last executing test programs:

7m23.356091115s ago: executing program 2 (id=118):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYRESDEC=r1, @ANYRES32=r0, @ANYRESDEC=r0, @ANYRESHEX=0x0, @ANYBLOB="9a0fdb17b69d02ca523766ec42e8ebc5839cb9740dc9bb7d503c26c94b063850ce1a96c759fae5f64d0e8eb665a38d51d43400152d54a9291a0501ffb28e8f99c4913f5bf546b6263752ed11a70fcd110d68854052dc81bcd32d8c5dac7e426dc8f26cfb78891e3d4a81180f539d5d41c5dcc627fdd371a9eb8f3edcb10496cc33569a241156be1c0a44ebff948c63b16ff0a0a64b92d21d98491b3c1eefaaf036e904a2d6748e73bac4882caae91d454d55b50454ffece138693309880d903908c96a9ff31d2acb74301b8eb66dd8cf0c096733be990274af931d14d1b8248208279df177fd99850831fd19b6c67160ac50", @ANYRESOCT=r1, @ANYRES64=0x0, @ANYRES32=r2], 0x50)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f00000006c0)={r3, 0x58, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x87)
syz_open_dev$evdev(0x0, 0x0, 0x60000)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
r5 = openat$incfs(0xffffffffffffffff, &(0x7f0000000180)='.log\x00', 0x24000, 0x122)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@bloom_filter={0x1e, 0x0, 0x6, 0x3f58, 0x400, r5, 0x5, '\x00', r4, r5, 0x1, 0x4, 0x4, 0x4}, 0x50)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r6, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6", 0xb7)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r7, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
io_setup(0x6, &(0x7f0000001380)=<r9=>0x0)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r10, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
io_submit(r9, 0x1, &(0x7f0000001140)=[0x0])
socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = socket(0x21, 0x2, 0x2)
sendmsg$NBD_CMD_CONNECT(r11, &(0x7f0000001ac0)={0x0, 0x700, &(0x7f0000001a80)={&(0x7f0000000a40)={0x3c, 0x0, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r12}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r12}}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)

7m19.620531851s ago: executing program 2 (id=132):
recvmmsg(0xffffffffffffffff, &(0x7f0000001440), 0x0, 0x40002002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000080000000000000000400000095"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0))
r3 = syz_open_pts(r1, 0x101000)
r4 = dup3(r3, r1, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x17)

6m38.699438282s ago: executing program 2 (id=132):
recvmmsg(0xffffffffffffffff, &(0x7f0000001440), 0x0, 0x40002002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000080000000000000000400000095"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0))
r3 = syz_open_pts(r1, 0x101000)
r4 = dup3(r3, r1, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x17)

2m30.570425918s ago: executing program 2 (id=132):
recvmmsg(0xffffffffffffffff, &(0x7f0000001440), 0x0, 0x40002002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000080000000000000000400000095"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0))
r3 = syz_open_pts(r1, 0x101000)
r4 = dup3(r3, r1, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x17)

1m50.750908499s ago: executing program 2 (id=132):
recvmmsg(0xffffffffffffffff, &(0x7f0000001440), 0x0, 0x40002002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000080000000000000000400000095"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0))
r3 = syz_open_pts(r1, 0x101000)
r4 = dup3(r3, r1, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x17)

52.531756293s ago: executing program 2 (id=132):
recvmmsg(0xffffffffffffffff, &(0x7f0000001440), 0x0, 0x40002002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000080000000000000000400000095"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0))
r3 = syz_open_pts(r1, 0x101000)
r4 = dup3(r3, r1, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x17)

25.042570183s ago: executing program 0 (id=1017):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@deltaction={0x3c, 0x18, 0x1, 0x70bd28, 0x25dfdbfe, {0xa}, [@TCA_ACT_TAB={0x28, 0x1, [{0x10, 0x80, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0x14, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}]}, 0x3c}}, 0x0)

14.090403027s ago: executing program 0 (id=1039):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2000, 0xfffffffffffffffe)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x23a, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x1, 0x0, r1}, &(0x7f0000000100)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB], 0x7c}}, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
r6 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r6, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x2)
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
fcntl$lock(r7, 0x6, &(0x7f0000002000)={0x1, 0x0, 0x0, 0x1})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x18000000000002a0, 0x10, 0x0, &(0x7f0000000240)="d2ff03076003008cb89e08f088a8acc0", 0x0, 0x9, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x4c)
fcntl$lock(r7, 0x26, &(0x7f0000000080)={0x0, 0x2})

12.851097233s ago: executing program 0 (id=1042):
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1509, &(0x7f000001aa40)="$eJzs3Au4jdX2MPAx5pwvm6SV5D7HHC8ruUySJJeERJIkSZJbQpIkSUhscktCEnJPcg/JLXZyv99yT5IjSZKQkGR+j/6dzzn/zv/fOd8539/3nT1+z/M+e4691hhrzD32s9b7vs+z97cdB1etX61yXWaGfwr+x5dUAEgBgH4AcA0ARABQKlupbIDDIJPG1H/uRcS/1kPTrnQH4kqS+advMv/0Teafvsn80zeZf/om80/fZP7pm8xfiPRs6/Tc18qRfo//ufv/IPf//58jn///Rg4XG/Pl+mLXd/oHUmT+6ZvMP32T+advMv/0Teafvsn8/81FAJX+m4dl/umbzF+I9OxK33/+Bw8wV76Hf6vjSv/+CSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYRIH86FywwA/Hl9pfsSQgghhBBCCCHEv07IeKU7EEIIIYQQQgghxP99CAo0GIggA2SEFMgEmeEqyAJXQ1a4BhJwLWSD6yA7XA85ICfkgtyQB/JCPrBA4IAhhvxQAJJwAxSEG6EQFIYiUBQ8FIPicBOUgJuhJNwCpeBWKA23QRkoC+WgPNwOFeAOqAiVoDLcCVXgLqgK1eBuqA73QA24F2rCfVAL7ofa8ADUgQehLjwE9eBhqA+PQAN4FBpCI2gMTaDp/1H+i9AVXoJu0B1SoQf0hJehF/SGPtAX+sEr0B9ehQHwGgyEQTAYXoch8AYMhTdhGAyHEfAWjIRRMBrGwFgYB+PhbZgA78BEeBcmwWSYAlNhGkyHGfAezIRZMBvehznwAcyFeTAfFsBC+BAWwWJIg49gCXwMS2EZLIcVsBJWwWpYA2thHayHDbARNsFm2AJb4RPYBtthB+yEXbAb9sCnsBc+g33wOeyHL/7B/LP/Kb8TAgIqVGjQYAbMgCmYgpkxM2bBLJgVs2ICE5gNs2F2zI45MAfmwlyYB/NgPsyHhISMjPkxPyYxiQWxIBbCQlgEi6BHj8WxOJbAm7EklsRSWApLY2ksg2WxLJbH8lgBK2BFrIiVsTJWwSpYFavi3Xg33oM1sAbWxJpYC2thbayNdbAO1sW6WA/rYX2sjw2wATbEhtgYG2NTbIrNsBk2x+bYEltiK2yFrbE1tsE22BbbYjtsh+2xPXbADtgRO2In7Iyd8UV8EV/Cl7A7VlE9sCf2xF7YC/tgX+yLr2B/fBVfxddwIA7Cwfg6vo5v4FA8g8NwOI7AEVhBjcLROAZZjcPxOB4n4ASciBNxEk7GyTgVp+F0nIEzcCbOwln4Ps7BD/ADnIfzcAEuxIW4CBdjGqbhEjyLS3EZLscVuBJX4Upcg2txDa7HDbgeN+Em3IJb8BP8BLfjdtyJO3E37sZP8VP8DD/Dgbgf9+MBPIAH8SAewkN4GA/jETyCR/EoHsNjeByP4wk8iafwJJ7G03gGz+I5PIfn8TxewOfzfF1vd+F1A0FdYpRRGVQGlaJSVGaVWWVRWVRWlVUlVEJlU9lUdpVd5VA5VC6VS+VReVQ+lU+RIsUqVvlVfpVUSVVQFVSFVCFVRBVRXnlVXBVXJVQJVVKVVKXUraq0uk2VUWVVC19elVcVVEtfUVVSlVVlVUXdpaqqaqqaqq6qqxqqhqqpaqpaqpaqrR5QdVQP7IMPqUuTqa8GYQM1GBuqRqqxaqLewMdUMzUUm6sWqqV6Qg3HYdhaNfNt1NOqrRqN7dSzagw+pzqocdhRvaA6qc6qi3pRdVXNfbcMv70FqqnYS/VWfVRfNRPvUpcmVlW9pgaqQWqwel0twDfUUPWmGqaGqxHqLTVSjVKj1Rg1Vo1T49XbaoJ6R01U76pJarKaoqaqaWq6mqHeUzPVLDVbva/mqA/UXDVPzVcL1EL1oVqkFqs09ZFaoj5WS9UytVytUCvVKrVarVFr1Tq1Xm1QG9UmtVltUVvVJ2qb2q52qJ1ql9qt9qhP1V71mdqnPlf71RfqgPqTOqi+VIfUV+qw+lodUd+oo+pbdUx9p46r79UJdVKdUj+o0+pHdUadVefUT+q8+lldUL+oiyoo0KiV1troSGfQGXWKzqQz66t0Fn21zqqv0Ql9rc6mr9PZ9fU6h86pc+ncOo/Oq/Npq0k7zTrW+XUBndQ36IL6Rl1IF9ZFdFHtdTFdXN+kS+ibdUl9iy6lb9Wl9W26jC6ry+ny+nZdQd+hK+pKurK+U1fRd+mqupq+W1fX9+ga+l5dU9+na+n7dW39gK6jH9R19UO6nn5Y19eP6Ab6Ud1QN9KNdRPdVD+mm+nHdXPdQrfUT+hW+kndWj+l2+indVv9jG6nn9Xt9XO6g35ed9Qv6E66s+6if9EXddDddHedqnvonvpl3Uv31n10X91Pv6L761f1AP2aHqgH6cH6dT1Ev6GH6jf1MD1cj9Bv6ZF6lB6tx+ixepwer9/WE/Q7eqJ+V0/Sk/UUPVVP09N1n98qzf478t/5G/kDfn31LXqr/kRv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+kf9Cn9Y/6jD6rz+qf9Hl9Xl/47WcABo0y2hgTmQwmo0kxmUxmc5XJYq42Wc01JmGuNdnMdSa7ud7kMDlNLpPb5DF5TT5jDRln2MQmvylgkuYGU9DcaAqZwqaIKWq8KWaKm5v+6fw/6q+paWqamWamuWluWpqWppVpZVqb1qaNaWPamramnWln2pv2poPpYDqajqaT6WS6mC6mq+lqupluJtWkmp7mZdPL9DZ9TF/Tz7xi+pv+ZoAZYAaagWawGWyGmCFmqBlqhplhZoQZYUaakWa0GW3GmrFmvBlvJpgJZqKZaCaZSWaKmWKmmWlmhplhZpqZZraZbeaYOWaumWvmm/lmoVloFplFJs2kmSVmiVlqlpllZoVZYVaZVWaNWWPWmXVmg9lgNplNZqnZaraabWab2WF2mF1ml9lj9pi9Zq/ZZ/aZ/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmePmuDlhTphT5pQ5bU6bM+aMOWfOmfPmvLlgLpiL5uKl075IRSoykYkyRBmilCglyhxljrJEWaKsUdYoESWibFG2KHt0fZQjyhnlinJHeaK8USrYiCIXcRRH+aMCUTK6ISoY3RgVigpHRaKikY+KRcWjm6IS0c1RyeiWqFR0a1Q6ui0qE5WNykXlo9ujCtEdUcWoUlQ5ujOqEt0VVY2qRXdH1aN7ohrRvVHN6L6oVnR/VDt6IKoTPRjVjR6K6kUPR/WjR6IG0aNRw6hR1DhqEjX9l9YP4UzOx303292m2h62p33Z9rK9bR/b1/azr9j+9lU7wL5mB9pBdrB93Q6xb9ih9k07zA63I+xbdqQdZUfbMXasHWfH27ftBPuOnWjftZPsZDvFTrXT7HQ7w75nZ9pZdrZ9386xH9i5dp6dbxfYhfZDu8gutmn2I7vEfmyX2mV2uV1hV9pVdrVdY9fadXa93WA32k12s91it9pP7Da73e6wO+0uu9vusZ/avfYzu89+bvfbL+wB+yd70H5pD9mv7GH7tT1iv7FH7bf2mP3OHrff2xP2pD1lf7Cn7Y/2jD1rz9mf7Hn7s71gf7EXbbh0cn/p450MGcpAGSiFUigzZaYslIWyUlZKUIKyUTbKTtkpB+WgXJSL8lAeykf56BImpvyUn5KUpIJUkApRISpCRciTp+JUnEpQCSpJJakUlaLSVJrKUBkqR+Xodrqd7qA7qBJVojvpTrqL7qJqVI2qU3WqQTWoJtWkWlSLalNtqkN1qC7VpXpUj+pTfWpADaghNaTG1JiaUlNqRs2oOTWnltSSWlErak2tqQ21obbUltpRO2pP7akDdaCO1JE6USfqQl2oK3WlbtSNUimVelJP6kW9qA/1oX7Uj/pTfxpAA2ggDaTBNJiG0BAaSkNpGA2nEfQWjaRRNJrG0FgaR+NpPE2gCTSRJtIkmkRTaApNo2k0g2bQTJpJs2k2zaE5NJfm0nyaTwtpIS2iRZRGabSEltBSWkrLaTmtpJW0mlbTWlpL62k9baSNtJk201baSttoG+2gHbSLdtEe2kN7aS/to320n/bTATpAB+kgHaJDdJgO0xE6QkfpKB2jY3ScjtMJOkGn6BSdptN0hs7QOTpH5+lnukC/0EUKlOIUZHZXuSzuapfVXeNSXCZ3KY4A4FKcy+V2eVxel89Zl8Pl/KuYnHOFXGFXxBV13hVzxd1Nv4vLuLKunCvvbncV3B2u4u/i6u4eV8Pd62q6+1w1d/dfxbXc/a62e8TVcY+6uq6Rq+eauPruEdfAPeoaukausWviWrknXWv3lGvjnnZt3TPuKgD4y3iRW+zWunVuvdvg9rrP3Dn3kzvqvnXn3c+um+vu+rlXXH/3qhvgXnMD3aDfxSPcW26kG+VGuzFurBv3u3iKm+qmueluhnvPzXSzfhcvdB+6OS7NzXXz3Hy34Nf4Uk9p7iO3xH3slrplbrlb4Va6VW61W/O/e13hNrnNbovb4z5129x2t8PtdLvc7l/jS/vY5z53+90X7oj7xh10X7pD7pg77L7+Nb60v2PuO3fcfe9OuJPulPvBnXY/ujPu7K/7v7T3H9wv7qILDhhZsWbDEWfgjJzCmTgzX8VZ+GrOytdwgq/lbHwdZ+frOQfn5Fycm/NwXs7HlokdM8ecnwtwkm/ggnwjF+LCXISLsudiXJxv4hJ8M5fkW7gU38ql+TYuw2W5HJfn27kC38EVuRJX5ju5Sghclavx3Vyd7+EafC/X5Pu4Ft/PtfkBrsMPcl1+iOvxw1yfH+EG/Cg35EbcmJtwU36Mm/Hj3JxbcEt+glvxk9yan+I2/DS35We4HT/L7fk57sDPc0d+gTtxZ+7CL3JXfom7cXdO5R7ck1/mXtyb+3Bf7sevcH9+lQfwazyQB/Fgfp2H8Bs8lN/kYTycR/BbPJJH8Wgew2N5HI/nt3kCv8MT+V2exJN5Ck/laTydZ/B7PJNn8Wx+n+fwBzyX5/F8XsAL+UNexIs5jT/iJfwxL+VlvJxX8Epexat5Da/ldbyeN/BG3sSbeQtv5U94G2/nHbyTd/Fu3sOf8l7+jPfx57yfv+AD/Cc+yF/yIf6KD/PXfIS/4aP8LR/j7/g4f88n+CSf4h/4NP/IZ/gsn+Of+Dz/zBf4F77IgSHGWMU6NnEUZ4gzxilxpjhzfFWcJb46zhpfEyfia+Ns8XVx9vj6OEecM84V547zxHnjfLGNKXYxx3GcPy4QJ+Mb4oLxjXGhuHBcJC4a+7hYXDy+KS4R3xyXjG+JS8W3xqXj2+Iycdn4kfvKx7fHFeI74opxpbhyfGdcJb4rrhpXi++Oq8f3xDXie+Oa8X1xyfj+uHb8QFwnfjCuGz8U14sfjuvHj8QN4kfjhnGjuHHcJG4aPxY3ix+Pm8ct4pbxE3Gr+Mm4dfxU3CZ+Om4bP/OHj6fGPeKe8cvxy3EI9+r5yQXJhckPk4uSi5NpyY+SS5IfJ5cmlyWXJ1ckVyZXJVcn1yTXJtcl1yc3JDcmNyU3J7ckQ6iWETx65bU3PvIZfEaf4jP5zP4qn8Vf7bP6a3zCX+uz+et8dn+9z+Fz+lw+t8/j8/p83nryzrOPfX5fwCf9Db6gv9EX8oV9EV/Ue1/MF/dNfFPf1Dfzj/vmvoVv6Z/wT/gn/ZP+Kf+Uf9q39c/4dv5Z394/5zv45/3z/gXfyXf2XfyLvqt/yXfz3X2qT/U9fU/fy/fyfXwf38/38/19fz/AD/AD/UA/2A/2Q/wQP9QP9cP8MD/Cj/Aj/Ug/2o/2Y/1YP96P9xP8BD/RT/ST/CQ/xU/x0/w0P8PP8DP9TD/bz/ZzCs3xc/1cP9/P9wv9Qr/IL/JpPs0v8Uv8Ur/UL/fL/Uq/0q/2q/1av9av9+v9Rr/Rb/ab/Va/1W/z2/wOv8Pv8rv8Hr/H7/V7/T6/z+/3+/0Bf8Af9Af9If+VP+y/9kf8N/6o/9Yf89/54/57f8Kf9Kf8D/60/9Gf8Wf9Of+TP+9/9hf8L/6iD3584u3EhMQ7iYmJdxOTEpMTUxJTE9MS0xMzEu8lZiZmJWYn3k/MSXyQmJuYl5ifWJBYmPgwsSixOJGW+CixJPFxYmliWWJ5YkViZWJVIoS82+KQPxQIyXBDKBhuDIVC4VAkFA0+FAvFw02hRLg5lAy3hFLh1lA63BbKhLKhXHg0NAyNQuPQJDQNj4Vm4fHQPLQILcMToVV4MrQOT4U24enQNjwT2oVnQ/vwXOgQng8dwwuhU+gcuoQXQ9fwUugWuofU0CP0DC+HXqF36BP6hn7hldA/vBoGhNfCwDAoDA6vhyHhjTA0vBmGheFhRHgrjAyjwugwJowN48L48HaYEN4JE8O7YVKYHKaEqWFamB5mhPfCzDArzA7vhznhgzA3zAvzw4KwMHwYFoXFIS18FJaEj8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBJ2Ba2hx1hZ9gVdoc94dOwN3wW9oXPw/7wRTgQ/hQOhi/DofBVOBy+DkfCN+Fo+DYcC9+F4+H7cCKcDKfCD+F0+DGcCWfDufBTOB9+DhfCL+Gi/M2aEEIIIcTfRf/B4z3+xvcyAID6bd0TAK7envvwf665Mcd/rHurPK0SAPB0944P/fmoUiU1NfW35y7VEBWYBwCJv67/53gZtIQnoQ20gBJ/s7/eqvN5/oP6yVsBMv9FTgpcji/Xv/m/qP/YEyMWlY7PZftv6s8DKFTgck4muBxfrl/yv6ifs9kf9J/py/EAzf8iJwtcji/XLw6PwzPQ5q+eKYQQQgghhBBC/Ifeqlz7P7p+vnR9nsdczskIl+M/uj4XQgghhBBCCCHElfdc5y5PPdamTYv2f98Cf7sv8I9lyUIWsvj/bHGl35mEEEIIIYQQ/2qXT/qvdCdCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIUT69T/x78Su9B6FEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIK+1/BQAA//9lvzeI")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x89}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x36, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118)

