last executing test programs:

8.287303993s ago: executing program 3:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)=ANY=[], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000b40)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000a00)={0x20, 0x80, 0x1c, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4a9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

7.136610548s ago: executing program 2:
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="a183000000000000000005"], 0x1c}}, 0x0)

6.627582435s ago: executing program 4:
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000200)={[0xffffffff]}, 0x0, 0x8)
r0 = gettid()
userfaultfd(0x0)
tkill(r0, 0x11)
sync()
rt_sigaction(0x11, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000000))

6.529475215s ago: executing program 2:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
set_mempolicy_home_node(&(0x7f00002e3000/0x1000)=nil, 0x1000, 0x0, 0x0)

6.012007866s ago: executing program 1:
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000a40), 0x6, 0x77c, &(0x7f00000002c0)="$eJzs3E9rVOcaAPDnHDMmxtw7uXDh3nZRBAUFcZKYja5MN90UQRC6tSGZhJCTTMhMrJMKatcF0U0L3bRdl34GsR+gW6GF7gultemidDPlTCYTnM7EMYmOf34/OJ7nPf+e93EOb+aEvCeAN9aJ/J8kYiwirkREsbU9jYijzWgk4vb2cVuPb87lSxKNxtVfk/y02GoU29dKWuvj0Twl/h8RDwsRZz/5Z95qfXN5NsvK6632RG1lbaJa3zy3NBKL5cXy6tT0xckL09MXJqefWsP/+qz11AcXj937/r377zcajbvvDJ1LYqZZd7Rq2/Pk230m6bD9f1KImY7tq/u73EsrGXQHAADoS/49/0hEDDW/pRbz+MGg+wQAAAAcrsZwo6tHoxHd9wAAAACvnqS/5/wT4RcCAAAA8Ira+TuAnbm9T50He8h+eTcixrvlH2pNuR2JQkSMbiXNOQo7ku3T4EBu34mIBzOd99/X+R22zynfbZMd7SfnSB894NU5DA/y8WemPf6MRHv8SdvjT3QZf4Z23p1wQL3Hv938R3qMf1f6zHEr3ir0zH8n4u2hbvlb9//ISDNXt/wf9pn/7v1P7/Xa1/gq4nTXnz/JE7l23w+xMtvxfoiZhaUsiRjumf/hX2ce7VX/aK/8zS70rn+tz/o/3vp9uddYkuc/c3Lvz79b/iPf7n6kaUTca63zY+935Di58sN3e9U/H9Ho+fnvUf+Xfdb/0zfDN/o8FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJrSiBiLJC214zQtlSKOR8R/YzTNKtXa2YXKxup8vi9iPArpwlJWnoyI4nY7ydtTzXi3fb6jPR0R//nx2HbSpaxcmqtk84MuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLbjETEWSVqKiDQi/iimaakUMdTHucMvoH8AAADAIRkfdAcAAACA587zPwAAALz+9vv8nxxyPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDX2pXLl/OlsfX45lzenr9e31iuXD83X64ul1Y25kpzlfW10mKlspiVS3OVladdL6tU1qYuxsaNiVq5Wpuo1jevrVQ2VmvXllZmF8vXyoUXUhUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPaqy5JGkpItJmnKalUsS/ImI8CsnCUlaejIh/R8SjYmE4b08NutMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcump9c3k2y8rrAoGgZ3DpkC94KyJehrp6B4MemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGIRqfXN5NsvK69VB9wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDBSn9OIiJfThdPjXXuPZr8WWyuI+KjL65+dmN2pLX9t/b22uf59lpt/fyL7z0AAAC8IS49y8E7z+nN9dTz6xQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD6qdY3l2ezrLx+sOBS1DcbSY9jBl0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwP38HAAD//2XXvc4=")
chdir(&(0x7f0000000240)='./file0\x00')
creat(&(0x7f0000000040)='./file0\x00', 0x0)

5.755534846s ago: executing program 4:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="1f02ffff0000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="21003300d0800000080211000000"], 0x40}}, 0x0)

5.273686264s ago: executing program 4:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'virt_wifi0\x00', 0x10})
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x1f000000}, 0x600)

5.051041736s ago: executing program 1:
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$igmp6(0xa, 0x3, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000004280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000042c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r3, &(0x7f00000043c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="2104000000001200839a1c78000008000300", @ANYRES32=r5, @ANYBLOB="08001400", @ANYRES32=r5, @ANYBLOB="0a0006000802110000000000"], 0x30}}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r6, 0x0, 0x16, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000240)={<r7=>0x0, 0x8, 0x30, 0x6, 0x7f}, &(0x7f0000000280)=0x18)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f00000002c0)={r7, 0x1f}, &(0x7f0000000300)=0x8)
recvmsg(0xffffffffffffffff, &(0x7f00000059c0)={0x0, 0x0, 0x0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001b00)={&(0x7f0000001ac0)=ANY=[@ANYBLOB="1c00000021000100000000000000000280"], 0x1c}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b000100627269646765000014000280050014"], 0x44}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r8=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000600)=@ipv6_getroute={0x2c, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, [@RTA_IIF={0x8, 0x3, r8}, @RTA_UID={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@setlink={0x38, 0x13, 0x200, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, r8, 0x122, 0x42140}, [@IFLA_LINK_NETNSID={0x8, 0x25, 0x1}, @IFLA_PROMISCUITY={0x8, 0x1e, 0x7a2d}, @IFLA_PROMISCUITY={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x4048840}, 0x20000080)

4.848246353s ago: executing program 4:
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000d10ffc)=0xfffffffffffffff9, 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x1, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x6}, 0x1c)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r1, 0x0, 0x0, &(0x7f0000d10ffc)=0xfffffffffffffff9, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x1, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xa}, 0x1c)

4.728560385s ago: executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x10}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)

4.453663273s ago: executing program 4:
r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYRES16=0x0, @ANYBLOB="0000000000000000000017000000080001007063690004000200303030303a30303a31302e3000000000080003000000000008000b000000000006001600000000000500120000000000"], 0x50}}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@bloom_filter={0x1e, 0xc01, 0x20000000, 0x2, 0x4000, r0, 0xffff, '\x00', 0x0, r0, 0x2, 0x3, 0x4, 0x8}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x1b, &(0x7f0000001800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000000000008500000017000000180100002020690000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x4884}, 0x81b9b9ad1adc91af)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_open_dev$audion(0x0, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sched_setaffinity(0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000004180)={0x2020}, 0x2020)
socket$pppl2tp(0x18, 0x1, 0x1)

4.348280943s ago: executing program 3:
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'bond_slave_0\x00', <r1=>0x0})
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000004c40)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, r1}, 0x14)

4.303820876s ago: executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r0, 0x0, 0x0)

4.187227793s ago: executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r3, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001400), 0xffffffffffffffff)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000002340)={'wlan0\x00'})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r6, 0x0, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@getnexthop={0x1c, 0x76, 0x0, 0x0, 0x0, {0x3, 0x0, 0x2}, [@NHA_GROUPS={0x4}]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x1c, r5, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}}, 0x0)

3.826457014s ago: executing program 0:
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000200)={[0xffffffff]}, 0x0, 0x8)
r0 = gettid()
userfaultfd(0x0)
tkill(r0, 0x11)
sync()
rt_sigaction(0x11, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000000))

3.143692411s ago: executing program 2:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)

2.884952569s ago: executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="1f02ffff0000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="21003300d0800000080211000000"], 0x40}}, 0x0)

2.854583632s ago: executing program 0:
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000a40), 0x6, 0x77c, &(0x7f00000002c0)="$eJzs3E9rVOcaAPDnHDMmxtw7uXDh3nZRBAUFcZKYja5MN90UQRC6tSGZhJCTTMhMrJMKatcF0U0L3bRdl34GsR+gW6GF7gultemidDPlTCYTnM7EMYmOf34/OJ7nPf+e93EOb+aEvCeAN9aJ/J8kYiwirkREsbU9jYijzWgk4vb2cVuPb87lSxKNxtVfk/y02GoU29dKWuvj0Twl/h8RDwsRZz/5Z95qfXN5NsvK6632RG1lbaJa3zy3NBKL5cXy6tT0xckL09MXJqefWsP/+qz11AcXj937/r377zcajbvvDJ1LYqZZd7Rq2/Pk230m6bD9f1KImY7tq/u73EsrGXQHAADoS/49/0hEDDW/pRbz+MGg+wQAAAAcrsZwo6tHoxHd9wAAAACvnqS/5/wT4RcCAAAA8Ira+TuAnbm9T50He8h+eTcixrvlH2pNuR2JQkSMbiXNOQo7ku3T4EBu34mIBzOd99/X+R22zynfbZMd7SfnSB894NU5DA/y8WemPf6MRHv8SdvjT3QZf4Z23p1wQL3Hv938R3qMf1f6zHEr3ir0zH8n4u2hbvlb9//ISDNXt/wf9pn/7v1P7/Xa1/gq4nTXnz/JE7l23w+xMtvxfoiZhaUsiRjumf/hX2ce7VX/aK/8zS70rn+tz/o/3vp9uddYkuc/c3Lvz79b/iPf7n6kaUTca63zY+935Di58sN3e9U/H9Ho+fnvUf+Xfdb/0zfDN/o8FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJrSiBiLJC214zQtlSKOR8R/YzTNKtXa2YXKxup8vi9iPArpwlJWnoyI4nY7ydtTzXi3fb6jPR0R//nx2HbSpaxcmqtk84MuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLbjETEWSVqKiDQi/iimaakUMdTHucMvoH8AAADAIRkfdAcAAACA587zPwAAALz+9vv8nxxyPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDX2pXLl/OlsfX45lzenr9e31iuXD83X64ul1Y25kpzlfW10mKlspiVS3OVladdL6tU1qYuxsaNiVq5Wpuo1jevrVQ2VmvXllZmF8vXyoUXUhUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPaqy5JGkpItJmnKalUsS/ImI8CsnCUlaejIh/R8SjYmE4b08NutMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcump9c3k2y8rrAoGgZ3DpkC94KyJehrp6B4MemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGIRqfXN5NsvK69VB9wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDBSn9OIiJfThdPjXXuPZr8WWyuI+KjL65+dmN2pLX9t/b22uf59lpt/fyL7z0AAAC8IS49y8E7z+nN9dTz6xQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD6qdY3l2ezrLx+sOBS1DcbSY9jBl0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwP38HAAD//2XXvc4=")
chdir(&(0x7f0000000240)='./file0\x00')
creat(&(0x7f0000000040)='./file0\x00', 0x0)

2.755832679s ago: executing program 1:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'virt_wifi0\x00', 0x10})
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x1f000000}, 0x600)

2.297249237s ago: executing program 1:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000003c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xd0, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000002c0)={0x18, &(0x7f0000000180)={0x0, 0x0, 0x5, {0x5, 0x0, "18edba"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

2.022337325s ago: executing program 3:
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000d10ffc)=0xfffffffffffffff9, 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x1, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x6}, 0x1c)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r1, 0x0, 0x0, &(0x7f0000d10ffc)=0xfffffffffffffff9, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x1, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xa}, 0x1c)

1.963515773s ago: executing program 4:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)=ANY=[], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000b40)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000a00)={0x20, 0x80, 0x1c, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4a9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

1.798511857s ago: executing program 0:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000480)={[0xfffffffffffffffd]}, 0x0, 0x8)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000003c0)=0x70, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000a80)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000004c0)='k', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000001200)=[{&(0x7f0000000640)="56a2f8fac12fe62412557d0b93fc068856edc93245b17f26836f3a849ac0bc787d12f69f827ada300c49140da769dbceb28e7084b0ce5189570095c98f76d297fe789cbf1cd1153469e8b01ab14fedbe62ed06bbcb6f37694d32e4", 0x5b}, {&(0x7f0000000440)="47c976258ac1cc5aa7", 0x9}, {&(0x7f0000000940)="8d7af8bb51eeeafe737610134c891ebed665377b52c33db586b932741ed69b1a3f99831f5ee965d8f6546da48e94389112a57b8a6bbdafcf8101d8222bc33029228b0941167175eb1032ee6bd3536034df7f54ec2e238a5eb7c82b3f56d363b511a9953b0b4375170cc8c9a3f8cf29386d1ad31147862dd5b3348c4600b278e53af55705314d9bd1a5a21411c3bc", 0x8e}, {&(0x7f0000000a00)="aad2e2bbaf5ae83c57d3f7f5ee64ef8c17530d7b98ec66a3bb829c5b623257b0ce12c550771a5873740bf2e4572005b614cf6e2f8d000000000000", 0x3b}], 0x4}}], 0x2, 0x0)
mmap(&(0x7f0000abb000/0x1000)=nil, 0x1000, 0x0, 0x102000200032, 0xffffffffffffffff, 0x0)
socket$unix(0x1, 0x5, 0x0)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
sendto$inet(r1, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)

1.557131682s ago: executing program 3:
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$igmp6(0xa, 0x3, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000004280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000042c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r3, &(0x7f00000043c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="2104000000001200839a1c78000008000300", @ANYRES32=r5, @ANYBLOB="08001400", @ANYRES32=r5, @ANYBLOB="0a0006000802110000000000"], 0x30}}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r6, 0x0, 0x16, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000240)={<r7=>0x0, 0x8, 0x30, 0x6, 0x7f}, &(0x7f0000000280)=0x18)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f00000002c0)={r7, 0x1f}, &(0x7f0000000300)=0x8)
recvmsg(0xffffffffffffffff, &(0x7f00000059c0)={0x0, 0x0, 0x0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001b00)={&(0x7f0000001ac0)=ANY=[@ANYBLOB="1c00000021000100000000000000000280"], 0x1c}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b000100627269646765000014000280050014"], 0x44}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r8=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000600)=@ipv6_getroute={0x2c, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, [@RTA_IIF={0x8, 0x3, r8}, @RTA_UID={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@setlink={0x38, 0x13, 0x200, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, r8, 0x122, 0x42140}, [@IFLA_LINK_NETNSID={0x8, 0x25, 0x1}, @IFLA_PROMISCUITY={0x8, 0x1e, 0x7a2d}, @IFLA_PROMISCUITY={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x4048840}, 0x20000080)

1.124927631s ago: executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r0, 0x0, 0x0)

989.724158ms ago: executing program 0:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
set_mempolicy_home_node(&(0x7f00002e3000/0x1000)=nil, 0x1000, 0x0, 0x0)

874.18635ms ago: executing program 2:
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'bond_slave_0\x00', <r1=>0x0})
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000004c40)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, r1}, 0x14)

535.32432ms ago: executing program 3:
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000200)={[0xffffffff]}, 0x0, 0x8)
r0 = gettid()
userfaultfd(0x0)
tkill(r0, 0x11)
sync()
rt_sigaction(0x11, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000000))

