80000001}]}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4050}, 0x20000040)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
socket(0xa, 0x1, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x48000)
socket(0x1d, 0x2, 0x2)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x3)
ioctl$UI_SET_ABSBIT(r1, 0x40045567, 0x0)
write$uinput_user_dev(r1, &(0x7f0000000ec0)={'syz0\x00', {}, 0x0, [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xfffffffc, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d52c0], [0x0, 0x0, 0x2, 0xb16, 0x0, 0xffffffcb, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0xf, 0x1, 0x2, 0x0, 0x0, 0x0, 0xfffffffe, 0x20000000, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfefffffd, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf], [0x88000001, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x20000, 0xfffffffd, 0x2, 0xe, 0x1, 0x0, 0x0, 0x3c63, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x2, 0x0, 0x0, 0xd12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4], [0x0, 0xfffffffc, 0xfffffffc, 0xc, 0x6, 0x0, 0x7, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x3, 0x2, 0x0, 0xe, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
ioctl$UI_DEV_CREATE(r1, 0x5501)
write$uinput_user_dev(r1, &(0x7f0000000a40)={'syz1\x00', {}, 0x4d, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xffff], [0xffffffff, 0x3, 0x3, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x400000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd5], [0x0, 0x80000000, 0x0, 0x2, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8000000, 0x0, 0x0, 0x6, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x6], [0x81, 0x0, 0x5d30, 0x0, 0x0, 0x0, 0xdbc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe58b, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1ff]}, 0x45c)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d", 0x44}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f0000000080)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a", 0x29}], 0x3}, 0x0)
r3 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000000)={0x30000001})
socket$nl_netfilter(0x10, 0x3, 0xc)

4.744208953s ago: executing program 3 (id=422):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x800}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x7ff, '\x00', 0x0, 0x0}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
io_setup(0x23f, &(0x7f0000000380)=<r2=>0x0)
r3 = eventfd2(0xae, 0x1401)
io_cancel(r2, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x2, 0x8001, r0, &(0x7f00000003c0), 0x0, 0x81, 0x0, 0x3, r3}, &(0x7f0000000500))
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000a80)=@raw={'raw\x00', 0x3c1, 0x3, 0x338, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x278, 0x3d8, 0x3d8, 0x278, 0x3d8, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @dev={0xfe, 0x80, '\x00', 0x40}, [0xffffff00, 0xff, 0xffffffff, 0xff], [0xffffffff, 0xffffffff, 0xff000000, 0xffffffff], 'veth0_virt_wifi\x00', 'veth0_to_batadv\x00', {0xff}, {0xff}, 0x29, 0x20, 0x0, 0x20}, 0x0, 0xf8, 0x158, 0x0, {}, [@common=@hl={{0x28}, {0x1, 0x7}}, @common=@inet=@socket2={{0x28}, 0x1}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@private0={0xfc, 0x0, '\x00', 0x1}, [0xff000000, 0xff, 0x0, 0xffffff00], 0x4e22, 0x4e22, 0x4e24, 0x4e22, 0x7, 0x3, 0x1, 0x6, 0x7}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @empty}, @private0={0xfc, 0x0, '\x00', 0x1}, [0x807fff00, 0xff000000, 0xffffff00, 0xffffff00], [0xff000000, 0xffffff00, 0xffffff00, 0xff000000], 'veth1_to_team\x00', 'wg0\x00', {0xff}, {0xff}, 0x3b, 0x72, 0x2, 0xc}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x7, 0x2a7, 0x6fa6, 0xf60, 'snmp\x00', 'syz0\x00', {0x8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x398)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r4 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r4, &(0x7f0000001a40)=""/102392, 0x18ff8)
socket(0x40000000015, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3801}, {0x2c}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0xffc0}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8, 0x20}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f00000005c0)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)

4.317171303s ago: executing program 1 (id=423):
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f0000000140)='./file0\x00', 0x301c802, &(0x7f0000000f80)=ANY=[], 0x11, 0x5fbc, &(0x7f0000003100)="$eJzs3cuOHFcZB/CvL9NzCXGsCEXGYuE4EBJCfLch3OKwYAFIICGvsTWZRAYHkG0QiSw8kReIBZdHgE02LPIi4RUQD4Alm1UkCIVq+hy7ptzjHseeru45v580rvr6dE1/5f/UdPdUVVcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPG97/74ZC8iLv463XAw4jMxiOhHrNb1kahnzuf7DyPiUGwNx3MRMViOqJff+ueZiDMR8dGBiDt3b6zXN5/aZR9nT1y/+sn3v/OP3/3p1qGfvvmTD9rjP/rs6Q9/fzPi4A9f+/CTm09m3QEAAKAUVVVVvfQ2/3B6f9/vuikAYCby83+V5NvVarVa/UTrP/bnq5/d1ysxX/2oH6tuqia72SwiYrO5TP2awe54AFgwm/Fx1y3QIfkXbRgRT3XdBDDXel03wJ64c/fGei/l22s+HxwZj+e/U27Lf7N37/yOnabTtI8xmdXP160YxLM79LM6ox7mSc6/387/4nh8lO631/nPyk75j8anPhUn5z9o59+yLf8/R8TC5t+fmH+pcv7DR8l/c7DA27/8AQAAAADY//Lf/w92vP93+fFXZVcetv/3yIx6AAAAAAAAAIAn7XGv/3eP6/8BAADA3Krfq9f+cuD+bc1j/dvzF3oRT7fuDxQmnSyz1nUfAAAAAAAAAAAAAFCS4fgY3gu9iKWIeHptraqq+qupXT+qx11+0ZW+/lCyrn/JAwDA2EcHWufy9yJWIuJC+qy/pbW1tapaWV2r1qrV5fx6drS8Uq023tfmaX3b8mgXL4iHo6r+ZiuN5ZqmvV+eNt7+fvVjjarBLhqbjQ4DB4CIGD8b3fGMtM9U1TPR9ascFoPtf/+x/bMbXf+cAgAAAHuvqqqqlz7O+3Da59/vuikAYBZW8vN/e7+AWq1Wq9Xq/Vc3VZPdbBYRsdlcpn7N4HL8ALBgNuPjrlugQ/Iv2jAiDnXdBDDXel03wJ64c/fGei/l22s+H6Tru+djQbblv9nbWi4vP2k6TfsYk1n9fN2KQTy7Qz/PzaiHeZLz77fzvzgeH6X77XX+s7JT/vV6Huygn67l/Aft/Fv2T/79ifmXKuc/fKT8B/IHAAAAAIA5lv/+f9D+37zKAAAAAAAAALBw7ty9sZ7Pe837/z8/4X695pzzP/eNnH9v1/k7/3c/yfn32/m3DsgZNOZvv3E//3/fvbH+wfV/fS5P5z7/pcGofuylXn8wTMf8VEtvxeW4Ehtx4oH7D7eNn3xgfGnb+Kkp46cfGB/V46t5/Fisxy/iSrx5b3x5yoFRK1PGqynjOf+B7b9IOf9h46vOfy2N91rT2u33+w9s983ppMc5/7f/vvjg1jV7t2Jwb92a6vU72kE/W/8nT43iV9c2rh77zaXr16+ejDTZduupSJMnLOe/lL5y/i+9MB7Pv/eb2+vt90ePnP+8uBXDHfN/oTFfr+/LM+6tCzn/UfrK+ednoMnb/yLnv/P2/0oH/QAAAAAAAAAAAAAAAMDDVFW1dYro+Yg4l87/6ercTABgpv7wgzRTJaEe172Yr37UarVarX4CdVM12evNIla2L3MuIn476ZsBAPPsfxHxz66boDPyL1j+vL96+oWumwFm6tq77/3s0pUrG1evdd0JAAAAAAAAAPBp5et/Hmlc/3nrOKDWdaO3Xf/1jTiysNf/7I8GW9c6Tyv0fDz8+t9H4+HX/x5OebylKeOjKePLU8ZXpoxPPNGjIef/fMo45384rVhJ1399qYN+upbzP5qu9Zzz/1Lrfs38q78ucv79bfkfv/7OL49fe/e9Vy+/c+ntjbc3fn7yxLkzp8+eOX327PG3Ll/ZODH+t8OO91bOP1/72nGgZcn558zlX5ac/xdTLf+y5PxfTLX8y5Lzz6/35F+WnH9+7yP/suT8X061/MuS8/9yquVflpz/K6mWf1ly/l9JtfzLkvN/NdXyL0vO/1iq5V+WnP/xVMu/LDn/vIdL/mXJ+ecjG+Rflpz/qVTLvyw5/9Opln9Zcv5nUi3/suT8z6Za/mXJ+Z9LtfzLkvP/aqrlX5ac/9dSLf+y5PxfS7X8y5Lz/3qq5V+WnP83Ui3/suT8v5lq+Zcl5/+tVMu/LDn/b6da/mXJ+b+eavmX5f7n/5uZ8cx//h4xB22YMTNppuvfTAAAAAAAAAAAAABA2ywOJ+56HQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/swMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7N1djFxnfT/ws69eO4H4T0IIwZC14wRDNt5dvyUmGMzrPw0tTQOhpYU6xl6/gN/qXUOCULM0aRtEpEZtL9KLUkAUIbVVIoRUKqUoUpHau+YKlBvUSpFqqUllIqhES7LVmfM8z87Mzs7s2t74zDmfTxT/vDtnZp45c2Z2vmt9ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLb5AzN/PJBlWf5/44+NWXZ1/vf12f78y/k9V3qFAAAAwKV6pfHn316TvrF/BWdq2uaf3/av31tYWFjIPvPy+Vf/bGEhnTCeZUPrsqxxWvQvv/j5QvM2wSPZ2MBg09eDPa5+qMfpwz1OH+lx+miP09f1OH2sx+lLdsAS64vfxzQubGvjrxuLXZpdl400Ttva4VyPDKwbHIy/y2kYaJxnYeRIdjw7kc1kU0vOM9D4L8ue2Zxf191ZvK7BpuvalGXZhZ9+6VBcw0DYx1uzlitraL7vXnpfNv7yT7906NtzL7650+y5G5asNMu2bcnX+WiWLf66KhvI1qV9Etc52LTOTR3WOdSyzoHG+fK/t6/zwgrXGW/3WFjnc13WuSl878Gbsyybz5bdpt0j2WC2oe1a0/4eK46I/DLyu/IN2fCqjpPNKzhO8vO8cHPrcdJ+TMb9vznsk+Fl1tB8d7z05dEl+/1ij5P8VpfhWM0v+978SsfGmn+12nKs5tt86Zblj4GO912HYyAdy03HwJZex8Dg6FDjGBhcXPOWlmNgesl5BrOBxnWdv6X7MTA5d/LM5OxDX7z9+MmDR2eOzpyantqza+fuXTt37548cvzEzFTx5+p2aR/ZkA2mY3BLeK6Jx+Db27ZtPiQXvnH5HgdjJXkc5Lf947fmC7p6MFvmGM+3eXTbpT8O0s/9psfBcNPjoONzaofHwfAKHgf5Nhe2rexn5nDT/53WsFbPhRubjoEr+fMwv85PvWP558JNYV2PvXO1Pw+HlhwD8WYNhMde/p30em/szrBflh4XN+YnXDXaeG23/cGDc3Nnp7MwXhPXNt1X7cfLhqbblC05XgZXfbzs/5tf3npjh+9vDPtq7Lbu91W+za6J7vdV49n9qtHs3OzM2bA/R7Nif7Z8d0cWxmX2Wu/PTj/N8v2ZskSX/Zlv8+jtl/5aMOWSpue/kV7Pf0Mjw8Xz31DaGyMtz39L75qhxsqy7MLtK3v+Gwn/v9bPf9eV5Pkv31ef2t79GMi3eWxytcfAcNfnv5vDHAjreUdIDGNNuf/VxunzxWHadF/2PG6Gh0fCcTMcr7H1uNm55Dz5peXXvW3q4o6bbTe33lctr1tWftz0+vVBaY6bfF/9+VT34ybf5tnpS3/uWB//2vTcMdrrGBgZGs3XO5IOguL5bmF9PAa2Z4ey09mJ7HA6T34v59c1sWNlx8Bo+P+1fu64oSTHQL6vntzR/RjIt/nhzsv72mlb+E7apum1U/vvF5bL/DcOL15e+2673Jk/X+cHf/TR9L1OGSLf5sVdq80Z3ffTbeE7V3XYT+2Pn+WO6cPZa7OfbgjrPLG7+++m8m2u27PC42l/lmXPTz/f+H1X+P3ud8/96Hstv/ft9Dvl56efv2fyvh+vZv0AAFy8Vxt/zo8WrzWb/sV6Jf/+DwAAAPSFmPsHw0zkfwAAAKiMmPuHwkzkfwAAAKiMmPuHw0xqkv+P3bn3qVceztK7AS4E8fS4G+59T7Fd7HjPh6/HFxbl33//t0ae+srDK7vuwSzLfnnPWzpuf+w9cV2FM3Gd72r9/hI33LSi63/g/sXtmt8/4cLe4vLj7VnpYRC7ys9M7mhc7vhD04357D1ZY943/9gjxeUXX8ftz+8stv/L8KYl+48MtJx/W1jP1jDHw3vK3Lt/cT/kM57vqU1v+6drP7F4ffF8A1te37iZT/5+cbnxPaKeuLbYPt7u5db/j1/9zlP59g/e0nn9Dw92Xv/5cLkvhPmLfcX2zfv8K03r/8Ow/nh98Xzbv/mDjut/+k3F9k+H4+LrYbav/31/8tZXOt1f8Xr231WcL17/1H/vapwvXl68/Pb1jz083bI/2i//2ZeLy9n3+Z8NNW8fvx+vJ3rgrtbjeyDcvy098izLvvNHWct+zt5dnO8f2tYfL+/MXZ3Xf1vbOs8M3NQ4/+Lt2dhyu7721zs63t64nv1/t7Hl9jzxobD/Xp78YX655+8Lx2M4/X+eKy6v/c1Inv5Q6/NN3P7rG4vHbby8ybb1P9G2/vmb8n3Xe/13v1ys/+n3rmtZ//4Ph+Pp7mL2Wv/Rv7qm5fzf+HZxf5z9wsSp07Pnjh9u2qvNj+N1Y+s3XHX1615/TXgubf/6wOm5YzNnx6fGp7JsvA/fMnCt1//NMP+rGPOX/xoKP/5Zcdw9/pHi59bbf158/UT4/gPh/ow/H7/2FyMtx2v7/T7/3mJe6vrfGdaxUm/66r/ftKINz3/6mXN//wcvtr8uiLfnzBvHGrfvyc3XN04beLY4vf35qpd/e2Pr4/onw1ON+f2wXxfCOzNvub64vvbLj+9N8vjHisdvfCUXz5+1vZ/IxqHW23Gp6/9JeB3zgxtan//i8fH9h9vezXljNpAvYT48P2Tzxelxq7i/H79wfcfri+/Dk82/eTXLXNbsQ7OTJ46fOvfg5NzM7Nzk7ENfPHDy9LlTcwca71164LO9zr/4+N7QeHwfntmzK2s82k8XY41d6fWfuf/Q4Tumbj08c+TguSNz95+ZOXv00OzsoZnDs7cePHJk5gu9zn/88L7pHXt33rFj4ujxw/vu3Lt3596J46dO58soFtXDnqnPTZw6e6Bxltl9u/ZO7969a2ri5OnDM/vumJqaONfr/I2fTRP5uT8/cXbmxMG54ydnJmaPf3Fm3/TePXt29Hz3x5NnjsyOT549d2ry3OzM2cnitozPNb6d/+zrdX7qYfZ0eL5rMxBenX/ytj3p/XFz3/ryshdVbNL68jR7KbwXVPz51uvrmPtHwkxqkv8BAACgDmLuD2/8v3iC/A8AAACVEXP/ujAT+R8AAAAqI+b+IvmPpY9/r0v+v1z9/y/r/zfo/+v/Z/r/if6//n+m/6//34P+fyn6/8f0//X/9f9ZK2Xr/4fcn63PMv/+DwAAABUVc/+GMBP5HwAAACoj5v6rwkzkfwAAAKiMmPuvDjOpSf73+f/6//r/3fr/cVv9/0z/vwz9/63/qf+/hP6//n+m/3/RrnR/vt/XX8L+/3r9f8qmbP3/mPtfF2ZSk/wPAAAAdRBz/+vDTOR/AAAAKLV1q9g25v5rwkzkfwAAAKiMmPs3hpnUJP9fuf7/qP6//n9Dufv/Pv+/mf7/Fe//+/z/DvT/9f+z2vT/ixcL+v/lWf/a9///tOv5ff4//aBs/f+Y+/9fmElN8j8AAADUQcz9bwgzkf8BAACgMmLuvzbMRP4HAACAyoi5/7owk5rk/3p+/v8LWZbp/2f6//r/bevU/9f/Xwv6//r/3VzZ/n/+2qef+v8+/79s6y/h5//r/1M6Zev/x9z/xjCTmuR/AAAAqIOY+68PM5H/AQAAoDJi7n9TmIn8DwAAAJURc/8NYSY1yf/17P/7/H/9/8Ia9P8HhvX/E/1//f9M/1//vwef/6//38/r1//X/6e3svX/Y+5/c5hJTfI/AAAA1EHM/TeGmcj/AAAAUBkx978lzET+BwAAgMqIuX9TmElN8r/+v/6//r/P/9f/1/9fS/3V/x9c9hT9/4L+f6vL1/+fX1yA/n/frF//X/+f3srW/4+5/61hJjXJ/wAAAFAHMfe/LcxE/gcAAIDKiLn/pjAT+R8AAAAqI+b+8TCTmuR//X/9f/1//X/9f/3/tdRf/f/l6f8X9P9b+fx//X/9f/1/uitb/z/m/s1hJjXJ/wAAAFAHMfdvCTOR/wEAAKAyYu6/OcxE/gcAAIDKiLl/a5hJTfK//r/+v/6//r/+v/7/WtL/1//vRv9f/7+f16//r/9Pb2Xr/8fcf0uYSU3yPwAAANRBzP23hpnI/wAAAFAZMfe/PcxE/gcAAIDKiLl/W5hJTfK//r/+v/5/H/f/h/T/M/3/0uux/v9t+7Gzavr/+v+Z/v9Fu9L9+X5fv/6//j+9la3/H3P/O8JMapL/AQAAoA5i7n9nmIn8DwAAAJURc/9tYSbyPwAAAFRGzP0TYSY1yf8V7/+/+B/LbKb/X9D/7/P+v8//b1m//n85+fx//f9u9P/1//t5/fr/+v/0Vrb+f8z9t4eZ1CT/AwAAQB3E3L89zET+BwAAgMqIuX8yzET+BwAAgMqIuX8qzKQm+b/i/f9l6f8X9P/1/zP9f/3/Nab/r//fjf6//n8/r1//X/+f3srW/4+5fzrMpCb5HwAAAOog5v4dYSbyPwAAAFRGzP07w0zkfwAAAKiMmPt3hZnUJP/3Sf9/eypA6f/r/+v/6//r//cV/f+K9v/zJxL9f/3/03NpB+v/6//r/zPY4Xtl6//H3L87zKQm+R8AAADqIOb+PWEm8j8AAABURsz9d4SZyP8AAABQGTH33xlmUpP83yf9f5//r/+v/99E/1//v5/o/1e0/+/z/xv0/33+v/6//j/dla3/H3P/3jCTmuR/AAAAqIOY+98VZiL/AwAAQGXE3H9XmIn8DwAAAH2l0+cQRjH3vzvMpCb5X/+/6v3/hXX6//r/+v/d16//v7b0//X/u9H/1//v5/Xr/+v/01vZ+v8x9+8LM6lJ/gcAAIA6iLn/PWEm8j8AAABURsz97w0zkf8BAACgMmLu3x9mUpP8r/9f9f6/z//X/9f/77V+/f+1pf+v/99NJfv/66rf/w8vW/T/S9T/z48h/X/KqGz9/5j73xdmUpP8DwAAAHUQc//7w0zkfwAAAKiMmPs/EGYi/wMAAEBlxNz/wTCTmuR//X/9f/1//X/9f/3/taT/v2b9/8ZTof5/oVT9f5//r//v8//1/0nK1v+Puf9DYSY1yf8AAABQBzH3fzjMRP4HAACAyoi5//+Hmcj/AAAAUBkx998dZlKT/K//r/+v/6//r/+v/7+W9P99/n83+v/6//28fv1//X96K1v/P+b+XwkzqUn+BwAAgDqIuf+eMBP5HwAAACoj5v6PhJnI/wAAANBnRpc9Jeb+Xw0zqUn+77/+/3hf9v8H0+Xr/+v/6//r/+v/X076//r/mf7/RbvS/fl+X7/+v/4/vZWt/x9z/6+FmdQk/wMAAEAdxNz/0TAT+R8AAAAqI+b+Xw8zkf8BAACgMmLuvzfMpCb5/3L3/9vP343P/9f/z/T/9f/1//X/L5H+v/5/pv9/0a50f77f16//r/9Pb2Xr/8fc/xthJjXJ/wAAAFAHMfffF2Yi/wMAAEBJHVv1OWLu/1iYifwPAAAAlRFz/8fDTGqS//vv8//1//X/9f/1//X/+4n+v/5/N/r/+v/9vH79f/1/eitb/z/m/vvDTGqS/wEAAKAOYu7/RJiJ/A8AAACVEXP/b4aZyP8AAABQGTH3/1aYSU3yv/6//r/+v/6//r/+/1rS/1/a/8+fw/T/C/r/+v/9vH79f/1/eitb/z/m/k+GmdQk/wMAAEAdxNz/22Em8j8AAABURsz9vxNmIv8DAABAZcTc/6kwk5rkf/1//X/9f/1//X/9/7Wk/+/z/7vR/9f/7+f16//r/9Nb2fr/Mfd/OsykJvkfAAAA6iDm/t8NM5H/AQAAoDJi7j8QZiL/AwAAQGXE3P9AmElN8r/+v/6//r/+v/6//v9a0v/X/+9G/1//v5/Xr/+v/09vZev/x9x/MMxkf+vVAAAAAP0r5v7PhJnU5N//AQAAoA5i7j8UZiL/AwAAQGXE3H84zKQm+V//X/9f/1//X/9f/38t6f/r/3ej/6//38/r1//X/6e3svX/Y+6fCTOpSf4HAACAOoi5/0iYifwPAAAAlRFz/9EwE/kfAAAAKiPm/mNhJjXJ//r/+v/6/7Xt/z/33bZ16v/r/68F/X/9/270//X/+3n9+v/6//RWtv5/zP3Hw0xqkv8BAACgDmLu/2yYifwPAAAAlRFz/+fCTOR/AAAAqIyY+0+EmdQk/+v/6//r/9e2/7+yz/9fv3i9+v/6/xdD/1//vxv9f/3/fl6//r/+P72Vrf8fc//JMJOa5H8AAACog5j7T4WZyP8AAABQGTH3nw4zkf8BAACgMmLuPxNmUpP8r/+/uv7/wDLdQP3/zuvX/69A/7+J/r/+/8XQ/9f/70b/X/+/n9ev/6//T29l6//H3P97YSY1yf8AAABQBzH3nw0zkf8BAACgMmLunw0zkf8BAACgMmLun/s/9u47WbOy2uP4e5vbfZu65RyYgiNwCI7BKqdgTmAEs2LOCXPCrJhzzjnnjGKOVVp0r7WgD332Pk2ft8+zn/X5/MGSAxYPgmX9Cr+145Ym+1//7/v/+n/9v/5f/79P+n/9/xL9v/5/y+/X/+v/WTda/5+7/35xS5P9DwAAAB3k7r9/3GL/AwAAwDRy9z8gbrH/AQAAYBq5+x8YtzTZ//p//b/+X/+v/9f/75P+f6P9/26n/z8C/b/+X/+v/2fZaP1/7v4HxS1N9j8AAAB0kLv/wXGL/Q8AAADTyN3/kLjF/gcAAIBp5O5/aNzSZP/r//X/+n/9v/5f/79P+v+N9v++/38k+n/9v/5f/8+y0fr/3P0Pi1ua7H8AAADoIHf/w+MW+x8AAACmkbv/EXGL/Q8AAADTyN1/bdzSZP/r//X/+v8N9v//q//X/2+H/l//v0T/r//f8vv1//p/1o3W/+fuvy5uabL/AQAAoIPc/Y+MW+x/AAAAmEbu/kfFLfY/AAAATCN3/6Pjlib7X/+v/9f/b7D/9/1//f+G6P/1/0v0//r/Lb9f/6//Z91o/X/u/sfELU32PwAAAHSQu/+xcYv9DwAAANPI3f+4uMX+BwAAgGnk7r8+bmmy//X/+n/9v/5f/6//3yf9v/5/if5f/7/l9+v/9f+s23v/f+8bzt2j9v+5+2+IW5rsfwAAAOggd//j4xb7HwAAAKaRu/8JcYv9DwAAANPI3f/EuKXJ/tf/6//v6P//8z/6f/2//v+On+