12.311884484s ago: executing program 3 (id=1043):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = socket$tipc(0x1e, 0x5, 0x0)
recvmmsg(r2, &(0x7f0000000040), 0x0, 0x40012020, 0x0)
bind$tipc(r4, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000140)=@name={0x1e, 0x2, 0x3, {{0x42, 0x1}}}, 0x10)
r6 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r6, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10, 0x0}, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
mount$bind(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(0x0, 0x0)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x240007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)

10.66146421s ago: executing program 3 (id=1044):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000004c0), 0x4)

10.604837908s ago: executing program 0 (id=1045):
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$radio(0x0, 0x3, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x12, 0x4, 0x8, 0x8002}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r2, 0x0, 0x0}, 0x20)

10.362839846s ago: executing program 3 (id=1047):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x5, 0x14, 0x0, &(0x7f0000000000)='%', 0x0, 0x7fffffff, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000100001000000000000dfff000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e65766530000000000000000000140001006c6f0000000000000000000000000000080002"], 0xb4}}, 0x24048062)

9.350546114s ago: executing program 5 (id=1048):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0}, 0x50)
pipe2(&(0x7f0000000480)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r5, 0x407, 0x7ffffffe)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000380)={0x2, r5})
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000300)='source', &(0x7f00000000c0)='%(,:', 0x0)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000000140)=[{&(0x7f00000000c0)="580000001500add427323b472545b4560a117fff0b0082001b59000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee0000000000000000020000", 0x56}, {&(0x7f0000000000)="abd9", 0x2}], 0x2)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040), r0)

9.254316426s ago: executing program 4 (id=1049):
socket$nl_generic(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='mm_khugepaged_scan_pmd\x00', r1, 0x0, 0x2}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x94)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000280), 0xc8100, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f00000001c0)={0x8, 0x3, 0x10})
r5 = syz_open_dev$vim2m(&(0x7f0000000040), 0x1, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000000)=0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0x8, 0x0, 0x0, 0x0, 0x47}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

9.251148357s ago: executing program 1 (id=1050):
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f0000001440), 0x0, 0x40002002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r3, &(0x7f00000000c0)=ANY=[], 0xff2e)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000100)=0x6)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10)
r6 = openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_IOC_READY(r6, 0x541b, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000dc0))
r7 = syz_open_pts(r3, 0x101000)
r8 = dup3(r7, r3, 0x0)
ioctl$TIOCSTI(r8, 0x5412, &(0x7f0000000000)=0x17)

9.206749629s ago: executing program 3 (id=1051):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000380))
sendmmsg$unix(r4, 0x0, 0x0, 0x2000c010)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r1)
sendmsg$NFC_CMD_DEP_LINK_UP(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x2c, r5, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_COMM_MODE={0x5}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_TARGET_INDEX={0x8}]}, 0x2c}}, 0x0)

7.643657777s ago: executing program 3 (id=1052):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setregid(0xffffffffffffffff, 0x0)
setuid(0xee01)
syz_init_net_socket$ax25(0x3, 0x7, 0xcc)
r3 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r3, &(0x7f0000000180)=[{&(0x7f0000000040)="d5858783", 0x4}], 0x1)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f00000000c0)='./file0\x00')
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x66801, 0x19d)
write$P9_RREADLINK(r4, &(0x7f0000000180)={0x10, 0x17, 0xbffd, {0x7, './file0'}}, 0x10)

6.742399822s ago: executing program 4 (id=1053):
setsockopt$RXRPC_SECURITY_KEYRING(0xffffffffffffffff, 0x110, 0x2, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socket$unix(0x1, 0x5, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
userfaultfd(0x801)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r2, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000028c0)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x8000)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000006680))
read$msr(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000880)={0x2020}, 0x2020)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f00000003c0)=""/192, 0x1e, 0xc0, 0x0, 0x5b, 0x10000, @value=r0}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="00000000000000000200000000"], 0x50)
syz_open_dev$loop(&(0x7f0000000040), 0x81, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_test', 0x41e43, 0x14)
sendmsg$NFT_BATCH(r4, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000884}, 0x4000000)
bind$unix(0xffffffffffffffff, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e1f}, 0x6e)

6.576479059s ago: executing program 1 (id=1054):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffffb3}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={<r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x3a6}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r1, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000100000001"], 0x7b}, 0x0, 0x20040000})
io_uring_enter(r2, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)

5.523967456s ago: executing program 4 (id=1055):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x21, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_setup(0x5, &(0x7f0000000000))
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x3, "421ae3753785259249154c944122ad063ff47d3bd7a8a45d6bb4c78a3ab4c981"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f00000007c0)={0x81, "7ad3dd1fc2423dff92fa199fb64951078c533f7bd1bbca78dbff4ed99b2caf14"})
ioctl$SW_SYNC_IOC_INC(r0, 0x40045701, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x9, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3fe, 0x5, 0x3, 0x9, 0x8, 0x45ff, 0x7ffffffc}, 0x0, 0x0)

4.500737614s ago: executing program 1 (id=1056):
syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='shortad,partition=00000000000000000005,noadinicb,uid=', @ANYRESDEC=0x0, @ANYBLOB=',gid=', @ANYRESDEC=0x0, @ANYBLOB=',volume=0000000000000006,\x00\x00\x00\x00\x00'], 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO")
chdir(0x0)
pipe2(&(0x7f0000000040), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)

4.290926836s ago: executing program 4 (id=1057):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000010400007b8af8ff00000000bfa200000000000007020000f8"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40}, 0x94)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b904021d080225000000040000a118000200fcffffff00000e1208000f0100810401a80016ea1f0006", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[], 0xfe33)

4.220251829s ago: executing program 1 (id=1058):
socket$phonet(0x23, 0x2, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000)
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x34, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0x0, 0xf}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084)
sendmsg$inet(r2, &(0x7f0000000100)={0x0, 0x2, &(0x7f0000000080)=[{&(0x7f0000000140)="600000002e000d190a762d7f089e", 0xfca2}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000030000000900010073797a300000000038000000030a03000000000000000000030000000900030073797a0073797a3000000000be000480080001400000000028000000000a01040000000000000000030000000900010073797a30000000000800024000000001140000001100010000000000000000000000000a0000000000000000"], 0xa8}}, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r7}, 0x10)

3.979785055s ago: executing program 0 (id=1059):
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00'}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x6e, &(0x7f0000000000), 0xe0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
ioctl$UFFDIO_CONTINUE(0xffffffffffffffff, 0xc020aa07, &(0x7f0000000000)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x1})
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./file1\x00', 0x810, &(0x7f00000001c0)={[{@treelog}, {@nodatacow}, {@max_inline={'max_inline', 0x3d, [0x6d, 0x33, 0x78, 0x39, 0x65, 0x36]}}, {@space_cache}, {@nodatasum}, {@nobarrier}, {@flushoncommit}, {@noautodefrag}, {@ref_verify}, {@noenospc_debug}, {@clear_cache}, {@commit={'commit', 0x3d, 0x3}}, {@ssd}, {@nobarrier}, {@max_inline={'max_inline', 0x3d, [0x38, 0x36, 0x38, 0x35, 0x32, 0x25]}}]}, 0x1, 0x50f3, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=")
openat(0xffffffffffffff9c, 0x0, 0x141042, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
truncate(&(0x7f0000000100)='./file1\x00', 0x0)
mkdir(0x0, 0x0)
mkdir(0x0, 0x0)
chdir(0x0)
r2 = open(&(0x7f0000000580)='./bus\x00', 0x84242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x400000000001, 0x180, 0x20ff, 0x6, 0x89, 0xd615, 0x9, 0x3, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x5, 0x1}}, {0x0, 0x13}}}, 0xa0)

3.518211978s ago: executing program 4 (id=1060):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000780)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x36e084fcb6392193, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0, r1}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a3200000000140000001100"], 0x54}, 0x1, 0x0, 0x0, 0x20048004}, 0x0)

3.490223204s ago: executing program 1 (id=1061):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x80000001, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x2)

2.682037493s ago: executing program 4 (id=1062):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = dup(r3)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008"], 0x64}}, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
unlink(0x0)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f00000003c0)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r6}}, 0x58)

2.436121185s ago: executing program 1 (id=1063):
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x1a, 0x4, 0x0, 0x1, 0x8000, 0x1, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)

2.31068533s ago: executing program 5 (id=1064):
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmsg$sock(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x20000884)
userfaultfd(0x801)
ioctl$FBIOPUTCMAP(0xffffffffffffffff, 0x4605, &(0x7f00000000c0)={0x10000, 0x0, 0x0, 0x0, 0x0, 0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xa)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006840)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x0, 0x2000, 0x200, 0xfffffffe, 0x5b, 0x0, 0x0, 0x0, 0x3}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x8000000002, 0x0, 0x0, 0x0, 0x0, 0x7, {0x3, 0x0, 0x5, 0x2, 0x0, 0x0, 0x404, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x440, 0x3}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
ioctl$TCSETS(r2, 0x5402, &(0x7f00000000c0)={0xd, 0x1, 0x6, 0x0, 0xb, "4e2e10e3e9dd34180b687c006f6edcb311ce81"})