434.381331ms ago: executing program 2:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe3c}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
syz_mount_image$jfs(&(0x7f0000000040), &(0x7f0000005d40)='./file0\x00', 0x200000, &(0x7f0000000140)=ANY=[@ANYBLOB="75737271756f74612c00e513aa5cfaa2f4340700000053855e39265e3354af0024b01cef6de26ae56cf210f8b286ad24af500cee604dd143ef63fe0a1353763fe64d8fe49c91620807e2b84a30ef37a6b09d6c36a66fcbf632f343d8c351992181a7f9845e6498b53491d711caa0e952c88a77d46d73bb3af5422ef14af9be974a142d2d3a3e33b0cfed2f6edbf1d5ead796def6a1f32298b619"], 0x1, 0x5d93, &(0x7f0000011840)="$eJzs3U1vHVcZB/Dnvvj6pbSNKlSFiEWaQmkpzbsD5a0pCxawAAllTSLXrQIpoCQgWlnElReIFV8BNt2w6FfgA/QzID4AkWxWXVAGjX1OMh5f5zokvnPt8/tJ9swz547vmfw9nnszM/cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/+uHPLvQi4vrv0oITEV+IQUQ/YrGuT0c9czU/fhgRJ2O7OV6MiMF8RL3+9rfnIy5HxKfPRWxura3Uiy8esB/L5+/e/vzHP/jHH/+8cfIX7/z843b7T7946ZM/3Ys48ZM3P/n83tPZdgAAAChFVVVVL73NP5Xe3/e77hQAMBX5+F8leblarVar1erjVzdV491rFhGx3lynfs3gdDwAHDHr8VnXXaBD8i/aMCKe6boTwEzrdd0BDsXm1tpKL+Xbax4PTu+052tBduW/3ntwf8d+00na15hM6/drIwbxwj79WZxSH2ZJzr/fzv/6TvsoPe6w85+W/fIf7dz6VJyc/6Cdf8vxyb8/Nv9S5fyHj5X/QP4AAAAAADDD8v//n+j4/O/8k2/KgTzq/O/pKfUBAAAAAAAAAJ62Jx3/7wHj/wEAAMDMqt+r1/7y3MNl+30WW738Wi/i2dbjgcKkm2WWuu4HAAAAAAAAAAAAAJRkuHMN77VexFxEPLu0VFVV/dXUrh/Xk65/1JW+/VCyrv/IAwDAjk+fa93L34tYiIhr6bP+5paWlqpqYXGpWqoW5/Pr2dH8QrXYeF+bp/Wy+dEBXhAPR1X9wxYa6zVNer88qb398+rnGlWDA3RsOjoMHAAiYudotOmIdMxU1fPR9ascjgb7//Fj/+cguv49BQAAAA5fVVVVL32c96l0zr/fdacAgKnIx//2eQG1Wq1+evXyXP19dvqjVpdbN1Xj3WsWEbHeXKd+zWA4fgA4Ytbjs667QIfkX7RhRJzsuhPATOt13QEOxebW2kov5dtrHg/S+O75WpBd+a/3ttfL64+bTtK+xmRav18bMYgX9unPi1PqwyzJ+ffb+V/faR+lxx12/tOyX/71dp7ooD9dy/kP2vm3HJ/8+2PzL1XOf/hY+Q/kDwAAAAAAMyz///8J53/zJgMAAAAAAADAkbO5tbaS73vN5/+/POZx7v88nnL+PfkXKeffb+ffuiBn0Ji///bD/P+9tbby8d1/fSlPZz7/ucGofu65Xn8wTNf8VHPvxs24Fatxfs/jh7vaL+xpn9vVfnFC+6U97aO6fTG3n42V+HXcincetM9PuDBqYUJ7NaE95z+w/xcp5z9sfNX5L6X2Xmtau/9Rf89+35yOe56rf/vPK3v3runbiMGDbWuqt+9MB/3Z/jd5ZhS/vbN6++zvb9y9e/tCpMmupRcjTZ6ynP9c+sr5v/ryTnv+u9/cX+9/NHrs/GfFRgz3zf/lxny9va9NuW9dyPmP0lfOPx+Bxu//Rzn//ff/1zvoDwAAAAAAAAAAAAAAADxKVVXbt4hejYgr6f6fru7NBACmKx//qyQvV6vVarVaffzqpmq8t5pFRPy9uU79muEP434YADDL/hsR/+y6E3RG/gXLn/dXT7/SdWeAqbrzwYe/vHHr1urtO133BAAAAAAAAAD4f+XxP083xn/evg6oNW70rvFf347TR3b8z/5osD3Wedqgl+LR43+fiUeP/z2c8HxzE9pHE9rnJ7QvTGgfe6NHQ87/pZRxzv9U2rCSxn99tYP+dC3nfyaN9Zzz/1rrcc38q78e5fz7u/I/d/f935y788GHb9x8/8Z7q++t/urC+SuXLy1fvrS8fO7dm7dWz+9877DHhyvnn8e+dh1oWXL+OXP5lyXn/9VUy78sOf9XUi3/suT88+s9+Zcl55/f+8i/LDn/11It/7Lk/L+eavmXJef/eqrlX5ac/zdSLf+y5PzfSLX8y5LzP5tq+Zcl538u1fIvS84/n+GSf1ly/vnKBvmXJed/MdXyL0vO/1Kq5V+WnP/lVMu/LDn/5VTLvyw5/yupln9Zcv7fTLX8y5Lz/1aq5V+WnP+bqZZ/WXL+3061/MuS8/9OquVflpz/d1Mt/7Lk/L+XavmXJef//VTLvyw5/7dSLf+yPPz8fzNmzJjJM13/ZQIAAAAAAAAAAAAA2qZxOXHX2wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwP3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb27i5GrvO8HfvbNXhsS/A+EEOIE27zEwMLu+g0cYjBJyJ+SvlAS0qYlNY69Nk78Vu+aN6GyFNoSBalI7QW9aJpENIrUVqAqUlOJRkiN1N41V424iVIpF76AykFJpVSBrc7M8zyemd2ds8YeM3OezwfZP+/OOTPPnDkzu99F31kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFYbPznzZ0NFUZR/Gn+tK4qLy3+vKXaXH87veLdXCAAAAJyrtxp///0l6RO7V7BTyzb/9pH/+O7CwsJC8aU3T739FwsL6YINRTGyuigal0X//stfLLRuEzxdjA8Nt3w8XHHzIxWXj1ZcPlZx+aqKy1dXXD5ecfmiA7DImubPYxpXdk3jn+uah7S4rBhrXHbNEns9PbR6eDj+LKdhqLHPwtiB4lBxuJgpphbtM9T4ryhe2Vje1t1FvK3hlttaXxTF6Z89sS+uYSgc42uKthtraH3s3riz2PDmz57Y9+251z+41Kw8DItWWhSbN5XrfKYozvy4qhgqVqdjEtc53LLO9Uusc6RtnUON/cp/d67z9ArXGe/3eFjnD7usc3343KNXF0UxXyy7Taeni+FibcetpuM93jwjyusoH8r3FaNndZ5sXMF5Uu7z06vbz5POczIe/43hmIwus4bWh+ONp1YtOu7v9Dwp73U/nKvldd9b3uj4eOuPVtvO1XKbJ65d/hxY8rFb4hxI53LLObCp6hwYXjXSOAeGz6x5U9s5ML1on+FiqHFbp67tfg5Mzh05Pjn72OM3HTqy9+DMwZmj01M7tm3dvm3r9u2TBw4dnplq/n12h3SArC2G0zm4KbzWxHPwox3btp6SC988f8+D8T55HpT3/XPXlQu6eLhY5hwvt3lm87k/D9LX/ZbnwWjL82DJ19QlngejK3gelNuc3ryyr5mjLX+WWkOvXgvXtZwD7+bXw/I2H7h++dfC9WFdz95wtl8PRxadA/FuDYXnXvmZ9P3e+K3huCw+L64sL7hoVXFydubEzY/unZs7MV2EcUFc2vJYdZ4va1vuU7HofBk+6/Nl99/96rorl/j8unCsxm/s/liV22yb6P5YNV7dlz6ebZ/dUoRxnl3o47nUV7PyeKYs0eV4lts8c9O5fy+YcknL699Y1evfyNho8/VvJB2NsbbXv8UPzUhjZUVx+qaVvf6NhT8X+vXvsj55/SuP1QM3dz8Hym2enTzbc2C06+vf1WEOhfVcHxLDeEvuf7tx+XzzNG15LCvPm9HRsXDejMZbbD9vti7ap7y28rY3T72z82bz1e2PVdv3LTU8b8pj9ZdT3c+bcptXp8/9tWNN/GfLa8eqqnNgbGRVud6xdBI0X+8W1sRz4OZiX3GsOFzsT/uUj3J5WxNbVnYOrAp/LvRrxxV9cg6Ux+qFLd3PgXKbH2w9v987bQ6fSdu0fO/U+fOF5TL/laNnrq/zsJ3vzF+u81Pbuv9sqNzm9W1nmzO6H6cbw2cuWuI4dT5/ljun9xcX5jhdEdZ5eHv3n02V21y2Y4Xn0+6iKF6bfq3x867w891/PPmf3237ue9SP1N+bfq1eybv+9HZrB8AgHfu7cbf86ua32u2/B/rlfz/fwAAAGAgxNw/HGYi/wMAAEBtxNw/EmYi/wMAAEBtxNw/GmaSSf5/6NadL731ZJHeDXAhiJfHw3Dv7c3tYsd7Pny8YeGM8vOfeHHspa8+ubLbHi6K4lf3fGjJ7R+6Pa6r6Xhc58faP7/IFVet6PYfvP/Mdq3vn3B6Z/P64/1Z6WkQu8qvTG5pXO+Gx6Yb89V7isa8b/7Zp5vX3/w4bn9qa3P7vw5vWrL7wFDb/pvDeq4Jc0N4T5l7d585DuWM+720/iP/eunnz9xe3G9o03sbd/OFP2peb3yPqOcvbW4f7/dy6/+Xr33npXL7R69dev1PDi+9/lPhen8a5i93NbdvPeZfbVn/n4T1x9uL+938re8vuf6XP9Dc/uVwXnwjzM713/nnH35rqccr3s7u25r7xduf+p9tjf3i9cXr71z/+JPTbcej8/pffbN5Pbse/vlI6/bx8/F2ogdvaz+/h8Lj29YjL4riO39atB3n4uPN/f65Y/3x+o7ftvT6b+xY5/Ghqxr7n7k/69ru19f/dsuS9zeuZ/c/rGu7P8/fFY7fm5M/KK/31H3hfAyX/+8Pm9fX+V6mL9/V/noTt//GuubzNl7fZMf6n+9Y//xV5bGrXv/dbzbX//Idq9vWv/vT4Xy6uzmr1n/wby5p2/+b324+HicemTh6bPbkof0tR7X1ebx6fM3aiy5+z3svCa+lnR/vOTb30MyJDVMbpopiwwC+ZWCv1/+tMP+7OebP/y00/ejnzfPuuc80v2599BfNj58Pn38wPJ7x6+PX/2qs7XztfNzn72jOc13/DWEdK/WBr/3XVSva8NQXXzn5T3/8euf3BfH+HH//eOP+vbDx8sZlQ682L+98varyk/e3P69/PDrVmN8Lx3UhvDPzpsubt9d5/fG9SZ77bPP5G7+Ti/sXHe8nsm6k/X6c6/p/HL6P+f4V7a9/8fz43pMd7+a8rhgqlzAfXh+K+eblcat4vJ87ffmStxffh6eY/+DZLHNZs4/NTh4+dPTko5NzM7Nzk7OPPb7nyLGTR+f2NN67dM+Xq/Y/8/xe23h+75/Zsa1oPNuPNUePvdvrP37/vv23TF23f+bA3pMH5u4/PnPi4L7Z2X0z+2ev23vgwMwjVfsf2r9resvOrbdsmTh4aP+uW3fu3Lpz4tDRY+UymouqsGPqKxNHT+xp7DK7a9vO6e3bt01NHDm2f2bXLVNTEyer9m98bZoo93544sTM4b1zh47MTMweenxm1/TOHTu2VL7745HjB2Y3TJ44eXTy5OzMicnmfdkw1/h0+bWvan/yMHssvN51GArfnX/hxh3p/XFLLz617FU1N2n/9rR4I7wXVPz6VvVxzP1jYSaZ5H8AAADIQcz94Y3/z1wg/wMAAEBtxNy/OsxE/gcAAIDaiLl/PMwkk/yv/6//r/+v/6//r//fS/r/+v/d6P/r/w/y+vX/9f+p1m/9/5j71xRFlvkfAAAAchBz/9owE/kfAAAAaiPm/ovCTOR/AAAAqI2Y+y8OM8kk/+v/6//r/+v/6//r//eS/r/+fzf6//r/g7x+/X/9f6r1W/8/5v73hJlkkv8BAAAgBzH3vzfMRP4HAACA2oi5/5IwE/kfAAAAaiPm/nVhJpnkf/1//X/9f/1//X/9/17S/9f/70b/X/9/kNev/6//T7WV9/9XVV3Veen/x9z//8JMMsn/AAAAkIOY+98XZiL/AwAAQG3E3H9pmIn8DwAAALURc/9lYSaZ5H/9f/1//X/9f/1//f9e0v/X/+9G/1//f5DXr/+v/0+1lff/m158atmrOi/9/5j73x9mkkn+BwAAgBzE3H95mIn8DwAAALURc/8HwkzkfwAAAKiNmPuvCDPJJP/r/+v/6//r/+v/6//3kv6//n83+v/6/4O8fv1//X+q9Vv/P+b+D4aZZJL/AQAAIAcx918ZZiL/AwAAQG3E3P+hMBP5HwAAAGoj5v71YSaZ5H/9f/3/c+v/X1/o/+v/6/836f8vTf9f/78b/X/9/0Fev/6//j/V+q3/H3P/h8NMMsn/AAAAkIOY+z8SZiL/AwAAQG3E3H9VmIn8DwAAALURc/+GMJNM8r/+v/6/3/+v/6//r//fS/r/+v/d6P/r/w/y+vX/9f+p1m/9/5j7N4aZZJL/AQAAIAcx928KM5H/AQAAoDZi7r86zET+BwAAgNqIuf+aMJNM8r/+v/6//r/+v/6//n8v6f/r/3ej/6//P8jr1//X/6dav/X/Y+6/Nswkk/wPAAAAOYi5/7owE/kfAAAAaiPm/o+Gmcj/AAAAUBsx928OM8kk/+v/6//r/+v/6//r//eS/r/+fzf6//r/g7x+/X/9f6r1W/8/5v7rw0wyyf8AAACQg5j7bwgzkf8BAACgNmLuvzHMRP4HAACA2oi5fyLMJJP8r/+v/6//r/+v/6//30v6//r/3ej/6/8P8vr1//X/qdZv/f+Y+28KM8kk/wMAAEAOYu6/OcxE/gcAAIDaiLl/MsxE/gcAAIDaiLl/Kswkk/yv/6//r/+v/6//r//fS/r/+v/d6P/r/w/y+vX/9f+p1m/9/5j7p8NMMsn/AAAAkIOY+7eEmcj/AAAAUBsx928NM5H/AQAAoDZi7t8WZpJJ/tf/1//X/9f/1//X/+8l/X/9/270//X/B3n9+v/6/1Trt/5/zP3bw0wyyf8AAACQg5j7d4SZyP8AAABQGzH33xJmIv8DAABAbcTcf2uYSSb5X/9f/1///yz7/wsj+v8d91f/v0n/f2n6//r/3ej/6/8P8vr1//X/qdZv/f+Y+3eGmWSS/wEAACAHMfd/LMxE/gcAAIDaiLn/tjAT+R8AAABqI+b+j4eZZJL/9f/1//X//f5//X/9/17S/9f/70b/X/9/kNev/6//T7V+6//H3L8rzCST/A8AAAA5iLn/9jAT+R8AAABqI+b+O8JM5H8AAACojZj7d4eZZJL/9f/1//X/9f/1//X/e0n/X/+/G/1//f9BXr/+v/4/1fqt/x9z/51hJpnkfwAAAMhBzP2fCDOR/wEAAKA2Yu7/ZJiJ/A8AAAC1EXP/p8JMMsn/+v/6//r/+v/6//r/vaT/v6j/v6axUP3/Bv1//f9BXr/+v/4/1d6t/v9Plun/x9x/V5hJJvkfAAAAchBz/6fDTOR/AAAAqI2Y+/9/mIn8DwAAALURc//dYSaZ5H/9f/1//X/9f/1//f9e0v/3+/+70f/X/78A6x/v1fr1//X/qdZvv/8/5v5fCzPJJP8DAABADmLuvyfMRP4HAACA2oi5/zNhJvI/AAAA1EbM/b8eZpJJ/tf/1//X/9f/1//X/+8l/X/9/270//X/B3n9+v/6/1Trt/5/zP2/EWaSSf4HAACAHMTc/5thJvI/AAAA1EbM/b8VZiL/AwAAQG3E3H9vmEkm+V//X/9f/1//X/9f/7+X9P/1/5ezoP+v/z/g69f/1/+nWr/1/2Pu/+0wk0zyPwAAAOQg5v77wkzkfwAAAKiNmPs/G2Yi/wMAAEBtxNz/uTCTTPL/ee7/ry70//X/9f/1/+P5pf+v/6//r/9fQf9f/3+Q16//363/3/nVnVz1W/8/5v77w0wyyf8AAACQg5j7Px9mIv8DAABAbcTc/zthJvI/AAAA1EbM/b8bZpJJ/vf7//X/9f/1//X/9f97Sf9f/78b/X/9/0Fev/6/3/9PtX7r/8fc/4Uwk0zyPwAAAOQg5v7fCzOR/wEAAKA2Yu7//TAT+R8AAABqI+b+B8JMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5/4thJpnkfwAAAMhBzP1/EGYi/wMAAEBtxNy/J8xE/gcAAIDaiLn/wTCTTPK//r/+v/6//r/+v/5/L+n/6/93o/+v/z/I69f/1/+nWr/1/2Pu3xtmkkn+BwAAgBzE3P+lMBP5HwAAAGoj5v59YSbyPwAAANRGzP37w0wyyf/6//r/+v/6//r/+v+9pP+v/9+N/r/+/yCvX/9f/59q/db/j7l/Jswkk/wPAAAAOYi5/0CYifwPAAAAtRFz/8EwE/kfAAAAaiPm/ofCTDLJ//r/+v/6//r/+v/6/72k/6//343+v/7/IK9f/1//n2r91v+Puf9QmEkm+R8AAAByEHP/l8NM5H8AAACojZj7vxJmIv8DAABAbcTcfzjMJJP8r/+v/6//r/+v/6//30v6//r/3ej/6/8P8vr1//X/qdZv/f+Y+4+EmWSS/wEAACAHMfcfDTOR/wEAAKA2Yu4/FmYi/wMAAEBtxNx/PMwkk/yv/6//r/+v/6//r//fS/r/+v/d6P/r/w/y+vX/9f+p1m/9/5j7/zDMJJP8DwAAADmIuf9EmIn8DwAAALURc/9smIn8DwAAALURc/9cmEkm+V//X/9f/1//X/9f/7+X9P/1/7vR/9f/H+T16//r/1Ot3/r/MfefDDPJJP8DAABADmLufzjMRP4HAACA2oi5/5EwE/kfAAAAaiPm/kfDTDLJ//r/+v/6//r/+v/6/72k/6//343+v/7/IK9f/1//n2r91v+Puf+xMJNM8j8A/8feXbWKkSZxHD4su7CfeT3r7u4uWXd3d3d3d9+diyGhqpgwoXvIpJO3q57npiAX4b0J4c85PxoAgAly9z8gbrH/AQAAoI3c/Q+MW+x/AAAAaCN3/4PiliH7X/+v/9f/6//1//r/I+n/9f9b9P/6/zO/X/+v/2ffav1/7v4Hxy1D9j8AAABMkLv/IXGL/Q8AAABt5O5/aNxi/wMAAEAbufsfFrcM2f/6f/2//l//r//X/x9J/6//36L/1/+f+f36f/0/+1br/3P3X4pbhux/AAAAmCB3/8PjFvsfAAAA2sjd/4i4xf4HAACANnL3PzJuGbL/9f830v/f925/snb/fx/9v/5f/6//v230//r/Lfp//f+Z36//1/+zb7X+P3f/o+KWIfsfAAAAJsjd/+i4xf4HAACANnL3PyZusf8BAACgjdz9j41bhux//b/v/+v/9f/6f/3/kfT/+v8t+n/9/5nfr//X/7Nvtf4/d//j4pYh+x8AAAAmyN3/+LjF/gcAAIAl3cNfO79G7v4nxC32PwAAALSRu/+JccuQ/a//X7v/v4j+W/+v/7/r36//1/+fif5f/79F/6//P/P79f/6f/at1v/n7n9S3DJk/wMAAMAEufufHLfY/wAAANBG7v6nxC32PwAAALSRu/+pccuQ/a//X7v/9/1//b/+X/+v/9+m/9f/X+j/b9jt7ufP/n79v/6ffav1/7n7nxa3DNn/AAAAMEHu/qfHLfY/AAAAtJG7/xlxi/0PAAAAbeTuf2bcMmT/6//1//p//b/+X/9/JP1/0/7/yv9b+n/9v/5f/6//Z8dq/X/u/mfFLUP2PwAAAEyQu//ZcYv9DwAAAG3k7n9O3GL/AwAAQBu5+58btwzZ//p//b/+X/+v/9f/H0n/37T/9/3/q/T/+n/9v/6fbav1/7n7nxe3DNn/AAAAMEHu/ufHLfY/AAAAtJG7/wVxi/0PAAAAbeTuf2HcMmT/6//1//p//f91+//LF/p//f9Nof/X/2/R/+v/z/x+/b/+n32r9f+5+18UtwzZ/wAAADBB7v4Xxy32PwAAALSRu/8lcYv9DwAAAG3k7n9p3DJk/+v/9f/6/x79/5V/lr7/r/9fkf5f/79F/6//P/P79f/6f/at1v/n7n9Z3DJk/wMAAMAEuftfHrfY/wAAANBG7v5XxC32PwAAALSRu/+VccuQ/a//1//r/3v0/zf9+/9X6f/1//ee/l//v0X/r/8/8/v1//p/9q3W/+fuf1XcMmT/AwAAwAS5+18dt9j/AAAA0Ebu/tfELfY/AAAAtJG7/7Vxy5D9r//X/+v/9f/6f/3/kfT/+v8t+n/9/5nfr//X/7Nvtf4/d//r4pYh+x8AAAAmyN1/OW6x/wEAAKCN3P2vj1vsfwAAAGgjd/8b4pYh+1//r//X/+v/q/+/dKH/1//fdPp//f8W/b/+/8zv1//r/9m3Wv+fu/+NccuQ/Q8AAAAT5O5/U9xi/wMAAEAbufvfHLfY/wAAANBG7v63xC1D9r/+X/+v/9f/+/6//v9I+n/9/xb9v/7/zO/X/+v/2bda/5+7/61xy5D9DwAAABPk7n9b3GL/AwAAQBu5+98et9j/AAAA0Ebu/nfELUP2v/5f/6//1//r//X/R9L/6/+36P/1/2d+v/5f/8++1fr/3P3vjFuG7H8AAACYIHf/u+IW+x8AAADayN3/7rjF/gcAAIA2cve/J24Zsv/1//p//b/+X/+v/z+S/l//v0X/r/8/8/v1//p/9q3W/+fuf2/cMmT/AwAAwAS5+98Xt9j/AAAA0Ebu/vfHLfY/AAAAtJG7/wNxy5D9r//X/+v/9f/6f/3/kfT/+v8t+n/9/5nfr//X/7Nvtf4/d/8H45Yh+x8AAAAmyN3/objF/gcAAIA2cvd/OG6x/wEAAKCN3P0fiVuG7H/9v/5f/6//1//r/4+k/9f/b9H/6//P/H79v/6ffav1/7n7Pxq3DNn/AAAAMEHu/o/FLfY/AAAAtJG7/+Nxi/0PAAAAbeTu/0Tccr39f79b9apbR/+v/9f/6//1//r/I+n/9f9b9P/6/zO/X/+v/2ffav1/7v5Pxi1+/g8AAABt5O7/VNxi/wMAAEAbufs/HbfY/wAAANBG7v7PxC1D9r/+X/+v/9f/6//1/0fS/+v/t+j/9f9nfr/+X//PvtX6/9z9n41bhux/AAAAmCB3/+fiFvsfAAAA2sjd//m4xf4HAACANnL3fyFuGbL/9f/6f/2//l//r/8/kv5f/79F/6//P/P79f/6f/at1v/n7v9i3DJk/wMAAMAEufu/FLfY/wAAANBG7v4vxy32PwAAALSRu/8rccuQ/a//1//r//X/+n/9/5H0//r/Lfp//f+Z36//1/+zb7X+P3f/V+OWIfsfAAAAJsjd/7W4xf4HAACANnL3fz1usf8BAACgjdz934hbhux//b/+X/+v/9f/6/+PpP/X/2/R/+v/z/x+/b/+n32r9f+5+78ZtwzZ/wAAADBB7v5vxS32PwAAALSRu//bcYv9DwAAAG3k7v9O3DJk/+v/9f/6f/2//l//fyT9v/5/i/5f/3/m9+v/9f/sW63/z93/3bhlyP4HAACACXL3fy9usf8BAACgjdz9349b7H8AAABoI3f/D+KWIftf/6//1//r//X/+v8j6f/1/1v0//r/M79f/6//Z99q/X/u/h/GLUP2PwAAAEyQu/9HcYv9DwAAAG3k7v9x3GL/AwAAQBu5+38StwzZ//p//b/+X/+v/9f/H0n/r//fov/X/5/5/fp//T/7Vuv/c/f/NG4Zsv8BAABggtz9P4tb7H8AAABoI3f/z+MW+x8AAADayN3/i7hlyP7X/+v/9f/6f/2//v9I+n/9/xb9v/7/zO/X/+v/2bda/5+7/5dxy5D9DwAAABPk7v9V3GL/AwAAQBu5+38dt9j/AAAA0Ebu/t/ELUP2v/5f/6//1//r//X/R9L/6/+36P/1/2d+v/5f/8++1fr/3P2/jVuG7H8AAACYIHf/7+IW+x8AAADayN3/+7jF/gcAAIA2cvf/IW4Zsv/1//p//b/+X/+v/z+S/l//v0X/r/8/8/v1//p/9q3W/+fu/2PcMmT/AwAAwAS5+/8Ut9j/AAAA0Ebu/j/HLfY/AAAAtJG7/y9xy5D9r//X/+v/9f/6f/3/kfT/+v8t+n/9/5nfr//X/7Nvtf4/d/9f45Yh+x8AAAAmyN3/t7jF/gcAAIA2cvf/PW6x/wEAAKCN3P3/iFuG7H/9v/5f/6//1//r/4+k/9f/b9H/6//P/H79v/6ffav1/7n7/xm3DNn/AAAAMEHu/n/FLfY/AAAAtJG7/99xi/0PAAAAbeTu/0/cMmT/6//1//p//b/+X/9/JP2//n+L/l//f+b36//1/+xbrf/P3f/fuGXI/gcAAIAJcvf/L26x/wEAAKCN3P3/j1vsfwAAAGgjd/8dccuQ/a//1//r//X/+n/9/5H0//r/LTv9//31/9fS/6/1fv2//p99q/X/ufvvDAAA//8sjzwF")
chdir(&(0x7f0000000000)='./file0\x00')
unlink(&(0x7f0000000040)='./file0\x00')