v/j4f+X/+/RP+v/9/y+/X/+n/W7b3/X+n9D/567v4nxS1N9j8AAAB0kLv/yXGL/Q8AAADTyN3/lLjF/gcAAIDhnT3i75e7/6kH/11N9r/+X//v+//6f/2//n+f9P/D9v8H/6t3of31/2fu/Cv6f/3/lt+/1P/f6wjv1//TwWj9f+7+p8UtTfY/AAAAdJC7/+lxi/0PAAAA08jdf2PcYv8DAADANHL3PyNuabL/9f/6f/2//v/C/v9Uy/7/9p/p//dD/z9s/7/M9/+PRP+v//f9f/0/y0br/3P3PzNuabL/AQAAoIPc/c+KW+x/AAAAmEbu/mfHLfY/AAAATCN3/3Pilib7X/+v/9f/6/8v6/v/V83R//v+//7o//X/S/T/+v8tv1//r/9n3Wj9f+7+58YtTfY/AAAATO/Urnb/8+IW+x8AAACmkbv/+XGL/Q8AAADTyN3/grilyf7X/+v/9f/6/8vq/yf5/r/+f3/0//r/JUft/3f6//pzOdn+//QFv6b/1//r/1kzWv+fu/+FcUuT/Q8AAADzuf4uP8nd/6K4xf4HAACAaeTuf3HcYv8DAADANHL3vyRuabL/9f/6f/2//l//r//fJ/2//n+J7/9vrf+/kP5f/6//Z81o/X/u/pfGLU32PwAAAHSQu/9lcYv9DwAAANPI3f/yuMX+BwAAgGnk7n9F3HJw/5+6kq+6ck60/892Q/+v/9f/n6P/j7+u+n/9/yXQ/+v/dxP2/2cP+ePp/8d6v/5f/8+60fr/3P03xS3++T8AAABMI3f/K+MW+x8AAACmkbv/VXGL/Q8AAADTyN3/6rilyf4/rP+/7f/P/3bf/z8a/f/F36//1//r//X/+v/j6/8v9j9v+v/zZuv/ff9/G+/X/+v/WTda/5+7/zVxS5P9DwAAAB3k7n9t3GL/AwAAwDRy978ubrH/AQAAYBq5+18ftzTZ/8f//f9rTqL/vyOu0//r//X/+v/4+WH9/0H6//3S//v+/xL9v/5/y+/X/+v/WTda/5+7/w1xS5P9DwAAAB3k7n9j3GL/AwAAwDRy978pbrH/AQAAYBq5+98ctzTZ/8ff//v+v/7/Evv/U/r/pP+Pv66+/6//vwT6f/3/Tv9/t510P7/19+v/9f+sG63/z91/87mp12//AwAAQAc3n/vl2d1b4hb7HwAAAKaRu/+tcYv9DwAAANPI3f+2uKXJ/tf/6/9PvP/3/f+i/4+/rvp//f8l0P/r/3f6/7vtpPv5rb9f/6//Z91o/X/u/rfHLU32PwAAAHSQu/8dcYv9DwAAANOI3X/+//xu/wMAAMCU3nnul2d374pbmuz/xv3/NZfb/199p3+t/7/4+/X/x9L/33zw7z39v/5/S/T/+v8l+n/9/5bfP07/Hz+4Vv/PeEbr/3P3vztuabL/AQAAoIPc/e+JW+x/AAAAmEbu/lviFvsfAAAAppG7/71xS5P937j/n+T7//e5NV6g/5+3//f9/7j6f/3/xej/9f87/f/ddtL9/NbfP07/7/v/jGu0/j93//vilib7HwAAADrI3f/+uMX+BwAAgGnk7v9A3GL/AwAAwDRy938wbmmy//X/W+//ff9f/6//1/+PTf+v/1+i/9f/b/n9+n/9P+tG6/9z938obmmy/wEAAKCD3P0fjlvsfwAAAJhG7v6PxC32PwAAAEwjd/9H45Ym+1//r//fV/9/+x9E/9+k/79O/7/T/x9K/6//X6L/1/9v+f36f/0/60br/3P3fyxuabL/AQAAoIPc/R+PW+x/AAAAmEbu/k/ELfY/AAAATCN3/yfjhnve4+SedLxOH/Lz6M31//p/3//X//v+v/5/n/T/+v8l+n/9/5bfr//X/7NutP4/d/+n4hb//B8AAACmkbv/03GL/Q8AAADTyN3/mbjF/gcAAIBp5O7/bNzSZP/r//X/+v/N9v9X6/8vfL/+f0z6f/3/Ev2//n/L79f/6/9ZN1r/n7v/c3FLk/0PAAAAHeTu/3zcYv8DAADANHL3fyFusf8BAABgGrn7vxi3NNn/+n/9v/5/s/2/7/8feL/+f0z6f/3/Ev2//n/L79f/6/9ZN1r/n7v/S3FLk/0PAAAAHeTu/3LcYv8DAADANHL3fyVusf8BAABgGrn7vxq3NNn/+n/9v/5f/6//1//v0xXv/08d/x9jp//X/x9C/6//1//r/1k2Wv+fu/9rcUuT/Q8AAAAd5O7/etxi/wMAAMA0cvd/I26x/wEAAGAaufu/Gbc02f8z9/9Lv5v+/zz9v/5/p/8/2P+fyZ/r/4+H7//r/5fo/yfu/88cyxNP7v36f/0/x2K0/j93/7filib7HwAAADrI3f/tuMX+BwAAgGnk7v9O3GL/AwAAwDRy9383bmmy/2fu/5fo/8/T/+v/d/p/3//fM/2//n+J/n/i/t/3//X/cHL9/+ndIf1/7v7vxS1N9j8AAAB0kLv/+3GL/Q8AAADTyN3/g7jF/gcAAIBp5O7/Ydwyz/6/7y0Lv1H/f+z9/7m/ifT/+v+d/l//r/8/R/+v/1+i/9f/b/n9+n/9P+tG+/5/7v4fxS3z7H8AAABoL3f/j+MW+x8AAACmkbv/J3GL/Q8AAADTyN3/07ilyf7X//v+v/6/Vf9/1e5I/X/+J6z/1/9fPv2//n+J/l//v+X36//1/6wbrf/P3f+zuKXJ/gcAAIAOcvf/PG6x/wEAAGAauft/EbfY/wAAADCN3P2/jFua7H/9v/5f/9+q//f9f/3/Faf/1/8v0f/r/7f8/uz/8+87/b/+n7sarf/P3f+ruKXJ/gcAAIAOcvf/Om6x/wEAAGAauft/E7fY/wAAADCN3P2/jVua7H/9v/5f/6//1//r//dJ/6//X6L/1/9v+f2+/6//Z91o/X/u/lvjlib7HwAAADrI3f+7uMX+BwAAgGnk7v993GL/AwAAwDRy998WtzTZ//p//f+U/f//6f/1//r/Uej/9f9L9P/6/y2/X/+v/2fdaP1/7v4/xC1N9j8AAAB0kLv/j3GL/Q8AAADTyN3/p7jF/gcAAIBp5O7/c9zSZP/r//X/l97/n64/72H7f9//1//r/4cxb/9/Rv+v/7/s/v/Gm87/WP+/zffr//X/rBut/8/d/5e4pcn+BwAAgA5y9/81brH/AQAAYBq5+/8Wt9j/AAAAMI3c/X+PW5rsf/2//n/K7//r//X/+v9hzNv/+/6//t/3//X/+n/9P2tG6/9z9/8jbmmy/wEAAKCD3P3/jFvsfwAAAJhG7v5/xS32PwAAAEwjd/+/45Ym+1//r//X/+v/9f/6/33S/+v/l+j/9f9bfr/+X//PutH6/9z9/w0AAP//pQEwbw==")
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sm3)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[], 0x54}, 0x1, 0x0, 0x0, 0x24000005}, 0x8081)
accept4$tipc(0xffffffffffffffff, 0x0, 0x0, 0x80800)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400), 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000000), 0x24, 0x0)
socket(0x840000000002, 0x3, 0xff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$unix(0x1, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000bc0)={{{@in=@multicast2, @in6=@empty, 0x0, 0x0, 0x4e21, 0x0, 0x2, 0x120, 0x0, 0x5e}, {0x0, 0x0, 0x4, 0x0, 0x8, 0x8, 0x4}, {0x4, 0x0, 0x0, 0xe6c1}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in=@broadcast, 0x80, 0x32}, 0x0, @in=@loopback, 0x0, 0x0, 0x2, 0x8, 0x0, 0xfffffff9}}, 0xe8)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)

3.669877801s ago: executing program 0 (id=424):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
pwritev2(0xffffffffffffffff, &(0x7f0000000240), 0x0, 0x9c00, 0x0, 0x3)
ioctl$FIBMAP(0xffffffffffffffff, 0x1, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$SG_NEXT_CMD_LEN(0xffffffffffffffff, 0x2283, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@local, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x5}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x33}, 0xfffffffd, 0x32}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x2}, 0x0, 0x0, 0x0, 0xfd}}, 0xe8)
sendmmsg(r1, &(0x7f0000000480), 0x21, 0x0)

3.607868759s ago: executing program 3 (id=425):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r0, 0x8800000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x4c27e, 0x53)
close(r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
sendfile(r1, r0, 0x0, 0x578410ed)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)

3.44830645s ago: executing program 3 (id=426):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB='\x00\a\x00\x00B\x00'], 0xfe33)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f00000017c0)=""/4113, 0x1011}, {&(0x7f0000005740)=""/4071, 0xfe7}, {&(0x7f0000000200)=""/115, 0x73}, {&(0x7f0000000780)=""/190, 0xbe}, {&(0x7f0000000300)=""/188, 0xbc}, {&(0x7f0000000880)=""/108, 0x6c}], 0x6}, 0x10100)

2.383834519s ago: executing program 3 (id=427):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x800}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x7ff, '\x00', 0x0, 0x0}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
io_setup(0x23f, 0x0)
r2 = eventfd2(0xae, 0x1401)
io_cancel(0x0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x2, 0x8001, r0, &(0x7f00000003c0), 0x0, 0x81, 0x0, 0x3, r2}, &(0x7f0000000500))
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000a80)=@raw={'raw\x00', 0x3c1, 0x3, 0x338, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x278, 0x3d8, 0x3d8, 0x278, 0x3d8, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @dev={0xfe, 0x80, '\x00', 0x40}, [0xffffff00, 0xff, 0xffffffff, 0xff], [0xffffffff, 0xffffffff, 0xff000000, 0xffffffff], 'veth0_virt_wifi\x00', 'veth0_to_batadv\x00', {0xff}, {0xff}, 0x29, 0x20, 0x0, 0x20}, 0x0, 0xf8, 0x158, 0x0, {}, [@common=@hl={{0x28}, {0x1, 0x7}}, @common=@inet=@socket2={{0x28}, 0x1}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@private0={0xfc, 0x0, '\x00', 0x1}, [0xff000000, 0xff, 0x0, 0xffffff00], 0x4e22, 0x4e22, 0x4e24, 0x4e22, 0x7, 0x3, 0x1, 0x6, 0x7}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @empty}, @private0={0xfc, 0x0, '\x00', 0x1}, [0x807fff00, 0xff000000, 0xffffff00, 0xffffff00], [0xff000000, 0xffffff00, 0xffffff00, 0xff000000], 'veth1_to_team\x00', 'wg0\x00', {0xff}, {0xff}, 0x3b, 0x72, 0x2, 0xc}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x7, 0x2a7, 0x6fa6, 0xf60, 'snmp\x00', 'syz0\x00', {0x8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x398)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r3, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
cachestat(r0, &(0x7f0000000540)={0x5, 0x1}, &(0x7f0000000580), 0x0)
read$msr(r4, &(0x7f0000001a40)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3801}, {0x2c}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0xffc0}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8, 0x20}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f00000005c0)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)

1.514791645s ago: executing program 1 (id=428):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c0000000206050000000000000000000700000014000780080008400000009808000640200000000500010006000000050005000200000005000400000000000900020073797a310000000010000300686173683a69702c6d6163"], 0x5c}}, 0x20000000)

1.43677921s ago: executing program 3 (id=429):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x800}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
io_setup(0x23f, &(0x7f0000000380)=<r2=>0x0)
r3 = eventfd2(0xae, 0x1401)
io_cancel(r2, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x2, 0x8001, r0, &(0x7f00000003c0), 0x0, 0x81, 0x0, 0x3, r3}, &(0x7f0000000500))
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r4, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x4d, 0x83, 0x68, 0x8, 0x2c42, 0x16f8, 0xf333, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x4}}]}}, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r5, &(0x7f0000001a40)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3801}, {0x2c}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0xffc0}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8, 0x20}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f00000005c0)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)

1.182135813s ago: executing program 0 (id=430):
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
openat$dsp(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x1e, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000580)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/59, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb2, 0x0, 0x0, 0x10, 0x5}, 0x94)

228.155933ms ago: executing program 1 (id=431):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
pread64(r0, &(0x7f0000000080)=""/102356, 0x18fd4, 0x200)

0s ago: executing program 0 (id=432):
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000ffd000/0x1000)=nil)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_open_dev$loop(0x0, 0xb8a, 0x18b80)
ioctl$BLKPBSZGET(r2, 0x127b, 0x0)
syz_open_dev$dvb_frontend(&(0x7f00000003c0), 0x0, 0xe82)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xff00000000000000, 0x5, 0xfffffffffffffffd, 0x8001, 0x0, 0x1000001000, 0x45}, 0x0, &(0x7f0000000080)={0x3ff, 0x4, 0x100000, 0x9, 0x0, 0x10, 0x80000002, 0xff00000000000000}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.183' (ED25519) to the list of known hosts.
[   72.682647][ T5754] cgroup: Unknown subsys name 'net'
[   72.850869][ T5754] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   74.511124][ T5754] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   76.523266][ T5768] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   76.531640][ T5768] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   76.543411][ T5768] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   76.552542][ T5773] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   76.597398][ T5773] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   76.605746][ T5775] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   76.605910][ T5773] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   76.613609][ T5775] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   76.621652][ T5773] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   76.628264][ T5775] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   76.634699][ T5773] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   76.642612][ T5775] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   76.655743][ T5775] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   76.665391][ T5775] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   76.672800][ T5775] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   76.682136][ T5780] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   76.689608][ T5780] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   76.698794][ T5780] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   76.706282][ T5780] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   76.713567][ T5775] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   76.721118][ T5780] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   76.785833][ T5780] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   76.796973][ T5780] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   76.806250][ T5780] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   77.094357][ T5765] chnl_net:caif_netlink_parms(): no params data found
[   77.253027][ T5770] chnl_net:caif_netlink_parms(): no params data found
[   77.280499][ T5771] chnl_net:caif_netlink_parms(): no params data found
[   77.296964][ T5765] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.304699][ T5765] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.311936][ T5765] bridge_slave_0: entered allmulticast mode
[   77.319607][ T5765] bridge_slave_0: entered promiscuous mode
[   77.332417][ T5765] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.339800][ T5765] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.347206][ T5765] bridge_slave_1: entered allmulticast mode
[   77.354649][ T5765] bridge_slave_1: entered promiscuous mode
[   77.467213][ T5765] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.477006][ T5769] chnl_net:caif_netlink_parms(): no params data found
[   77.506883][ T5765] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.592288][ T5765] team0: Port device team_slave_0 added
[   77.603216][ T5770] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.610325][ T5770] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.618060][ T5770] bridge_slave_0: entered allmulticast mode
[   77.625053][ T5770] bridge_slave_0: entered promiscuous mode
[   77.632264][ T5771] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.641174][ T5771] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.648508][ T5771] bridge_slave_0: entered allmulticast mode
[   77.657053][ T5771] bridge_slave_0: entered promiscuous mode
[   77.665848][ T5771] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.672927][ T5771] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.681595][ T5771] bridge_slave_1: entered allmulticast mode