1.887229692s ago: executing program 5 (id=1065):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x800448d5, &(0x7f0000000080))

1.458886724s ago: executing program 5 (id=1066):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, &(0x7f0000000540)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000940)={&(0x7f0000000580), &(0x7f00000006c0), 0x0, &(0x7f0000000600)=[0x0, 0x0]})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000200)={r0}, 0xc)
getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, &(0x7f0000000140), &(0x7f0000000180)=0x4)

1.218447708s ago: executing program 5 (id=1067):
setsockopt$RXRPC_SECURITY_KEYRING(0xffffffffffffffff, 0x110, 0x2, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socket$unix(0x1, 0x5, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
userfaultfd(0x801)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r2, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000028c0)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x8000)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000006680))
read$msr(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000880)={0x2020}, 0x2020)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f00000003c0)=""/192, 0x1e, 0xc0, 0x0, 0x5b, 0x10000, @value=r0}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="00000000000000000200000000"], 0x50)
syz_open_dev$loop(&(0x7f0000000040), 0x81, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_test', 0x41e43, 0x14)
sendmsg$NFT_BATCH(r4, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000884}, 0x4000000)
bind$unix(0xffffffffffffffff, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e1f}, 0x6e)

71.955052ms ago: executing program 5 (id=1068):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffffb3}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={<r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x3a6}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r1, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000100000001"], 0x7b}, 0x0, 0x20040000})
io_uring_enter(r2, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)

40.622503ms ago: executing program 0 (id=1069):
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0xffffffff)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007010000000000000000017c00000400fc800c000180060006006558000008000280040011"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x32, 0x0, 0x0)

0s ago: executing program 3 (id=1070):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r1, &(0x7f0000000140)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)

kernel console output (not intermixed with test programs):