0s ago: executing program 1:
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f0000000340)={[{@file_umask={'file_umask', 0x3d, 0x9}}, {}, {@gid}, {@codepage={'codepage', 0x3d, 'cp932'}}, {@creator={'creator', 0x3d, "ff54b274"}}]}, 0x1, 0x2d1, &(0x7f0000000600)="$eJzs3T9v00AYx/HfOUmb/lExbRESC6hQCZaKAgNiCUJZ2ZkQ0KRSRVREWyRgoSBGxAtg5y3wIlhAvAGYmHgB3YzufHGdxnEaaOKm/X6kRM757vyczo7vsdRGAE6te/Wfn2/+ti8jlVSSdEcKJFWlsqRzOl99sbmzsdNqNvI6KrkW9mUUtzRdddY2m1lNbTvXwgvtp7Jm02UYjiiK7v4qOggUzl39GQJp0l+Hbn91xHENy650segYRi09wWZPe3qpuQLDAQAcA/7+H/jbxKwrMgoCadnf9k/U/X+v6ACO1q1WV1GU2yB1/3eru8jY+T3jdu3ney6Fs/uDdpZ4mGAqBz5PKD6zOhaYpl9W6WIJptY3ylpZe6tGoHeqealqi+69EZ+6bX2iXcrITXP07q2i+9PxaNyK8qB2SOsbreak3ciIf2GwI/4/89V8Nw9NqE9qJOu/cmTsNLmZCg/MVFCx8V/v3eOMa2Vryaf9tVot6Khy1h3kgj+C12eU1eyMJN1n+wHBbhJBXpzu2PPqfKwQj261T6uFrFZh8qlHq8WOViV/JqysPWvlPkoZjvYQzUfzwCzpj76onlr/Bza+ZaWuzLyveuNq+jMjHs9Eds2yqxl23Tn2L5dLSQTe5MBjgzTg07IPeqLbmtt+9fppqdVqbtmNxxkbz2e3jC+pvJcy6wx/o6ScOtrdL4msN1F02J6jYQZ/7Ug7tN8fSYm9fLIq26ssKQlGPU2nZaP+TXkn5PhsRJHUY9fQvqdwjGyb9qT7gqmCA8Ko2XWXifM/t5L3qzqXItm3MGednp9kqqPH1SSD61wKzrv36YEyuJneGVzqiDd65Iwu57p8VbqSKjTKPWLo4zwhTF0/9Ijn/wAAAAAAAAAAAAAAAAAAAONmFH9pUPQYAQAAAAAAAAAAAAAAAAAAAAAYd//0+79Z/yPe/f5vyO//AmPkbwAAAP//FSp4xw==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)

kernel console output (not intermixed with test programs):