[   77.688704][ T5771] bridge_slave_1: entered promiscuous mode
[   77.697345][ T5765] team0: Port device team_slave_1 added
[   77.708742][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.716092][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.723521][ T5770] bridge_slave_1: entered allmulticast mode
[   77.730239][ T5770] bridge_slave_1: entered promiscuous mode
[   77.801966][ T5771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.821718][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.829098][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.836670][ T5769] bridge_slave_0: entered allmulticast mode
[   77.843613][ T5769] bridge_slave_0: entered promiscuous mode
[   77.862132][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.869451][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.876850][ T5769] bridge_slave_1: entered allmulticast mode
[   77.886392][ T5769] bridge_slave_1: entered promiscuous mode
[   77.895003][ T5771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.907717][ T5765] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.914818][ T5765] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.940919][ T5765] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.955174][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.969397][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.997505][ T5765] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.004826][ T5765] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.030785][ T5765] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.094288][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.107129][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.131484][ T5771] team0: Port device team_slave_0 added
[   78.140590][ T5770] team0: Port device team_slave_0 added
[   78.149781][ T5770] team0: Port device team_slave_1 added
[   78.178437][ T5771] team0: Port device team_slave_1 added
[   78.221343][ T5769] team0: Port device team_slave_0 added
[   78.230637][ T5769] team0: Port device team_slave_1 added
[   78.262548][ T5765] hsr_slave_0: entered promiscuous mode
[   78.270196][ T5765] hsr_slave_1: entered promiscuous mode
[   78.277612][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.285115][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.311875][ T5771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.325287][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.332253][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.358254][ T5771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.380236][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.387436][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.413816][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.427798][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.435088][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.461216][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.518840][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.525995][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.552441][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.566470][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.573510][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.599529][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.664963][ T5771] hsr_slave_0: entered promiscuous mode
[   78.672089][ T5771] hsr_slave_1: entered promiscuous mode
[   78.679208][ T5771] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.687205][ T5771] Cannot create hsr debugfs directory
[   78.694072][ T5780] Bluetooth: hci0: command tx timeout
[   78.719687][ T5770] hsr_slave_0: entered promiscuous mode
[   78.729414][ T5770] hsr_slave_1: entered promiscuous mode
[   78.735617][ T5770] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.743258][ T5770] Cannot create hsr debugfs directory
[   78.773327][ T5780] Bluetooth: hci2: command tx timeout
[   78.814591][ T5769] hsr_slave_0: entered promiscuous mode
[   78.820986][ T5769] hsr_slave_1: entered promiscuous mode
[   78.828027][ T5769] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.836249][ T5769] Cannot create hsr debugfs directory
[   78.853439][ T5780] Bluetooth: hci1: command tx timeout
[   78.853787][ T5768] Bluetooth: hci3: command tx timeout
[   79.204431][ T5765] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   79.216822][ T5765] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   79.227382][ T5765] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   79.239105][ T5765] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   79.317115][ T5770] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   79.328651][ T5770] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   79.340118][ T5770] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   79.353013][ T5770] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   79.448293][ T5769] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   79.458199][ T5769] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   79.470443][ T5769] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   79.481755][ T5769] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   79.589391][ T5771] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   79.609511][ T5771] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   79.621190][ T5765] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.644068][ T5771] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   79.657662][ T5771] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   79.709628][ T5765] 8021q: adding VLAN 0 to HW filter on device team0
[   79.736739][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.744238][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.784330][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.791516][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.837991][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.875738][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.898508][ T5770] 8021q: adding VLAN 0 to HW filter on device team0
[   79.942639][ T1021] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.949877][ T1021] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.961914][ T5769] 8021q: adding VLAN 0 to HW filter on device team0
[   79.985585][ T5765] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   80.002330][ T1021] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.009564][ T1021] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.025912][ T1021] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.033006][ T1021] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.061791][ T1021] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.068995][ T1021] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.126278][ T5771] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.201251][ T5769] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   80.217948][ T5769] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   80.289518][ T5771] 8021q: adding VLAN 0 to HW filter on device team0
[   80.329926][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.337119][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.396036][ T1081] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.403266][ T1081] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.600558][ T5765] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.686459][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.752215][ T5765] veth0_vlan: entered promiscuous mode
[   80.769461][ T5765] veth1_vlan: entered promiscuous mode
[   80.784791][ T5768] Bluetooth: hci0: command tx timeout
[   80.852213][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.859690][ T5768] Bluetooth: hci2: command tx timeout
[   80.880766][ T5769] veth0_vlan: entered promiscuous mode
[   80.928627][ T5769] veth1_vlan: entered promiscuous mode
[   80.933902][ T5768] Bluetooth: hci3: command tx timeout
[   80.939588][ T5768] Bluetooth: hci1: command tx timeout
[   80.953030][ T5765] veth0_macvtap: entered promiscuous mode
[   80.974907][ T5765] veth1_macvtap: entered promiscuous mode
[   81.029905][ T5771] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.051326][ T5765] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.080069][ T5770] veth0_vlan: entered promiscuous mode
[   81.090262][ T5769] veth0_macvtap: entered promiscuous mode
[   81.109332][ T5765] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.130181][ T5765] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.140321][ T5765] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.150117][ T5765] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.159065][ T5765] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.173971][ T5769] veth1_macvtap: entered promiscuous mode
[   81.200582][ T5770] veth1_vlan: entered promiscuous mode
[   81.255250][ T5771] veth0_vlan: entered promiscuous mode
[   81.275789][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.292596][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.309932][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.342523][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.359540][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.371136][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.394490][ T5771] veth1_vlan: entered promiscuous mode
[   81.420591][ T5770] veth0_macvtap: entered promiscuous mode
[   81.440269][ T5770] veth1_macvtap: entered promiscuous mode
[   81.469600][ T5769] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.479233][ T5769] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.489136][ T5769] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.498218][ T5769] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.548610][ T1081] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.565973][ T1081] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.622119][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.633740][ T2121] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.641595][ T2121] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.649530][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.660730][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.671317][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.682587][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.702826][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.720582][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.731528][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.742266][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.753642][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.767239][ T5770] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.776767][ T5770] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.785651][ T5770] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.794698][ T5770] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.832838][ T5771] veth0_macvtap: entered promiscuous mode
[   81.930960][ T5771] veth1_macvtap: entered promiscuous mode
[   81.993771][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.000034][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.001623][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.052813][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.083220][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.108210][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.119342][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.142975][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.162250][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.341222][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.382770][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.408729][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.419312][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.430009][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.440773][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.452575][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.479651][ T2121] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.493300][ T2121] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.507775][ T5771] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.558657][ T5771] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.795151][ T5841] syz.1.2[5841]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   82.841221][ T5841] loop1: detected capacity change from 0 to 256
[   82.856323][ T5841] exfat: Deprecated parameter 'utf8'
[   82.875520][ T5768] Bluetooth: hci0: command tx timeout
[   82.930488][ T5841] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[   83.100630][ T5780] Bluetooth: hci3: command tx timeout
[   83.106237][ T5780] Bluetooth: hci1: command tx timeout
[   83.115896][ T5768] Bluetooth: hci2: command tx timeout
[   83.254822][ T5771] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.304007][ T5771] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.468313][ T2121] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.470389][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.486344][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.490628][ T2121] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.565606][   T27] audit: type=1804 audit(1772929565.835:2): pid=5838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2" name="/newroot/0/file0/file1" dev="loop1" ino=1048584 res=1 errno=0
[   83.609382][   T27] audit: type=1804 audit(1772929565.835:3): pid=5840 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2" name="/newroot/0/file0/file1" dev="loop1" ino=1048584 res=1 errno=0