+0x9c/0x150
[  480.273792][  T996]  ? __pfx_kthread+0x10/0x10
[  480.273822][  T996]  ret_from_fork+0x3fc/0x770
[  480.273860][  T996]  ? __pfx_ret_from_fork+0x10/0x10
[  480.273904][  T996]  ? __switch_to_asm+0x39/0x70
[  480.273927][  T996]  ? __switch_to_asm+0x33/0x70
[  480.273952][  T996]  ? __pfx_kthread+0x10/0x10
[  480.273982][  T996]  ret_from_fork_asm+0x1a/0x30
[  480.274027][  T996]  </TASK>
[  480.812968][  T996] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  482.341835][ T6051] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.481290][ T6051] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.622453][ T6051] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.894919][ T6051] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.719645][ T9542] trusted_key: encrypted_key: insufficient parameters specified
[  483.786647][ T6051] bridge_slave_1: left allmulticast mode
[  483.786670][ T6051] bridge_slave_1: left promiscuous mode
[  483.786876][ T6051] bridge0: port 2(bridge_slave_1) entered disabled state
[  483.867963][ T6051] bridge_slave_0: left allmulticast mode
[  483.871047][ T6051] bridge_slave_0: left promiscuous mode
[  483.872358][ T6051] bridge0: port 1(bridge_slave_0) entered disabled state
[  483.893769][ T9549] loop3: detected capacity change from 0 to 512
[  483.998876][ T9549] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.837: bg 0: block 5: invalid block bitmap
[  484.023966][ T9549] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  484.041695][ T9549] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.837: invalid indirect mapped block 3 (level 2)
[  484.042329][ T9549] EXT4-fs (loop3): 2 truncates cleaned up
[  484.046141][ T9549] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  484.197003][ T9558] loop4: detected capacity change from 0 to 256
[  484.697524][ T5828] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.743147][ T9558] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  484.803582][ T9558] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  484.942284][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  484.967720][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  485.007773][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  485.019595][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  485.027460][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  485.227607][ T9566] loop1: detected capacity change from 0 to 32768
[  485.264430][ T9558] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x062de574, utbl_chksum : 0xe619d30d)
[  485.342584][ T9566] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  485.342638][ T9566]   allowing incompatible features above 0.0: (unknown version)
[  485.342653][ T9566]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  485.389333][ T9566] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  485.400401][ T9566] bcachefs (loop1): initializing new filesystem
[  485.414144][ T9566] bcachefs (loop1): going read-write
[  486.245496][ T9566] bcachefs (loop1): marking superblocks
[  486.259269][ T9566] bcachefs (loop1): initializing freespace
[  486.268784][ T9566] bcachefs (loop1): done initializing freespace
[  486.278183][ T9566] bcachefs (loop1): reading snapshots table
[  486.285648][ T9566] bcachefs (loop1): reading snapshots done
[  486.459751][ T9566] bcachefs (loop1): done starting filesystem
[  487.081066][ T9590] netlink: 8 bytes leftover after parsing attributes in process `syz.3.845'.
[  487.090084][ T9590] netlink: 8 bytes leftover after parsing attributes in process `syz.3.845'.
[  487.234375][   T51] Bluetooth: hci3: command tx timeout
[  487.535725][ T5823] bcachefs (loop1): shutting down
[  487.660913][ T5823] bcachefs (loop1): going read-only
[  487.687609][ T5823] bcachefs (loop1): finished waiting for writes to stop
[  487.723517][ T5823] bcachefs (loop1): flushing journal and stopping allocators, journal seq 2
[  487.742807][ T9594] netlink: 28 bytes leftover after parsing attributes in process `syz.0.848'.
[  487.807008][ T5823] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[  487.820354][ T5823] bcachefs (loop1): clean shutdown complete, journal seq 4
[  487.829077][ T5823] bcachefs (loop1): marking filesystem clean
[  488.217708][ T5823] bcachefs (loop1): shutdown complete
[  488.836491][ T6051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  488.856380][ T6051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  488.869468][ T6051] bond0 (unregistering): Released all slaves
[  489.120710][ T9557] netlink: 44 bytes leftover after parsing attributes in process `syz.5.838'.
[  489.314262][ T5826] Bluetooth: hci3: command tx timeout
[  489.385090][ T9562] lo speed is unknown, defaulting to 1000
[  490.390697][ T6051] hsr_slave_0: left promiscuous mode
[  491.375753][ T6051] hsr_slave_1: left promiscuous mode
[  491.423113][ T5826] Bluetooth: hci3: command tx timeout
[  491.483904][ T6051] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  491.491605][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_0
[  491.603101][ T5930] usb 4-1: new low-speed USB device number 3 using dummy_hcd
[  491.640855][ T6051] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  491.891837][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_1
[  491.976408][ T6051] veth1_macvtap: left promiscuous mode
[  491.998225][ T6051] veth0_macvtap: left promiscuous mode
[  492.017596][ T6051] veth1_vlan: left promiscuous mode
[  492.039687][ T5930] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  492.047591][ T6051] veth0_vlan: left promiscuous mode
[  492.089682][ T5930] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  492.108399][ T5930] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  492.127329][ T5930] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  492.140921][ T5930] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  492.195409][ T5930] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  492.230882][ T5930] hub 4-1:1.0: bad descriptor, ignoring hub
[  492.542728][ T9627] loop5: detected capacity change from 0 to 40427
[  492.560229][ T9627] F2FS-fs (loop5): invalid crc value
[  492.572057][ T5930] hub 4-1:1.0: probe with driver hub failed with error -5
[  492.581365][ T5930] cdc_wdm 4-1:1.0: skipping garbage
[  492.593815][ T5930] cdc_wdm 4-1:1.0: skipping garbage
[  492.643687][ T5930] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  492.649611][ T5930] cdc_wdm 4-1:1.0: Unknown control protocol
[  492.668558][ T9627] F2FS-fs (loop5): Start checkpoint disabled!
[  492.679802][ T9627] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  493.373870][ T9634] F2FS-fs (loop5): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  493.518434][ T5826] Bluetooth: hci3: command tx timeout
[  493.538577][   T49] kworker/u8:3: attempt to access beyond end of device
[  493.538577][   T49] loop5: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  493.558237][   T49] kworker/u8:3: attempt to access beyond end of device
[  493.558237][   T49] loop5: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  493.573046][   T49] CPU: 0 UID: 0 PID: 49 Comm: kworker/u8:3 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  493.573079][   T49] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  493.573095][   T49] Workqueue: writeback wb_workfn (flush-7:5)
[  493.573136][   T49] Call Trace:
[  493.573145][   T49]  <TASK>
[  493.573155][   T49]  dump_stack_lvl+0x189/0x250
[  493.573202][   T49]  ? __pfx_dump_stack_lvl+0x10/0x10
[  493.573239][   T49]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  493.573274][   T49]  ? __pfx_queue_work_on+0x10/0x10
[  493.573300][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  493.573336][   T49]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  493.573371][   T49]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  493.573406][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  493.573434][   T49]  ? f2fs_hw_is_readonly+0x39b/0x470
[  493.573471][   T49]  f2fs_handle_critical_error+0x37c/0x540
[  493.573512][   T49]  f2fs_write_end_io+0x495/0x810
[  493.573545][   T49]  ? blkg_put+0x22/0x240
[  493.573593][   T49]  __submit_merged_bio+0x27a/0x6a0
[  493.573633][   T49]  __submit_merged_write_cond+0x255/0x530
[  493.573673][   T49]  f2fs_write_data_pages+0x261d/0x3000
[  493.573758][   T49]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  493.573907][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  493.573941][   T49]  ? f2fs_write_meta_pages+0x357/0x450
[  493.573988][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  493.574019][   T49]  ? __lock_acquire+0xab9/0xd20
[  493.574061][   T49]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  493.574097][   T49]  do_writepages+0x32e/0x550
[  493.574144][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  493.574171][   T49]  ? reacquire_held_locks+0x127/0x1d0
[  493.574194][   T49]  ? writeback_sb_inodes+0x372/0x1000
[  493.574247][   T49]  __writeback_single_inode+0x145/0xff0
[  493.574285][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  493.574321][   T49]  ? do_raw_spin_unlock+0x122/0x240
[  493.574357][   T49]  writeback_sb_inodes+0x6b5/0x1000
[  493.574417][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  493.574463][   T49]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  493.574566][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  493.574593][   T49]  ? rcu_is_watching+0x15/0xb0
[  493.574633][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  493.574675][   T49]  wb_writeback+0x43b/0xaf0
[  493.574726][   T49]  ? queue_io+0x3a1/0x590
[  493.574770][   T49]  ? __pfx_wb_writeback+0x10/0x10
[  493.574822][   T49]  ? _raw_spin_unlock_irq+0x23/0x50
[  493.574865][   T49]  wb_workfn+0x409/0xef0
[  493.574921][   T49]  ? __pfx_wb_workfn+0x10/0x10
[  493.574961][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  493.574989][   T49]  ? __lock_acquire+0xab9/0xd20
[  493.575041][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  493.575074][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  493.575108][   T49]  ? _raw_spin_unlock_irq+0x23/0x50
[  493.575140][   T49]  ? process_scheduled_works+0x9ef/0x17b0
[  493.575178][   T49]  ? process_scheduled_works+0x9ef/0x17b0
[  493.575219][   T49]  process_scheduled_works+0xae1/0x17b0
[  493.575310][   T49]  ? __pfx_process_scheduled_works+0x10/0x10
[  493.575361][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  493.575404][   T49]  worker_thread+0x8a0/0xda0
[  493.575464][   T49]  ? __kthread_parkme+0x7b/0x200
[  493.575505][   T49]  kthread+0x711/0x8a0
[  493.575539][   T49]  ? __pfx_worker_thread+0x10/0x10
[  493.575577][   T49]  ? __pfx_kthread+0x10/0x10
[  493.575602][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  493.575636][   T49]  ? _raw_spin_unlock_irq+0x23/0x50
[  493.575668][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  493.575696][   T49]  ? lockdep_hardirqs_on+0x9c/0x150
[  493.575730][   T49]  ? __pfx_kthread+0x10/0x10
[  493.575761][   T49]  ret_from_fork+0x3fc/0x770
[  493.575802][   T49]  ? __pfx_ret_from_fork+0x10/0x10
[  493.575848][   T49]  ? __switch_to_asm+0x39/0x70
[  493.575873][   T49]  ? __switch_to_asm+0x33/0x70
[  493.575897][   T49]  ? __pfx_kthread+0x10/0x10
[  493.575928][   T49]  ret_from_fork_asm+0x1a/0x30
[  493.575980][   T49]  </TASK>
[  493.576241][   T49] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  494.194312][ T9637] syz.0.863: attempt to access beyond end of device
[  494.194312][ T9637] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  494.240579][   T49] CPU: 0 UID: 0 PID: 49 Comm: kworker/u8:3 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  494.240611][   T49] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  494.240628][   T49] Workqueue: writeback wb_workfn (flush-7:5)
[  494.240670][   T49] Call Trace:
[  494.240679][   T49]  <TASK>
[  494.240689][   T49]  dump_stack_lvl+0x189/0x250
[  494.240737][   T49]  ? __pfx_dump_stack_lvl+0x10/0x10
[  494.240773][   T49]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  494.240810][   T49]  ? __pfx_queue_work_on+0x10/0x10
[  494.240835][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  494.240863][   T49]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  494.240898][   T49]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  494.240938][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  494.240965][   T49]  ? f2fs_hw_is_readonly+0x39b/0x470
[  494.241002][   T49]  f2fs_handle_critical_error+0x37c/0x540
[  494.241042][   T49]  f2fs_write_end_io+0x495/0x810
[  494.241076][   T49]  ? blkg_put+0x22/0x240
[  494.241124][   T49]  __submit_merged_bio+0x27a/0x6a0
[  494.241164][   T49]  __submit_merged_write_cond+0x255/0x530
[  494.241204][   T49]  f2fs_write_data_pages+0x261d/0x3000
[  494.241288][   T49]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  494.241443][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  494.241477][   T49]  ? f2fs_write_meta_pages+0x357/0x450
[  494.241523][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  494.241553][   T49]  ? __lock_acquire+0xab9/0xd20
[  494.241595][   T49]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  494.241631][   T49]  do_writepages+0x32e/0x550
[  494.241678][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  494.241705][   T49]  ? reacquire_held_locks+0x127/0x1d0
[  494.241728][   T49]  ? writeback_sb_inodes+0x372/0x1000
[  494.241780][   T49]  __writeback_single_inode+0x145/0xff0
[  494.241818][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  494.241846][   T49]  ? do_raw_spin_unlock+0x122/0x240
[  494.241882][   T49]  writeback_sb_inodes+0x6b5/0x1000
[  494.241941][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  494.241987][   T49]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  494.242087][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  494.242115][   T49]  ? rcu_is_watching+0x15/0xb0
[  494.242155][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  494.242196][   T49]  wb_writeback+0x43b/0xaf0
[  494.242247][   T49]  ? queue_io+0x3a1/0x590
[  494.242298][   T49]  ? __pfx_wb_writeback+0x10/0x10
[  494.242349][   T49]  ? _raw_spin_unlock_irq+0x23/0x50
[  494.242391][   T49]  wb_workfn+0x409/0xef0
[  494.242452][   T49]  ? __pfx_wb_workfn+0x10/0x10
[  494.242491][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  494.242518][   T49]  ? __lock_acquire+0xab9/0xd20
[  494.242570][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  494.242602][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  494.242636][   T49]  ? _raw_spin_unlock_irq+0x23/0x50
[  494.242669][   T49]  ? process_scheduled_works+0x9ef/0x17b0
[  494.242705][   T49]  ? process_scheduled_works+0x9ef/0x17b0
[  494.242746][   T49]  process_scheduled_works+0xae1/0x17b0
[  494.242828][   T49]  ? __pfx_process_scheduled_works+0x10/0x10
[  494.242884][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  494.242927][   T49]  worker_thread+0x8a0/0xda0
[  494.242987][   T49]  ? __kthread_parkme+0x7b/0x200
[  494.243026][   T49]  kthread+0x711/0x8a0
[  494.243060][   T49]  ? __pfx_worker_thread+0x10/0x10
[  494.243100][   T49]  ? __pfx_kthread+0x10/0x10
[  494.243125][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  494.243159][   T49]  ? _raw_spin_unlock_irq+0x23/0x50
[  494.243190][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  494.243218][   T49]  ? lockdep_hardirqs_on+0x9c/0x150
[  494.243252][   T49]  ? __pfx_kthread+0x10/0x10
[  494.243282][   T49]  ret_from_fork+0x3fc/0x770
[  494.243331][   T49]  ? __pfx_ret_from_fork+0x10/0x10
[  494.243377][   T49]  ? __switch_to_asm+0x39/0x70
[  494.243402][   T49]  ? __switch_to_asm+0x33/0x70
[  494.243426][   T49]  ? __pfx_kthread+0x10/0x10
[  494.243457][   T49]  ret_from_fork_asm+0x1a/0x30
[  494.243509][   T49]  </TASK>
[  494.625639][    C0] vkms_vblank_simulate: vblank timer overrun
[  494.694186][ T5815] usb 4-1: USB disconnect, device number 3
[  494.712547][   T49] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  494.750838][ T9639] netlink: 28 bytes leftover after parsing attributes in process `syz.3.864'.
[  495.401980][ T9649] netlink: 8 bytes leftover after parsing attributes in process `syz.0.866'.
[  495.413055][ T9649] netlink: 8 bytes leftover after parsing attributes in process `syz.0.866'.
[  496.631752][ T6051] team0 (unregistering): Port device team_slave_1 removed
[  496.673921][ T6051] team0 (unregistering): Port device team_slave_0 removed
[  497.480244][ T9667] loop1: detected capacity change from 0 to 40427
[  497.509038][ T9667] F2FS-fs (loop1): invalid crc value
[  497.588218][ T9667] F2FS-fs (loop1): Start checkpoint disabled!
[  497.614957][ T9667] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  497.893830][ T9670] F2FS-fs (loop1): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  498.294007][ T9656] netlink: 44 bytes leftover after parsing attributes in process `syz.4.865'.
[  498.508048][ T6707] kworker/u8:14: attempt to access beyond end of device
[  498.508048][ T6707] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  498.522810][ T6707] CPU: 0 UID: 0 PID: 6707 Comm: kworker/u8:14 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  498.522843][ T6707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  498.522865][ T6707] Workqueue: writeback wb_workfn (flush-7:1)
[  498.522908][ T6707] Call Trace:
[  498.522918][ T6707]  <TASK>
[  498.522928][ T6707]  dump_stack_lvl+0x189/0x250
[  498.522976][ T6707]  ? __pfx_dump_stack_lvl+0x10/0x10
[  498.523005][ T6707]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  498.523032][ T6707]  ? __pfx_queue_work_on+0x10/0x10