 776.807720][T11132] Use struct sctp_assoc_value instead
[  777.010640][T11129] delete_channel: no stack
[  777.164531][T11133] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  778.217067][T11145] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  778.956250][T11151] syz-executor.4 (pid 11151) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  779.037916][T11153] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'.
[  779.786689][ T4425] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  779.810861][ T4425] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  779.826453][ T4425] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  779.869368][ T4425] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  779.880278][ T4425] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  779.889524][ T4425] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  780.444353][ T2983] Bluetooth: hci6: Frame reassembly failed (-84)
[  781.324773][T11170] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[  781.872908][T11155] chnl_net:caif_netlink_parms(): no params data found
[  781.980433][ T5074] Bluetooth: hci3: command tx timeout
[  782.462264][ T5074] Bluetooth: hci6: command 0x1003 tx timeout
[  782.468626][ T4425] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  783.095558][T11185] sctp: [Deprecated]: syz-executor.2 (pid 11185) Use of int in maxseg socket option.
[  783.095558][T11185] Use struct sctp_assoc_value instead
[  783.206452][T11184] delete_channel: no stack
[  783.224163][T11155] bridge0: port 1(bridge_slave_0) entered blocking state
[  783.235072][T11155] bridge0: port 1(bridge_slave_0) entered disabled state
[  783.248070][T11155] bridge_slave_0: entered allmulticast mode
[  783.256569][T11155] bridge_slave_0: entered promiscuous mode
[  783.350208][ T5137] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  783.374454][T11155] bridge0: port 2(bridge_slave_1) entered blocking state
[  783.382504][T11155] bridge0: port 2(bridge_slave_1) entered disabled state
[  783.390549][T11155] bridge_slave_1: entered allmulticast mode
[  783.398905][T11155] bridge_slave_1: entered promiscuous mode
[  783.653441][T11155] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  783.777660][T11155] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  783.940496][ T5137] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  783.950082][ T5137] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  783.958293][ T5137] usb 5-1: Product: syz
[  783.962801][ T5137] usb 5-1: Manufacturer: syz
[  783.967600][ T5137] usb 5-1: SerialNumber: syz
[  784.022719][ T5137] usb 5-1: config 0 descriptor??
[  784.049074][T11155] team0: Port device team_slave_0 added
[  784.060973][ T4425] Bluetooth: hci3: command tx timeout
[  784.084409][T11155] team0: Port device team_slave_1 added
[  784.812707][ T5137] usb 5-1: USB disconnect, device number 3
[  784.866250][T11155] batman_adv: batadv0: Adding interface: batadv_slave_0
[  784.873486][T11155] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  784.899763][T11155] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  784.951592][T11193] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  785.209072][T11155] batman_adv: batadv0: Adding interface: batadv_slave_1
[  785.217079][T11155] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  785.243073][    C0] vkms_vblank_simulate: vblank timer overrun
[  785.249548][T11155] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  785.889654][T11155] hsr_slave_0: entered promiscuous mode
[  785.964567][T11155] hsr_slave_1: entered promiscuous mode
[  785.998300][T11155] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  786.006457][T11155] Cannot create hsr debugfs directory
[  786.091633][ T5074] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  786.130891][ T5074] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  786.141019][ T5074] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  786.149280][ T5074] Bluetooth: hci3: command tx timeout
[  786.175802][T10655] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  786.191740][T10655] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  786.202627][T10655] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  787.593620][T11155] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  787.671318][ T6133] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  787.788495][T11209] loop1: detected capacity change from 0 to 2048
[  787.816917][ T6133] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  788.045304][T11155] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  788.089722][ T6133] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  788.220977][ T4425] Bluetooth: hci3: command tx timeout
[  788.302437][ T4425] Bluetooth: hci6: command tx timeout
[  788.367587][T11209] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  788.375518][ T6133] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  788.380532][T11209] ext4 filesystem being mounted at /root/syzkaller-testdir3753390001/syzkaller.BxoG4h/398/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  788.586900][T11155] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  788.719034][T11155] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  788.801671][T11201] chnl_net:caif_netlink_parms(): no params data found
[  788.914757][ T6133] bridge_slave_1: left allmulticast mode
[  788.921595][ T6133] bridge_slave_1: left promiscuous mode
[  788.929173][ T6133] bridge0: port 2(bridge_slave_1) entered disabled state
[  789.150496][ T6133] bridge_slave_0: left allmulticast mode
[  789.157461][ T6133] bridge_slave_0: left promiscuous mode
[  789.163985][ T6133] bridge0: port 1(bridge_slave_0) entered disabled state
[  789.553472][ T6133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  789.619544][ T6133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  789.673281][ T6133] bond0 (unregistering): Released all slaves
[  789.882762][ T5067] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  790.388903][ T4425] Bluetooth: hci6: command tx timeout
[  790.418185][T11231] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'.
[  791.011149][ T6133] hsr_slave_0: left promiscuous mode
[  791.053843][ T6133] hsr_slave_1: left promiscuous mode
[  791.074166][ T6133] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  791.083297][ T6133] batman_adv: batadv0: Removing interface: batadv_slave_0
[  791.133976][ T6133] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  791.142748][ T6133] batman_adv: batadv0: Removing interface: batadv_slave_1
[  791.235497][ T6133] veth1_macvtap: left promiscuous mode
[  791.241452][ T6133] veth0_macvtap: left promiscuous mode
[  791.247360][ T6133] veth1_vlan: left promiscuous mode
[  791.253085][ T6133] veth0_vlan: left promiscuous mode
[  792.287293][ T6133] team0 (unregistering): Port device team_slave_1 removed
[  792.324216][ T6133] team0 (unregistering): Port device team_slave_0 removed
[  792.500816][ T4425] Bluetooth: hci6: command tx timeout
[  792.597028][T11155] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  792.926716][T11201] bridge0: port 1(bridge_slave_0) entered blocking state
[  792.934498][T11201] bridge0: port 1(bridge_slave_0) entered disabled state
[  792.943966][T11201] bridge_slave_0: entered allmulticast mode
[  792.952231][T11201] bridge_slave_0: entered promiscuous mode
[  793.081595][T11155] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  793.143997][T11201] bridge0: port 2(bridge_slave_1) entered blocking state
[  793.153103][T11201] bridge0: port 2(bridge_slave_1) entered disabled state
[  793.160865][T11201] bridge_slave_1: entered allmulticast mode
[  793.169009][T11201] bridge_slave_1: entered promiscuous mode
[  793.194423][T11155] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  793.271564][T11155] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  793.506284][T11201] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  793.629357][T11201] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  793.741330][ T2893] Bluetooth: hci0: Frame reassembly failed (-84)
[  794.001379][T11201] team0: Port device team_slave_0 added
[  794.028048][T11201] team0: Port device team_slave_1 added
[  794.214040][T11201] batman_adv: batadv0: Adding interface: batadv_slave_0
[  794.223847][T11201] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  794.251048][T11201] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  794.369797][T11201] batman_adv: batadv0: Adding interface: batadv_slave_1
[  794.378282][T11201] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  794.405552][T11201] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  794.540266][T10655] Bluetooth: hci6: command tx timeout
[  794.951797][T11252] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  795.123768][T11201] hsr_slave_0: entered promiscuous mode
[  795.211001][T11201] hsr_slave_1: entered promiscuous mode
[  795.290645][T11201] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  795.301522][T11201] Cannot create hsr debugfs directory
[  795.495335][T11155] 8021q: adding VLAN 0 to HW filter on device bond0
[  795.740413][ T4425] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  795.864585][T11155] 8021q: adding VLAN 0 to HW filter on device team0
[  796.135550][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  796.143231][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  796.221748][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  796.229218][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  796.440662][  T780] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  796.527647][T11155] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  797.030678][  T780] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  797.042973][  T780] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.051770][  T780] usb 5-1: Product: syz
[  797.056058][  T780] usb 5-1: Manufacturer: syz
[  797.060925][  T780] usb 5-1: SerialNumber: syz
[  797.115776][  T780] usb 5-1: config 0 descriptor??
[  797.758064][   T10] usb 5-1: USB disconnect, device number 4
[  798.407640][T11155] 8021q: adding VLAN 0 to HW filter on device batadv0
[  798.639046][T11266] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'.
[  798.961511][T11201] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  799.012206][T11201] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  799.101952][T11201] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  799.221322][T11201] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  799.370494][T11155] veth0_vlan: entered promiscuous mode
[  799.515345][T11155] veth1_vlan: entered promiscuous mode
[  799.577289][T11273] loop4: detected capacity change from 0 to 512
[  799.691275][T11273] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  799.700626][T11273] UDF-fs: Scanning with blocksize 512 failed
[  799.756476][T11273] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  799.764214][T11273] UDF-fs: Scanning with blocksize 1024 failed
[  799.822133][T11273] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  799.829773][T11273] UDF-fs: Scanning with blocksize 2048 failed
[  799.928498][T11155] veth0_macvtap: entered promiscuous mode
[  799.944346][T11273] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  800.030596][T11273] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  800.093541][T11155] veth1_macvtap: entered promiscuous mode
[  800.364067][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  800.375637][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  800.385788][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  800.396434][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  800.406487][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  800.418600][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  800.428930][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  800.439617][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  800.449720][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  800.463239][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  800.477229][T11155] batman_adv: batadv0: Interface activated: batadv_slave_0
[  800.761063][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  800.772193][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  800.782591][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  800.793367][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  800.803493][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  800.814220][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  800.824480][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  800.838202][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  800.848739][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  800.859526][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  800.874888][T11155] batman_adv: batadv0: Interface activated: batadv_slave_1
[  801.201338][   T13] bridge_slave_1: left allmulticast mode
[  801.207382][   T13] bridge_slave_1: left promiscuous mode
[  801.215639][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  801.333126][   T13] bridge_slave_0: left allmulticast mode
[  801.342611][   T13] bridge_slave_0: left promiscuous mode
[  801.349208][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  802.102375][T11291] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'.
[  802.208892][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  802.316910][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  802.383527][   T13] bond0 (unregistering): Released all slaves
[  802.592832][T11155] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  802.602592][T11155] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  802.612304][T11155] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  802.621947][T11155] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  802.745361][T11201] 8021q: adding VLAN 0 to HW filter on device bond0
[  803.147968][   T13] hsr_slave_0: left promiscuous mode
[  803.192797][   T13] hsr_slave_1: left promiscuous mode
[  803.257043][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  803.265016][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  803.298254][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  803.306294][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  803.375079][   T13] veth1_macvtap: left promiscuous mode
[  803.381132][   T13] veth0_macvtap: left promiscuous mode
[  803.389021][   T13] veth1_vlan: left promiscuous mode
[  803.395151][   T13] veth0_vlan: left promiscuous mode
[  804.420803][   T13] team0 (unregistering): Port device team_slave_1 removed
[  804.458726][   T13] team0 (unregistering): Port device team_slave_0 removed
[  804.767753][T11307] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  805.035064][T11201] 8021q: adding VLAN 0 to HW filter on device team0
[  805.178184][  T780] bridge0: port 1(bridge_slave_0) entered blocking state
[  805.185810][  T780] bridge0: port 1(bridge_slave_0) entered forwarding state
[  805.305312][  T780] bridge0: port 2(bridge_slave_1) entered blocking state
[  805.314070][  T780] bridge0: port 2(bridge_slave_1) entered forwarding state
[  806.841692][   T10] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  807.013294][T10655] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  807.022536][T10655] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  807.032515][T10655] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  807.048439][T10655] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  807.058855][T10655] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  807.067706][T10655] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  807.431728][   T10] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  807.441215][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  807.449374][   T10] usb 5-1: Product: syz
[  807.453833][   T10] usb 5-1: Manufacturer: syz
[  807.458558][   T10] usb 5-1: SerialNumber: syz
[  807.578820][   T10] usb 5-1: config 0 descriptor??
[  807.582510][T11330] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'.
[  808.457110][  T780] usb 5-1: USB disconnect, device number 5
[  808.704505][T11201] 8021q: adding VLAN 0 to HW filter on device batadv0
[  809.182628][T10655] Bluetooth: hci0: command tx timeout
[  809.266257][T11323] chnl_net:caif_netlink_parms(): no params data found
[  809.494311][T11201] veth0_vlan: entered promiscuous mode
[  809.765516][T11201] veth1_vlan: entered promiscuous mode
[  810.286673][T11201] veth0_macvtap: entered promiscuous mode
[  810.434960][T11201] veth1_macvtap: entered promiscuous mode
[  810.681827][T11201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  810.693201][T11201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.706002][T11201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  810.717307][T11201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.727475][T11201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  810.738474][T11201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.748563][T11201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  810.761025][T11201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.771565][T11201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  810.782411][T11201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.798244][T11201] batman_adv: batadv0: Interface activated: batadv_slave_0
[  811.124227][T11358] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  811.260557][T10655] Bluetooth: hci0: command tx timeout
[  811.378095][T11360] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'.
[  811.767486][T11201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  811.778364][T11201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  811.791118][T11201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  811.803276][T11201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  811.813605][T11201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  811.824270][T11201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  811.834341][T11201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  811.844973][T11201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  811.855012][T11201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  811.865702][T11201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  811.879399][T11201] batman_adv: batadv0: Interface activated: batadv_slave_1
[  811.933177][T11323] bridge0: port 1(bridge_slave_0) entered blocking state
[  811.941558][T11323] bridge0: port 1(bridge_slave_0) entered disabled state
[  811.949469][T11323] bridge_slave_0: entered allmulticast mode
[  811.959089][T11323] bridge_slave_0: entered promiscuous mode
[  812.253008][T11323] bridge0: port 2(bridge_slave_1) entered blocking state
[  812.261169][T11323] bridge0: port 2(bridge_slave_1) entered disabled state
[  812.269036][T11323] bridge_slave_1: entered allmulticast mode
[  812.278495][T11323] bridge_slave_1: entered promiscuous mode
[  812.313105][T11201] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  812.322863][T11201] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  812.332002][T11201] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  812.341192][T11201] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  812.905581][T11323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  813.093103][T11323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  813.340386][T10655] Bluetooth: hci0: command tx timeout
[  813.501351][T11323] team0: Port device team_slave_0 added
[  813.745673][T11323] team0: Port device team_slave_1 added
[  813.994132][T11323] batman_adv: batadv0: Adding interface: batadv_slave_0
[  814.001869][T11323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  814.028150][T11323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  814.112243][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  814.121072][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  814.231324][ T6133] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  814.348605][T11323] batman_adv: batadv0: Adding interface: batadv_slave_1
[  814.355954][T11323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  814.382287][T11323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  814.512013][ T6133] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  814.637676][ T1068] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  814.646051][ T1068] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  814.766494][ T6133] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  814.827605][T11385] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  815.256063][ T6133] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  815.420507][T10655] Bluetooth: hci0: command tx timeout
[  815.541441][T11323] hsr_slave_0: entered promiscuous mode
[  815.616116][T11323] hsr_slave_1: entered promiscuous mode
[  815.677151][T11323] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  815.685095][T11323] Cannot create hsr debugfs directory
[  815.946442][ T6133] bridge_slave_1: left allmulticast mode
[  815.952884][ T6133] bridge_slave_1: left promiscuous mode
[  815.959572][ T6133] bridge0: port 2(bridge_slave_1) entered disabled state
[  816.036368][ T6133] bridge_slave_0: left allmulticast mode
[  816.042373][ T6133] bridge_slave_0: left promiscuous mode
[  816.049021][ T6133] bridge0: port 1(bridge_slave_0) entered disabled state
[  816.087807][ T2983] Bluetooth: hci2: Frame reassembly failed (-84)
[  816.430830][T11398] loop3: detected capacity change from 0 to 1024
[  816.982880][ T6133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  817.013795][ T6133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  817.040792][ T6133] bond0 (unregistering): Released all slaves
[  817.073476][ T6133] bond1 (unregistering): (slave batadv1): Removing an active aggregator
[  817.086827][ T6133] bond1 (unregistering): (slave batadv1): Releasing backup interface
[  817.128289][ T6133] bond1 (unregistering): Released all slaves
[  817.158010][ T6133] bond2 (unregistering): (slave batadv2): Removing an active aggregator
[  817.172224][ T6133] bond2 (unregistering): (slave batadv2): Releasing backup interface
[  817.192479][ T6133] bond2 (unregistering): Released all slaves
[  817.230705][   T13] hfsplus: b-tree write err: -5, ino 4
[  817.259307][ T6133] bond3 (unregistering): (slave batadv3): Removing an active aggregator
[  817.269770][ T6133] bond3 (unregistering): (slave batadv3): Releasing backup interface
[  817.365892][ T6133] bond3 (unregistering): Released all slaves
[  817.742279][ T6133] tipc: Left network mode
[  818.096322][ T6133] hsr_slave_0: left promiscuous mode
[  818.114391][ T6133] hsr_slave_1: left promiscuous mode
[  818.137621][ T6133] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  818.151923][ T6133] batman_adv: batadv0: Removing interface: batadv_slave_0
[  818.154976][ T4425] Bluetooth: hci2: command 0x1003 tx timeout
[  818.167251][T10655] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  818.222676][ T6133] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  818.230475][ T6133] batman_adv: batadv0: Removing interface: batadv_slave_1
[  818.333642][ T6133] veth1_macvtap: left promiscuous mode
[  818.342171][ T6133] veth0_macvtap: left promiscuous mode
[  818.348132][ T6133] veth1_vlan: left promiscuous mode
[  818.353816][ T6133] veth0_vlan: left promiscuous mode
[  818.393402][T11407] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'.
[  819.635551][ T6133] team0 (unregistering): Port device team_slave_1 removed
[  819.720441][ T6133] team0 (unregistering): Port device team_slave_0 removed