[   83.723422][ T2121] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.731305][ T2121] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.303390][ T1081] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.311351][ T1081] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.651691][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   84.679842][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   84.832245][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   84.841050][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   85.037066][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   85.139453][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   85.168708][ T5768] Bluetooth: hci0: command tx timeout
[   85.174888][ T5774] Bluetooth: hci3: command tx timeout
[   85.174889][ T5780] Bluetooth: hci1: command tx timeout
[   85.185741][ T5775] Bluetooth: hci2: command tx timeout
[   85.242038][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   85.294065][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   85.403450][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   85.446899][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   87.105369][    T9] cfg80211: failed to load regulatory.db
[   87.402329][ T5863] loop2: detected capacity change from 0 to 40427
[   87.424703][ T5863] F2FS-fs (loop2): invalid crc value
[   87.496205][ T5863] F2FS-fs (loop2): Found nat_bits in checkpoint
[   87.548326][ T5863] F2FS-fs (loop2): Start checkpoint disabled!
[   87.583488][ T5863] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   87.675185][ T5853] loop1: detected capacity change from 0 to 32768
[   87.741553][   T27] audit: type=1804 audit(1772929570.025:4): pid=5863 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.8" name="/newroot/2/bus/bus" dev="loop2" ino=10 res=1 errno=0
[   89.183105][    C0] sched: RT throttling activated
[   91.063327][ T5853] read_mapping_page failed!
[   93.040941][ T5877] kworker/u4:9: attempt to access beyond end of device
[   93.040941][ T5877] loop2: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[   93.065397][ T5877] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   93.080563][ T5877] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   93.866870][ T5877] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   94.114343][ T5888] netlink: 12 bytes leftover after parsing attributes in process `syz.3.15'.
[   94.838761][ T5893] loop3: detected capacity change from 0 to 256
[   94.847448][ T5893] exfat: Deprecated parameter 'utf8'
[   96.490834][ T5893] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[   96.923240][   T27] audit: type=1804 audit(1772929579.095:5): pid=5891 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.15" name="/newroot/2/file0/file1" dev="loop3" ino=1048595 res=1 errno=0
[   96.990819][   T27] audit: type=1804 audit(1772929579.095:6): pid=5893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.15" name="/newroot/2/file0/file1" dev="loop3" ino=1048595 res=1 errno=0
[   97.419402][ T5905] loop2: detected capacity change from 0 to 256
[   97.428720][ T5905] exfat: Deprecated parameter 'utf8'
[   97.436429][   T28] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   98.147784][ T5905] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[   98.313174][   T28] usb 2-1: Using ep0 maxpacket: 8
[   98.337624][   T28] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   98.366745][   T28] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   98.381064][   T28] usb 2-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=f3.33
[   98.394843][   T28] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.409231][   T28] usb 2-1: Product: syz
[   98.426591][   T28] usb 2-1: Manufacturer: syz
[   98.432008][   T28] usb 2-1: SerialNumber: syz
[   98.457219][   T28] usb 2-1: config 0 descriptor??
[   98.538930][ T5900] loop3: detected capacity change from 0 to 32768
[  100.424668][ T5911] read_mapping_page failed!
[  101.600473][ T5922] loop2: detected capacity change from 0 to 128
[  101.718491][   T28] usb 2-1: USB disconnect, device number 2
[  101.724439][ T5922] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  101.748554][ T5922] ext4 filesystem being mounted at /5/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  102.763353][ T5770] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  107.376173][ T5953] loop0: detected capacity change from 0 to 32768
[  107.444190][ T5957] input: syz0 as /devices/virtual/input/input5
[  107.908009][ T5964] read_mapping_page failed!
[  108.264459][ T5766] udevd[5766]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[  110.642874][ T5985] loop3: detected capacity change from 0 to 40427
[  110.692546][ T5985] F2FS-fs (loop3): invalid crc value
[  110.710802][ T5985] F2FS-fs (loop3): Found nat_bits in checkpoint
[  110.756340][ T5985] F2FS-fs (loop3): Start checkpoint disabled!
[  110.772116][ T5985] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  110.924102][   T27] audit: type=1804 audit(1772929593.215:7): pid=5985 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.39" name="/newroot/9/bus/bus" dev="loop3" ino=10 res=1 errno=0
[  113.415631][   T11] kworker/u4:0: attempt to access beyond end of device
[  113.415631][   T11] loop3: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  113.429989][   T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  113.440383][   T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  113.447869][   T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  113.455245][   T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  113.940349][ T6002] loop0: detected capacity change from 0 to 40427
[  114.004582][ T6002] F2FS-fs (loop0): invalid crc value
[  114.049003][ T6002] F2FS-fs (loop0): Found nat_bits in checkpoint
[  114.108757][ T6002] F2FS-fs (loop0): Start checkpoint disabled!
[  114.140414][ T6002] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  114.366709][   T27] audit: type=1804 audit(1772929596.655:8): pid=6002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.42" name="/newroot/10/bus/bus" dev="loop0" ino=10 res=1 errno=0
[  123.878658][   T27] audit: type=1326 audit(1772929606.155:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  124.288416][   T27] audit: type=1326 audit(1772929606.165:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  124.700316][   T27] audit: type=1326 audit(1772929606.165:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  124.749201][   T27] audit: type=1326 audit(1772929606.165:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  124.792766][   T27] audit: type=1326 audit(1772929606.165:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  124.843983][   T27] audit: type=1326 audit(1772929606.165:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7abc95cfce code=0x7ffc0000
[  124.966662][   T27] audit: type=1326 audit(1772929606.165:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7abc99c42b code=0x7ffc0000
[  125.158420][   T27] audit: type=1326 audit(1772929606.165:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  125.194979][   T27] audit: type=1326 audit(1772929606.165:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  125.662681][ T2121] kworker/u4:8: attempt to access beyond end of device
[  125.662681][ T2121] loop0: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  125.685625][ T2121] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  125.713238][ T2121] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  125.720600][ T2121] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  125.901101][ T6020] loop1: detected capacity change from 0 to 40427
[  125.919225][ T6020] F2FS-fs (loop1): invalid crc value
[  125.929756][ T6020] F2FS-fs (loop1): Found nat_bits in checkpoint
[  125.991717][ T6020] F2FS-fs (loop1): Start checkpoint disabled!
[  126.002069][ T6020] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  127.964058][ T6029] loop0: detected capacity change from 0 to 32768
[  129.579766][ T6047] read_mapping_page failed!
[  133.020225][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  133.029477][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  133.109147][ T6069] loop3: detected capacity change from 0 to 32768
[  135.283523][   T28] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  136.411074][ T2121] kworker/u4:8: attempt to access beyond end of device
[  136.411074][ T2121] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  136.430985][ T2121] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  136.439912][ T2121] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  137.473663][ T6093] input: syz0 as /devices/virtual/input/input6
[  138.240799][ T6098] loop1: detected capacity change from 0 to 40427
[  138.416847][ T6098] F2FS-fs (loop1): invalid crc value
[  138.426039][ T6098] F2FS-fs (loop1): Found nat_bits in checkpoint
[  138.493604][ T6098] F2FS-fs (loop1): Start checkpoint disabled!
[  138.509488][ T6098] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  138.561827][   T27] audit: type=1804 audit(1772929620.845:18): pid=6098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.62" name="/newroot/12/bus/bus" dev="loop1" ino=10 res=1 errno=0
[  138.601625][ T6098] syz.1.62: attempt to access beyond end of device
[  138.601625][ T6098] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  138.616475][ T6098] syz.1.62: attempt to access beyond end of device
[  138.616475][ T6098] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  138.913754][ T6102] netlink: 12 bytes leftover after parsing attributes in process `syz.3.61'.
[  141.463225][    T8] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  141.658016][    T8] usb 1-1: Using ep0 maxpacket: 8
[  141.696436][    T8] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  141.711526][    T8] usb 1-1: config 0 has no interface number 0
[  141.725149][    T8] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  141.745619][    T8] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 50335, setting to 1024
[  141.771732][    T8] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  141.788254][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.882663][    T8] usb 1-1: config 0 descriptor??
[  141.901837][ T6110] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  141.947056][    T8] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  142.350094][ T6110] Zero length message leads to an empty skb
[  142.369502][ T6112] loop3: detected capacity change from 0 to 40427
[  142.401376][    C1] iowarrior 1-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  142.410641][   T23] usb 1-1: USB disconnect, device number 3
[  142.473585][ T6112] F2FS-fs (loop3): invalid crc value
[  142.553404][ T6112] F2FS-fs (loop3): Found nat_bits in checkpoint
[  142.639825][ T6112] F2FS-fs (loop3): Start checkpoint disabled!
[  142.648558][ T6112] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  142.746825][ T6115] loop2: detected capacity change from 0 to 40427
[  142.778248][ T6115] F2FS-fs (loop2): invalid crc value
[  142.819658][ T6115] F2FS-fs (loop2): Found nat_bits in checkpoint
[  142.868723][ T6115] F2FS-fs (loop2): Start checkpoint disabled!
[  142.876792][ T6115] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  142.907178][   T27] audit: type=1804 audit(1772929625.195:19): pid=6112 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.65" name="/newroot/17/bus/bus" dev="loop3" ino=10 res=1 errno=0
[  142.952368][ T6112] syz.3.65: attempt to access beyond end of device
[  142.952368][ T6112] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  142.967627][ T6112] syz.3.65: attempt to access beyond end of device
[  142.967627][ T6112] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  143.081160][   T27] audit: type=1804 audit(1772929625.365:20): pid=6115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.66" name="/newroot/17/bus/bus" dev="loop2" ino=10 res=1 errno=0
[  143.117835][ T6115] syz.2.66: attempt to access beyond end of device
[  143.117835][ T6115] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  143.132085][ T6115] syz.2.66: attempt to access beyond end of device
[  143.132085][ T6115] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  147.029335][   T42] kworker/u4:2: attempt to access beyond end of device
[  147.029335][   T42] loop3: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  147.068139][   T42] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  147.084097][   T42] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  147.105330][   T49] kworker/u4:3: attempt to access beyond end of device
[  147.105330][   T49] loop2: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  147.136920][   T42] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  147.164954][ T6126] input: syz0 as /devices/virtual/input/input7
[  147.172899][   T49] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  147.209172][   T42] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  147.248706][   T49] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  147.276759][   T49] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  149.162710][ T6138] input: syz0 as /devices/virtual/input/input8
[  149.576656][ T5877] kworker/u4:9: attempt to access beyond end of device
[  149.576656][ T5877] loop1: rw=2049, sector=45104, nr_sectors = 24 limit=40427
[  149.643244][ T5877] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  149.663271][ T5877] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  149.703178][ T5877] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  150.184383][ T6147] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  150.220962][ T6135] loop0: detected capacity change from 0 to 32768
[  150.343047][ T6146] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  150.703954][ T6146] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  151.388316][ T6146] netlink: 4 bytes leftover after parsing attributes in process `syz.2.74'.