[  498.523051][ T6707]  ? srso_alias_return_thunk+0x5/0xfbef5
[  498.523071][ T6707]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  498.523097][ T6707]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  498.523123][ T6707]  ? srso_alias_return_thunk+0x5/0xfbef5
[  498.523144][ T6707]  ? f2fs_hw_is_readonly+0x39b/0x470
[  498.523172][ T6707]  f2fs_handle_critical_error+0x37c/0x540
[  498.523201][ T6707]  f2fs_write_end_io+0x495/0x810
[  498.523225][ T6707]  ? blkg_put+0x22/0x240
[  498.523261][ T6707]  __submit_merged_bio+0x27a/0x6a0
[  498.523291][ T6707]  __submit_merged_write_cond+0x255/0x530
[  498.523326][ T6707]  f2fs_write_data_pages+0x261d/0x3000
[  498.523388][ T6707]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  498.523496][ T6707]  ? srso_alias_return_thunk+0x5/0xfbef5
[  498.523521][ T6707]  ? f2fs_write_meta_pages+0x357/0x450
[  498.523557][ T6707]  ? srso_alias_return_thunk+0x5/0xfbef5
[  498.523577][ T6707]  ? __lock_acquire+0xab9/0xd20
[  498.523608][ T6707]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  498.523634][ T6707]  do_writepages+0x32e/0x550
[  498.523668][ T6707]  ? srso_alias_return_thunk+0x5/0xfbef5
[  498.523688][ T6707]  ? reacquire_held_locks+0x127/0x1d0
[  498.523705][ T6707]  ? writeback_sb_inodes+0x372/0x1000
[  498.523743][ T6707]  __writeback_single_inode+0x145/0xff0
[  498.523771][ T6707]  ? srso_alias_return_thunk+0x5/0xfbef5
[  498.523791][ T6707]  ? do_raw_spin_unlock+0x122/0x240
[  498.523818][ T6707]  writeback_sb_inodes+0x6b5/0x1000
[  498.523861][ T6707]  ? srso_alias_return_thunk+0x5/0xfbef5
[  498.523895][ T6707]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  498.523970][ T6707]  ? srso_alias_return_thunk+0x5/0xfbef5
[  498.523989][ T6707]  ? rcu_is_watching+0x15/0xb0
[  498.524019][ T6707]  ? srso_alias_return_thunk+0x5/0xfbef5
[  498.524049][ T6707]  wb_writeback+0x43b/0xaf0
[  498.524086][ T6707]  ? queue_io+0x3a1/0x590
[  498.524118][ T6707]  ? __pfx_wb_writeback+0x10/0x10
[  498.524156][ T6707]  ? _raw_spin_unlock_irq+0x23/0x50
[  498.524187][ T6707]  wb_workfn+0x409/0xef0
[  498.524229][ T6707]  ? __pfx_wb_workfn+0x10/0x10
[  498.524257][ T6707]  ? srso_alias_return_thunk+0x5/0xfbef5
[  498.524278][ T6707]  ? __lock_acquire+0xab9/0xd20
[  498.524319][ T6707]  ? srso_alias_return_thunk+0x5/0xfbef5
[  498.524343][ T6707]  ? srso_alias_return_thunk+0x5/0xfbef5
[  498.524368][ T6707]  ? _raw_spin_unlock_irq+0x23/0x50
[  498.524392][ T6707]  ? process_scheduled_works+0x9ef/0x17b0
[  498.524419][ T6707]  ? process_scheduled_works+0x9ef/0x17b0
[  498.524450][ T6707]  process_scheduled_works+0xae1/0x17b0
[  498.524511][ T6707]  ? __pfx_process_scheduled_works+0x10/0x10
[  498.524548][ T6707]  ? srso_alias_return_thunk+0x5/0xfbef5
[  498.524579][ T6707]  worker_thread+0x8a0/0xda0
[  498.524611][ T6707]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  498.524645][ T6707]  ? __kthread_parkme+0x7b/0x200
[  498.524675][ T6707]  kthread+0x711/0x8a0
[  498.524700][ T6707]  ? __pfx_worker_thread+0x10/0x10
[  498.524729][ T6707]  ? __pfx_kthread+0x10/0x10
[  498.524748][ T6707]  ? srso_alias_return_thunk+0x5/0xfbef5
[  498.524769][ T6707]  ? preempt_schedule_thunk+0x16/0x30
[  498.524796][ T6707]  ? __pfx_kthread+0x10/0x10
[  498.524819][ T6707]  ret_from_fork+0x3fc/0x770
[  498.524849][ T6707]  ? __pfx_ret_from_fork+0x10/0x10
[  498.524883][ T6707]  ? __switch_to_asm+0x39/0x70
[  498.524901][ T6707]  ? __switch_to_asm+0x33/0x70
[  498.524919][ T6707]  ? __pfx_kthread+0x10/0x10
[  498.524942][ T6707]  ret_from_fork_asm+0x1a/0x30
[  498.524979][ T6707]  </TASK>
[  499.382975][ T6707] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  499.887850][ T9687] loop3: detected capacity change from 0 to 8
[  500.804640][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  500.819002][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  501.241836][   T30] audit: type=1800 audit(2000000022.720:163): pid=9687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.874" name="file1" dev="loop3" ino=5 res=0 errno=0
[  501.974689][ T9562] chnl_net:caif_netlink_parms(): no params data found
[  502.355216][ T9698] IPv6: NLM_F_CREATE should be specified when creating new route
[  503.073332][  T919] usb 4-1: new low-speed USB device number 4 using dummy_hcd
[  503.101608][ T9562] bridge0: port 1(bridge_slave_0) entered blocking state
[  503.269487][ T9562] bridge0: port 1(bridge_slave_0) entered disabled state
[  503.277312][ T9562] bridge_slave_0: entered allmulticast mode
[  503.287430][ T9562] bridge_slave_0: entered promiscuous mode
[  503.299133][ T9562] bridge0: port 2(bridge_slave_1) entered blocking state
[  503.313491][ T9562] bridge0: port 2(bridge_slave_1) entered disabled state
[  503.326330][ T9562] bridge_slave_1: entered allmulticast mode
[  504.305374][  T919] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  504.316087][ T9562] bridge_slave_1: entered promiscuous mode
[  504.322625][  T919] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  504.342162][  T919] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  504.577171][  T919] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  504.637931][  T919] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  504.678940][ T9562] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  504.689836][  T919] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.725478][ T9562] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  504.948765][  T919] hub 4-1:1.0: bad descriptor, ignoring hub
[  504.958517][  T919] hub 4-1:1.0: probe with driver hub failed with error -5
[  505.155473][ T9723] loop0: detected capacity change from 0 to 40427
[  505.507283][  T919] cdc_wdm 4-1:1.0: skipping garbage
[  505.512843][  T919] cdc_wdm 4-1:1.0: skipping garbage
[  505.649076][ T9727] netlink: 44 bytes leftover after parsing attributes in process `syz.5.883'.
[  505.658559][ T9727] trusted_key: encrypted_key: insufficient parameters specified
[  505.666707][ T9727] netlink: 24 bytes leftover after parsing attributes in process `syz.5.883'.
[  505.915362][  T919] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  505.927697][  T919] cdc_wdm 4-1:1.0: Unknown control protocol
[  505.935450][ T9723] F2FS-fs (loop0): invalid crc value
[  506.003856][ T9562] team0: Port device team_slave_0 added
[  506.026494][ T9734] netlink: 8 bytes leftover after parsing attributes in process `syz.1.884'.
[  506.122528][ T9735] netlink: 8 bytes leftover after parsing attributes in process `syz.1.884'.
[  506.131607][ T9735] netlink: 8 bytes leftover after parsing attributes in process `syz.1.884'.
[  506.226012][  T919] usb 4-1: USB disconnect, device number 4
[  506.610790][ T9723] F2FS-fs (loop0): Start checkpoint disabled!
[  506.622276][ T9723] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  506.809153][ T9562] team0: Port device team_slave_1 added
[  507.049013][ T9741] F2FS-fs (loop0): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  507.286509][ T6052] kworker/u8:11: attempt to access beyond end of device
[  507.286509][ T6052] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  507.327028][ T6052] CPU: 1 UID: 0 PID: 6052 Comm: kworker/u8:11 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  507.327061][ T6052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  507.327075][ T6052] Workqueue: writeback wb_workfn (flush-7:0)
[  507.327110][ T6052] Call Trace:
[  507.327118][ T6052]  <TASK>
[  507.327127][ T6052]  dump_stack_lvl+0x189/0x250
[  507.327169][ T6052]  ? __pfx_dump_stack_lvl+0x10/0x10
[  507.327201][ T6052]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  507.327233][ T6052]  ? __pfx_queue_work_on+0x10/0x10
[  507.327255][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  507.327278][ T6052]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  507.327317][ T6052]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  507.327348][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  507.327377][ T6052]  ? f2fs_hw_is_readonly+0x39b/0x470
[  507.327414][ T6052]  f2fs_handle_critical_error+0x37c/0x540
[  507.327456][ T6052]  f2fs_write_end_io+0x495/0x810
[  507.327488][ T6052]  ? blkg_put+0x22/0x240
[  507.327531][ T6052]  __submit_merged_bio+0x27a/0x6a0
[  507.327567][ T6052]  __submit_merged_write_cond+0x255/0x530
[  507.327602][ T6052]  f2fs_write_data_pages+0x261d/0x3000
[  507.327679][ T6052]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  507.327817][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  507.327851][ T6052]  ? f2fs_write_meta_pages+0x357/0x450
[  507.327893][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  507.327921][ T6052]  ? __lock_acquire+0xab9/0xd20
[  507.327964][ T6052]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  507.327995][ T6052]  do_writepages+0x32e/0x550
[  507.328037][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  507.328061][ T6052]  ? reacquire_held_locks+0x127/0x1d0
[  507.328080][ T6052]  ? writeback_sb_inodes+0x372/0x1000
[  507.328127][ T6052]  __writeback_single_inode+0x145/0xff0
[  507.328160][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  507.328185][ T6052]  ? do_raw_spin_unlock+0x122/0x240
[  507.328216][ T6052]  writeback_sb_inodes+0x6b5/0x1000
[  507.328268][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  507.328314][ T6052]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  507.328406][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  507.328430][ T6052]  ? rcu_is_watching+0x15/0xb0
[  507.328464][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  507.328501][ T6052]  wb_writeback+0x43b/0xaf0
[  507.328546][ T6052]  ? queue_io+0x3a1/0x590
[  507.328584][ T6052]  ? __pfx_wb_writeback+0x10/0x10
[  507.328630][ T6052]  ? _raw_spin_unlock_irq+0x23/0x50
[  507.328667][ T6052]  wb_workfn+0x409/0xef0
[  507.328716][ T6052]  ? __pfx_wb_workfn+0x10/0x10
[  507.328751][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  507.328775][ T6052]  ? __lock_acquire+0xab9/0xd20
[  507.328820][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  507.328849][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  507.328879][ T6052]  ? _raw_spin_unlock_irq+0x23/0x50
[  507.328907][ T6052]  ? process_scheduled_works+0x9ef/0x17b0
[  507.328940][ T6052]  ? process_scheduled_works+0x9ef/0x17b0
[  507.328976][ T6052]  process_scheduled_works+0xae1/0x17b0
[  507.329050][ T6052]  ? __pfx_process_scheduled_works+0x10/0x10
[  507.329094][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  507.329131][ T6052]  worker_thread+0x8a0/0xda0
[  507.329201][ T6052]  kthread+0x711/0x8a0
[  507.329232][ T6052]  ? __pfx_worker_thread+0x10/0x10
[  507.329266][ T6052]  ? __pfx_kthread+0x10/0x10
[  507.329287][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  507.329322][ T6052]  ? _raw_spin_unlock_irq+0x23/0x50
[  507.329350][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  507.329375][ T6052]  ? lockdep_hardirqs_on+0x9c/0x150
[  507.329405][ T6052]  ? __pfx_kthread+0x10/0x10
[  507.329432][ T6052]  ret_from_fork+0x3fc/0x770
[  507.329468][ T6052]  ? __pfx_ret_from_fork+0x10/0x10
[  507.329509][ T6052]  ? __switch_to_asm+0x39/0x70
[  507.329530][ T6052]  ? __switch_to_asm+0x33/0x70
[  507.329551][ T6052]  ? __pfx_kthread+0x10/0x10
[  507.329579][ T6052]  ret_from_fork_asm+0x1a/0x30
[  507.329625][ T6052]  </TASK>
[  507.533377][ T6052] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  508.852606][ T9562] batman_adv: batadv0: Adding interface: batadv_slave_0
[  508.874815][ T9562] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  509.067605][ T9562] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  509.939429][ T9767] trusted_key: encrypted_key: insufficient parameters specified
[  509.968544][ T9562] batman_adv: batadv0: Adding interface: batadv_slave_1
[  510.017818][ T9562] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  510.058836][ T9562] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  511.504782][ T9562] hsr_slave_0: entered promiscuous mode
[  511.528817][ T9562] hsr_slave_1: entered promiscuous mode
[  511.763198][ T5815] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[  511.937750][ T5815] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  511.968845][ T5815] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  512.328253][ T9798] loop3: detected capacity change from 0 to 40427
[  512.673070][ T9798] F2FS-fs (loop3): invalid crc value
[  512.733046][ T9800] netlink: 8 bytes leftover after parsing attributes in process `syz.1.900'.
[  512.958298][ T5815] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  512.969595][ T5815] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  512.979687][ T5815] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  512.988924][ T5815] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  513.147831][ T9803] netlink: 8 bytes leftover after parsing attributes in process `syz.1.900'.
[  513.156987][ T9803] netlink: 8 bytes leftover after parsing attributes in process `syz.1.900'.
[  513.732470][ T9798] F2FS-fs (loop3): Start checkpoint disabled!
[  513.762830][ T9798] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  513.781779][ T5815] hub 6-1:1.0: bad descriptor, ignoring hub
[  513.810315][ T5815] hub 6-1:1.0: probe with driver hub failed with error -5
[  513.831228][ T5815] cdc_wdm 6-1:1.0: skipping garbage
[  514.282692][ T9806] F2FS-fs (loop3): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  514.484321][ T5815] cdc_wdm 6-1:1.0: skipping garbage
[  514.491976][ T5815] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  514.498074][ T5815] cdc_wdm 6-1:1.0: Unknown control protocol
[  514.538596][ T9811] loop0: detected capacity change from 0 to 512
[  515.535280][ T6052] kworker/u8:11: attempt to access beyond end of device
[  515.535280][ T6052] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  515.670871][ T6052] CPU: 0 UID: 0 PID: 6052 Comm: kworker/u8:11 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  515.670908][ T6052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  515.670925][ T6052] Workqueue: writeback wb_workfn (flush-7:3)
[  515.670967][ T6052] Call Trace:
[  515.670977][ T6052]  <TASK>
[  515.670987][ T6052]  dump_stack_lvl+0x189/0x250
[  515.671036][ T6052]  ? __pfx_dump_stack_lvl+0x10/0x10
[  515.671072][ T6052]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  515.671108][ T6052]  ? __pfx_queue_work_on+0x10/0x10
[  515.671134][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.671164][ T6052]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  515.671198][ T6052]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  515.671233][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.671260][ T6052]  ? f2fs_hw_is_readonly+0x39b/0x470
[  515.671298][ T6052]  f2fs_handle_critical_error+0x37c/0x540
[  515.671346][ T6052]  f2fs_write_end_io+0x495/0x810
[  515.671378][ T6052]  ? blkg_put+0x22/0x240
[  515.671424][ T6052]  __submit_merged_bio+0x27a/0x6a0
[  515.671464][ T6052]  __submit_merged_write_cond+0x255/0x530
[  515.671505][ T6052]  f2fs_write_data_pages+0x261d/0x3000
[  515.671538][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.671615][ T6052]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  515.671646][ T6052]  ? __switch_to+0x6c0/0x1600
[  515.671742][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.671769][ T6052]  ? trace_sched_exit_tp+0x38/0x120
[  515.671803][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.671829][ T6052]  ? __schedule+0x1713/0x4d00
[  515.671882][ T6052]  ? preempt_schedule_common+0x83/0xd0
[  515.671914][ T6052]  ? __pfx___schedule+0x10/0x10
[  515.671938][ T6052]  ? f2fs_write_meta_pages+0x357/0x450
[  515.671975][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.671995][ T6052]  ? lockdep_hardirqs_on+0x9c/0x150
[  515.672025][ T6052]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  515.672051][ T6052]  do_writepages+0x32e/0x550
[  515.672082][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.672101][ T6052]  ? preempt_schedule+0xae/0xc0
[  515.672127][ T6052]  ? __pfx_preempt_schedule+0x10/0x10
[  515.672150][ T6052]  ? reacquire_held_locks+0x127/0x1d0
[  515.672167][ T6052]  ? writeback_sb_inodes+0x372/0x1000
[  515.672205][ T6052]  __writeback_single_inode+0x145/0xff0
[  515.672243][ T6052]  writeback_sb_inodes+0x6b5/0x1000
[  515.672286][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.672328][ T6052]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  515.672403][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.672423][ T6052]  ? rcu_is_watching+0x15/0xb0
[  515.672451][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.672482][ T6052]  wb_writeback+0x43b/0xaf0
[  515.672520][ T6052]  ? queue_io+0x3a1/0x590
[  515.672552][ T6052]  ? __pfx_wb_writeback+0x10/0x10
[  515.672591][ T6052]  ? _raw_spin_unlock_irq+0x23/0x50
[  515.672622][ T6052]  wb_workfn+0x409/0xef0
[  515.672663][ T6052]  ? __pfx_wb_workfn+0x10/0x10
[  515.672693][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.672713][ T6052]  ? __lock_acquire+0xab9/0xd20
[  515.672752][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.672776][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.672801][ T6052]  ? _raw_spin_unlock_irq+0x23/0x50
[  515.672824][ T6052]  ? process_scheduled_works+0x9ef/0x17b0
[  515.672857][ T6052]  ? process_scheduled_works+0x9ef/0x17b0
[  515.672899][ T6052]  process_scheduled_works+0xae1/0x17b0
[  515.672964][ T6052]  ? __pfx_process_scheduled_works+0x10/0x10
[  515.673001][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.673037][ T6052]  worker_thread+0x8a0/0xda0
[  515.673096][ T6052]  kthread+0x711/0x8a0