[  821.142943][T11323] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  821.302288][T11323] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  821.404586][T11323] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  821.562153][T11323] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  822.452616][T11435] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  822.827433][T11436] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'.
[  823.344473][T11323] 8021q: adding VLAN 0 to HW filter on device bond0
[  823.576743][T11323] 8021q: adding VLAN 0 to HW filter on device team0
[  823.676586][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  823.684482][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  823.795757][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  823.803592][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  824.816886][   T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  824.825307][   T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  824.969328][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  824.977666][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  825.018026][T11452] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  825.814999][ T1077] Bluetooth: hci2: Frame reassembly failed (-84)
[  825.920629][T11462] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  826.357356][T11323] 8021q: adding VLAN 0 to HW filter on device batadv0
[  826.845803][T11323] veth0_vlan: entered promiscuous mode
[  826.933393][T11323] veth1_vlan: entered promiscuous mode
[  827.133692][T11468] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'.
[  827.608488][T11323] veth0_macvtap: entered promiscuous mode
[  827.677932][T11323] veth1_macvtap: entered promiscuous mode
[  827.822159][T10655] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  827.825996][ T4425] Bluetooth: hci2: command 0x1003 tx timeout
[  827.917552][T11323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  827.929679][T11323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  827.940064][T11323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  827.950929][T11323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  827.961115][T11323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  827.976042][T11323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  827.989488][T11323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  828.000748][T11323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  828.011307][T11323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  828.022152][T11323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  828.039404][T11323] batman_adv: batadv0: Interface activated: batadv_slave_0
[  828.257598][T11323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  828.271624][T11323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  828.282243][T11323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  828.292922][T11323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  828.302955][T11323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  828.313611][T11323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  828.323786][T11323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  828.334430][T11323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  828.345459][T11323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  828.356155][T11323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  828.369646][T11323] batman_adv: batadv0: Interface activated: batadv_slave_1
[  828.640909][T11323] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  828.650076][T11323] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  828.659084][T11323] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  828.668205][T11323] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  830.631620][T11489] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  830.902890][T11490] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'.
[  832.044524][T11501] sctp: [Deprecated]: syz-executor.1 (pid 11501) Use of int in maxseg socket option.
[  832.044524][T11501] Use struct sctp_assoc_value instead
[  832.187269][T11500] delete_channel: no stack
[  833.134306][T11512] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  833.496845][T11518] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  833.546380][ T1230] ieee802154 phy0 wpan0: encryption failed: -22
[  834.390074][   T29] audit: type=1800 audit(1718198098.525:139): pid=11525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="sda1" ino=1953 res=0 errno=0
[  834.414634][T11528] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'.
[  835.657118][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  835.666033][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  835.818311][ T6137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  835.826820][ T6137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  836.639674][ T5074] Bluetooth: hci2: command 0x1003 tx timeout
[  836.646670][T10655] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  837.074037][T11554] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'.
[  837.801569][T11561] Bluetooth: MGMT ver 1.22
[  838.132479][T11564] sctp: [Deprecated]: syz-executor.2 (pid 11564) Use of int in maxseg socket option.
[  838.132479][T11564] Use struct sctp_assoc_value instead
[  838.450324][T11572] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  838.462284][T11570] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  838.662484][T11576] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'.
[  839.831785][ T4181] Bluetooth: hci2: Frame reassembly failed (-84)
[  840.990183][T11600] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[  841.435069][T11605] loop1: detected capacity change from 0 to 1764
[  841.665559][T11603] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4091629214 (65466067424 ns) > initial count (185248 ns). Using initial count to start timer.
[  841.811877][T11607] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  841.912225][ T5074] Bluetooth: hci2: command 0x1003 tx timeout
[  841.919386][T10655] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  842.121668][  T780] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  842.294524][T11616] sctp: [Deprecated]: syz-executor.1 (pid 11616) Use of int in maxseg socket option.
[  842.294524][T11616] Use struct sctp_assoc_value instead
[  842.533664][  T780] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  842.545326][  T780] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  842.703033][  T780] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  842.712824][  T780] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  842.725662][  T780] usb 3-1: SerialNumber: syz
[  843.147211][T11624] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  843.156313][  T780] usb 3-1: 0:2 : does not exist
[  843.207379][T11625] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  843.401060][  T780] usb 3-1: USB disconnect, device number 2
[  843.762564][T11632] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[  845.887554][T11657] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'.
[  845.919781][T11647] loop0: detected capacity change from 0 to 1764
[  845.944303][T11658] sctp: [Deprecated]: syz-executor.2 (pid 11658) Use of int in maxseg socket option.
[  845.944303][T11658] Use struct sctp_assoc_value instead
[  846.243701][ T1077] Bluetooth: hci2: Frame reassembly failed (-84)
[  846.483692][T11647] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4091629214 (65466067424 ns) > initial count (185248 ns). Using initial count to start timer.
[  847.238279][T11673] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  847.383058][T11675] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  847.497260][T11676] loop4: detected capacity change from 0 to 512
[  847.592977][T11676] EXT4-fs warning (device loop4): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  847.681828][T11679] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'.
[  848.221549][T10655] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  849.694514][T11695] sctp: [Deprecated]: syz-executor.4 (pid 11695) Use of int in maxseg socket option.
[  849.694514][T11695] Use struct sctp_assoc_value instead
[  850.267492][T11700] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[  850.320477][  T780] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  850.570198][  T780] usb 3-1: Using ep0 maxpacket: 8
[  850.607591][T11702] loop4: detected capacity change from 0 to 1764
[  850.840648][  T780] usb 3-1: New USB device found, idVendor=03f0, idProduct=0121, bcdDevice=4c.86
[  850.840982][T11706] input: syz0 as /devices/virtual/input/input7
[  850.850374][  T780] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  850.950204][  T780] usb 3-1: config 0 descriptor??
[  851.090489][  T780] hub 3-1:0.0: bad descriptor, ignoring hub
[  851.096670][  T780] hub 3-1:0.0: probe with driver hub failed with error -5
[  851.113888][  T780] usb_serial_simple 3-1:0.0: hp4x converter detected
[  851.136665][  T780] usb 3-1: hp4x converter now attached to ttyUSB0
[  851.292188][T11710] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  851.395068][  T780] usb 3-1: USB disconnect, device number 3
[  851.461863][  T780] hp4x ttyUSB0: hp4x converter now disconnected from ttyUSB0
[  851.470746][  T780] usb_serial_simple 3-1:0.0: device disconnected
[  852.183906][T11715] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  852.281012][T11720] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'.
[  853.554119][T11734] sctp: [Deprecated]: syz-executor.2 (pid 11734) Use of int in maxseg socket option.
[  853.554119][T11734] Use struct sctp_assoc_value instead
[  854.541860][T11744] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[  855.022622][T10655] Bluetooth: hci2: command 0x1003 tx timeout
[  855.029190][ T5074] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  855.572363][T11753] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  855.662518][T11754] loop1: detected capacity change from 0 to 512
[  855.762972][T11754] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz-executor.1: casefold flag without casefold feature
[  855.869106][T11754] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117)
[  855.923151][T11754] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  856.055501][T11762] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'.
[  856.362495][T11754] Bluetooth: MGMT ver 1.22
[  856.662506][ T5067] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  857.027557][T11765] input: syz0 as /devices/virtual/input/input8
[  857.092293][T11773] sctp: [Deprecated]: syz-executor.4 (pid 11773) Use of int in maxseg socket option.
[  857.092293][T11773] Use struct sctp_assoc_value instead
[  857.339676][T11775] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  858.771801][T11796] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[  859.396128][ T2983] Bluetooth: hci2: Frame reassembly failed (-84)
[  859.652911][T11807] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  859.845700][T11811] loop2: detected capacity change from 0 to 512
[  859.906897][T11806] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  859.966750][T11811] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #15: comm syz-executor.2: casefold flag without casefold feature
[  859.990743][T11811] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117)
[  860.022908][T11806] kvm: pic: non byte read
[  860.028545][T11806] kvm: pic: non byte read
[  860.057523][T11811] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  860.082589][T11806] kvm: pic: non byte read
[  860.095740][T11806] kvm: pic: non byte read
[  860.141179][T11806] kvm: pic: non byte read
[  860.147101][T11806] kvm: pic: non byte read
[  860.207853][T11806] kvm: pic: single mode not supported
[  860.207930][T11806] kvm: pic: level sensitive irq not supported
[  860.260923][T11806] kvm: pic: non byte read
[  860.337957][T11806] kvm: pic: non byte read
[  860.369157][T11806] kvm: pic: non byte read
[  860.376306][T11817] sctp: [Deprecated]: syz-executor.1 (pid 11817) Use of int in maxseg socket option.
[  860.376306][T11817] Use struct sctp_assoc_value instead
[  860.479271][T11201] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  860.496392][T11806] kvm: pic: non byte read
[  860.544054][T11806] kvm: pic: single mode not supported
[  860.652231][T11819] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'.
[  861.337297][T11822] loop2: detected capacity change from 0 to 2048
[  861.420427][T10655] Bluetooth: hci2: command 0x1003 tx timeout
[  861.427004][ T5074] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  861.473794][T11822] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  861.487375][T11822] ext4 filesystem being mounted at /root/syzkaller-testdir401615895/syzkaller.SD3Qs9/27/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  861.739729][T11834] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  862.232268][T11201] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  862.426961][T11840] loop1: detected capacity change from 0 to 1024
[  863.207990][T11856] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'.
[  864.252613][T11865] input: syz0 as /devices/virtual/input/input9
[  864.548921][T11867] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  864.584886][T11872] loop1: detected capacity change from 0 to 512
[  864.643609][T11871] sctp: [Deprecated]: syz-executor.2 (pid 11871) Use of int in maxseg socket option.
[  864.643609][T11871] Use struct sctp_assoc_value instead
[  864.810560][T11872] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz-executor.1: casefold flag without casefold feature
[  864.935714][T11872] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117)
[  865.032405][T11872] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  865.184449][T11878] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'.
[  865.823685][ T6133] Bluetooth: hci2: Frame reassembly failed (-84)
[  865.848429][ T5067] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  866.105728][  T779] IPVS: starting estimator thread 0...
[  866.201518][T11888] IPVS: using max 240 ests per chain, 12000 per kthread
[  866.584060][T11895] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  866.850310][  T780] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  867.171471][T11908] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[  867.222718][  T780] usb 5-1: config 0 has no interfaces?
[  867.321275][  T780] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  867.332143][  T780] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  867.340964][  T780] usb 5-1: SerialNumber: syz
[  867.404165][  T780] usb 5-1: config 0 descriptor??
[  867.659320][  T779] usb 5-1: USB disconnect, device number 6
[  867.902868][T10655] Bluetooth: hci2: command 0x1003 tx timeout
[  867.909231][ T5074] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  868.219567][T11919] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  868.638457][T11921] sctp: [Deprecated]: syz-executor.4 (pid 11921) Use of int in maxseg socket option.
[  868.638457][T11921] Use struct sctp_assoc_value instead
[  868.824081][T11923] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'.
[  871.082521][T11946] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  871.712177][T11954] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.3'.
[  872.305082][T11959] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  873.140861][T11971] sctp: [Deprecated]: syz-executor.0 (pid 11971) Use of int in maxseg socket option.
[  873.140861][T11971] Use struct sctp_assoc_value instead
[  873.336483][T11974] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'.
[  874.940122][ T5074] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  875.034175][T11993] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  875.416292][T11999] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  876.042507][T12003] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  876.552501][T12012] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'.
[  876.947843][T12016] sctp: [Deprecated]: syz-executor.4 (pid 12016) Use of int in maxseg socket option.
[  876.947843][T12016] Use struct sctp_assoc_value instead
[  877.518420][T12024] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'.
[  878.530879][   T43] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  878.782057][   T43] usb 5-1: Using ep0 maxpacket: 32
[  878.901102][   T43] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[  878.909600][   T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  879.140816][   T43] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  879.150675][   T43] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  879.159370][   T43] usb 5-1: Product: syz
[  879.166637][   T43] usb 5-1: Manufacturer: syz
[  879.171970][   T43] usb 5-1: SerialNumber: syz
[  879.202414][   T43] usb 5-1: config 0 descriptor??
[  879.268545][   T43] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  879.282604][   T43] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  879.379427][T12042] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  879.455979][ T4181] Bluetooth: hci2: Frame reassembly failed (-84)
[  879.478263][   T43] usb 5-1: USB disconnect, device number 7
[  879.508832][   T43] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  879.574425][T12044] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  880.472067][T12061] sctp: [Deprecated]: syz-executor.4 (pid 12061) Use of int in maxseg socket option.
[  880.472067][T12061] Use struct sctp_assoc_value instead
[  880.752432][T12064] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[  880.946310][T12070] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'.
[  881.501819][T10655] Bluetooth: hci2: command 0x1003 tx timeout
[  881.508196][ T5074] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  882.211264][T12085] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  883.076356][T12096] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  884.682336][T12120] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[  885.479082][T12133] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  885.800013][ T2983] Bluetooth: hci2: Frame reassembly failed (-84)
[  886.151193][T12149] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  887.759103][  T780] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  887.820073][T10655] Bluetooth: hci2: command 0x1003 tx timeout
[  887.823459][ T5074] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  887.946695][T12174] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  888.035076][  T780] usb 5-1: Using ep0 maxpacket: 32
[  888.149505][T12176] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[  888.212784][  T780] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  888.224041][  T780] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  888.233582][  T780] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  888.316024][  T780] usb 5-1: config 0 descriptor??
[  888.359553][T12165] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  888.485967][  T780] hub 5-1:0.0: bad descriptor, ignoring hub
[  888.492272][  T780] hub 5-1:0.0: probe with driver hub failed with error -5
[  888.506195][  T780] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  888.811130][   T10] usb 5-1: USB disconnect, device number 8
[  888.913050][T12184] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  889.863929][T12204] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  890.834274][T12225] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  891.011537][T12230] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[  891.101923][T12227] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  892.420607][T12245] batadv0: entered promiscuous mode
[  892.506297][T12245] 8021q: adding VLAN 0 to HW filter on device batadv0
[  893.100412][T10655] Bluetooth: hci2: command 0x1003 tx timeout
[  893.101612][ T5074] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  893.341727][   T43] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  893.610492][   T43] usb 3-1: Using ep0 maxpacket: 32
[  893.733021][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  893.744933][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  893.756589][   T43] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  893.766133][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  893.842004][   T43] usb 3-1: config 0 descriptor??
[  893.871457][T12255] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  893.899137][   T43] hub 3-1:0.0: USB hub found
[  893.953965][T12262] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  894.202604][T12272] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  894.235562][   T43] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  894.432973][T12275] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'.
[  894.582808][   T43] usbhid 3-1:0.0: can't add hid device: -71
[  894.589764][   T43] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  894.688615][   T43] usb 3-1: USB disconnect, device number 4
[  894.960979][ T1230] ieee802154 phy0 wpan0: encryption failed: -22
[  896.465206][   T58] Bluetooth: hci2: Frame reassembly failed (-84)
[  896.661454][T12304] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  897.159164][T12318] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  897.251486][   T43] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  897.335919][T12319] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'.
[  897.525305][   T43] usb 3-1: Using ep0 maxpacket: 32
[  897.670486][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  897.682435][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  897.695981][   T43] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  897.708422][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  897.737440][   T43] usb 3-1: config 0 descriptor??
[  897.761475][T12312] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  897.835828][   T43] hub 3-1:0.0: USB hub found
[  898.134046][   T43] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  898.411638][T12333] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  898.460755][ T5074] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  898.505931][   T43] usbhid 3-1:0.0: can't add hid device: -71
[  898.514403][   T43] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  898.612113][   T43] usb 3-1: USB disconnect, device number 5
[  898.834148][T12338] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  898.933668][T12338] loop1: detected capacity change from 0 to 512
[  899.424963][T12345] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  900.452347][T12365] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  900.882112][T12370] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[  901.572622][ T4425] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  901.609520][ T4425] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  901.618853][ T4425] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  901.653925][ T4425] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  901.665602][T12383] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  901.697255][ T4425] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  901.706782][ T4425] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  901.920275][   T43] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  902.142025][ T4425] Bluetooth: hci3: command 0x0406 tx timeout
[  902.190257][   T43] usb 3-1: Using ep0 maxpacket: 32
[  902.341280][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  902.354711][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  902.368237][   T43] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  902.385914][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  902.432482][   T43] usb 3-1: config 0 descriptor??