[  152.938031][ T6160] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[  153.477119][ T6174] ufs: You didn't specify the type of your ufs filesystem
[  153.477119][ T6174] 
[  153.477119][ T6174] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  153.477119][ T6174] 
[  153.477119][ T6174] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  153.508199][ T6174] ufs: ufstype=old is supported read-only
[  153.515601][ T6174] ufs: ufs_fill_super(): bad magic number
[  153.701966][    T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  154.143287][    T9] usb 2-1: Using ep0 maxpacket: 8
[  155.034112][    T9] usb 2-1: device descriptor read/all, error -71
[  156.171867][ T6191] input: syz0 as /devices/virtual/input/input9
[  156.857860][ T6179] loop2: detected capacity change from 0 to 40427
[  156.874892][ T6179] F2FS-fs (loop2): invalid crc value
[  156.938101][ T6179] F2FS-fs (loop2): Found nat_bits in checkpoint
[  157.298442][ T6179] F2FS-fs (loop2): Start checkpoint disabled!
[  157.388900][ T6179] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  158.708675][ T6206] loop3: detected capacity change from 0 to 256
[  158.716176][ T6206] exfat: Deprecated parameter 'utf8'
[  159.424490][ T6206] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  159.868750][   T27] audit: type=1804 audit(1772929642.075:21): pid=6205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.87" name="/newroot/24/file0/file1" dev="loop3" ino=1048599 res=1 errno=0
[  159.985150][   T27] audit: type=1804 audit(1772929642.075:22): pid=6206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.87" name="/newroot/24/file0/file1" dev="loop3" ino=1048599 res=1 errno=0
[  161.357862][ T6212] loop0: detected capacity change from 0 to 40427
[  161.778261][ T6212] F2FS-fs (loop0): invalid crc value
[  161.825865][ T6212] F2FS-fs (loop0): Found nat_bits in checkpoint
[  161.854487][ T6212] F2FS-fs (loop0): Start checkpoint disabled!
[  161.862455][ T6212] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  161.947059][   T27] audit: type=1804 audit(1772929644.235:23): pid=6212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.90" name="/newroot/22/bus/bus" dev="loop0" ino=10 res=1 errno=0
[  161.976742][ T6212] syz.0.90: attempt to access beyond end of device
[  161.976742][ T6212] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  161.990674][ T6212] syz.0.90: attempt to access beyond end of device
[  161.990674][ T6212] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  162.571984][ T5951] kworker/u4:10: attempt to access beyond end of device
[  162.571984][ T5951] loop0: rw=2049, sector=45104, nr_sectors = 24 limit=40427
[  162.597330][ T5951] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  162.613234][ T5951] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  162.629337][ T5951] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  163.089500][ T6220] loop1: detected capacity change from 0 to 32768
[  163.353649][ T6224] loop2: detected capacity change from 0 to 40427
[  163.368312][ T6224] F2FS-fs (loop2): invalid crc value
[  163.380208][ T6224] F2FS-fs (loop2): Found nat_bits in checkpoint
[  163.430331][ T6224] F2FS-fs (loop2): Start checkpoint disabled!
[  163.438747][ T6224] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  163.604013][   T27] audit: type=1804 audit(1772929645.865:24): pid=6224 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.94" name="/newroot/23/bus/bus" dev="loop2" ino=10 res=1 errno=0
[  163.759087][ T6224] syz.2.94: attempt to access beyond end of device
[  163.759087][ T6224] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  163.775681][ T6224] syz.2.94: attempt to access beyond end of device
[  163.775681][ T6224] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  168.113264][ T5807] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  168.325101][   T27] audit: type=1326 audit(1772929650.055:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6240 comm="syz.3.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  168.389071][   T27] audit: type=1326 audit(1772929650.055:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6240 comm="syz.3.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  168.411826][   T27] audit: type=1326 audit(1772929650.065:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6240 comm="syz.3.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=315 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  168.461255][   T27] audit: type=1326 audit(1772929650.065:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6240 comm="syz.3.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  168.483905][   T27] audit: type=1326 audit(1772929650.065:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6240 comm="syz.3.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  168.541041][   T27] audit: type=1326 audit(1772929650.065:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6240 comm="syz.3.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  168.563546][   T27] audit: type=1326 audit(1772929650.075:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6240 comm="syz.3.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  168.586014][   T27] audit: type=1326 audit(1772929650.075:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6240 comm="syz.3.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  168.609354][ T5807] usb 1-1: Using ep0 maxpacket: 8
[  168.617217][ T5807] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  168.627997][ T5807] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  168.637537][   T27] audit: type=1326 audit(1772929650.085:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6240 comm="syz.3.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  168.659906][   T27] audit: type=1326 audit(1772929650.085:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6240 comm="syz.3.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  168.687043][ T5807] usb 1-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=f3.33
[  168.696830][ T5807] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.706205][ T5807] usb 1-1: Product: syz
[  168.710706][ T5807] usb 1-1: Manufacturer: syz
[  168.715872][ T5807] usb 1-1: SerialNumber: syz
[  168.730063][ T5807] usb 1-1: config 0 descriptor??
[  168.910898][   T49] kworker/u4:3: attempt to access beyond end of device
[  168.910898][   T49] loop2: rw=2049, sector=45104, nr_sectors = 24 limit=40427
[  168.930453][   T49] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  168.939748][   T49] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  168.952799][   T49] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  169.973499][ T6248] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  170.004555][ T5807] usb 1-1: USB disconnect, device number 4
[  170.029378][ T6250] loop1: detected capacity change from 0 to 32768
[  172.067323][ T6267] input: syz0 as /devices/virtual/input/input10
[  172.326962][ T6265] loop0: detected capacity change from 0 to 40427
[  172.409627][ T6265] F2FS-fs (loop0): invalid crc value
[  172.540162][ T6265] F2FS-fs (loop0): Found nat_bits in checkpoint
[  172.630564][ T6265] F2FS-fs (loop0): Start checkpoint disabled!
[  172.666995][ T6265] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  172.991748][ T6265] syz.0.99: attempt to access beyond end of device
[  172.991748][ T6265] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  173.006084][ T6265] syz.0.99: attempt to access beyond end of device
[  173.006084][ T6265] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  173.530724][ T6273] loop2: detected capacity change from 0 to 40427
[  175.026669][ T6273] F2FS-fs (loop2): invalid crc value
[  175.072672][ T6273] F2FS-fs (loop2): Found nat_bits in checkpoint
[  175.188314][ T6273] F2FS-fs (loop2): Start checkpoint disabled!
[  175.233331][ T6273] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  175.534933][ T2121] kworker/u4:8: attempt to access beyond end of device
[  175.534933][ T2121] loop0: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  175.596853][ T2121] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  175.722272][ T6281] loop3: detected capacity change from 0 to 256
[  175.735598][ T6281] exfat: Deprecated parameter 'utf8'
[  175.829464][ T6281] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  176.049104][   T27] kauditd_printk_skb: 15 callbacks suppressed
[  176.049150][   T27] audit: type=1804 audit(1772929658.275:50): pid=6273 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.102" name="/newroot/25/bus/bus" dev="loop2" ino=10 res=1 errno=0
[  176.178283][ T2121] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  176.384306][ T2121] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  176.406294][ T6273] syz.2.102: attempt to access beyond end of device
[  176.406294][ T6273] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  176.420433][ T6273] syz.2.102: attempt to access beyond end of device
[  176.420433][ T6273] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  176.473278][   T27] audit: type=1804 audit(1772929658.675:51): pid=6281 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.104" name="/newroot/29/file0/file1" dev="loop3" ino=1048601 res=1 errno=0
[  176.518885][ T2121] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  176.653610][   T27] audit: type=1804 audit(1772929658.675:52): pid=6282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.104" name="/newroot/29/file0/file1" dev="loop3" ino=1048601 res=1 errno=0
[  178.846169][ T6302] loop3: detected capacity change from 0 to 256
[  178.858205][ T6302] exfat: Deprecated parameter 'utf8'
[  179.736917][ T6302] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  180.158315][   T27] audit: type=1804 audit(1772929662.355:53): pid=6301 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.107" name="/newroot/31/file0/file1" dev="loop3" ino=1048603 res=1 errno=0
[  180.403321][   T27] audit: type=1804 audit(1772929662.355:54): pid=6302 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.107" name="/newroot/31/file0/file1" dev="loop3" ino=1048603 res=1 errno=0
[  180.494317][   T12] kworker/u4:1: attempt to access beyond end of device
[  180.494317][   T12] loop2: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  180.599598][   T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  180.610190][ T6305] loop1: detected capacity change from 0 to 40427
[  180.630707][ T6305] F2FS-fs (loop1): invalid crc value
[  180.639007][   T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  180.646564][   T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  180.653793][   T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  180.662049][ T6305] F2FS-fs (loop1): Found nat_bits in checkpoint
[  180.747441][ T6305] F2FS-fs (loop1): Start checkpoint disabled!
[  180.763278][ T6305] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  180.971479][   T27] audit: type=1804 audit(1772929663.255:55): pid=6305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.109" name="/newroot/22/bus/bus" dev="loop1" ino=10 res=1 errno=0
[  180.990386][ T6305] syz.1.109: attempt to access beyond end of device
[  180.990386][ T6305] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  181.006272][ T6305] syz.1.109: attempt to access beyond end of device
[  181.006272][ T6305] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  184.397760][   T23] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  185.995336][ T2121] kworker/u4:8: attempt to access beyond end of device
[  185.995336][ T2121] loop1: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  186.060943][ T2121] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  186.089221][ T2121] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  186.100881][ T2121] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  186.110882][ T2121] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  188.864859][ T6361] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  188.993763][ T6365] netlink: 4 bytes leftover after parsing attributes in process `syz.0.122'.
[  190.338061][ T6367] loop0: detected capacity change from 0 to 40427
[  190.378299][ T6367] F2FS-fs (loop0): invalid crc value
[  190.396695][ T6367] F2FS-fs (loop0): Found nat_bits in checkpoint
[  190.418723][ T6364] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  190.441851][ T6367] F2FS-fs (loop0): Start checkpoint disabled!
[  190.454844][ T6367] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  190.573006][ T6361] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  190.596782][ T6367] syz.0.123: attempt to access beyond end of device
[  190.596782][ T6367] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  190.610752][ T6367] syz.0.123: attempt to access beyond end of device
[  190.610752][ T6367] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  190.627577][   T27] audit: type=1804 audit(1772929672.875:56): pid=6367 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.123" name="/newroot/33/bus/bus" dev="loop0" ino=10 res=1 errno=0
[  190.838322][ T6361] netlink: 4 bytes leftover after parsing attributes in process `syz.1.121'.
[  192.883207][   T23] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  193.236430][ T6378] loop1: detected capacity change from 0 to 40427
[  193.256734][ T6378] F2FS-fs (loop1): invalid crc value
[  193.271575][ T6378] F2FS-fs (loop1): Found nat_bits in checkpoint
[  193.293680][   T23] usb 4-1: Using ep0 maxpacket: 8
[  193.350745][ T6378] F2FS-fs (loop1): Start checkpoint disabled!
[  193.381051][ T6378] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  193.473409][   T23] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  193.484538][   T23] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  193.507845][   T23] usb 4-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=f3.33
[  193.517136][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.525377][   T23] usb 4-1: Product: syz
[  193.529680][   T23] usb 4-1: Manufacturer: syz
[  193.534562][   T23] usb 4-1: SerialNumber: syz
[  193.571509][   T23] usb 4-1: config 0 descriptor??
[  193.614386][ T6378] syz.1.125: attempt to access beyond end of device
[  193.614386][ T6378] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  193.628391][ T6378] syz.1.125: attempt to access beyond end of device
[  193.628391][ T6378] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  193.653644][   T27] audit: type=1804 audit(1772929675.895:57): pid=6378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.125" name="/newroot/25/bus/bus" dev="loop1" ino=10 res=1 errno=0
[  194.169585][ T1021] kworker/u4:5: attempt to access beyond end of device
[  194.169585][ T1021] loop0: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  194.217559][ T1021] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  194.568455][ T1021] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  195.655552][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  196.188345][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  196.232252][ T1021] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  196.278746][   T23] usb 4-1: USB disconnect, device number 2
[  196.339237][ T1021] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  196.684964][ T1021] kworker/u4:5: attempt to access beyond end of device
[  196.684964][ T1021] loop1: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  196.872119][ T1021] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  197.067213][ T1021] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  197.144145][ T1021] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  197.151095][ T1021] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  197.659513][ T6397] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  198.346791][ T6394] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  198.483258][ T6393] netlink: 4 bytes leftover after parsing attributes in process `syz.3.130'.
[  198.662844][ T6400] loop0: detected capacity change from 0 to 4096
[  198.866452][ T6400] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  198.974572][ T6400] ntfs3: loop0: Failed to load $Extend (-22).
[  199.243744][   T27] audit: type=1326 audit(1772929681.305:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6401 comm="syz.2.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  199.273306][ T6400] ntfs3: loop0: Failed to initialize $Extend.
[  199.382793][   T27] audit: type=1326 audit(1772929681.315:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6401 comm="syz.2.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  199.453190][   T27] audit: type=1326 audit(1772929681.315:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6401 comm="syz.2.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=315 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  199.475532][   T27] audit: type=1326 audit(1772929681.315:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6401 comm="syz.2.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  199.498158][   T27] audit: type=1326 audit(1772929681.315:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6401 comm="syz.2.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  199.531333][   T27] audit: type=1326 audit(1772929681.325:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6401 comm="syz.2.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  199.560811][   T27] audit: type=1326 audit(1772929681.325:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6401 comm="syz.2.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  199.677093][   T27] audit: type=1326 audit(1772929681.325:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6401 comm="syz.2.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  199.755256][   T27] audit: type=1326 audit(1772929681.325:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6401 comm="syz.2.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  199.778131][   T27] audit: type=1326 audit(1772929681.335:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6401 comm="syz.2.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  199.955660][ T6415] loop1: detected capacity change from 0 to 512
[  200.082444][ T6415] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  200.242060][ T6415] EXT4-fs error (device loop1): ext4_quota_enable:7136: comm syz.1.134: Bad quota inum: 2, type: 1
[  200.267537][ T6415] EXT4-fs warning (device loop1): ext4_enable_quotas:7184: Failed to enable quota tracking (type=1, err=-117, ino=2). Please run e2fsck to fix.
[  200.382265][ T6415] =======================================================
[  200.382265][ T6415] WARNING: The mand mount option has been deprecated and
[  200.382265][ T6415]          and is ignored by this kernel. Remove the mand
[  200.382265][ T6415]          option from the mount to silence this warning.