[  515.673122][ T6052]  ? __pfx_worker_thread+0x10/0x10
[  515.673150][ T6052]  ? __pfx_kthread+0x10/0x10
[  515.673168][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.673193][ T6052]  ? _raw_spin_unlock_irq+0x23/0x50
[  515.673217][ T6052]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.673237][ T6052]  ? lockdep_hardirqs_on+0x9c/0x150
[  515.673261][ T6052]  ? __pfx_kthread+0x10/0x10
[  515.673284][ T6052]  ret_from_fork+0x3fc/0x770
[  515.673320][ T6052]  ? __pfx_ret_from_fork+0x10/0x10
[  515.673354][ T6052]  ? __switch_to_asm+0x39/0x70
[  515.673373][ T6052]  ? __switch_to_asm+0x33/0x70
[  515.673390][ T6052]  ? __pfx_kthread+0x10/0x10
[  515.673413][ T6052]  ret_from_fork_asm+0x1a/0x30
[  515.673451][ T6052]  </TASK>
[  516.085897][    C0] vkms_vblank_simulate: vblank timer overrun
[  516.096552][ T9811] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  516.109149][ T9811] ext4 filesystem being mounted at /164/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  516.453232][ T5921] usb 6-1: USB disconnect, device number 4
[  516.453307][ T6052] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  516.588428][ T5842] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  518.879426][ T9562] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  519.689725][ T9562] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  519.760561][ T9562] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  519.833702][ T9562] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  520.255466][ T9859] loop5: detected capacity change from 0 to 40427
[  520.266325][ T9862] netlink: 8 bytes leftover after parsing attributes in process `syz.4.919'.
[  520.362503][ T9863] netlink: 8 bytes leftover after parsing attributes in process `syz.4.919'.
[  520.371568][ T9863] netlink: 8 bytes leftover after parsing attributes in process `syz.4.919'.
[  520.408870][ T9859] F2FS-fs (loop5): invalid crc value
[  520.602064][ T9859] F2FS-fs (loop5): Start checkpoint disabled!
[  520.843958][ T9859] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  521.337055][ T9872] F2FS-fs (loop5): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  521.566421][   T30] audit: type=1326 audit(2000000006.710:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9879 comm="syz.1.923" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f306298e929 code=0x0
[  521.886672][ T7208] kworker/u8:16: attempt to access beyond end of device
[  521.886672][ T7208] loop5: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  522.701053][ T7208] kworker/u8:16: attempt to access beyond end of device
[  522.701053][ T7208] loop5: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  522.719130][ T5944] usb 2-1: new low-speed USB device number 4 using dummy_hcd
[  522.732842][ T9562] 8021q: adding VLAN 0 to HW filter on device bond0
[  522.755445][ T7208] CPU: 0 UID: 0 PID: 7208 Comm: kworker/u8:16 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  522.755481][ T7208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  522.755498][ T7208] Workqueue: writeback wb_workfn (flush-7:5)
[  522.755538][ T7208] Call Trace:
[  522.755548][ T7208]  <TASK>
[  522.755558][ T7208]  dump_stack_lvl+0x189/0x250
[  522.755606][ T7208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  522.755642][ T7208]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  522.755676][ T7208]  ? __pfx_queue_work_on+0x10/0x10
[  522.755702][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  522.755730][ T7208]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  522.755765][ T7208]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  522.755801][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  522.755829][ T7208]  ? f2fs_hw_is_readonly+0x39b/0x470
[  522.755866][ T7208]  f2fs_handle_critical_error+0x37c/0x540
[  522.755906][ T7208]  f2fs_write_end_io+0x495/0x810
[  522.755939][ T7208]  ? blkg_put+0x22/0x240
[  522.755987][ T7208]  __submit_merged_bio+0x27a/0x6a0
[  522.756027][ T7208]  __submit_merged_write_cond+0x255/0x530
[  522.756068][ T7208]  f2fs_write_data_pages+0x261d/0x3000
[  522.756153][ T7208]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  522.756300][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  522.756333][ T7208]  ? f2fs_write_meta_pages+0x357/0x450
[  522.756380][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  522.756408][ T7208]  ? __lock_acquire+0xab9/0xd20
[  522.756450][ T7208]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  522.756485][ T7208]  do_writepages+0x32e/0x550
[  522.756532][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  522.756559][ T7208]  ? reacquire_held_locks+0x127/0x1d0
[  522.756582][ T7208]  ? writeback_sb_inodes+0x372/0x1000
[  522.756634][ T7208]  __writeback_single_inode+0x145/0xff0
[  522.756672][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  522.756699][ T7208]  ? do_raw_spin_unlock+0x122/0x240
[  522.756733][ T7208]  writeback_sb_inodes+0x6b5/0x1000
[  522.756791][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  522.756838][ T7208]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  522.756938][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  522.756966][ T7208]  ? rcu_is_watching+0x15/0xb0
[  522.757005][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  522.757047][ T7208]  wb_writeback+0x43b/0xaf0
[  522.757098][ T7208]  ? queue_io+0x3a1/0x590
[  522.757141][ T7208]  ? __pfx_wb_writeback+0x10/0x10
[  522.757193][ T7208]  ? _raw_spin_unlock_irq+0x23/0x50
[  522.757244][ T7208]  wb_workfn+0x409/0xef0
[  522.757300][ T7208]  ? __pfx_wb_workfn+0x10/0x10
[  522.757339][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  522.757367][ T7208]  ? __lock_acquire+0xab9/0xd20
[  522.757419][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  522.757452][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  522.757485][ T7208]  ? _raw_spin_unlock_irq+0x23/0x50
[  522.757517][ T7208]  ? process_scheduled_works+0x9ef/0x17b0
[  522.757553][ T7208]  ? process_scheduled_works+0x9ef/0x17b0
[  522.757594][ T7208]  process_scheduled_works+0xae1/0x17b0
[  522.757677][ T7208]  ? __pfx_process_scheduled_works+0x10/0x10
[  522.757727][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  522.757768][ T7208]  worker_thread+0x8a0/0xda0
[  522.757813][ T7208]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  522.757860][ T7208]  ? __kthread_parkme+0x7b/0x200
[  522.757900][ T7208]  kthread+0x711/0x8a0
[  522.757934][ T7208]  ? __pfx_worker_thread+0x10/0x10
[  522.757972][ T7208]  ? __pfx_kthread+0x10/0x10
[  522.757997][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  522.758031][ T7208]  ? _raw_spin_unlock_irq+0x23/0x50
[  522.758064][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  522.758091][ T7208]  ? lockdep_hardirqs_on+0x9c/0x150
[  522.758125][ T7208]  ? __pfx_kthread+0x10/0x10
[  522.758156][ T7208]  ret_from_fork+0x3fc/0x770
[  522.758213][ T7208]  ? __pfx_ret_from_fork+0x10/0x10
[  522.758267][ T7208]  ? __switch_to_asm+0x39/0x70
[  522.758292][ T7208]  ? __switch_to_asm+0x33/0x70
[  522.758316][ T7208]  ? __pfx_kthread+0x10/0x10
[  522.758347][ T7208]  ret_from_fork_asm+0x1a/0x30
[  522.758398][ T7208]  </TASK>
[  522.758409][ T7208] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  523.179209][ T7208] CPU: 0 UID: 0 PID: 7208 Comm: kworker/u8:16 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  523.179244][ T7208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  523.179261][ T7208] Workqueue: writeback wb_workfn (flush-7:5)
[  523.179314][ T7208] Call Trace:
[  523.179324][ T7208]  <TASK>
[  523.179335][ T7208]  dump_stack_lvl+0x189/0x250
[  523.179383][ T7208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  523.179420][ T7208]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  523.179457][ T7208]  ? __pfx_queue_work_on+0x10/0x10
[  523.179482][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.179511][ T7208]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  523.179545][ T7208]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  523.179579][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.179606][ T7208]  ? f2fs_hw_is_readonly+0x39b/0x470
[  523.179644][ T7208]  f2fs_handle_critical_error+0x37c/0x540
[  523.179684][ T7208]  f2fs_write_end_io+0x495/0x810
[  523.179717][ T7208]  ? blkg_put+0x22/0x240
[  523.179771][ T7208]  __submit_merged_bio+0x27a/0x6a0
[  523.179810][ T7208]  __submit_merged_write_cond+0x255/0x530
[  523.179851][ T7208]  f2fs_write_data_pages+0x261d/0x3000
[  523.179936][ T7208]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  523.180088][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.180121][ T7208]  ? f2fs_write_meta_pages+0x357/0x450
[  523.180168][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.180196][ T7208]  ? __lock_acquire+0xab9/0xd20
[  523.180239][ T7208]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  523.180274][ T7208]  do_writepages+0x32e/0x550
[  523.180327][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.180355][ T7208]  ? reacquire_held_locks+0x127/0x1d0
[  523.180378][ T7208]  ? writeback_sb_inodes+0x372/0x1000
[  523.180429][ T7208]  __writeback_single_inode+0x145/0xff0
[  523.180467][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.180494][ T7208]  ? do_raw_spin_unlock+0x122/0x240
[  523.180530][ T7208]  writeback_sb_inodes+0x6b5/0x1000
[  523.180587][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.180633][ T7208]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  523.180734][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.180761][ T7208]  ? rcu_is_watching+0x15/0xb0
[  523.180800][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.180842][ T7208]  wb_writeback+0x43b/0xaf0
[  523.180893][ T7208]  ? queue_io+0x3a1/0x590
[  523.180937][ T7208]  ? __pfx_wb_writeback+0x10/0x10
[  523.180989][ T7208]  ? _raw_spin_unlock_irq+0x23/0x50
[  523.181031][ T7208]  wb_workfn+0x409/0xef0
[  523.181088][ T7208]  ? __pfx_wb_workfn+0x10/0x10
[  523.181128][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.181155][ T7208]  ? __lock_acquire+0xab9/0xd20
[  523.181207][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.181240][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.181274][ T7208]  ? _raw_spin_unlock_irq+0x23/0x50
[  523.181317][ T7208]  ? process_scheduled_works+0x9ef/0x17b0
[  523.181354][ T7208]  ? process_scheduled_works+0x9ef/0x17b0
[  523.181396][ T7208]  process_scheduled_works+0xae1/0x17b0
[  523.181478][ T7208]  ? __pfx_process_scheduled_works+0x10/0x10
[  523.181529][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.181569][ T7208]  worker_thread+0x8a0/0xda0
[  523.181613][ T7208]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  523.181660][ T7208]  ? __kthread_parkme+0x7b/0x200
[  523.181700][ T7208]  kthread+0x711/0x8a0
[  523.181733][ T7208]  ? __pfx_worker_thread+0x10/0x10
[  523.181771][ T7208]  ? __pfx_kthread+0x10/0x10
[  523.181795][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.181829][ T7208]  ? _raw_spin_unlock_irq+0x23/0x50
[  523.181861][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.181889][ T7208]  ? lockdep_hardirqs_on+0x9c/0x150
[  523.181923][ T7208]  ? __pfx_kthread+0x10/0x10
[  523.181954][ T7208]  ret_from_fork+0x3fc/0x770
[  523.181995][ T7208]  ? __pfx_ret_from_fork+0x10/0x10
[  523.182042][ T7208]  ? __switch_to_asm+0x39/0x70
[  523.182066][ T7208]  ? __switch_to_asm+0x33/0x70
[  523.182089][ T7208]  ? __pfx_kthread+0x10/0x10
[  523.182120][ T7208]  ret_from_fork_asm+0x1a/0x30
[  523.182173][ T7208]  </TASK>
[  523.182182][ T7208] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  523.637434][ T5944] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  523.658480][ T5944] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  523.746912][ T9562] 8021q: adding VLAN 0 to HW filter on device team0
[  523.832265][ T5944] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  523.924736][ T6053] bridge0: port 1(bridge_slave_0) entered blocking state
[  523.932159][ T6053] bridge0: port 1(bridge_slave_0) entered forwarding state
[  523.932944][ T5944] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  524.084448][ T6053] bridge0: port 2(bridge_slave_1) entered blocking state
[  524.091608][ T6053] bridge0: port 2(bridge_slave_1) entered forwarding state
[  524.125810][ T5944] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  524.135622][ T5944] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.411481][ T5944] hub 2-1:1.0: bad descriptor, ignoring hub
[  524.430661][ T5944] hub 2-1:1.0: probe with driver hub failed with error -5
[  524.450010][ T5944] cdc_wdm 2-1:1.0: skipping garbage
[  524.458293][ T5944] cdc_wdm 2-1:1.0: skipping garbage
[  524.478690][ T5944] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  524.486179][   T10] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  524.509599][ T5944] cdc_wdm 2-1:1.0: Unknown control protocol
[  524.594761][ T5944] usb 2-1: USB disconnect, device number 4
[  524.669512][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  524.923321][ T9903] IPv6: NLM_F_CREATE should be specified when creating new route
[  525.054540][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  525.083538][   T10] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  525.848513][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  525.863453][   T10] usb 5-1: config 0 descriptor??
[  526.246436][ T9922] netlink: 8 bytes leftover after parsing attributes in process `syz.0.934'.
[  526.335012][ T9923] netlink: 8 bytes leftover after parsing attributes in process `syz.0.934'.
[  526.344092][ T9923] netlink: 8 bytes leftover after parsing attributes in process `syz.0.934'.
[  526.963564][ T9919] netlink: 'syz.3.936': attribute type 1 has an invalid length.
[  527.070255][ T9926] loop0: detected capacity change from 0 to 512
[  527.116168][ T9926] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  527.143064][ T9926] System zones: 0-2, 18-18, 34-34
[  527.164547][ T9926] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  527.164800][ T9931] 8021q: adding VLAN 0 to HW filter on device bond1
[  527.177527][ T9926] ext4 filesystem being mounted at /169/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  527.289176][   T10] usbhid 5-1:0.0: can't add hid device: -71
[  527.295396][   T10] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  527.318830][   T10] usb 5-1: USB disconnect, device number 4
[  528.097074][ T5842] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.461744][ T9943] loop0: detected capacity change from 0 to 32768
[  528.521091][ T9943] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  528.521119][ T9943]   allowing incompatible features above 0.0: (unknown version)
[  528.521130][ T9943]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  528.565847][ T9943] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  528.575084][ T9943] bcachefs (loop0): initializing new filesystem
[  528.587869][ T9943] bcachefs (loop0): going read-write
[  528.616921][ T9919] bond1 (unregistering): Released all slaves
[  528.671941][ T9943] bcachefs (loop0): marking superblocks
[  528.687673][ T9943] bcachefs (loop0): initializing freespace
[  528.697829][ T9943] bcachefs (loop0): done initializing freespace
[  528.706239][ T9943] bcachefs (loop0): reading snapshots table
[  528.712179][ T9943] bcachefs (loop0): reading snapshots done
[  528.756600][ T9562] 8021q: adding VLAN 0 to HW filter on device batadv0
[  528.766810][ T9943] bcachefs (loop0): done starting filesystem
[  529.479738][ T5842] bcachefs (loop0): shutting down
[  529.519750][ T5842] bcachefs (loop0): going read-only
[  529.545061][ T5842] bcachefs (loop0): finished waiting for writes to stop
[  529.565804][ T9562] veth0_vlan: entered promiscuous mode
[  529.602953][ T5842] bcachefs (loop0): flushing journal and stopping allocators, journal seq 3
[  529.650514][ T9562] veth1_vlan: entered promiscuous mode
[  529.700280][ T9562] veth0_macvtap: entered promiscuous mode
[  529.710677][ T9562] veth1_macvtap: entered promiscuous mode
[  529.732453][ T9562] batman_adv: batadv0: Interface activated: batadv_slave_0
[  532.775567][ T9562] batman_adv: batadv0: Interface activated: batadv_slave_1
[  532.851252][ T5842] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 6
[  533.023067][ T5842] bcachefs (loop0): clean shutdown complete, journal seq 7
[  533.050069][ T9562] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  533.059149][ T9562] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  533.068071][ T9562] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  533.078337][ T9562] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  533.089860][ T5842] bcachefs (loop0): marking filesystem clean
[  533.816760][ T9975] loop5: detected capacity change from 0 to 32768
[  533.860125][ T5842] bcachefs (loop0): shutdown complete
[  533.937910][ T9975] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  533.937945][ T9975]   allowing incompatible features above 0.0: (unknown version)
[  533.937961][ T9975]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  533.982953][ T9975] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  533.991275][ T9975] bcachefs (loop5): initializing new filesystem
[  534.007079][ T9975] bcachefs (loop5): going read-write
[  534.245020][ T9991] netlink: 8 bytes leftover after parsing attributes in process `syz.1.949'.
[  534.264099][ T9991] netlink: 8 bytes leftover after parsing attributes in process `syz.1.949'.
[  534.273085][ T9991] netlink: 8 bytes leftover after parsing attributes in process `syz.1.949'.
[  534.922204][ T9995] 9pnet_virtio: no channels available for device syz