[  902.451575][T12384] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  902.502331][   T43] hub 3-1:0.0: USB hub found
[  902.760524][   T43] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  902.885385][ T4181] Bluetooth: hci5: Frame reassembly failed (-84)
[  902.932551][ T9895] syz_tun (unregistering): left allmulticast mode
[  902.946990][T12399] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  903.000786][T12394] loop0: detected capacity change from 0 to 512
[  903.120976][   T43] usbhid 3-1:0.0: can't add hid device: -71
[  903.132065][   T43] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  903.231672][   T43] usb 3-1: USB disconnect, device number 6
[  903.386010][ T2983] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  903.473486][T12379] chnl_net:caif_netlink_parms(): no params data found
[  903.577920][ T2983] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  903.755784][ T2983] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  903.824264][ T5074] Bluetooth: hci2: command tx timeout
[  903.896930][ T2983] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  904.110529][ T2983] bridge_slave_1: left allmulticast mode
[  904.116532][ T2983] bridge_slave_1: left promiscuous mode
[  904.123391][ T2983] bridge0: port 2(bridge_slave_1) entered disabled state
[  904.200787][ T2983] bridge_slave_0: left allmulticast mode
[  904.206868][ T2983] bridge_slave_0: left promiscuous mode
[  904.215162][ T2983] bridge0: port 1(bridge_slave_0) entered disabled state
[  904.951296][ T5074] Bluetooth: hci5: command 0x1003 tx timeout
[  904.957672][ T4425] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  904.991148][T12427] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  905.122398][ T2983] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  905.266283][ T2983] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  905.341609][T12435] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'.
[  905.382555][ T2983] bond0 (unregistering): Released all slaves
[  905.902701][ T4425] Bluetooth: hci2: command tx timeout
[  906.330429][ T2983] hsr_slave_0: left promiscuous mode
[  906.380934][ T2983] hsr_slave_1: left promiscuous mode
[  906.427741][ T2983] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  906.436823][ T2983] batman_adv: batadv0: Removing interface: batadv_slave_0
[  906.493327][ T2983] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  906.501383][ T2983] batman_adv: batadv0: Removing interface: batadv_slave_1
[  906.554332][ T2983] veth1_macvtap: left promiscuous mode
[  906.560271][ T2983] veth0_macvtap: left promiscuous mode
[  906.566151][ T2983] veth1_vlan: left promiscuous mode
[  906.572176][ T2983] veth0_vlan: left promiscuous mode
[  907.150311][ T5123] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  907.174934][T12457] loop2: detected capacity change from 0 to 512
[  907.273527][T12459] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  907.452820][ T5123] usb 1-1: Using ep0 maxpacket: 32
[  907.600678][ T5123] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  907.612698][ T5123] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  907.624444][ T5123] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  907.636154][ T5123] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  907.658051][ T5123] usb 1-1: config 0 descriptor??
[  907.676678][ T2983] team0 (unregistering): Port device team_slave_1 removed
[  907.700990][T12451] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  907.736581][ T5123] hub 1-1:0.0: USB hub found
[  907.752405][ T2983] team0 (unregistering): Port device team_slave_0 removed
[  908.010510][ T4425] Bluetooth: hci2: command tx timeout
[  908.336995][ T5123] hub 1-1:0.0: config failed, can't read hub descriptor (err -22)
[  908.374964][T12379] bridge0: port 1(bridge_slave_0) entered blocking state
[  908.382891][T12379] bridge0: port 1(bridge_slave_0) entered disabled state
[  908.391444][T12379] bridge_slave_0: entered allmulticast mode
[  908.400786][T12379] bridge_slave_0: entered promiscuous mode
[  908.452536][T12379] bridge0: port 2(bridge_slave_1) entered blocking state
[  908.465146][T12379] bridge0: port 2(bridge_slave_1) entered disabled state
[  908.473108][T12379] bridge_slave_1: entered allmulticast mode
[  908.482375][T12379] bridge_slave_1: entered promiscuous mode
[  908.675926][T12379] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  908.700824][ T5123] usbhid 1-1:0.0: can't add hid device: -71
[  908.707481][ T5123] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  908.770682][T12379] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  908.800514][ T5123] usb 1-1: USB disconnect, device number 2
[  908.980929][T12379] team0: Port device team_slave_0 added
[  909.040224][T12379] team0: Port device team_slave_1 added
[  909.199737][T12379] batman_adv: batadv0: Adding interface: batadv_slave_0
[  909.209570][T12379] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  909.236476][T12379] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  909.327071][T12379] batman_adv: batadv0: Adding interface: batadv_slave_1
[  909.334710][T12379] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  909.361410][T12379] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  909.721786][T12379] hsr_slave_0: entered promiscuous mode
[  909.767727][T12379] hsr_slave_1: entered promiscuous mode
[  909.816523][T12379] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  909.824904][T12379] Cannot create hsr debugfs directory
[  909.962250][T12482] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  910.082412][ T4425] Bluetooth: hci2: command tx timeout
[  910.251725][T12485] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[  911.383972][T12497] loop2: detected capacity change from 0 to 512
[  911.415489][T12502] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  911.990257][T12506] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  912.007339][T12379] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  912.122455][T12379] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  912.196355][T12379] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  912.299001][T12379] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  912.380358][T10655] Bluetooth: hci6: command 0x0406 tx timeout
[  912.648756][ T2983] IPVS: stop unused estimator thread 0...
[  912.785390][ T5074] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  912.941270][    T8] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  913.220561][    T8] usb 2-1: Using ep0 maxpacket: 32
[  913.383654][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  913.395411][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  913.408097][    T8] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  913.417859][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  913.468983][    T8] usb 2-1: config 0 descriptor??
[  913.491970][T12514] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  913.532106][T12379] 8021q: adding VLAN 0 to HW filter on device bond0
[  913.561712][    T8] hub 2-1:0.0: USB hub found
[  913.751831][T12379] 8021q: adding VLAN 0 to HW filter on device team0
[  913.834380][ T5123] bridge0: port 1(bridge_slave_0) entered blocking state
[  913.842254][ T5123] bridge0: port 1(bridge_slave_0) entered forwarding state
[  913.907848][    T8] hub 2-1:0.0: config failed, can't read hub descriptor (err -22)
[  913.929320][ T5123] bridge0: port 2(bridge_slave_1) entered blocking state
[  913.937175][ T5123] bridge0: port 2(bridge_slave_1) entered forwarding state
[  914.280715][    T8] usbhid 2-1:0.0: can't add hid device: -71
[  914.289573][    T8] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  914.394512][    T8] usb 2-1: USB disconnect, device number 5
[  914.662671][T12538] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  915.075493][T12540] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.3'.
[  915.370926][T12550] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  915.467286][T12552] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  916.102185][T12379] 8021q: adding VLAN 0 to HW filter on device batadv0
[  917.872205][ T5123] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  918.151214][ T5123] usb 4-1: Using ep0 maxpacket: 32
[  918.248121][T12379] veth0_vlan: entered promiscuous mode
[  918.321057][ T5123] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  918.333770][ T5123] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  918.345509][ T5123] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  918.346512][T12379] veth1_vlan: entered promiscuous mode
[  918.354885][ T5123] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  918.409579][T12595] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  918.443627][ T5123] usb 4-1: config 0 descriptor??
[  918.461661][T12584] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  918.508016][ T5123] hub 4-1:0.0: USB hub found
[  918.684930][T12379] veth0_macvtap: entered promiscuous mode
[  918.745883][T12379] veth1_macvtap: entered promiscuous mode
[  918.781803][ T5074] Bluetooth: hci5: command 0x1003 tx timeout
[  918.788393][T10655] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  918.901049][T12379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  918.911960][T12379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  918.922080][T12379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  918.932907][T12379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  918.943805][T12379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  918.955010][T12379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  918.965156][T12379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  918.970717][ T5123] hub 4-1:0.0: config failed, can't read hub descriptor (err -22)
[  918.975806][T12379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  918.994169][T12379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  919.006560][T12379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  919.028172][T12379] batman_adv: batadv0: Interface activated: batadv_slave_0
[  919.180719][T12379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  919.191509][T12379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  919.203324][T12379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  919.214411][T12379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  919.224542][T12379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  919.236011][T12379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  919.246126][T12379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  919.256898][T12379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  919.267157][T12379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  919.277904][T12379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  919.293127][T12379] batman_adv: batadv0: Interface activated: batadv_slave_1
[  919.370740][ T5123] usbhid 4-1:0.0: can't add hid device: -71
[  919.377706][ T5123] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  919.489921][T12604] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  919.521983][ T5123] usb 4-1: USB disconnect, device number 3
[  919.531210][T12606] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[  919.901777][T12379] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  919.911049][T12379] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  919.922014][T12379] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  919.931488][T12379] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  921.827694][T12643] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  922.305375][T12658] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[  922.864729][T12669] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  924.085847][ T5137] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  924.300197][T10655] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  924.403222][ T5137] usb 4-1: Using ep0 maxpacket: 32
[  924.541242][ T5137] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  924.553460][ T5137] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  924.565074][ T5137] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  924.574780][ T5137] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  924.622639][ T5137] usb 4-1: config 0 descriptor??
[  924.651730][T12680] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  924.691681][ T5137] hub 4-1:0.0: USB hub found
[  925.101860][ T5137] hub 4-1:0.0: config failed, can't read hub descriptor (err -22)
[  925.368494][T12703] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  925.440818][ T5137] usbhid 4-1:0.0: can't add hid device: -71
[  925.449621][ T5137] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  925.552796][ T5137] usb 4-1: USB disconnect, device number 4
[  926.326337][T12722] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'.
[  926.991042][ T4089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  926.999197][ T4089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  927.032607][T12730] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  927.224821][ T4181] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  927.233014][ T4181] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  928.182229][T12754] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  929.112991][T12763] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'.
[  929.150244][ T5137] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  929.425021][ T5137] usb 3-1: Using ep0 maxpacket: 32
[  929.582133][ T5137] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  929.593886][ T5137] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  929.606726][ T5137] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  929.617152][ T5137] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  929.672773][ T5137] usb 3-1: config 0 descriptor??
[  929.697749][T12759] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  929.742846][ T5137] hub 3-1:0.0: USB hub found
[  929.900404][T10655] Bluetooth: hci5: command 0x1003 tx timeout
[  929.907077][ T5074] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  930.080688][ T5137] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  930.188868][T12780] loop0: detected capacity change from 0 to 256
[  930.242527][T12780] FAT-fs (loop0): bogus logical sector size 0
[  930.248875][T12780] FAT-fs (loop0): Can't find a valid FAT filesystem
[  930.410648][ T5137] usbhid 3-1:0.0: can't add hid device: -71
[  930.417395][ T5137] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  930.482766][ T5137] usb 3-1: USB disconnect, device number 7
[  930.556323][T12785] netlink: 1272 bytes leftover after parsing attributes in process `syz-executor.0'.
[  930.605715][T12787] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  931.047388][T12792] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  931.679987][   T29] audit: type=1804 audit(1718198195.825:140): pid=12801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir3194435390/syzkaller.8nEUhw/75/bus" dev="sda1" ino=1958 res=1 errno=0
[  932.489704][T12822] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'.
[  932.865820][T10655] Bluetooth: hci0: command 0x0406 tx timeout
[  933.756056][T12840] loop1: detected capacity change from 0 to 1024
[  933.854714][   T13] Bluetooth: hci5: Frame reassembly failed (-84)
[  933.869312][T12840] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  933.980079][    T8] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  934.240417][    T8] usb 3-1: Using ep0 maxpacket: 32
[  934.281827][ T5067] Trying to write to read-only block-device loop1
[  934.293332][T12846] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  934.343227][ T5067] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.1: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  934.374266][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  934.385956][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  934.397622][    T8] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  934.407019][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  934.430712][ T5067] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.1: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  934.463151][    T8] usb 3-1: config 0 descriptor??
[  934.481914][T12842] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  934.506437][   T29] audit: type=1800 audit(1718198198.705:141): pid=12801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=1958 res=0 errno=0
[  934.512368][    T8] hub 3-1:0.0: USB hub found
[  934.909296][ T5067] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  934.929158][    T8] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  934.990079][ T6137] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  935.161360][ T6137] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  935.271985][    T8] usbhid 3-1:0.0: can't add hid device: -71
[  935.280742][    T8] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  935.335477][ T6137] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  935.392857][    T8] usb 3-1: USB disconnect, device number 8
[  935.767376][ T6137] bridge_slave_1: left allmulticast mode
[  935.774121][ T6137] bridge_slave_1: left promiscuous mode
[  935.780868][ T6137] bridge0: port 2(bridge_slave_1) entered disabled state
[  935.836533][ T6137] bridge_slave_0: left allmulticast mode
[  935.842669][ T6137] bridge_slave_0: left promiscuous mode
[  935.849262][ T6137] bridge0: port 1(bridge_slave_0) entered disabled state
[  935.907038][ T5074] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  935.910700][T10655] Bluetooth: hci5: command 0x1003 tx timeout
[  936.004427][ T6137] bond_slave_0: left promiscuous mode
[  936.010320][ T6137] bond_slave_1: left promiscuous mode
[  936.786809][T12867] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[  936.816886][ T6137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  936.913940][ T6137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  936.980956][ T6137] bond0 (unregistering): Released all slaves
[  937.002143][ T6137] bond1 (unregistering): Released all slaves
[  937.400480][ T6137] tipc: Left network mode
[  938.074875][T12877] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  938.106898][ T6137] hsr_slave_0: left promiscuous mode
[  938.151903][ T6137] hsr_slave_1: left promiscuous mode
[  938.198161][ T6137] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  938.207991][ T6137] batman_adv: batadv0: Removing interface: batadv_slave_0
[  938.300220][ T6137] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  938.308056][ T6137] batman_adv: batadv0: Removing interface: batadv_slave_1
[  938.406104][ T6137] veth1_macvtap: left promiscuous mode
[  938.412646][ T6137] veth0_macvtap: left promiscuous mode
[  938.418746][ T6137] veth1_vlan: left promiscuous mode
[  938.424396][ T6137] veth0_vlan: left promiscuous mode
[  939.197063][ T6137] team0 (unregistering): Port device team_slave_1 removed
[  939.277060][ T6137] team0 (unregistering): Port device team_slave_0 removed
[  939.473279][T12888] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  939.516632][ T4425] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  939.651004][ T4425] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  939.674597][ T4425] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  939.689219][ T4425] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  939.755523][ T4425] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  939.765087][ T4425] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  940.690118][ T9651] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  940.875324][T12894] chnl_net:caif_netlink_parms(): no params data found
[  940.952261][ T9651] usb 3-1: Using ep0 maxpacket: 32
[  940.986427][ T4089] Bluetooth: hci5: Frame reassembly failed (-84)
[  941.072009][ T9651] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  941.083684][ T9651] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  941.095549][ T9651] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  941.105055][ T9651] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  941.141030][ T9651] usb 3-1: config 0 descriptor??
[  941.161413][T12901] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  941.222829][ T9651] hub 3-1:0.0: USB hub found
[  941.522585][ T9651] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  941.801195][   T29] audit: type=1326 audit(1718198205.965:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12915 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741f579 code=0x7ffc0000
[  941.824644][   T29] audit: type=1326 audit(1718198205.965:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12915 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741f579 code=0x7ffc0000
[  941.850359][   T29] audit: type=1326 audit(1718198205.965:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12915 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf741f579 code=0x7ffc0000
[  941.850472][ T9651] usbhid 3-1:0.0: can't add hid device: -71
[  941.851121][ T9651] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  941.873504][   T29] audit: type=1326 audit(1718198205.975:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12915 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741f579 code=0x7ffc0000
[  941.873733][   T29] audit: type=1326 audit(1718198205.975:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12915 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf741f579 code=0x7ffc0000
[  941.873946][   T29] audit: type=1326 audit(1718198205.975:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12915 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741f579 code=0x7ffc0000
[  941.874156][   T29] audit: type=1326 audit(1718198205.975:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12915 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=175 compat=1 ip=0xf741f579 code=0x7ffc0000
[  941.883184][ T5074] Bluetooth: hci1: command tx timeout
[  941.889270][   T29] audit: type=1326 audit(1718198205.975:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12915 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741f579 code=0x7ffc0000
[  941.942009][ T9651] usb 3-1: USB disconnect, device number 9
[  941.960953][   T29] audit: type=1326 audit(1718198205.975:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12915 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741f579 code=0x7ffc0000
[  942.043241][   T29] audit: type=1326 audit(1718198205.985:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12915 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=151 compat=1 ip=0xf741f579 code=0x7ffc0000
[  942.509040][T12894] bridge0: port 1(bridge_slave_0) entered blocking state
[  942.517829][T12894] bridge0: port 1(bridge_slave_0) entered disabled state
[  942.525913][T12894] bridge_slave_0: entered allmulticast mode
[  942.535239][T12894] bridge_slave_0: entered promiscuous mode
[  942.649051][T12894] bridge0: port 2(bridge_slave_1) entered blocking state
[  942.661181][T12894] bridge0: port 2(bridge_slave_1) entered disabled state
[  942.669023][T12894] bridge_slave_1: entered allmulticast mode
[  942.681542][T12894] bridge_slave_1: entered promiscuous mode
[  942.883630][T12931] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'.
[  943.025361][ T5074] Bluetooth: hci5: command 0x1003 tx timeout
[  943.034280][ T4425] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  943.093117][T12894] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  943.231669][T12894] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  943.525819][T12894] team0: Port device team_slave_0 added
[  943.654652][T12894] team0: Port device team_slave_1 added