[  200.382265][ T6415] =======================================================
[  200.541962][ T6415] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  200.646654][ T6415] EXT4-fs error (device loop1): ext4_quota_enable:7136: comm syz.1.134: Bad quota inum: 2, type: 1
[  200.662120][ T6415] EXT4-fs warning (device loop1): ext4_enable_quotas:7184: Failed to enable quota tracking (type=1, err=-117, ino=2). Please run e2fsck to fix.
[  200.749572][ T5765] EXT4-fs (loop1): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  201.093260][ T6406] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  201.975556][ T6433] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  201.998584][ T5775] Bluetooth: hci1: command 0x0406 tx timeout
[  202.004855][ T5775] Bluetooth: hci2: command 0x0406 tx timeout
[  205.090554][ T6445] loop1: detected capacity change from 0 to 32768
[  205.183416][    T8] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  205.533266][    T8] usb 4-1: Using ep0 maxpacket: 8
[  206.193462][    T8] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  206.251399][    T8] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  206.558825][    T8] usb 4-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=f3.33
[  206.578239][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.597549][ T6470] ufs: You didn't specify the type of your ufs filesystem
[  206.597549][ T6470] 
[  206.597549][ T6470] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  206.597549][ T6470] 
[  206.597549][ T6470] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  206.599691][    T8] usb 4-1: Product: syz
[  206.628761][ T6470] ufs: ufstype=old is supported read-only
[  206.639198][ T6470] ufs: ufs_fill_super(): bad magic number
[  206.752923][    T8] usb 4-1: Manufacturer: syz
[  206.770001][    T8] usb 4-1: SerialNumber: syz
[  206.789612][    T8] usb 4-1: config 0 descriptor??
[  208.507410][    T8] usb 4-1: USB disconnect, device number 3
[  209.533708][    T8] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  209.833195][    T8] usb 4-1: Using ep0 maxpacket: 8
[  209.848107][    T8] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  209.867813][    T8] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  209.881281][    T8] usb 4-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=f3.33
[  209.894825][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.904478][    T8] usb 4-1: Product: syz
[  209.908987][    T8] usb 4-1: Manufacturer: syz
[  209.918032][    T8] usb 4-1: SerialNumber: syz
[  209.932059][    T8] usb 4-1: config 0 descriptor??
[  210.384861][ T6501] loop2: detected capacity change from 0 to 40427
[  210.433993][ T6501] F2FS-fs (loop2): invalid crc value
[  210.450991][ T6501] F2FS-fs (loop2): Found nat_bits in checkpoint
[  210.513599][ T6501] F2FS-fs (loop2): Start checkpoint disabled!
[  210.522550][ T6501] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  212.638415][   T59] kworker/u4:4: attempt to access beyond end of device
[  212.638415][   T59] loop2: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  213.145766][   T59] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  213.187255][   T59] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  213.228781][   T59] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  213.754248][ T5768] Bluetooth: hci3: link tx timeout
[  213.759742][ T5768] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  214.403772][ T6523] loop1: detected capacity change from 0 to 256
[  214.411318][ T6523] exfat: Deprecated parameter 'utf8'
[  215.355748][ T6523] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  215.669005][   T27] kauditd_printk_skb: 34 callbacks suppressed
[  215.669383][   T27] audit: type=1804 audit(1772929697.955:102): pid=6520 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.161" name="/newroot/35/file0/file1" dev="loop1" ino=1048605 res=1 errno=0
[  215.928086][   T27] audit: type=1804 audit(1772929697.955:103): pid=6523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.161" name="/newroot/35/file0/file1" dev="loop1" ino=1048605 res=1 errno=0
[  215.981743][ T5768] Bluetooth: hci3: command 0x0406 tx timeout
[  217.074502][ T6341] usb 4-1: USB disconnect, device number 4
[  217.265534][ T6537] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  219.564830][ T6552] loop2: detected capacity change from 0 to 2048
[  220.432569][ T6552]  loop2: p3 < > p4 < >
[  220.437161][ T6552] loop2: partition table partially beyond EOD, truncated
[  220.445414][ T6552] loop2: p3 start 4284289 is beyond EOD, truncated
[  220.625625][ T5781] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  221.274554][ T5781] udevd[5781]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  222.437585][   T27] audit: type=1326 audit(1772929704.715:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  223.239709][ T6572] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  223.356197][   T27] audit: type=1326 audit(1772929704.715:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  223.472672][   T27] audit: type=1326 audit(1772929704.715:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=315 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  223.763952][   T27] audit: type=1326 audit(1772929704.715:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  224.059023][   T27] audit: type=1326 audit(1772929704.715:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  224.395383][   T27] audit: type=1326 audit(1772929704.715:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  224.666078][   T27] audit: type=1326 audit(1772929704.715:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  224.698659][   T27] audit: type=1326 audit(1772929704.715:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  224.803479][   T27] audit: type=1326 audit(1772929704.715:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  224.860439][   T27] audit: type=1326 audit(1772929704.715:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7ffc0000
[  226.833586][ T6596] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  226.945644][ T6596] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  227.042620][ T6600] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  227.076134][ T6600] netlink: 4 bytes leftover after parsing attributes in process `syz.3.183'.
[  227.169035][ T6602] loop2: detected capacity change from 0 to 512
[  227.249718][ T6602] FAT-fs (loop2): error, clusters badly computed (1 != 0)
[  227.265220][ T6602] FAT-fs (loop2): Filesystem has been set read-only
[  227.280579][ T6602] FAT-fs (loop2): error, clusters badly computed (2 != 1)
[  228.233149][    T8] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  228.366650][ T6607] loop1: detected capacity change from 0 to 32768
[  228.433200][    T8] usb 4-1: Using ep0 maxpacket: 8
[  228.448991][    T8] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  228.483440][    T8] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  228.505758][    T8] usb 4-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=f3.33
[  228.515063][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.524060][    T8] usb 4-1: Product: syz
[  228.528403][    T8] usb 4-1: Manufacturer: syz
[  228.533701][    T8] usb 4-1: SerialNumber: syz
[  228.548760][    T8] usb 4-1: config 0 descriptor??
[  229.984473][ T6618] read_mapping_page failed!
[  230.013967][    T8] usb 4-1: USB disconnect, device number 5
[  231.263137][    T9] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  233.469928][ T6634] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  233.642473][ T6635] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  233.846768][ T6634] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  233.869239][ T6634] netlink: 4 bytes leftover after parsing attributes in process `syz.3.192'.
[  233.979783][    T9] usb 1-1: device descriptor read/all, error -71
[  234.525787][ T6643] loop0: detected capacity change from 0 to 512
[  235.036224][ T6643] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.064362][ T6643] ext4 filesystem being mounted at /49/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  235.232546][ T6643] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #2: comm syz.0.195: corrupted inode contents
[  235.283663][ T6643] EXT4-fs error (device loop0): ext4_dirty_inode:6124: inode #2: comm syz.0.195: mark_inode_dirty error
[  235.330989][ T6643] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #2: comm syz.0.195: corrupted inode contents
[  235.379832][ T6643] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.195: mark_inode_dirty error
[  235.463724][ T6643] EXT4-fs error (device loop0): ext4_get_first_dir_block:3595: inode #18: comm syz.0.195: directory missing '.'
[  236.478015][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.721723][ T6660] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.763630][ T5833] wlan1: authenticate with 08:02:11:00:00:00
[  236.796080][ T6662] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.858313][ T5833] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  236.893497][ T5877] wlan1: authenticated
[  237.298159][ T6665] loop2: detected capacity change from 0 to 256
[  237.306154][ T6665] exfat: Deprecated parameter 'utf8'
[  238.138694][ T6665] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  238.185301][ T6660] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  238.214293][    T9] mac80211_hwsim hwsim9 wlan1: disabling HT/VHT/HE as WMM/QoS is not supported by the AP
[  238.282234][ T5877] wlan1: associate with 08:02:11:00:00:00 (try 1/3)
[  238.403207][   T59] wlan1: associate with 08:02:11:00:00:00 (try 2/3)
[  238.576795][ T6127] wlan1: associate with 08:02:11:00:00:00 (try 3/3)
[  238.603338][   T27] kauditd_printk_skb: 11 callbacks suppressed
[  238.603352][   T27] audit: type=1804 audit(1772929720.805:125): pid=6664 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.199" name="/newroot/48/file0/file1" dev="loop2" ino=1048608 res=1 errno=0
[  238.720584][ T6127] wlan1: association with 08:02:11:00:00:00 timed out
[  239.488726][   T27] audit: type=1804 audit(1772929720.805:126): pid=6665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.199" name="/newroot/48/file0/file1" dev="loop2" ino=1048608 res=1 errno=0
[  240.991417][ T6681] loop1: detected capacity change from 0 to 40427
[  241.068741][ T6681] F2FS-fs (loop1): invalid crc value
[  241.911669][ T6681] F2FS-fs (loop1): Found nat_bits in checkpoint
[  241.990612][ T6681] F2FS-fs (loop1): Start checkpoint disabled!
[  242.000668][ T6681] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  245.530971][ T6714] loop2: detected capacity change from 0 to 40427
[  245.552833][ T6714] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x7ffff
[  245.581608][ T6714] F2FS-fs (loop2): invalid crc value
[  245.612029][ T6714] F2FS-fs (loop2): Found nat_bits in checkpoint
[  245.815255][ T6714] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  245.850742][ T6722] loop0: detected capacity change from 0 to 32768
[  245.996271][ T6722] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  246.113709][ T6714] F2FS-fs (loop2): Unrecognized mount option "noload" or missing value
[  246.570004][ T6722] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  247.332073][ T6722] XFS (loop0): Starting recovery (logdev: internal)
[  247.599021][ T6722] XFS (loop0): Ending recovery (logdev: internal)
[  248.345488][ T5769] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  248.739644][ T6757] loop2: detected capacity change from 0 to 1024
[  248.812506][ T5806] wlan1: authenticate with 08:02:11:00:00:00
[  248.821964][ T6755] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.834698][ T5806] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  248.947059][   T49] wlan1: authenticated
[  248.951676][ T6755] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.973198][ T6760] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.984941][ T6341] mac80211_hwsim hwsim9 wlan1: disabling HT/VHT/HE as WMM/QoS is not supported by the AP
[  249.035253][ T5951] wlan1: associate with 08:02:11:00:00:00 (try 1/3)
[  249.101559][ T5951] wlan1: RX AssocResp from 08:02:11:00:00:00 (capab=0x1 status=0 aid=1)
[  249.129719][ T6762] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  249.129901][ T6759] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  249.143606][ T5951] wlan1: associated
[  249.502931][ T6760] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  249.922547][   T12] hfsplus: bad catalog file entry
[  249.943482][   T12] hfsplus: b-tree write err: -5, ino 3
[  251.443282][ T5807] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  251.718343][ T6788] loop3: detected capacity change from 0 to 40427
[  251.757030][ T6788] F2FS-fs (loop3): invalid crc value
[  251.807006][ T6788] F2FS-fs (loop3): Found nat_bits in checkpoint
[  251.864538][ T6788] F2FS-fs (loop3): Start checkpoint disabled!
[  251.876415][ T6788] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  251.923196][ T5807] usb 2-1: Using ep0 maxpacket: 8
[  251.944757][ T5807] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  252.001039][ T5807] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  252.046826][ T5807] usb 2-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=f3.33
[  252.074348][   T27] audit: type=1804 audit(1772929734.355:127): pid=6788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.232" name="/newroot/64/bus/bus" dev="loop3" ino=10 res=1 errno=0
[  252.103255][ T5807] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.111301][ T5807] usb 2-1: Product: syz
[  252.129196][ T6788] syz.3.232: attempt to access beyond end of device
[  252.129196][ T6788] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  252.133080][ T5807] usb 2-1: Manufacturer: syz
[  252.143427][ T6788] syz.3.232: attempt to access beyond end of device
[  252.143427][ T6788] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  252.157992][ T5807] usb 2-1: SerialNumber: syz
[  252.204308][ T5807] usb 2-1: config 0 descriptor??
[  252.492867][ T6773] loop2: detected capacity change from 0 to 32768
[  254.508310][ T5807] usb 2-1: USB disconnect, device number 5
[  254.669751][ T5951] kworker/u4:10: attempt to access beyond end of device
[  254.669751][ T5951] loop3: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  254.727918][ T5951] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  254.748262][ T5951] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  254.768596][ T5951] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  254.793249][ T5951] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  254.831028][ T6792] loop0: detected capacity change from 0 to 32768
[  254.849406][ T6803] loop1: detected capacity change from 0 to 4096
[  254.885443][ T6792] (syz.0.233,6792,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[  254.963792][ T6792] (syz.0.233,6792,1):ocfs2_fill_super:1178 ERROR: status = -22
[  255.234554][   T27] audit: type=1800 audit(1772929737.515:128): pid=6803 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.236" name="file1" dev="loop1" ino=30 res=0 errno=0
[  255.315469][ T6803] ntfs3: loop1: ino=9, attr_set_size
[  255.507706][ T6805] loop2: detected capacity change from 0 to 256
[  255.897063][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  255.903888][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  257.064138][ T6818] input: syz0 as /devices/virtual/input/input12
[  261.433726][ T6839] loop3: detected capacity change from 0 to 256
[  261.440998][ T6839] exfat: Deprecated parameter 'utf8'
[  262.703637][ T6839] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  263.102014][   T27] audit: type=1804 audit(1772929745.325:129): pid=6837 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.243" name="/newroot/66/file0/file1" dev="loop3" ino=1048610 res=1 errno=0
[  263.195551][   T27] audit: type=1804 audit(1772929745.325:130): pid=6839 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.243" name="/newroot/66/file0/file1" dev="loop3" ino=1048610 res=1 errno=0
[  263.460409][ T6851] loop3: detected capacity change from 0 to 16
[  264.408776][ T6851] erofs: (device loop3): mounted with root inode @ nid 36.