[  535.813124][ T1103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  535.820945][ T1103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  535.961141][ T6707] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  535.976908][ T6707] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  536.044169][ T9975] bcachefs (loop5): marking superblocks
[  536.059018][ T9975] bcachefs (loop5): initializing freespace
[  536.069504][ T9975] bcachefs (loop5): done initializing freespace
[  536.078383][ T9975] bcachefs (loop5): reading snapshots table
[  536.084402][ T9975] bcachefs (loop5): reading snapshots done
[  536.112139][ T9975] bcachefs (loop5): done starting filesystem
[  536.181090][T10007] netlink: 'syz.3.954': attribute type 1 has an invalid length.
[  536.583864][T10012] 8021q: adding VLAN 0 to HW filter on device bond1
[  536.592415][ T5830] bcachefs (loop5): shutting down
[  536.600235][ T5830] bcachefs (loop5): going read-only
[  536.682967][ T5830] bcachefs (loop5): finished waiting for writes to stop
[  536.809633][T10016] loop4: detected capacity change from 0 to 32768
[  536.841557][ T5830] bcachefs (loop5): flushing journal and stopping allocators, journal seq 3
[  536.858441][T10016] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  536.858464][T10016]   allowing incompatible features above 0.0: (unknown version)
[  536.858476][T10016]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  536.881118][    C0] vkms_vblank_simulate: vblank timer overrun
[  536.909982][T10016] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  536.918556][T10016] bcachefs (loop4): initializing new filesystem
[  536.930725][T10016] bcachefs (loop4): going read-write
[  537.029356][T10016] bcachefs (loop4): marking superblocks
[  537.043535][T10016] bcachefs (loop4): initializing freespace
[  537.053581][T10016] bcachefs (loop4): done initializing freespace
[  537.062397][T10016] bcachefs (loop4): reading snapshots table
[  537.069160][T10016] bcachefs (loop4): reading snapshots done
[  537.078179][ T5830] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 3
[  537.113274][T10016] bcachefs (loop4): done starting filesystem
[  537.180159][ T5830] bcachefs (loop5): clean shutdown complete, journal seq 4
[  537.208741][ T5830] bcachefs (loop5): marking filesystem clean
[  537.518859][ T5830] bcachefs (loop5): shutdown complete
[  537.525217][ T5838] bcachefs (loop4): shutting down
[  537.530258][ T5838] bcachefs (loop4): going read-only
[  537.545317][T10014] bond1 (unregistering): Released all slaves
[  537.556750][ T5838] bcachefs (loop4): finished waiting for writes to stop
[  537.683238][ T5838] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[  537.709775][T10031] loop0: detected capacity change from 0 to 40427
[  537.731013][T10031] F2FS-fs (loop0): invalid crc value
[  537.777389][ T5838] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  537.806986][ T5838] bcachefs (loop4): clean shutdown complete, journal seq 4
[  537.818225][T10031] F2FS-fs (loop0): Start checkpoint disabled!
[  537.825813][ T5838] bcachefs (loop4): marking filesystem clean
[  537.829205][   T10] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  537.850313][T10031] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  539.093789][ T5838] bcachefs (loop4): shutdown complete
[  539.105564][T10037] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  539.117724][T10037] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  539.132433][T10037] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  539.276295][   T10] usb 2-1: config 1 has an invalid interface number: 27 but max is 0
[  539.300819][   T10] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  539.335437][   T10] usb 2-1: config 1 has no interface number 0
[  539.351773][   T10] usb 2-1: config 1 interface 27 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  539.437340][T10041] IPv6: NLM_F_CREATE should be specified when creating new route
[  539.526169][ T7207] kworker/u8:15: attempt to access beyond end of device
[  539.526169][ T7207] loop0: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  539.589997][ T6053] kworker/u8:12: attempt to access beyond end of device
[  539.589997][ T6053] loop0: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  539.678277][ T6053] CPU: 1 UID: 0 PID: 6053 Comm: kworker/u8:12 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  539.678314][ T6053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  539.678332][ T6053] Workqueue: writeback wb_workfn (flush-7:0)
[  539.678375][ T6053] Call Trace:
[  539.678385][ T6053]  <TASK>
[  539.678396][ T6053]  dump_stack_lvl+0x189/0x250
[  539.678449][ T6053]  ? __pfx_dump_stack_lvl+0x10/0x10
[  539.678486][ T6053]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  539.678522][ T6053]  ? __pfx_queue_work_on+0x10/0x10
[  539.678553][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.678583][ T6053]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  539.678617][ T6053]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  539.678654][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.678683][ T6053]  ? f2fs_hw_is_readonly+0x39b/0x470
[  539.678721][ T6053]  f2fs_handle_critical_error+0x37c/0x540
[  539.678764][ T6053]  f2fs_write_end_io+0x495/0x810
[  539.678797][ T6053]  ? blkg_put+0x22/0x240
[  539.678846][ T6053]  __submit_merged_bio+0x27a/0x6a0
[  539.678886][ T6053]  __submit_merged_write_cond+0x255/0x530
[  539.678927][ T6053]  f2fs_write_data_pages+0x261d/0x3000
[  539.679011][ T6053]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  539.679042][ T6053]  ? __local_bh_enable_ip+0x12d/0x1c0
[  539.679100][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.679128][ T6053]  ? rcu_is_watching+0x15/0xb0
[  539.679221][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.679307][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.679334][ T6053]  ? __lock_acquire+0xab9/0xd20
[  539.679377][ T6053]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  539.679414][ T6053]  do_writepages+0x32e/0x550
[  539.679460][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.679488][ T6053]  ? reacquire_held_locks+0x127/0x1d0
[  539.679511][ T6053]  ? writeback_sb_inodes+0x372/0x1000
[  539.679570][ T6053]  __writeback_single_inode+0x145/0xff0
[  539.679609][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.679637][ T6053]  ? do_raw_spin_unlock+0x122/0x240
[  539.679674][ T6053]  writeback_sb_inodes+0x6b5/0x1000
[  539.679733][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.679781][ T6053]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  539.679882][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.679910][ T6053]  ? rcu_is_watching+0x15/0xb0
[  539.679950][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.679995][ T6053]  wb_writeback+0x43b/0xaf0
[  539.680047][ T6053]  ? queue_io+0x3a1/0x590
[  539.680091][ T6053]  ? __pfx_wb_writeback+0x10/0x10
[  539.680143][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  539.680186][ T6053]  wb_workfn+0x409/0xef0
[  539.680242][ T6053]  ? __pfx_wb_workfn+0x10/0x10
[  539.680282][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.680309][ T6053]  ? __lock_acquire+0xab9/0xd20
[  539.680362][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.680396][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.680430][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  539.680463][ T6053]  ? process_scheduled_works+0x9ef/0x17b0
[  539.680500][ T6053]  ? process_scheduled_works+0x9ef/0x17b0
[  539.680547][ T6053]  process_scheduled_works+0xae1/0x17b0
[  539.680631][ T6053]  ? __pfx_process_scheduled_works+0x10/0x10
[  539.680682][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.680724][ T6053]  worker_thread+0x8a0/0xda0
[  539.680806][ T6053]  kthread+0x711/0x8a0
[  539.680841][ T6053]  ? __pfx_worker_thread+0x10/0x10
[  539.680880][ T6053]  ? __pfx_kthread+0x10/0x10
[  539.680909][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.680946][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  539.680978][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  539.681006][ T6053]  ? lockdep_hardirqs_on+0x9c/0x150
[  539.681041][ T6053]  ? __pfx_kthread+0x10/0x10
[  539.681072][ T6053]  ret_from_fork+0x3fc/0x770
[  539.681114][ T6053]  ? __pfx_ret_from_fork+0x10/0x10
[  539.681161][ T6053]  ? __switch_to_asm+0x39/0x70
[  539.681186][ T6053]  ? __switch_to_asm+0x33/0x70
[  539.681211][ T6053]  ? __pfx_kthread+0x10/0x10
[  539.681242][ T6053]  ret_from_fork_asm+0x1a/0x30
[  539.681294][ T6053]  </TASK>
[  540.077988][   T10] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  540.136148][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  540.146576][   T10] usb 2-1: SerialNumber: syz
[  540.165932][   T10] usb 2-1: bad CDC descriptors
[  540.173149][ T6053] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  540.186187][ T6053] CPU: 0 UID: 0 PID: 6053 Comm: kworker/u8:12 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  540.186218][ T6053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  540.186234][ T6053] Workqueue: writeback wb_workfn (flush-7:0)
[  540.186273][ T6053] Call Trace:
[  540.186282][ T6053]  <TASK>
[  540.186292][ T6053]  dump_stack_lvl+0x189/0x250
[  540.186343][ T6053]  ? __pfx_dump_stack_lvl+0x10/0x10
[  540.186379][ T6053]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  540.186414][ T6053]  ? __pfx_queue_work_on+0x10/0x10
[  540.186437][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.186465][ T6053]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  540.186499][ T6053]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  540.186533][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.186560][ T6053]  ? f2fs_hw_is_readonly+0x39b/0x470
[  540.186594][ T6053]  f2fs_handle_critical_error+0x37c/0x540
[  540.186629][ T6053]  f2fs_write_end_io+0x495/0x810
[  540.186660][ T6053]  ? blkg_put+0x22/0x240
[  540.186701][ T6053]  __submit_merged_bio+0x27a/0x6a0
[  540.186737][ T6053]  __submit_merged_write_cond+0x255/0x530
[  540.186773][ T6053]  f2fs_write_data_pages+0x261d/0x3000
[  540.186842][ T6053]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  540.186871][ T6053]  ? __local_bh_enable_ip+0x12d/0x1c0
[  540.186922][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.186948][ T6053]  ? rcu_is_watching+0x15/0xb0
[  540.187025][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.187095][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.187123][ T6053]  ? __lock_acquire+0xab9/0xd20
[  540.187164][ T6053]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  540.187197][ T6053]  do_writepages+0x32e/0x550
[  540.187241][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.187268][ T6053]  ? reacquire_held_locks+0x127/0x1d0
[  540.187291][ T6053]  ? writeback_sb_inodes+0x372/0x1000
[  540.187363][ T6053]  __writeback_single_inode+0x145/0xff0
[  540.187400][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.187428][ T6053]  ? do_raw_spin_unlock+0x122/0x240
[  540.187462][ T6053]  writeback_sb_inodes+0x6b5/0x1000
[  540.187515][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.187556][ T6053]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  540.187642][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.187670][ T6053]  ? rcu_is_watching+0x15/0xb0
[  540.187707][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.187744][ T6053]  wb_writeback+0x43b/0xaf0
[  540.187792][ T6053]  ? queue_io+0x3a1/0x590
[  540.187832][ T6053]  ? __pfx_wb_writeback+0x10/0x10
[  540.187879][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  540.187918][ T6053]  wb_workfn+0x409/0xef0
[  540.187968][ T6053]  ? __pfx_wb_workfn+0x10/0x10
[  540.188005][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.188032][ T6053]  ? __lock_acquire+0xab9/0xd20
[  540.188079][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.188110][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.188142][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  540.188174][ T6053]  ? process_scheduled_works+0x9ef/0x17b0
[  540.188210][ T6053]  ? process_scheduled_works+0x9ef/0x17b0
[  540.188250][ T6053]  process_scheduled_works+0xae1/0x17b0
[  540.188329][ T6053]  ? __pfx_process_scheduled_works+0x10/0x10
[  540.188377][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.188415][ T6053]  worker_thread+0x8a0/0xda0
[  540.188485][ T6053]  kthread+0x711/0x8a0
[  540.188517][ T6053]  ? __pfx_worker_thread+0x10/0x10
[  540.188554][ T6053]  ? __pfx_kthread+0x10/0x10
[  540.188578][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.188611][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  540.188642][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.188669][ T6053]  ? lockdep_hardirqs_on+0x9c/0x150
[  540.188704][ T6053]  ? __pfx_kthread+0x10/0x10
[  540.188732][ T6053]  ret_from_fork+0x3fc/0x770
[  540.188771][ T6053]  ? __pfx_ret_from_fork+0x10/0x10
[  540.188813][ T6053]  ? __switch_to_asm+0x39/0x70
[  540.188837][ T6053]  ? __switch_to_asm+0x33/0x70
[  540.188862][ T6053]  ? __pfx_kthread+0x10/0x10
[  540.188890][ T6053]  ret_from_fork_asm+0x1a/0x30
[  540.188935][ T6053]  </TASK>
[  540.188944][ T6053] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  540.453229][T10043] loop5: detected capacity change from 0 to 512
[  540.475986][   T10] usb 2-1: USB disconnect, device number 5
[  540.483081][T10043] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  540.623131][T10043] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  540.672020][  T996] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.686694][T10043] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  540.706163][T10043] EXT4-fs (loop5): 1 truncate cleaned up
[  540.713955][T10043] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  540.782388][ T5830] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  540.811488][  T996] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.896875][  T996] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  541.045959][  T996] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  541.264975][  T996] bridge_slave_1: left allmulticast mode
[  541.298144][  T996] bridge_slave_1: left promiscuous mode
[  541.312960][  T996] bridge0: port 2(bridge_slave_1) entered disabled state
[  541.321330][T10047] loop0: detected capacity change from 0 to 40427
[  541.331120][  T996] bridge_slave_0: left allmulticast mode
[  541.356508][T10047] F2FS-fs (loop0): invalid crc value
[  541.364994][  T996] bridge_slave_0: left promiscuous mode
[  542.363905][  T996] bridge0: port 1(bridge_slave_0) entered disabled state
[  542.434780][T10047] F2FS-fs (loop0): Start checkpoint disabled!
[  542.451741][T10047] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  543.565840][T10063] F2FS-fs (loop0): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  543.595542][T10067] loop3: detected capacity change from 0 to 512
[  543.670074][T10067] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  543.705097][T10071] loop5: detected capacity change from 0 to 4096
[  543.743217][T10067] ext4 filesystem being mounted at /187/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  543.756264][ T7207] kworker/u8:15: attempt to access beyond end of device
[  543.756264][ T7207] loop0: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  543.771395][T10071] NILFS (loop5): invalid segment: Checksum error in segment payload
[  543.803384][T10071] NILFS (loop5): trying rollback from an earlier position
[  543.827761][ T6212] kworker/u8:13: attempt to access beyond end of device
[  543.827761][ T6212] loop0: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  543.898414][T10071] NILFS (loop5): recovery complete
[  543.904884][ T6212] CPU: 0 UID: 0 PID: 6212 Comm: kworker/u8:13 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  543.904916][ T6212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  543.904932][ T6212] Workqueue: writeback wb_workfn (flush-7:0)
[  543.904974][ T6212] Call Trace:
[  543.904983][ T6212]  <TASK>
[  543.904993][ T6212]  dump_stack_lvl+0x189/0x250
[  543.905039][ T6212]  ? __pfx_dump_stack_lvl+0x10/0x10
[  543.905075][ T6212]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  543.905111][ T6212]  ? __pfx_queue_work_on+0x10/0x10
[  543.905136][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.905164][ T6212]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  543.905198][ T6212]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  543.905234][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.905261][ T6212]  ? f2fs_hw_is_readonly+0x39b/0x470
[  543.905297][ T6212]  f2fs_handle_critical_error+0x37c/0x540
[  543.905335][ T6212]  f2fs_write_end_io+0x495/0x810
[  543.905367][ T6212]  ? blkg_put+0x22/0x240
[  543.905411][ T6212]  __submit_merged_bio+0x27a/0x6a0
[  543.905448][ T6212]  __submit_merged_write_cond+0x255/0x530
[  543.905486][ T6212]  f2fs_write_data_pages+0x261d/0x3000
[  543.905565][ T6212]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  543.905691][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.905723][ T6212]  ? f2fs_write_meta_pages+0x357/0x450
[  543.905766][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.905794][ T6212]  ? __lock_acquire+0xab9/0xd20
[  543.905837][ T6212]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  543.905872][ T6212]  do_writepages+0x32e/0x550
[  543.905918][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.905945][ T6212]  ? reacquire_held_locks+0x127/0x1d0
[  543.905968][ T6212]  ? writeback_sb_inodes+0x372/0x1000
[  543.906017][ T6212]  __writeback_single_inode+0x145/0xff0