[  943.738462][T12940] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  943.918721][T12894] batman_adv: batadv0: Adding interface: batadv_slave_0
[  943.926041][T12894] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  943.952592][T12894] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  943.998993][ T4425] Bluetooth: hci1: command tx timeout
[  944.010794][T12894] batman_adv: batadv0: Adding interface: batadv_slave_1
[  944.018079][T12894] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  944.044422][T12894] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  944.260394][T12894] hsr_slave_0: entered promiscuous mode
[  944.278134][T12894] hsr_slave_1: entered promiscuous mode
[  944.445937][ T5123] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  944.466638][T12945] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  944.870358][ T5123] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  944.882371][ T5123] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  944.895879][ T5123] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  944.908176][ T5123] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  944.993968][ T5123] usb 5-1: config 0 descriptor??
[  945.098651][ T5123] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  946.010847][T12894] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  946.054685][T12894] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  946.063060][ T4425] Bluetooth: hci1: command tx timeout
[  946.091939][T12894] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  946.221851][T12894] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  946.800505][ T5123] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  947.024149][   T43] usb 5-1: USB disconnect, device number 9
[  947.060203][ T5123] usb 1-1: Using ep0 maxpacket: 32
[  947.131469][T12985] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.3'.
[  947.180689][ T5123] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  947.180884][ T5123] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  947.181113][ T5123] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  947.181265][ T5123] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  947.191431][ T5123] usb 1-1: config 0 descriptor??
[  947.231688][T12974] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  947.293127][    C1] vkms_vblank_simulate: vblank timer overrun
[  947.403233][ T5123] hub 1-1:0.0: USB hub found
[  947.746606][ T5123] hub 1-1:0.0: config failed, can't read hub descriptor (err -22)
[  947.917175][T12894] 8021q: adding VLAN 0 to HW filter on device bond0
[  948.063361][T12894] 8021q: adding VLAN 0 to HW filter on device team0
[  948.091213][ T5123] usbhid 1-1:0.0: can't add hid device: -71
[  948.098061][ T5123] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  948.143127][ T4425] Bluetooth: hci1: command tx timeout
[  948.155485][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  948.163436][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  948.222036][ T5123] usb 1-1: USB disconnect, device number 3
[  948.309429][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  948.317309][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  948.467585][T12995] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  948.609119][   T58] Bluetooth: hci5: Frame reassembly failed (-84)
[  949.132045][T13006] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  950.211695][T12894] 8021q: adding VLAN 0 to HW filter on device batadv0
[  950.620880][ T5074] Bluetooth: hci5: command 0x1003 tx timeout
[  950.627433][ T4425] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  950.812564][T12894] veth0_vlan: entered promiscuous mode
[  950.938831][T12894] veth1_vlan: entered promiscuous mode
[  951.279595][T12894] veth0_macvtap: entered promiscuous mode
[  951.382325][T12894] veth1_macvtap: entered promiscuous mode
[  951.481702][T13036] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[  951.677285][T12894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  951.688662][T12894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  951.698800][T12894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  951.709651][T12894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  951.719892][T12894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  951.730664][T12894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  951.741879][T12894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  951.752726][T12894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  951.764082][T12894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  951.775194][T12894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  951.790748][T12894] batman_adv: batadv0: Interface activated: batadv_slave_0
[  952.203390][T12894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  952.214396][T12894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  952.224551][T12894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  952.235309][T12894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  952.245576][T12894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  952.256349][T12894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  952.266536][T12894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  952.278425][T12894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  952.288978][T12894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  952.299737][T12894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  952.317798][T12894] batman_adv: batadv0: Interface activated: batadv_slave_1
[  952.649538][T12894] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  952.659042][T12894] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  952.668236][T12894] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  952.677516][T12894] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  953.232433][T13053] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  953.434748][ T9651] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  953.731620][ T9651] usb 5-1: Using ep0 maxpacket: 32
[  953.871090][ T9651] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  953.882796][ T9651] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  953.894581][ T9651] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  953.906011][ T9651] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  953.948925][ T9651] usb 5-1: config 0 descriptor??
[  953.973733][T13052] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  954.077807][ T9651] hub 5-1:0.0: USB hub found
[  954.371511][ T9651] hub 5-1:0.0: config failed, can't read hub descriptor (err -22)
[  954.615341][T13070] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  954.751299][ T9651] usbhid 5-1:0.0: can't add hid device: -71
[  954.758053][ T9651] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  954.861681][ T9651] usb 5-1: USB disconnect, device number 10
[  956.176549][ T4181] Bluetooth: hci5: Frame reassembly failed (-84)
[  956.405273][ T1230] ieee802154 phy0 wpan0: encryption failed: -22
[  956.421225][T13096] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[  957.652844][T13110] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  958.143559][T13113] loop2: detected capacity change from 0 to 2048
[  958.220372][ T5074] Bluetooth: hci5: command 0x1003 tx timeout
[  958.227518][ T4425] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  958.253648][ T4089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  958.262401][ T4089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  958.303789][T13113] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  958.449202][ T4089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  958.458397][ T4089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  958.491357][T13117] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  960.084122][T13139] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  960.180504][   T43] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  960.432592][   T43] usb 4-1: Using ep0 maxpacket: 32
[  960.614082][T13152] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[  960.630517][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  960.642148][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  960.653751][   T43] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  960.663253][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  960.750683][   T43] usb 4-1: config 0 descriptor??
[  960.781617][T13130] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  960.812504][   T43] hub 4-1:0.0: USB hub found
[  961.226846][   T43] hub 4-1:0.0: config failed, can't read hub descriptor (err -22)
[  961.560753][   T43] usbhid 4-1:0.0: can't add hid device: -71
[  961.567525][   T43] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  961.631350][T13162] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  961.661676][   T43] usb 4-1: USB disconnect, device number 5
[  962.926730][T13184] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  963.424302][T13193] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[  963.764706][T13197] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  963.844889][T13200] loop3: detected capacity change from 0 to 47
[  964.102970][T13200] syz-executor.3: attempt to access beyond end of device
[  964.102970][T13200] loop3: rw=2049, sector=48, nr_sectors = 2 limit=47
[  964.117768][T13200] Buffer I/O error on dev loop3, logical block 24, lost async page write
[  964.126635][T13200] syz-executor.3: attempt to access beyond end of device
[  964.126635][T13200] loop3: rw=2049, sector=50, nr_sectors = 2 limit=47
[  964.140740][T13200] Buffer I/O error on dev loop3, logical block 25, lost async page write
[  964.150274][ T5074] Bluetooth: hci5: command 0x1003 tx timeout
[  964.159432][ T4425] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  964.288804][T13203] syz-executor.3: attempt to access beyond end of device
[  964.288804][T13203] loop3: rw=2049, sector=52, nr_sectors = 2 limit=47
[  964.630577][   T43] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  964.890724][   T43] usb 3-1: Using ep0 maxpacket: 32
[  965.041272][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  965.052969][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  965.064754][   T43] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  965.074172][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  965.111768][   T43] usb 3-1: config 0 descriptor??
[  965.144129][T13204] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  965.204737][   T43] hub 3-1:0.0: USB hub found
[  965.490419][   T43] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  965.846980][T13224] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  966.036141][   T43] usbhid 3-1:0.0: can't add hid device: -71
[  966.043267][   T43] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  966.146036][T13230] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  966.167748][   T43] usb 3-1: USB disconnect, device number 10
[  967.471983][T13248] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[  968.481264][T13263] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  968.757778][T13268] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  969.246543][   T10] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  969.531060][   T10] usb 4-1: Using ep0 maxpacket: 32
[  969.665146][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  969.676904][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  969.690330][   T10] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  969.699660][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  969.761994][   T10] usb 4-1: config 0 descriptor??
[  969.789703][T13274] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  969.872630][   T10] hub 4-1:0.0: USB hub found
[  970.000146][T13287] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  970.266682][   T10] hub 4-1:0.0: config failed, can't read hub descriptor (err -22)
[  970.861265][   T10] usbhid 4-1:0.0: can't add hid device: -71
[  970.867933][   T10] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  970.916835][T13303] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[  970.982505][   T10] usb 4-1: USB disconnect, device number 6
[  971.466027][T13307] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  971.640653][T13309] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  972.050704][T13313] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  972.502581][T13317] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  973.703825][T13351] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[  973.890280][ T9651] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  974.170453][ T9651] usb 2-1: Using ep0 maxpacket: 32
[  974.301875][ T9651] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  974.314210][ T9651] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  974.326052][ T9651] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  974.335611][ T9651] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  974.391087][ T9651] usb 2-1: config 0 descriptor??
[  974.411988][T13356] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  974.424750][T13347] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  974.472485][ T9651] hub 2-1:0.0: USB hub found
[  974.791654][ T9651] hub 2-1:0.0: config failed, can't read hub descriptor (err -22)
[  975.282601][T13366] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  975.350582][ T9651] usbhid 2-1:0.0: can't add hid device: -71
[  975.357325][ T9651] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  975.441697][ T9651] usb 2-1: USB disconnect, device number 6
[  976.291955][T13372] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  977.749111][T13392] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  977.878369][T13393] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[  978.880839][   T25] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  979.091340][ T9651] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  979.120073][   T25] usb 5-1: Using ep0 maxpacket: 8
[  979.251287][   T25] usb 5-1: config 0 has an invalid interface number: 52 but max is 0
[  979.260025][   T25] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  979.270586][   T25] usb 5-1: config 0 has no interface number 0
[  979.276927][   T25] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  979.288321][   T25] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[  979.298564][   T25] usb 5-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  979.314148][   T25] usb 5-1: config 0 interface 52 has no altsetting 0
[  979.321666][   T25] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[  979.331165][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  979.367899][ T9651] usb 1-1: Using ep0 maxpacket: 32
[  979.374801][   T25] usb 5-1: config 0 descriptor??
[  979.492323][T13413] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  979.512149][ T9651] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  979.525462][ T9651] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  979.537472][ T9651] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  979.547059][ T9651] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  979.573203][ T9651] usb 1-1: config 0 descriptor??
[  979.598305][T13407] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  979.654496][   T25] usb 5-1: Can not set alternate setting to 1, error: -71
[  979.656696][ T9651] hub 1-1:0.0: USB hub found
[  979.662096][   T25] synaptics_usb 5-1:0.52: probe with driver synaptics_usb failed with error -71
[  979.675086][   T25] usb 5-1: USB disconnect, device number 11
[  979.991402][ T9651] hub 1-1:0.0: config failed, can't read hub descriptor (err -22)
[  980.310712][ T9651] hid-generic 0003:046D:C314.0001: hidraw0: USB HID v8.00 Device [HID 046d:c314] on usb-dummy_hcd.0-1/input0
[  980.632845][    T8] usb 1-1: USB disconnect, device number 4
[  980.752099][T13427] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  981.662034][T13443] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'.
[  982.293926][T13454] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  983.022448][T13464] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  983.091264][    T8] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  983.350123][    T8] usb 5-1: Using ep0 maxpacket: 8
[  983.467171][   T25] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  983.475389][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  983.486672][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  983.497245][    T8] usb 5-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  983.508521][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  983.552196][    T8] usb 5-1: config 0 descriptor??
[  983.730319][   T25] usb 3-1: Using ep0 maxpacket: 32
[  983.861193][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  983.873063][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  983.884718][   T25] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  983.894171][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  983.952125][   T25] usb 3-1: config 0 descriptor??
[  983.971554][T13470] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  983.997478][   T25] hub 3-1:0.0: USB hub found
[  984.015622][    T8] hid-picolcd 0003:04D8:F002.0002: unknown main item tag 0x0
[  984.027687][    T8] hid-picolcd 0003:04D8:F002.0002: unknown main item tag 0x0
[  984.157437][    T8] hid-picolcd 0003:04D8:F002.0002: No report with id 0xf3 found
[  984.166752][    T8] hid-picolcd 0003:04D8:F002.0002: No report with id 0xf4 found
[  984.340579][   T25] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  984.710882][   T25] hid-generic 0003:046D:C314.0003: hidraw0: USB HID v8.00 Device [HID 046d:c314] on usb-dummy_hcd.2-1/input0
[  984.888885][    T8] usb 5-1: USB disconnect, device number 12
[  984.981192][ T5123] usb 3-1: USB disconnect, device number 11
[  985.193956][T13487] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'.
[  986.068599][T13498] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  988.301810][ T5123] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  988.601610][T13535] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[  988.612499][ T5123] usb 2-1: Using ep0 maxpacket: 32
[  988.734103][ T5123] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  988.745833][ T5123] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  988.757535][ T5123] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  988.767176][ T5123] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  988.853021][ T5123] usb 2-1: config 0 descriptor??
[  988.881612][T13525] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  988.938571][ T5123] hub 2-1:0.0: USB hub found
[  989.301111][ T5123] hub 2-1:0.0: config failed, can't read hub descriptor (err -22)
[  989.723584][ T5123] hid-generic 0003:046D:C314.0004: hidraw0: USB HID v8.00 Device [HID 046d:c314] on usb-dummy_hcd.1-1/input0
[  989.991739][   T43] usb 2-1: USB disconnect, device number 7
[  990.023870][T13554] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  991.651714][T13583] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[  994.813234][T13626] syz-executor.0[13626] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  994.813631][T13626] syz-executor.0[13626] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  995.338198][T13633] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'.
[  998.367288][T13687] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'.
[  998.521499][T13689] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1001.068565][T13730] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1003.460210][T13762] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1004.477086][T13780] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1006.474674][T13811] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1007.347053][T13820] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1009.759152][T13858] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1009.915143][T13862] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1011.339214][T13881] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1012.042857][T13897] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1012.716329][T13906] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1015.205733][T13937] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1015.295637][T13942] syz-executor.4: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1015.312933][T13942] CPU: 0 PID: 13942 Comm: syz-executor.4 Not tainted 6.9.0-syzkaller-02339-g101b7a97143a #0
[ 1015.323292][T13942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1015.333609][T13942] Call Trace:
[ 1015.337001][T13942]  <TASK>
[ 1015.340051][T13942]  dump_stack_lvl+0x216/0x2d0
[ 1015.344976][T13942]  dump_stack+0x1e/0x30
[ 1015.349315][T13942]  warn_alloc+0x455/0x650
[ 1015.353888][T13942]  ? __vmalloc_node_range+0xd6/0x28b0
[ 1015.359544][T13942]  __vmalloc_node_range+0x130/0x28b0
[ 1015.365030][T13942]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1015.371012][T13942]  ? should_fail_ex+0x4a/0x800
[ 1015.375945][T13942]  ? kmsan_get_metadata+0x146/0x1d0
[ 1015.381397][T13942]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1015.387373][T13942]  ? kmsan_get_metadata+0x146/0x1d0
[ 1015.392729][T13942]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1015.398779][T13942]  vmalloc_user+0x90/0xb0
[ 1015.403314][T13942]  ? xskq_create+0x105/0x270
[ 1015.408107][T13942]  xskq_create+0x105/0x270
[ 1015.412730][T13942]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1015.418712][T13942]  xsk_init_queue+0x115/0x1f0
[ 1015.423598][T13942]  xsk_setsockopt+0x882/0xcc0
[ 1015.428470][T13942]  do_sock_setsockopt+0x4bb/0x7d0
[ 1015.433671][T13942]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1015.439073][T13942]  __sys_setsockopt+0x33a/0x4b0
[ 1015.444125][T13942]  __ia32_sys_setsockopt+0xe2/0x160
[ 1015.449505][T13942]  ia32_sys_call+0x25f3/0x40a0
[ 1015.454467][T13942]  __do_fast_syscall_32+0xb4/0x120
[ 1015.459801][T13942]  ? irqentry_exit+0x16/0x60
[ 1015.464625][T13942]  do_fast_syscall_32+0x38/0x80
[ 1015.469667][T13942]  do_SYSENTER_32+0x1f/0x30
[ 1015.474401][T13942]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1015.480942][T13942] RIP: 0023:0xf741f579
[ 1015.485164][T13942] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1015.504975][T13942] RSP: 002b:00000000f5ea85ac EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[ 1015.513598][T13942] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000011b
[ 1015.521734][T13942] RDX: 0000000000000003 RSI: 00000000200033c0 RDI: 0000000000000020
[ 1015.529871][T13942] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1015.538008][T13942] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1015.546314][T13942] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1015.554440][T13942]  </TASK>
[ 1015.561059][T13942] Mem-Info:
[ 1015.564391][T13942] active_anon:17312 inactive_anon:8 isolated_anon:0
[ 1015.564391][T13942]  active_file:0 inactive_file:46910 isolated_file:0
[ 1015.564391][T13942]  unevictable:768 dirty:23 writeback:0
[ 1015.564391][T13942]  slab_reclaimable:4439 slab_unreclaimable:23626
[ 1015.564391][T13942]  mapped:20988 shmem:4460 pagetables:616
[ 1015.564391][T13942]  sec_pagetables:0 bounce:0
[ 1015.564391][T13942]  kernel_misc_reclaimable:0
[ 1015.564391][T13942]  free:399666 free_pcp:3915 free_cma:0
[ 1015.611752][T13942] Node 0 active_anon:69248kB inactive_anon:32kB active_file:0kB inactive_file:187564kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:83952kB dirty:92kB writeback:0kB shmem:16304kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4784kB pagetables:2464kB sec_pagetables:0kB all_unreclaimable? no