[  264.431535][ T6851] syz.3.246: attempt to access beyond end of device
[  264.431535][ T6851] loop3: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  264.483337][ T6851] syz.3.246: attempt to access beyond end of device
[  264.483337][ T6851] loop3: rw=524288, sector=16, nr_sectors = 40 limit=16
[  264.497956][ T6851] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  264.509812][   T27] audit: type=1800 audit(1772929746.795:131): pid=6851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.246" name="file2" dev="loop3" ino=89 res=0 errno=0
[  264.881670][ T6851] syz.3.246 (6851) used greatest stack depth: 20336 bytes left
[  264.905345][   T27] audit: type=1326 audit(1772929747.165:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6847 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7fc00000
[  264.919995][ T6843] loop1: detected capacity change from 0 to 8192
[  264.987548][ T6843]  loop1: p1 p2 p3 < > p4 < p5 p6 >
[  264.993002][ T6843] loop1: partition table partially beyond EOD, truncated
[  265.054109][ T6843] loop1: p1 size 67108864 extends beyond EOD, truncated
[  265.098544][   T27] audit: type=1326 audit(1772929747.165:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6847 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe14439c799 code=0x7fc00000
[  265.121093][ T5833] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  265.129324][ T6843] loop1: p2 start 150995200 is beyond EOD, truncated
[  265.156347][ T6843] loop1: p3 start 327168 is beyond EOD, truncated
[  265.194231][ T6843] loop1: p5 size 67108864 extends beyond EOD, truncated
[  265.213118][   T27] audit: type=1326 audit(1772929747.165:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6847 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7fc00000
[  265.258881][ T6843] loop1: p6 start 150995200 is beyond EOD, truncated
[  265.304790][   T27] audit: type=1326 audit(1772929747.165:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6847 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7fc00000
[  265.353424][ T5833] usb 2-1: Using ep0 maxpacket: 16
[  265.381072][ T5833] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  265.437542][   T27] audit: type=1326 audit(1772929747.165:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6847 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7fc00000
[  265.465876][ T5833] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[  265.522720][ T5833] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  265.573183][ T5833] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.581250][ T5833] usb 2-1: Product: syz
[  265.593144][   T27] audit: type=1326 audit(1772929747.165:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6847 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7fc00000
[  265.633123][ T5833] usb 2-1: Manufacturer: syz
[  265.637781][ T5833] usb 2-1: SerialNumber: syz
[  265.666689][   T27] audit: type=1326 audit(1772929747.165:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6847 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe14439c799 code=0x7fc00000
[  266.087397][ T6341] usb 2-1: USB disconnect, device number 6
[  270.821993][ T6883] loop3: detected capacity change from 0 to 40427
[  270.873418][ T6883] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x7ffff
[  270.913825][ T6883] F2FS-fs (loop3): invalid crc value
[  271.013279][ T6883] F2FS-fs (loop3): Found nat_bits in checkpoint
[  271.178067][ T6883] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  271.560722][ T6885] loop0: detected capacity change from 0 to 32768
[  272.320263][ T6901] loop3: detected capacity change from 0 to 1024
[  273.921827][ T6922] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  274.017576][ T6922] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  274.121358][ T6922] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  274.570276][ T6920] loop3: detected capacity change from 0 to 40427
[  274.624525][ T6920] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x7ffff
[  274.675077][ T6920] F2FS-fs (loop3): invalid crc value
[  274.703434][ T6920] F2FS-fs (loop3): Found nat_bits in checkpoint
[  274.900126][ T6920] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  275.019495][ T6925] loop0: detected capacity change from 0 to 32768
[  275.953497][ T6937] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  276.049144][ T6937] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  276.182582][ T6937] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  276.267668][ T6937] netlink: 4 bytes leftover after parsing attributes in process `syz.3.270'.
[  277.007458][ T6953] loop1: detected capacity change from 0 to 40427
[  277.016541][ T6955] ufs: You didn't specify the type of your ufs filesystem
[  277.016541][ T6955] 
[  277.016541][ T6955] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  277.016541][ T6955] 
[  277.016541][ T6955] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  277.047836][ T6955] ufs: ufstype=old is supported read-only
[  277.053962][ T6955] ufs: ufs_fill_super(): bad magic number
[  277.085668][ T6953] F2FS-fs (loop1): invalid crc value
[  277.128282][ T6953] F2FS-fs (loop1): Found nat_bits in checkpoint
[  277.274651][ T6953] F2FS-fs (loop1): Start checkpoint disabled!
[  277.295467][ T6953] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  278.134340][   T27] kauditd_printk_skb: 1 callbacks suppressed
[  278.134357][   T27] audit: type=1804 audit(1772929760.405:140): pid=6953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.277" name="/newroot/64/bus/bus" dev="loop1" ino=10 res=1 errno=0
[  278.145319][ T6953] syz.1.277: attempt to access beyond end of device
[  278.145319][ T6953] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  278.175537][ T6953] syz.1.277: attempt to access beyond end of device
[  278.175537][ T6953] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  279.897015][ T6972] loop2: detected capacity change from 0 to 256
[  279.904977][ T6972] exfat: Deprecated parameter 'utf8'
[  281.166444][ T6972] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  281.535349][   T27] audit: type=1804 audit(1772929763.755:141): pid=6971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.281" name="/newroot/66/file0/file1" dev="loop2" ino=1048612 res=1 errno=0
[  281.686440][   T27] audit: type=1804 audit(1772929763.755:142): pid=6972 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.281" name="/newroot/66/file0/file1" dev="loop2" ino=1048612 res=1 errno=0
[  281.696362][   T59] kworker/u4:4: attempt to access beyond end of device
[  281.696362][   T59] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  281.730148][   T59] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  281.738904][   T59] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  282.371203][ T6987] ufs: You didn't specify the type of your ufs filesystem
[  282.371203][ T6987] 
[  282.371203][ T6987] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  282.371203][ T6987] 
[  282.371203][ T6987] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  282.401974][    C0] vkms_vblank_simulate: vblank timer overrun
[  282.408616][ T6987] ufs: ufstype=old is supported read-only
[  282.416028][ T6987] ufs: ufs_fill_super(): bad magic number
[  285.118755][ T7000] loop1: detected capacity change from 0 to 40427
[  285.131052][ T7000] F2FS-fs (loop1): invalid crc value
[  285.183337][ T7000] F2FS-fs (loop1): Found nat_bits in checkpoint
[  285.228794][ T7000] F2FS-fs (loop1): Start checkpoint disabled!
[  285.241586][ T7000] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  285.967801][ T7005] loop2: detected capacity change from 0 to 40427
[  286.018666][ T7005] F2FS-fs (loop2): invalid crc value
[  286.077890][ T7005] F2FS-fs (loop2): Found nat_bits in checkpoint
[  286.110559][ T7005] F2FS-fs (loop2): Start checkpoint disabled!
[  286.126383][ T7005] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  286.315023][   T27] audit: type=1804 audit(1772929768.455:143): pid=7000 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.291" name="/newroot/66/bus/bus" dev="loop1" ino=10 res=1 errno=0
[  286.956260][ T7005] syz.2.293: attempt to access beyond end of device
[  286.956260][ T7005] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  286.970919][ T7005] syz.2.293: attempt to access beyond end of device
[  286.970919][ T7005] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  287.842298][   T27] audit: type=1804 audit(1772929769.195:144): pid=7005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.293" name="/newroot/70/bus/bus" dev="loop2" ino=10 res=1 errno=0
[  288.093893][   T12] kworker/u4:1: attempt to access beyond end of device
[  288.093893][   T12] loop1: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  288.118679][   T12] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  288.125928][   T12] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  288.136169][   T12] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  288.175701][   T12] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  289.041696][ T5951] kworker/u4:10: attempt to access beyond end of device
[  289.041696][ T5951] loop2: rw=2049, sector=45104, nr_sectors = 24 limit=40427
[  289.086811][ T5951] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  289.113842][ T5951] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  289.121142][ T5951] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  289.701594][ T7025] loop3: detected capacity change from 0 to 256
[  289.712874][ T7025] exfat: Deprecated parameter 'utf8'
[  289.775601][ T7025] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  290.450295][   T27] audit: type=1804 audit(1772929772.735:145): pid=7025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.296" name="/newroot/82/file0/file1" dev="loop3" ino=1048614 res=1 errno=0
[  290.474578][   T27] audit: type=1804 audit(1772929772.735:146): pid=7026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.296" name="/newroot/82/file0/file1" dev="loop3" ino=1048614 res=1 errno=0
[  293.673643][ T7045] loop1: detected capacity change from 0 to 40427
[  293.697667][ T7045] F2FS-fs (loop1): invalid crc value
[  293.782555][ T7045] F2FS-fs (loop1): Found nat_bits in checkpoint
[  293.824118][ T7045] F2FS-fs (loop1): Start checkpoint disabled!
[  293.840418][ T7045] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  296.451269][ T5877] kworker/u4:9: attempt to access beyond end of device
[  296.451269][ T5877] loop1: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  296.480475][ T5877] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  296.747614][   T27] audit: type=1326 audit(1772929778.975:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.0.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d50b9c799 code=0x7ffc0000
[  296.769831][    C1] vkms_vblank_simulate: vblank timer overrun
[  297.332210][ T7061] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  297.371249][ T5877] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  297.391451][   T27] audit: type=1326 audit(1772929778.975:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.0.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d50b9c799 code=0x7ffc0000
[  297.414563][ T5877] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  297.421475][ T5877] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  297.463965][   T27] audit: type=1326 audit(1772929778.985:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.0.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=315 compat=0 ip=0x7f6d50b9c799 code=0x7ffc0000
[  297.486141][    C1] vkms_vblank_simulate: vblank timer overrun
[  297.492320][   T27] audit: type=1326 audit(1772929778.985:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.0.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d50b9c799 code=0x7ffc0000
[  297.552174][   T27] audit: type=1326 audit(1772929778.985:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.0.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d50b9c799 code=0x7ffc0000
[  297.633909][   T27] audit: type=1326 audit(1772929778.985:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.0.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f6d50b9c799 code=0x7ffc0000
[  297.656175][    C1] vkms_vblank_simulate: vblank timer overrun
[  297.806614][   T27] audit: type=1326 audit(1772929778.985:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.0.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d50b9c799 code=0x7ffc0000
[  298.042064][   T27] audit: type=1326 audit(1772929778.995:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.0.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d50b9c799 code=0x7ffc0000
[  298.365260][   T27] audit: type=1326 audit(1772929778.995:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.0.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f6d50b9c799 code=0x7ffc0000
[  298.387426][    C1] vkms_vblank_simulate: vblank timer overrun
[  298.523184][   T27] audit: type=1326 audit(1772929778.995:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.0.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d50b9c799 code=0x7ffc0000
[  300.162862][ T7080] loop2: detected capacity change from 0 to 32768
[  300.787258][ T7088] loop3: detected capacity change from 0 to 32768
[  301.636246][ T7099] loop1: detected capacity change from 0 to 1024
[  302.398599][ T7113] syzkaller0: entered promiscuous mode
[  302.408676][ T7113] syzkaller0: entered allmulticast mode
[  302.457485][ T7097] loop0: detected capacity change from 0 to 32768
[  306.518330][ T7141] loop0: detected capacity change from 0 to 32768
[  308.037520][ T7150] loop2: detected capacity change from 0 to 1024
[  309.729844][ T7162] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  309.743112][   T27] kauditd_printk_skb: 11 callbacks suppressed
[  309.743129][   T27] audit: type=1326 audit(1772929791.205:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.2.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  309.836751][   T27] audit: type=1326 audit(1772929791.205:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.2.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  309.987558][   T27] audit: type=1326 audit(1772929791.205:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.2.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=315 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  310.009745][    C0] vkms_vblank_simulate: vblank timer overrun
[  310.047903][   T27] audit: type=1326 audit(1772929791.205:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.2.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  310.363315][ T5807] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  310.409809][   T27] audit: type=1326 audit(1772929791.205:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.2.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  310.604150][   T27] audit: type=1326 audit(1772929791.215:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.2.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  310.626371][    C0] vkms_vblank_simulate: vblank timer overrun
[  310.774713][   T27] audit: type=1326 audit(1772929791.215:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.2.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  310.798823][   T27] audit: type=1326 audit(1772929791.215:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.2.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  311.074375][   T27] audit: type=1326 audit(1772929791.215:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.2.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  311.342623][   T27] audit: type=1326 audit(1772929791.215:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7158 comm="syz.2.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7abc99c799 code=0x7ffc0000
[  311.398660][ T7177] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  311.612826][ T7169] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  311.952900][ T7176] netlink: 4 bytes leftover after parsing attributes in process `syz.0.333'.
[  312.012188][ T7169] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  317.338800][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  317.345400][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  319.198859][ T7223] loop2: detected capacity change from 0 to 32768
[  319.403565][ T5806] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  319.937258][ T7234] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  319.963628][    T8] wlan1: authenticate with 08:02:11:00:00:00
[  319.970791][    T8] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  320.008868][ T7238] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  320.019286][   T49] wlan1: authenticated
[  320.028196][    T8] mac80211_hwsim hwsim9 wlan1: disabling HT/VHT/HE as WMM/QoS is not supported by the AP
[  320.046225][ T2121] wlan1: associate with 08:02:11:00:00:00 (try 1/3)
[  320.135540][ T2121] wlan1: RX AssocResp from 08:02:11:00:00:00 (capab=0x1 status=0 aid=1)
[  320.144465][ T7234] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  320.162934][ T2121] wlan1: associated
[  320.196868][ T7234] netlink: 4 bytes leftover after parsing attributes in process `syz.3.354'.
[  325.762739][ T7265] loop0: detected capacity change from 0 to 32768
[  330.022350][ T7314] loop0: detected capacity change from 0 to 256
[  330.029589][ T7314] exfat: Deprecated parameter 'utf8'
[  331.309952][ T7314] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  331.679659][   T27] kauditd_printk_skb: 11 callbacks suppressed
[  331.679674][   T27] audit: type=1804 audit(1772929813.885:189): pid=7313 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.377" name="/newroot/95/file0/file1" dev="loop0" ino=1048616 res=1 errno=0
[  331.741639][   T27] audit: type=1804 audit(1772929813.885:190): pid=7314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.377" name="/newroot/95/file0/file1" dev="loop0" ino=1048616 res=1 errno=0
[  332.951059][ T7316] loop3: detected capacity change from 0 to 32768
[  334.247054][ T7321] loop0: detected capacity change from 0 to 32768
[  337.775561][ T7369] loop0: detected capacity change from 0 to 40427
[  337.803143][ T7369] F2FS-fs (loop0): invalid crc value
[  337.828058][ T7369] F2FS-fs (loop0): Found nat_bits in checkpoint
[  337.858848][ T7369] F2FS-fs (loop0): Start checkpoint disabled!
[  337.866545][ T7369] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  337.957632][   T27] audit: type=1804 audit(1772929820.245:191): pid=7369 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.387" name="/newroot/97/bus/bus" dev="loop0" ino=10 res=1 errno=0
[  337.989531][ T7369] syz.0.387: attempt to access beyond end of device
[  337.989531][ T7369] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  338.003511][ T7369] syz.0.387: attempt to access beyond end of device
[  338.003511][ T7369] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  338.050378][ T7359] loop3: detected capacity change from 0 to 32768
[  338.488455][   T49] kworker/u4:3: attempt to access beyond end of device
[  338.488455][   T49] loop0: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  338.584064][   T49] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  338.682665][   T49] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  338.759957][   T49] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  338.845023][   T49] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  340.235840][ T5768] Bluetooth: hci3: command 0x0406 tx timeout
[  344.627798][ T7399] loop2: detected capacity change from 0 to 1024
[  352.201449][ T7465] syzkaller0: entered promiscuous mode
[  352.211639][ T7465] syzkaller0: entered allmulticast mode
[  353.096842][ T7470] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[  354.092238][ T7476] input: syz0 as /devices/virtual/input/input15
[  354.861652][ T7481] loop1: detected capacity change from 0 to 32768
[  356.913266][   T28] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  357.104480][   T28] usb 4-1: Using ep0 maxpacket: 8
[  357.115152][   T28] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  357.125682][   T28] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  357.140211][   T28] usb 4-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=f3.33
[  357.149462][   T28] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.157671][   T28] usb 4-1: Product: syz
[  357.161927][   T28] usb 4-1: Manufacturer: syz
[  357.166808][   T28] usb 4-1: SerialNumber: syz
[  357.183728][   T28] usb 4-1: config 0 descriptor??