[ 1015.645526][T13942] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:0kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1015.677371][T13942] Node 0 DMA free:4096kB boost:0kB min:160kB low:200kB high:240kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:4096kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1015.705338][T13942] lowmem_reserve[]: 0 895 1208 1208 1208
[ 1015.711789][T13942] Node 0 DMA32 free:588972kB boost:0kB min:36112kB low:45140kB high:54168kB reserved_highatomic:0KB active_anon:30884kB inactive_anon:32kB active_file:0kB inactive_file:99640kB unevictable:0kB writepending:80kB present:3129332kB managed:955564kB mlocked:0kB bounce:0kB free_pcp:14004kB local_pcp:7560kB free_cma:0kB
[ 1015.742337][T13942] lowmem_reserve[]: 0 0 313 313 313
[ 1015.748089][T13942] Node 0 Normal free:15548kB boost:0kB min:12648kB low:15808kB high:18968kB reserved_highatomic:0KB active_anon:38364kB inactive_anon:0kB active_file:0kB inactive_file:87924kB unevictable:1536kB writepending:12kB present:1048576kB managed:321032kB mlocked:0kB bounce:0kB free_pcp:1632kB local_pcp:556kB free_cma:0kB
[ 1015.779353][T13942] lowmem_reserve[]: 0 0 0 0 0
[ 1015.785017][T13942] Node 1 Normal free:990048kB boost:0kB min:41188kB low:51484kB high:61780kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194304kB managed:1045460kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1015.814554][T13942] lowmem_reserve[]: 0 0 0 0 0
[ 1015.819928][T13942] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 1*4096kB (M) = 4096kB
[ 1015.833064][T13942] Node 0 DMA32: 7*4kB (ME) 26*8kB (UME) 16*16kB (UE) 130*32kB (UME) 108*64kB (UME) 39*128kB (UME) 12*256kB (ME) 24*512kB (UME) 28*1024kB (UM) 2*2048kB (ME) 128*4096kB (UM) = 588972kB
[ 1015.853062][T13942] Node 0 Normal: 43*4kB (UME) 36*8kB (UME) 49*16kB (UME) 41*32kB (UME) 13*64kB (UME) 7*128kB (UME) 8*256kB (UME) 10*512kB (UM) 2*1024kB (ME) 1*2048kB (U) 0*4096kB = 15548kB
[ 1015.873174][T13942] Node 1 Normal: 2*4kB (UM) 1*8kB (U) 9*16kB (UM) 6*32kB (U) 8*64kB (UM) 8*128kB (UM) 4*256kB (UM) 2*512kB (UM) 1*1024kB (U) 3*2048kB (U) 239*4096kB (UM) = 990048kB
[ 1015.891905][T13942] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1015.902017][T13942] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1015.911677][T13942] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1015.921794][T13942] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1015.931549][T13942] 51346 total pagecache pages
[ 1015.936415][T13942] 8 pages in swap cache
[ 1015.940853][T13942] Free swap  = 124468kB
[ 1015.945251][T13942] Total swap = 124996kB
[ 1015.949679][T13942] 2097051 pages RAM
[ 1015.953794][T13942] 0 pages HighMem/MovableOnly
[ 1015.958641][T13942] 1515513 pages reserved
[ 1015.963192][T13942] 0 pages cma reserved
[ 1016.065725][T13948] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
[ 1016.417579][T13953] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1017.841434][ T1230] ieee802154 phy0 wpan0: encryption failed: -22
[ 1018.243785][T13984] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1018.621232][ T4425] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1019.337060][T13994] loop1: detected capacity change from 0 to 512
[ 1019.394837][T13993] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1020.976034][T14013] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1021.686131][T14024] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1022.702394][ T4425] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[ 1022.710064][ T4425] Bluetooth: hci0: command 0x0406 tx timeout
[ 1022.741145][T14037] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[ 1022.776864][T14037] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 1023.980421][ T5074] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1024.103095][T14048] loop2: detected capacity change from 0 to 4096
[ 1024.170691][T14048] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[ 1024.385960][T14048] ntfs3: loop2: Failed to initialize $Extend/$Reparse.
[ 1024.677859][T11201] ntfs3: loop2: ino=1a, ntfs_sync_fs failed, -22.
[ 1024.686137][T11201] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[ 1024.930209][T14058] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1025.020613][ T5074] Bluetooth: hci2: command 0x0406 tx timeout
[ 1025.648315][T14071] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1025.653833][T14074] loop3: detected capacity change from 0 to 256
[ 1027.218853][T14090] IPVS: Error connecting to the multicast addr
[ 1027.259354][T14091] tipc: Started in network mode
[ 1027.265526][T14091] tipc: Node identity 64010101, cluster identity 4711
[ 1027.272829][T14091] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1028.352154][ T4089] Bluetooth: hci5: Frame reassembly failed (-84)
[ 1029.851664][T14108] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1030.108708][T14111] ipip0: entered promiscuous mode
[ 1030.384761][ T5074] Bluetooth: hci5: command 0x1003 tx timeout
[ 1030.391339][T10655] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1030.881464][T14119] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1032.060404][ T5123] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[ 1032.521209][ T5123] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1032.533096][ T5123] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1032.571662][T14150] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1032.581848][T14150] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[ 1032.866199][ T5123] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1032.875802][ T5123] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1032.884174][ T5123] usb 4-1: Product: syz
[ 1032.888557][ T5123] usb 4-1: Manufacturer: syz
[ 1032.893480][ T5123] usb 4-1: SerialNumber: syz
[ 1033.143931][T14156] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1033.835675][   T25] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[ 1034.100230][   T25] usb 5-1: Using ep0 maxpacket: 8
[ 1034.180765][ T5123] cdc_ncm 4-1:1.0: bind() failure
[ 1034.253757][ T5123] cdc_ncm 4-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1034.263759][   T25] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 1034.272188][   T25] usb 5-1: config 0 has no interface number 0
[ 1034.278527][   T25] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1034.289219][   T25] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1034.301069][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1034.362100][ T5123] cdc_mbim 4-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1034.378442][   T25] usb 5-1: config 0 descriptor??
[ 1034.423247][ T5123] usbtest 4-1:1.1: probe with driver usbtest failed with error -71
[ 1034.475514][   T25] iowarrior 5-1:0.1: no interrupt-in endpoint found
[ 1034.491574][ T5123] usb 4-1: USB disconnect, device number 7
[ 1034.645726][   T25] usb 5-1: USB disconnect, device number 13
[ 1036.979531][   T25] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[ 1037.250784][   T25] usb 1-1: Using ep0 maxpacket: 32
[ 1037.328580][T14195] loop1: detected capacity change from 0 to 4096
[ 1037.380356][   T25] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1037.583442][   T25] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1037.593085][   T25] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1037.601681][   T25] usb 1-1: Product: syz
[ 1037.606066][   T25] usb 1-1: Manufacturer: syz
[ 1037.611100][   T25] usb 1-1: SerialNumber: syz
[ 1037.672614][T14202] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1037.722779][   T25] usb 1-1: config 0 descriptor??
[ 1037.788911][T14192] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1038.134958][   T25] usb 1-1: USB disconnect, device number 5
[ 1042.683821][T14247] bridge0: port 3(team0) entered blocking state
[ 1042.691175][T14247] bridge0: port 3(team0) entered disabled state
[ 1042.701537][T14247] team0: entered allmulticast mode
[ 1042.706920][T14247] team_slave_0: entered allmulticast mode
[ 1042.713152][T14247] team_slave_1: entered allmulticast mode
[ 1042.724809][T14247] team0: entered promiscuous mode
[ 1042.730225][T14247] team_slave_0: entered promiscuous mode
[ 1042.737058][T14247] team_slave_1: entered promiscuous mode
[ 1042.746507][T14247] bridge0: port 3(team0) entered blocking state
[ 1042.753687][T14247] bridge0: port 3(team0) entered forwarding state
[ 1042.813628][T14250] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1045.025829][T14279] loop0: detected capacity change from 0 to 2048
[ 1045.172536][T14279] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1045.189700][T14279] ext4 filesystem being mounted at /root/syzkaller-testdir3194435390/syzkaller.8nEUhw/170/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1045.478657][T14279] fscrypt (loop0, inode 13): Error -61 getting encryption context
[ 1045.774614][T11323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1047.002179][T14297] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1049.599971][T14327] loop4: detected capacity change from 0 to 2048
[ 1049.801913][T14327] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1049.814699][T14327] ext4 filesystem being mounted at /root/syzkaller-testdir2591400339/syzkaller.UXpqdj/106/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1049.991270][T14327] fscrypt (loop4, inode 13): Error -61 getting encryption context
[ 1050.244232][T12379] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1050.261609][T14338] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[ 1051.057906][T14344] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1051.831112][    T8] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 1052.090404][    T8] usb 4-1: device descriptor read/64, error -71
[ 1052.382192][    T8] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 1052.660585][    T8] usb 4-1: device descriptor read/64, error -71
[ 1052.810509][    T8] usb usb4-port1: attempt power cycle
[ 1053.317994][    T8] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1053.450468][    T8] usb 4-1: device descriptor read/8, error -71
[ 1053.559668][T14375] loop1: detected capacity change from 0 to 2048
[ 1053.723529][    T8] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1053.830393][    T8] usb 4-1: device descriptor read/8, error -71
[ 1053.960791][    T8] usb usb4-port1: unable to enumerate USB device
[ 1054.454471][T14385] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1056.622578][T14413] loop0: detected capacity change from 0 to 2048
[ 1056.740623][T14413] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1056.753468][T14413] ext4 filesystem being mounted at /root/syzkaller-testdir3194435390/syzkaller.8nEUhw/181/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1057.011159][T14413] fscrypt (loop0, inode 13): Error -61 getting encryption context
[ 1057.155025][   T25] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[ 1057.286652][T11323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1057.564176][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1057.575712][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1057.587743][   T25] usb 2-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00
[ 1057.597536][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1057.697050][   T43] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[ 1057.707364][   T25] usb 2-1: config 0 descriptor??
[ 1057.910029][   T43] usb 5-1: device descriptor read/64, error -71
[ 1058.174112][T14433] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1058.190563][   T43] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[ 1058.283800][   T25] wacom 0003:056A:00D0.0005: Unknown device_type for 'HID 056a:00d0'. Assuming pen.
[ 1058.334970][   T25] wacom 0003:056A:00D0.0005: hidraw0: USB HID v0.00 Device [HID 056a:00d0] on usb-dummy_hcd.1-1/input0
[ 1058.348975][   T25] input: Wacom Bamboo 2FG Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:00D0.0005/input/input13
[ 1058.460391][   T43] usb 5-1: device descriptor read/64, error -71
[ 1058.584552][   T43] usb usb5-port1: attempt power cycle
[ 1058.662432][   T25] usb 2-1: USB disconnect, device number 8
[ 1059.024555][   T43] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 1059.141583][   T43] usb 5-1: device descriptor read/8, error -71
[ 1059.144479][   T58] =====================================================
[ 1059.155217][   T58] BUG: KMSAN: uninit-value in virtqueue_add+0x1e86/0x65c0
[ 1059.162535][   T58]  virtqueue_add+0x1e86/0x65c0
[ 1059.167479][   T58]  virtqueue_add_sgs+0x186/0x1b0
[ 1059.172606][   T58]  virtscsi_add_cmd+0x838/0xad0
[ 1059.177625][   T58]  virtscsi_queuecommand+0x898/0xa60
[ 1059.183080][   T58]  scsi_queue_rq+0x4cc7/0x5a80
[ 1059.188181][   T58]  blk_mq_dispatch_rq_list+0x79b/0x3440
[ 1059.193922][   T58]  __blk_mq_sched_dispatch_requests+0x11b7/0x26e0
[ 1059.200548][   T58]  blk_mq_sched_dispatch_requests+0x12f/0x270
[ 1059.206804][   T58]  blk_mq_run_hw_queue+0x6e4/0xbc0
[ 1059.212094][   T58]  blk_mq_flush_plug_list+0x1683/0x2b20
[ 1059.217831][   T58]  blk_add_rq_to_plug+0x2c6/0x970
[ 1059.223030][   T58]  blk_mq_submit_bio+0x26e8/0x3390
[ 1059.228337][   T58]  __submit_bio+0x3b9/0xb60
[ 1059.232976][   T58]  submit_bio_noacct_nocheck+0x148c/0x1800
[ 1059.238978][   T58]  submit_bio_noacct+0x1bd8/0x27f0
[ 1059.244277][   T58]  submit_bio+0x58a/0x5b0
[ 1059.248783][   T58]  ext4_bio_write_folio+0x1e76/0x2e40
[ 1059.254430][   T58]  mpage_submit_folio+0x351/0x4a0
[ 1059.259613][   T58]  ext4_do_writepages+0x3733/0x62e0
[ 1059.264963][   T58]  ext4_writepages+0x312/0x830
[ 1059.269891][   T58]  do_writepages+0x427/0xc30
[ 1059.274629][   T58]  __writeback_single_inode+0x10d/0x12c0
[ 1059.280414][   T58]  writeback_sb_inodes+0xc95/0x1e00
[ 1059.285755][   T58]  wb_writeback+0x4df/0xea0
[ 1059.290393][   T58]  wb_workfn+0x40b/0x1940
[ 1059.294896][   T58]  process_scheduled_works+0xa81/0x1bd0
[ 1059.300620][   T58]  worker_thread+0xea5/0x1560
[ 1059.305452][   T58]  kthread+0x3e2/0x540
[ 1059.309692][   T58]  ret_from_fork+0x6d/0x90
[ 1059.314254][   T58]  ret_from_fork_asm+0x1a/0x30
[ 1059.319188][   T58] 
[ 1059.321581][   T58] Uninit was stored to memory at:
[ 1059.326901][   T58]  copy_page_from_iter_atomic+0x12b7/0x2ae0
[ 1059.332990][   T58]  generic_perform_write+0x4c1/0xc60
[ 1059.338467][   T58]  ext4_buffered_write_iter+0x564/0xaa0
[ 1059.344172][   T58]  ext4_file_write_iter+0x208/0x3450
[ 1059.349599][   T58]  __kernel_write_iter+0x64d/0xc80
[ 1059.354899][   T58]  dump_user_range+0x8dc/0xee0
[ 1059.359843][   T58]  elf_core_dump+0x59f5/0x5d50
[ 1059.364783][   T58]  do_coredump+0x32d5/0x4920
[ 1059.369527][   T58]  get_signal+0x267e/0x2d00
[ 1059.374184][   T58]  arch_do_signal_or_restart+0x53/0xcb0
[ 1059.379928][   T58]  syscall_exit_to_user_mode+0x5d/0x160
[ 1059.385656][   T58]  __do_fast_syscall_32+0xc4/0x120
[ 1059.390955][   T58]  do_fast_syscall_32+0x38/0x80
[ 1059.396102][   T58]  do_SYSENTER_32+0x1f/0x30
[ 1059.400776][   T58]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1059.407298][   T58] 
[ 1059.409710][   T58] Uninit was created at:
[ 1059.414187][   T58]  __alloc_pages+0x9d6/0xe70
[ 1059.418940][   T58]  alloc_pages_mpol+0x299/0x990
[ 1059.424050][   T58]  alloc_pages+0x1bf/0x1e0
[ 1059.428624][   T58]  dump_user_range+0x4a/0xee0
[ 1059.433468][   T58]  elf_core_dump+0x59f5/0x5d50
[ 1059.438499][   T58]  do_coredump+0x32d5/0x4920
[ 1059.443246][   T58]  get_signal+0x267e/0x2d00
[ 1059.447991][   T58]  arch_do_signal_or_restart+0x53/0xcb0
[ 1059.453734][   T58]  syscall_exit_to_user_mode+0x5d/0x160
[ 1059.459449][   T58]  __do_fast_syscall_32+0xc4/0x120
[ 1059.464734][   T58]  do_fast_syscall_32+0x38/0x80
[ 1059.469759][   T58]  do_SYSENTER_32+0x1f/0x30
[ 1059.474435][   T58]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1059.480960][   T58] 
[ 1059.483353][   T58] Bytes 0-4095 of 4096 are uninitialized
[ 1059.489081][   T58] Memory access of size 4096 starts at ffff88813e7d4000
[ 1059.496120][   T58] 
[ 1059.498513][   T58] CPU: 0 PID: 58 Comm: kworker/u8:3 Not tainted 6.9.0-syzkaller-02339-g101b7a97143a #0
[ 1059.508296][   T58] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1059.518574][   T58] Workqueue: writeback wb_workfn (flush-8:0)
[ 1059.524784][   T58] =====================================================
[ 1059.531799][   T58] Disabling lock debugging due to kernel taint
[ 1059.538031][   T58] Kernel panic - not syncing: kmsan.panic set ...
[ 1059.544536][   T58] CPU: 0 PID: 58 Comm: kworker/u8:3 Tainted: G    B              6.9.0-syzkaller-02339-g101b7a97143a #0
[ 1059.555797][   T58] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1059.565975][   T58] Workqueue: writeback wb_workfn (flush-8:0)
[ 1059.572272][   T58] Call Trace:
[ 1059.575640][   T58]  <TASK>
[ 1059.578655][   T58]  dump_stack_lvl+0x216/0x2d0
[ 1059.583530][   T58]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1059.589507][   T58]  dump_stack+0x1e/0x30
[ 1059.593827][   T58]  panic+0x4e2/0xcd0
[ 1059.597894][   T58]  ? kmsan_get_metadata+0xf1/0x1d0
[ 1059.603192][   T58]  kmsan_report+0x2d5/0x2e0
[ 1059.607884][   T58]  ? stack_depot_save_flags+0x66d/0x6e0
[ 1059.613608][   T58]  ? kmsan_internal_set_shadow_origin+0x66/0xe0
[ 1059.620068][   T58]  ? kmsan_internal_check_memory+0x48c/0x560
[ 1059.626263][   T58]  ? kmsan_handle_dma+0xac/0xc0
[ 1059.631272][   T58]  ? virtqueue_add+0x1e86/0x65c0
[ 1059.636390][   T58]  ? virtqueue_add_sgs+0x186/0x1b0
[ 1059.641670][   T58]  ? virtscsi_add_cmd+0x838/0xad0
[ 1059.646954][   T58]  ? virtscsi_queuecommand+0x898/0xa60
[ 1059.652586][   T58]  ? scsi_queue_rq+0x4cc7/0x5a80
[ 1059.657679][   T58]  ? blk_mq_dispatch_rq_list+0x79b/0x3440
[ 1059.663597][   T58]  ? __blk_mq_sched_dispatch_requests+0x11b7/0x26e0
[ 1059.670399][   T58]  ? blk_mq_sched_dispatch_requests+0x12f/0x270
[ 1059.676835][   T58]  ? blk_mq_run_hw_queue+0x6e4/0xbc0
[ 1059.682319][   T58]  ? blk_mq_flush_plug_list+0x1683/0x2b20
[ 1059.688239][   T58]  ? blk_add_rq_to_plug+0x2c6/0x970
[ 1059.693627][   T58]  ? blk_mq_submit_bio+0x26e8/0x3390
[ 1059.699130][   T58]  ? __submit_bio+0x3b9/0xb60
[ 1059.703950][   T58]  ? submit_bio_noacct_nocheck+0x148c/0x1800
[ 1059.710130][   T58]  ? submit_bio_noacct+0x1bd8/0x27f0
[ 1059.715600][   T58]  ? submit_bio+0x58a/0x5b0
[ 1059.720279][   T58]  ? ext4_bio_write_folio+0x1e76/0x2e40
[ 1059.726032][   T58]  ? mpage_submit_folio+0x351/0x4a0
[ 1059.731406][   T58]  ? ext4_do_writepages+0x3733/0x62e0
[ 1059.736935][   T58]  ? ext4_writepages+0x312/0x830
[ 1059.742041][   T58]  ? do_writepages+0x427/0xc30
[ 1059.747058][   T58]  ? __writeback_single_inode+0x10d/0x12c0
[ 1059.753027][   T58]  ? writeback_sb_inodes+0xc95/0x1e00
[ 1059.758636][   T58]  ? wb_writeback+0x4df/0xea0
[ 1059.763452][   T58]  ? wb_workfn+0x40b/0x1940
[ 1059.768138][   T58]  ? process_scheduled_works+0xa81/0x1bd0
[ 1059.774023][   T58]  ? worker_thread+0xea5/0x1560
[ 1059.779033][   T58]  ? kthread+0x3e2/0x540
[ 1059.783453][   T58]  ? ret_from_fork+0x6d/0x90
[ 1059.788220][   T58]  ? ret_from_fork_asm+0x1a/0x30
[ 1059.793347][   T58]  ? ext4_do_writepages+0x3733/0x62e0
[ 1059.798872][   T58]  ? ext4_writepages+0x312/0x830
[ 1059.803982][   T58]  ? do_writepages+0x427/0xc30
[ 1059.808892][   T58]  ? __writeback_single_inode+0x10d/0x12c0
[ 1059.814875][   T58]  ? writeback_sb_inodes+0xc95/0x1e00
[ 1059.820418][   T58]  ? wb_writeback+0x4df/0xea0
[ 1059.825326][   T58]  ? wb_workfn+0x40b/0x1940
[ 1059.830009][   T58]  ? process_scheduled_works+0xa81/0x1bd0
[ 1059.835896][   T58]  ? worker_thread+0xea5/0x1560
[ 1059.840907][   T58]  ? kthread+0x3e2/0x540
[ 1059.845319][   T58]  ? ret_from_fork+0x6d/0x90
[ 1059.850077][   T58]  ? ret_from_fork_asm+0x1a/0x30
[ 1059.855199][   T58]  ? should_fail_ex+0x4a/0x800
[ 1059.860131][   T58]  ? kmsan_get_metadata+0x146/0x1d0
[ 1059.865486][   T58]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1059.871474][   T58]  kmsan_internal_check_memory+0x48c/0x560
[ 1059.877505][   T58]  kmsan_handle_dma+0xac/0xc0
[ 1059.882418][   T58]  virtqueue_add+0x1e86/0x65c0
[ 1059.887360][   T58]  ? kmsan_get_metadata+0x146/0x1d0
[ 1059.892725][   T58]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1059.898699][   T58]  ? kmsan_get_metadata+0x146/0x1d0
[ 1059.904066][   T58]  ? kmsan_get_metadata+0x146/0x1d0
[ 1059.909428][   T58]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1059.915433][   T58]  virtqueue_add_sgs+0x186/0x1b0
[ 1059.920559][   T58]  virtscsi_add_cmd+0x838/0xad0
[ 1059.925573][   T58]  ? kmsan_get_metadata+0x146/0x1d0
[ 1059.930969][   T58]  virtscsi_queuecommand+0x898/0xa60
[ 1059.936438][   T58]  ? __pfx_virtscsi_queuecommand+0x10/0x10
[ 1059.942413][   T58]  scsi_queue_rq+0x4cc7/0x5a80
[ 1059.947376][   T58]  ? __pfx_scsi_queue_rq+0x10/0x10
[ 1059.952648][   T58]  blk_mq_dispatch_rq_list+0x79b/0x3440
[ 1059.958404][   T58]  ? sbitmap_get+0x431/0x670
[ 1059.963242][   T58]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1059.969344][   T58]  ? dd_dispatch_request+0x9a1/0xa20
[ 1059.974820][   T58]  __blk_mq_sched_dispatch_requests+0x11b7/0x26e0
[ 1059.981476][   T58]  ? __blk_mq_sched_dispatch_requests+0x1031/0x26e0
[ 1059.988366][   T58]  blk_mq_sched_dispatch_requests+0x12f/0x270
[ 1059.994645][   T58]  blk_mq_run_hw_queue+0x6e4/0xbc0
[ 1059.999955][   T58]  ? __pfx_dd_insert_requests+0x10/0x10
[ 1060.005713][   T58]  blk_mq_flush_plug_list+0x1683/0x2b20
[ 1060.011459][   T58]  ? kmsan_get_metadata+0x146/0x1d0
[ 1060.016846][   T58]  blk_add_rq_to_plug+0x2c6/0x970
[ 1060.022064][   T58]  blk_mq_submit_bio+0x26e8/0x3390
[ 1060.027405][   T58]  __submit_bio+0x3b9/0xb60
[ 1060.032061][   T58]  ? kmsan_get_metadata+0x146/0x1d0
[ 1060.037513][   T58]  submit_bio_noacct_nocheck+0x148c/0x1800
[ 1060.043537][   T58]  ? kmsan_get_metadata+0x146/0x1d0
[ 1060.048891][   T58]  ? kmsan_get_metadata+0x146/0x1d0
[ 1060.054350][   T58]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1060.060334][   T58]  submit_bio_noacct+0x1bd8/0x27f0
[ 1060.065706][   T58]  submit_bio+0x58a/0x5b0
[ 1060.070220][   T58]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1060.076206][   T58]  ext4_bio_write_folio+0x1e76/0x2e40
[ 1060.081813][   T58]  mpage_submit_folio+0x351/0x4a0
[ 1060.087018][   T58]  ext4_do_writepages+0x3733/0x62e0
[ 1060.092401][   T58]  ? kmsan_get_metadata+0x146/0x1d0
[ 1060.097752][   T58]  ? kmsan_get_metadata+0x146/0x1d0
[ 1060.103206][   T58]  ext4_writepages+0x312/0x830
[ 1060.108167][   T58]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1060.114234][   T58]  ? __pfx_ext4_writepages+0x10/0x10
[ 1060.119691][   T58]  do_writepages+0x427/0xc30
[ 1060.124438][   T58]  ? stack_depot_save_flags+0x2c/0x6e0
[ 1060.130050][   T58]  ? kmsan_get_metadata+0x146/0x1d0
[ 1060.135413][   T58]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1060.141389][   T58]  __writeback_single_inode+0x10d/0x12c0
[ 1060.147181][   T58]  ? _raw_spin_unlock+0x30/0x50
[ 1060.152193][   T58]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1060.158171][   T58]  writeback_sb_inodes+0xc95/0x1e00
[ 1060.163613][   T58]  wb_writeback+0x4df/0xea0
[ 1060.168277][   T58]  ? kmsan_get_metadata+0x146/0x1d0
[ 1060.173636][   T58]  ? kmsan_get_metadata+0x146/0x1d0
[ 1060.179091][   T58]  ? queue_io+0x481/0x780
[ 1060.183578][   T58]  wb_workfn+0x40b/0x1940
[ 1060.188119][   T58]  ? __pfx_wb_workfn+0x10/0x10
[ 1060.193055][   T58]  process_scheduled_works+0xa81/0x1bd0
[ 1060.198805][   T58]  worker_thread+0xea5/0x1560
[ 1060.203669][   T58]  kthread+0x3e2/0x540
[ 1060.207908][   T58]  ? __pfx_worker_thread+0x10/0x10
[ 1060.213192][   T58]  ? __pfx_kthread+0x10/0x10
[ 1060.217957][   T58]  ret_from_fork+0x6d/0x90
[ 1060.222528][   T58]  ? __pfx_kthread+0x10/0x10
[ 1060.227291][   T58]  ret_from_fork_asm+0x1a/0x30
[ 1060.232272][   T58]  </TASK>
[ 1060.235622][   T58] Kernel Offset: disabled
[ 1060.240001][   T58] Rebooting in 86400 seconds..