[  357.873825][   T28] usb 4-1: USB disconnect, device number 6
[  358.244278][ T7509] ==================================================================
[  358.252407][ T7509] BUG: KASAN: slab-use-after-free in dvb_device_open+0xca/0x370
[  358.260078][ T7509] Read of size 8 at addr ffff888026c6e818 by task syz.0.432/7509
[  358.267820][ T7509] 
[  358.270166][ T7509] CPU: 0 PID: 7509 Comm: syz.0.432 Not tainted syzkaller #0
[  358.277470][ T7509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  358.287547][ T7509] Call Trace:
[  358.290851][ T7509]  <TASK>
[  358.293806][ T7509]  dump_stack_lvl+0x18c/0x250
[  358.298524][ T7509]  ? __lock_acquire+0x7d40/0x7d40
[  358.303584][ T7509]  ? show_regs_print_info+0x20/0x20
[  358.308832][ T7509]  ? load_image+0x400/0x400
[  358.313365][ T7509]  ? _raw_spin_lock_irqsave+0xc0/0x100
[  358.318868][ T7509]  ? __virt_addr_valid+0x18c/0x540
[  358.324027][ T7509]  ? __virt_addr_valid+0x469/0x540
[  358.329174][ T7509]  print_report+0xa8/0x210
[  358.333624][ T7509]  ? dvb_device_open+0xca/0x370
[  358.338498][ T7509]  kasan_report+0x117/0x150
[  358.343032][ T7509]  ? chrdev_open+0x3e3/0x6a0
[  358.347652][ T7509]  ? dvb_device_open+0xca/0x370
[  358.352534][ T7509]  dvb_device_open+0xca/0x370
[  358.357245][ T7509]  ? do_raw_spin_unlock+0x121/0x230
[  358.362482][ T7509]  chrdev_open+0x5cc/0x6a0
[  358.366930][ T7509]  ? cd_forget+0x160/0x160
[  358.371375][ T7509]  ? fsnotify_perm+0x276/0x5e0
[  358.376171][ T7509]  ? fsnotify_perm+0x3ed/0x5e0
[  358.380967][ T7509]  ? cd_forget+0x160/0x160
[  358.385414][ T7509]  do_dentry_open+0x8c6/0x1500
[  358.390215][ T7509]  path_openat+0x27f1/0x3230
[  358.394850][ T7509]  ? do_sys_openat2+0xda/0x1d0
[  358.399648][ T7509]  ? verify_lock_unused+0x140/0x140
[  358.404879][ T7509]  ? do_filp_open+0x430/0x430
[  358.409605][ T7509]  ? __virt_addr_valid+0x18c/0x540
[  358.414750][ T7509]  do_filp_open+0x1f5/0x430
[  358.419281][ T7509]  ? vfs_tmpfile+0x490/0x490
[  358.423875][ T7509]  ? _raw_spin_unlock+0x28/0x40
[  358.428728][ T7509]  ? alloc_fd+0x58f/0x630
[  358.433071][ T7509]  do_sys_openat2+0x134/0x1d0
[  358.437758][ T7509]  ? do_sys_open+0xe0/0xe0
[  358.442177][ T7509]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  358.448152][ T7509]  ? lock_chain_count+0x20/0x20
[  358.453010][ T7509]  __x64_sys_openat+0x139/0x160
[  358.457879][ T7509]  do_syscall_64+0x55/0xa0
[  358.462300][ T7509]  ? clear_bhb_loop+0x40/0x90
[  358.466968][ T7509]  ? clear_bhb_loop+0x40/0x90
[  358.471637][ T7509]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  358.477535][ T7509] RIP: 0033:0x7f6d50b5cfce
[  358.481969][ T7509] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  358.501565][ T7509] RSP: 002b:00007f6d51ab0b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  358.509974][ T7509] RAX: ffffffffffffffda RBX: 00007f6d51ab16c0 RCX: 00007f6d50b5cfce
[  358.517938][ T7509] RDX: 0000000000000e82 RSI: 00007f6d51ab0c00 RDI: ffffffffffffff9c
[  358.525899][ T7509] RBP: 00007f6d51ab0c00 R08: 0000000000000000 R09: 0000000000000000
[  358.533862][ T7509] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[  358.541824][ T7509] R13: 00007f6d50e16128 R14: 00007f6d50e16090 R15: 00007fff499dec18
[  358.549792][ T7509]  </TASK>
[  358.552801][ T7509] 
[  358.555114][ T7509] Allocated by task 1:
[  358.559165][ T7509]  kasan_set_track+0x4e/0x70
[  358.563757][ T7509]  __kasan_kmalloc+0x8f/0xa0
[  358.568349][ T7509]  dvb_register_device+0x2fd/0x2210
[  358.573552][ T7509]  dvb_register_frontend+0x649/0x930
[  358.578845][ T7509]  vidtv_bridge_probe+0x9ab/0xf80
[  358.583885][ T7509]  platform_probe+0x13b/0x1c0
[  358.588559][ T7509]  really_probe+0x25b/0xb20
[  358.593053][ T7509]  __driver_probe_device+0x18c/0x330
[  358.598330][ T7509]  driver_probe_device+0x4f/0x420
[  358.603347][ T7509]  __driver_attach+0x44e/0x6e0
[  358.608100][ T7509]  bus_for_each_dev+0x235/0x2b0
[  358.612949][ T7509]  bus_add_driver+0x340/0x630
[  358.617630][ T7509]  driver_register+0x23a/0x310
[  358.622387][ T7509]  vidtv_bridge_init+0x3d/0x70
[  358.627143][ T7509]  do_one_initcall+0x242/0x790
[  358.631902][ T7509]  do_initcall_level+0x137/0x1f0
[  358.636852][ T7509]  do_initcalls+0x69/0xd0
[  358.641190][ T7509]  kernel_init_freeable+0x3ed/0x580
[  358.646392][ T7509]  kernel_init+0x1d/0x1c0
[  358.650725][ T7509]  ret_from_fork+0x48/0x80
[  358.655157][ T7509]  ret_from_fork_asm+0x11/0x20
[  358.659925][ T7509] 
[  358.662255][ T7509] Freed by task 7470:
[  358.666222][ T7509]  kasan_set_track+0x4e/0x70
[  358.670803][ T7509]  kasan_save_free_info+0x2e/0x50
[  358.675818][ T7509]  ____kasan_slab_free+0x126/0x1e0
[  358.680923][ T7509]  slab_free_freelist_hook+0x130/0x1a0
[  358.686371][ T7509]  __kmem_cache_free+0xba/0x1e0
[  358.691234][ T7509]  dvb_device_open+0x2ee/0x370
[  358.695991][ T7509]  chrdev_open+0x5cc/0x6a0
[  358.700411][ T7509]  do_dentry_open+0x8c6/0x1500
[  358.705175][ T7509]  path_openat+0x27f1/0x3230
[  358.709763][ T7509]  do_filp_open+0x1f5/0x430
[  358.714254][ T7509]  do_sys_openat2+0x134/0x1d0
[  358.718926][ T7509]  __x64_sys_openat+0x139/0x160
[  358.723773][ T7509]  do_syscall_64+0x55/0xa0
[  358.728190][ T7509]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  358.734087][ T7509] 
[  358.736403][ T7509] The buggy address belongs to the object at ffff888026c6e800
[  358.736403][ T7509]  which belongs to the cache kmalloc-256 of size 256
[  358.750445][ T7509] The buggy address is located 24 bytes inside of
[  358.750445][ T7509]  freed 256-byte region [ffff888026c6e800, ffff888026c6e900)
[  358.764198][ T7509] 
[  358.766521][ T7509] The buggy address belongs to the physical page:
[  358.772925][ T7509] page:ffffea00009b1b80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x26c6e
[  358.783075][ T7509] head:ffffea00009b1b80 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  358.792003][ T7509] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  358.799971][ T7509] page_type: 0xffffffff()
[  358.804313][ T7509] raw: 00fff00000000840 ffff888017c41b40 dead000000000122 0000000000000000
[  358.812885][ T7509] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  358.821472][ T7509] page dumped because: kasan: bad access detected
[  358.827910][ T7509] page_owner tracks the page as allocated
[  358.833718][ T7509] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 12094333158, free_ts 0
[  358.853461][ T7509]  post_alloc_hook+0x1c1/0x200
[  358.858228][ T7509]  get_page_from_freelist+0x1951/0x19e0
[  358.863773][ T7509]  __alloc_pages+0x1f0/0x460
[  358.868355][ T7509]  alloc_page_interleave+0x24/0x1e0
[  358.873542][ T7509]  alloc_slab_page+0x5d/0x160
[  358.878256][ T7509]  new_slab+0x87/0x2d0
[  358.882336][ T7509]  ___slab_alloc+0xc5d/0x12f0
[  358.887021][ T7509]  __kmem_cache_alloc_node+0x19e/0x250
[  358.892485][ T7509]  kmalloc_trace+0x2a/0xe0
[  358.896904][ T7509]  bus_add_driver+0x162/0x630
[  358.901585][ T7509]  driver_register+0x23a/0x310
[  358.906352][ T7509]  i2c_register_driver+0xba/0x160
[  358.911378][ T7509]  do_one_initcall+0x242/0x790
[  358.916146][ T7509]  do_initcall_level+0x137/0x1f0
[  358.921078][ T7509]  do_initcalls+0x69/0xd0
[  358.925403][ T7509]  kernel_init_freeable+0x3ed/0x580
[  358.930597][ T7509] page_owner free stack trace missing
[  358.935953][ T7509] 
[  358.938267][ T7509] Memory state around the buggy address:
[  358.943886][ T7509]  ffff888026c6e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  358.951946][ T7509]  ffff888026c6e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  358.959999][ T7509] >ffff888026c6e800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  358.968048][ T7509]                             ^
[  358.972883][ T7509]  ffff888026c6e880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  358.980934][ T7509]  ffff888026c6e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  358.988982][ T7509] ==================================================================
[  358.999932][ T7509] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  359.007165][ T7509] CPU: 0 PID: 7509 Comm: syz.0.432 Not tainted syzkaller #0
[  359.014471][ T7509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  359.024543][ T7509] Call Trace:
[  359.027845][ T7509]  <TASK>
[  359.030801][ T7509]  dump_stack_lvl+0x18c/0x250
[  359.035518][ T7509]  ? show_regs_print_info+0x20/0x20
[  359.040747][ T7509]  ? load_image+0x400/0x400
[  359.045288][ T7509]  panic+0x2dc/0x730
[  359.049208][ T7509]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  359.055479][ T7509]  ? bpf_jit_dump+0xd0/0xd0
[  359.060010][ T7509]  ? _raw_spin_unlock_irqrestore+0x111/0x120
[  359.066020][ T7509]  ? _raw_spin_unlock+0x40/0x40
[  359.070914][ T7509]  ? dvb_device_open+0xca/0x370
[  359.075795][ T7509]  check_panic_on_warn+0x84/0xa0
[  359.080756][ T7509]  ? dvb_device_open+0xca/0x370
[  359.085632][ T7509]  end_report+0x6f/0x130
[  359.089905][ T7509]  kasan_report+0x128/0x150
[  359.094430][ T7509]  ? chrdev_open+0x3e3/0x6a0
[  359.099051][ T7509]  ? dvb_device_open+0xca/0x370
[  359.103936][ T7509]  dvb_device_open+0xca/0x370
[  359.108636][ T7509]  ? do_raw_spin_unlock+0x121/0x230
[  359.113864][ T7509]  chrdev_open+0x5cc/0x6a0
[  359.118311][ T7509]  ? cd_forget+0x160/0x160
[  359.122753][ T7509]  ? fsnotify_perm+0x276/0x5e0
[  359.127546][ T7509]  ? fsnotify_perm+0x3ed/0x5e0
[  359.132365][ T7509]  ? cd_forget+0x160/0x160
[  359.136808][ T7509]  do_dentry_open+0x8c6/0x1500
[  359.141606][ T7509]  path_openat+0x27f1/0x3230
[  359.146228][ T7509]  ? do_sys_openat2+0xda/0x1d0
[  359.151020][ T7509]  ? verify_lock_unused+0x140/0x140
[  359.156246][ T7509]  ? do_filp_open+0x430/0x430
[  359.160949][ T7509]  ? __virt_addr_valid+0x18c/0x540
[  359.166090][ T7509]  do_filp_open+0x1f5/0x430
[  359.170619][ T7509]  ? vfs_tmpfile+0x490/0x490
[  359.175242][ T7509]  ? _raw_spin_unlock+0x28/0x40
[  359.180113][ T7509]  ? alloc_fd+0x58f/0x630
[  359.184482][ T7509]  do_sys_openat2+0x134/0x1d0
[  359.189191][ T7509]  ? do_sys_open+0xe0/0xe0
[  359.193647][ T7509]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  359.199652][ T7509]  ? lock_chain_count+0x20/0x20
[  359.204540][ T7509]  __x64_sys_openat+0x139/0x160
[  359.209419][ T7509]  do_syscall_64+0x55/0xa0
[  359.213872][ T7509]  ? clear_bhb_loop+0x40/0x90
[  359.218582][ T7509]  ? clear_bhb_loop+0x40/0x90
[  359.223284][ T7509]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  359.229201][ T7509] RIP: 0033:0x7f6d50b5cfce
[  359.233642][ T7509] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  359.253274][ T7509] RSP: 002b:00007f6d51ab0b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  359.261710][ T7509] RAX: ffffffffffffffda RBX: 00007f6d51ab16c0 RCX: 00007f6d50b5cfce
[  359.269705][ T7509] RDX: 0000000000000e82 RSI: 00007f6d51ab0c00 RDI: ffffffffffffff9c
[  359.277707][ T7509] RBP: 00007f6d51ab0c00 R08: 0000000000000000 R09: 0000000000000000
[  359.285699][ T7509] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[  359.293692][ T7509] R13: 00007f6d50e16128 R14: 00007f6d50e16090 R15: 00007fff499dec18
[  359.301697][ T7509]  </TASK>
[  359.304857][ T7509] Kernel Offset: disabled
[  359.309182][ T7509] Rebooting in 86400 seconds..