[  543.906055][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.906082][ T6212]  ? do_raw_spin_unlock+0x122/0x240
[  543.906116][ T6212]  writeback_sb_inodes+0x6b5/0x1000
[  543.906171][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.906213][ T6212]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  543.906301][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.906329][ T6212]  ? rcu_is_watching+0x15/0xb0
[  543.906367][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.906406][ T6212]  wb_writeback+0x43b/0xaf0
[  543.906455][ T6212]  ? queue_io+0x3a1/0x590
[  543.906496][ T6212]  ? __pfx_wb_writeback+0x10/0x10
[  543.906624][ T6212]  ? _raw_spin_unlock_irq+0x23/0x50
[  543.906675][ T6212]  wb_workfn+0x409/0xef0
[  543.906726][ T6212]  ? __pfx_wb_workfn+0x10/0x10
[  543.906761][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.906789][ T6212]  ? __lock_acquire+0xab9/0xd20
[  543.906837][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.906868][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.906900][ T6212]  ? _raw_spin_unlock_irq+0x23/0x50
[  543.906931][ T6212]  ? process_scheduled_works+0x9ef/0x17b0
[  543.906968][ T6212]  ? process_scheduled_works+0x9ef/0x17b0
[  543.907007][ T6212]  process_scheduled_works+0xae1/0x17b0
[  543.907081][ T6212]  ? __pfx_process_scheduled_works+0x10/0x10
[  543.907127][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.907165][ T6212]  worker_thread+0x8a0/0xda0
[  543.907236][ T6212]  kthread+0x711/0x8a0
[  543.907291][ T6212]  ? __pfx_worker_thread+0x10/0x10
[  543.907328][ T6212]  ? __pfx_kthread+0x10/0x10
[  543.907352][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.907384][ T6212]  ? _raw_spin_unlock_irq+0x23/0x50
[  543.907416][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.907443][ T6212]  ? lockdep_hardirqs_on+0x9c/0x150
[  543.907476][ T6212]  ? __pfx_kthread+0x10/0x10
[  543.907506][ T6212]  ret_from_fork+0x3fc/0x770
[  543.907544][ T6212]  ? __pfx_ret_from_fork+0x10/0x10
[  543.907586][ T6212]  ? __switch_to_asm+0x39/0x70
[  543.907611][ T6212]  ? __switch_to_asm+0x33/0x70
[  543.907635][ T6212]  ? __pfx_kthread+0x10/0x10
[  543.907664][ T6212]  ret_from_fork_asm+0x1a/0x30
[  543.907709][ T6212]  </TASK>
[  543.907721][ T6212] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  543.966794][T10076] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  543.973447][ T6212] CPU: 0 UID: 0 PID: 6212 Comm: kworker/u8:13 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  543.973478][ T6212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  543.973494][ T6212] Workqueue: writeback wb_workfn (flush-7:0)
[  543.973543][ T6212] Call Trace:
[  543.973553][ T6212]  <TASK>
[  543.973563][ T6212]  dump_stack_lvl+0x189/0x250
[  543.973610][ T6212]  ? __pfx_dump_stack_lvl+0x10/0x10
[  543.973645][ T6212]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  543.973680][ T6212]  ? __pfx_queue_work_on+0x10/0x10
[  543.973705][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.973733][ T6212]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  543.973767][ T6212]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  543.973802][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.973830][ T6212]  ? f2fs_hw_is_readonly+0x39b/0x470
[  543.973867][ T6212]  f2fs_handle_critical_error+0x37c/0x540
[  543.973907][ T6212]  f2fs_write_end_io+0x495/0x810
[  543.973939][ T6212]  ? blkg_put+0x22/0x240
[  543.973988][ T6212]  __submit_merged_bio+0x27a/0x6a0
[  543.974028][ T6212]  __submit_merged_write_cond+0x255/0x530
[  543.974069][ T6212]  f2fs_write_data_pages+0x261d/0x3000
[  543.974153][ T6212]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  543.974301][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.974333][ T6212]  ? f2fs_write_meta_pages+0x357/0x450
[  543.974380][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.974406][ T6212]  ? __lock_acquire+0xab9/0xd20
[  543.974449][ T6212]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  543.974483][ T6212]  do_writepages+0x32e/0x550
[  543.974528][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.974561][ T6212]  ? reacquire_held_locks+0x127/0x1d0
[  543.974583][ T6212]  ? writeback_sb_inodes+0x372/0x1000
[  543.974634][ T6212]  __writeback_single_inode+0x145/0xff0
[  543.974671][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.974698][ T6212]  ? do_raw_spin_unlock+0x122/0x240
[  543.974734][ T6212]  writeback_sb_inodes+0x6b5/0x1000
[  543.974792][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.974838][ T6212]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  543.974940][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.974967][ T6212]  ? rcu_is_watching+0x15/0xb0
[  543.975006][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.975047][ T6212]  wb_writeback+0x43b/0xaf0
[  543.975098][ T6212]  ? queue_io+0x3a1/0x590
[  543.975141][ T6212]  ? __pfx_wb_writeback+0x10/0x10
[  543.975193][ T6212]  ? _raw_spin_unlock_irq+0x23/0x50
[  543.975235][ T6212]  wb_workfn+0x409/0xef0
[  543.975291][ T6212]  ? __pfx_wb_workfn+0x10/0x10
[  543.975330][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.975358][ T6212]  ? __lock_acquire+0xab9/0xd20
[  543.975409][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.975442][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.975475][ T6212]  ? _raw_spin_unlock_irq+0x23/0x50
[  543.975506][ T6212]  ? process_scheduled_works+0x9ef/0x17b0
[  543.975547][ T6212]  ? process_scheduled_works+0x9ef/0x17b0
[  543.975588][ T6212]  process_scheduled_works+0xae1/0x17b0
[  543.975672][ T6212]  ? __pfx_process_scheduled_works+0x10/0x10
[  543.975721][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.975763][ T6212]  worker_thread+0x8a0/0xda0
[  543.975844][ T6212]  kthread+0x711/0x8a0
[  543.975879][ T6212]  ? __pfx_worker_thread+0x10/0x10
[  543.975916][ T6212]  ? __pfx_kthread+0x10/0x10
[  543.975940][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.975974][ T6212]  ? _raw_spin_unlock_irq+0x23/0x50
[  543.976005][ T6212]  ? srso_alias_return_thunk+0x5/0xfbef5
[  543.976031][ T6212]  ? lockdep_hardirqs_on+0x9c/0x150
[  543.976065][ T6212]  ? __pfx_kthread+0x10/0x10
[  543.976096][ T6212]  ret_from_fork+0x3fc/0x770
[  543.976136][ T6212]  ? __pfx_ret_from_fork+0x10/0x10
[  543.976181][ T6212]  ? __switch_to_asm+0x39/0x70
[  543.976205][ T6212]  ? __switch_to_asm+0x33/0x70
[  543.976228][ T6212]  ? __pfx_kthread+0x10/0x10
[  543.976259][ T6212]  ret_from_fork_asm+0x1a/0x30
[  543.976311][ T6212]  </TASK>
[  543.976321][ T6212] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  544.131863][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  544.729728][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  544.730594][ T5828] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  544.738500][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  544.755416][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  544.764967][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  545.180489][T10093] netlink: 'syz.3.972': attribute type 1 has an invalid length.
[  546.378656][T10100] loop1: detected capacity change from 0 to 131072
[  546.610265][T10100] F2FS-fs (loop1): Segment count (31) mismatch with total segments from devices (0)
[  546.619956][T10100] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  547.284139][   T51] Bluetooth: hci3: command tx timeout
[  547.335644][T10100] F2FS-fs (loop1): invalid crc value
[  547.638309][T10100] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  547.645999][T10100] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  547.766215][T10100] F2FS-fs (loop1): checksum invalid, nid = 4, ino_of_node = 4, efdbe231 vs. 15bb5891
[  547.989739][T10117] loop4: detected capacity change from 0 to 512
[  548.059656][  T996] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  548.068982][T10117] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  548.099373][T10117] ext4 filesystem being mounted at /199/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  548.133426][  T996] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  548.150884][  T996] bond0 (unregistering): Released all slaves
[  548.401961][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  548.507159][T10124] loop0: detected capacity change from 0 to 40427
[  548.521454][T10124] F2FS-fs (loop0): invalid crc value
[  548.619460][T10124] F2FS-fs (loop0): Start checkpoint disabled!
[  548.651642][T10124] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  548.674352][T10093] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  549.208379][T10131] F2FS-fs (loop0): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  549.424408][   T51] Bluetooth: hci3: command tx timeout
[  549.442993][T10077] lo speed is unknown, defaulting to 1000
[  550.198350][ T6053] kworker/u8:12: attempt to access beyond end of device
[  550.198350][ T6053] loop0: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  550.293522][ T6053] kworker/u8:12: attempt to access beyond end of device
[  550.293522][ T6053] loop0: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  550.377707][ T6053] CPU: 0 UID: 0 PID: 6053 Comm: kworker/u8:12 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  550.377734][ T6053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  550.377747][ T6053] Workqueue: writeback wb_workfn (flush-7:0)
[  550.377778][ T6053] Call Trace:
[  550.377785][ T6053]  <TASK>
[  550.377794][ T6053]  dump_stack_lvl+0x189/0x250
[  550.377827][ T6053]  ? __pfx_dump_stack_lvl+0x10/0x10
[  550.377853][ T6053]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  550.377878][ T6053]  ? __pfx_queue_work_on+0x10/0x10
[  550.377896][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.377916][ T6053]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  550.377941][ T6053]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  550.377967][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.377987][ T6053]  ? f2fs_hw_is_readonly+0x39b/0x470
[  550.378013][ T6053]  f2fs_handle_critical_error+0x37c/0x540
[  550.378040][ T6053]  f2fs_write_end_io+0x495/0x810
[  550.378064][ T6053]  ? blkg_put+0x22/0x240
[  550.378095][ T6053]  __submit_merged_bio+0x27a/0x6a0
[  550.378122][ T6053]  __submit_merged_write_cond+0x255/0x530
[  550.378149][ T6053]  f2fs_write_data_pages+0x261d/0x3000
[  550.378221][ T6053]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  550.378314][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.378337][ T6053]  ? f2fs_write_meta_pages+0x357/0x450
[  550.378368][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.378389][ T6053]  ? __lock_acquire+0xab9/0xd20
[  550.378418][ T6053]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  550.378443][ T6053]  do_writepages+0x32e/0x550
[  550.378475][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.378496][ T6053]  ? reacquire_held_locks+0x127/0x1d0
[  550.378512][ T6053]  ? writeback_sb_inodes+0x372/0x1000
[  550.378547][ T6053]  __writeback_single_inode+0x145/0xff0
[  550.378575][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.378595][ T6053]  ? do_raw_spin_unlock+0x122/0x240
[  550.378620][ T6053]  writeback_sb_inodes+0x6b5/0x1000
[  550.378659][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.378690][ T6053]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  550.378756][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.378776][ T6053]  ? rcu_is_watching+0x15/0xb0
[  550.378805][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.378832][ T6053]  wb_writeback+0x43b/0xaf0
[  550.378867][ T6053]  ? queue_io+0x3a1/0x590
[  550.378897][ T6053]  ? __pfx_wb_writeback+0x10/0x10
[  550.378932][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  550.378961][ T6053]  wb_workfn+0x409/0xef0
[  550.378998][ T6053]  ? __pfx_wb_workfn+0x10/0x10
[  550.379025][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.379045][ T6053]  ? __lock_acquire+0xab9/0xd20
[  550.379079][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.379102][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.379126][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  550.379150][ T6053]  ? process_scheduled_works+0x9ef/0x17b0
[  550.379176][ T6053]  ? process_scheduled_works+0x9ef/0x17b0
[  550.379205][ T6053]  process_scheduled_works+0xae1/0x17b0
[  550.379258][ T6053]  ? __pfx_process_scheduled_works+0x10/0x10
[  550.379297][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.379325][ T6053]  worker_thread+0x8a0/0xda0
[  550.379377][ T6053]  kthread+0x711/0x8a0
[  550.379400][ T6053]  ? __pfx_worker_thread+0x10/0x10
[  550.379428][ T6053]  ? __pfx_kthread+0x10/0x10
[  550.379446][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.379469][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  550.379493][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.379512][ T6053]  ? lockdep_hardirqs_on+0x9c/0x150
[  550.379537][ T6053]  ? __pfx_kthread+0x10/0x10
[  550.379559][ T6053]  ret_from_fork+0x3fc/0x770
[  550.379588][ T6053]  ? __pfx_ret_from_fork+0x10/0x10
[  550.379619][ T6053]  ? __switch_to_asm+0x39/0x70
[  550.379637][ T6053]  ? __switch_to_asm+0x33/0x70
[  550.379654][ T6053]  ? __pfx_kthread+0x10/0x10
[  550.379676][ T6053]  ret_from_fork_asm+0x1a/0x30
[  550.379710][ T6053]  </TASK>
[  550.379717][ T6053] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  550.847814][T10138] netlink: 'syz.5.987': attribute type 1 has an invalid length.
[  550.900802][T10139] netlink: 52 bytes leftover after parsing attributes in process `syz.5.987'.
[  550.913346][ T6053] CPU: 0 UID: 0 PID: 6053 Comm: kworker/u8:12 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  550.913379][ T6053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  550.913396][ T6053] Workqueue: writeback wb_workfn (flush-7:0)
[  550.913438][ T6053] Call Trace:
[  550.913447][ T6053]  <TASK>
[  550.913457][ T6053]  dump_stack_lvl+0x189/0x250
[  550.913504][ T6053]  ? __pfx_dump_stack_lvl+0x10/0x10
[  550.913540][ T6053]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  550.913577][ T6053]  ? __pfx_queue_work_on+0x10/0x10
[  550.913602][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.913630][ T6053]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  550.913665][ T6053]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  550.913700][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.913728][ T6053]  ? f2fs_hw_is_readonly+0x39b/0x470
[  550.913765][ T6053]  f2fs_handle_critical_error+0x37c/0x540
[  550.913805][ T6053]  f2fs_write_end_io+0x495/0x810
[  550.913837][ T6053]  ? blkg_put+0x22/0x240
[  550.913886][ T6053]  __submit_merged_bio+0x27a/0x6a0
[  550.913925][ T6053]  __submit_merged_write_cond+0x255/0x530
[  550.913965][ T6053]  f2fs_write_data_pages+0x261d/0x3000
[  550.914049][ T6053]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  550.914193][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.914226][ T6053]  ? f2fs_write_meta_pages+0x357/0x450
[  550.914272][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.914305][ T6053]  ? __lock_acquire+0xab9/0xd20
[  550.914348][ T6053]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  550.914383][ T6053]  do_writepages+0x32e/0x550
[  550.914429][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.914457][ T6053]  ? reacquire_held_locks+0x127/0x1d0
[  550.914479][ T6053]  ? writeback_sb_inodes+0x372/0x1000
[  550.914534][ T6053]  __writeback_single_inode+0x145/0xff0
[  550.914573][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.914600][ T6053]  ? do_raw_spin_unlock+0x122/0x240
[  550.914636][ T6053]  writeback_sb_inodes+0x6b5/0x1000
[  550.914695][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.914741][ T6053]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  550.914840][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.914869][ T6053]  ? rcu_is_watching+0x15/0xb0
[  550.914908][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.914949][ T6053]  wb_writeback+0x43b/0xaf0
[  550.915000][ T6053]  ? queue_io+0x3a1/0x590
[  550.915043][ T6053]  ? __pfx_wb_writeback+0x10/0x10
[  550.915095][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  550.915138][ T6053]  wb_workfn+0x409/0xef0
[  550.915193][ T6053]  ? __pfx_wb_workfn+0x10/0x10
[  550.915232][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.915260][ T6053]  ? __lock_acquire+0xab9/0xd20
[  550.915318][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.915351][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.915384][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  550.915416][ T6053]  ? process_scheduled_works+0x9ef/0x17b0
[  550.915453][ T6053]  ? process_scheduled_works+0x9ef/0x17b0
[  550.915495][ T6053]  process_scheduled_works+0xae1/0x17b0
[  550.915578][ T6053]  ? __pfx_process_scheduled_works+0x10/0x10
[  550.915628][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.915670][ T6053]  worker_thread+0x8a0/0xda0
[  550.915750][ T6053]  kthread+0x711/0x8a0
[  550.915783][ T6053]  ? __pfx_worker_thread+0x10/0x10
[  550.915822][ T6053]  ? __pfx_kthread+0x10/0x10
[  550.915846][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.915881][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  550.915913][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  550.915941][ T6053]  ? lockdep_hardirqs_on+0x9c/0x150
[  550.915975][ T6053]  ? __pfx_kthread+0x10/0x10
[  550.916005][ T6053]  ret_from_fork+0x3fc/0x770
[  550.916046][ T6053]  ? __pfx_ret_from_fork+0x10/0x10
[  550.916091][ T6053]  ? __switch_to_asm+0x39/0x70
[  550.916115][ T6053]  ? __switch_to_asm+0x33/0x70
[  550.916139][ T6053]  ? __pfx_kthread+0x10/0x10
[  550.916170][ T6053]  ret_from_fork_asm+0x1a/0x30
[  550.916220][ T6053]  </TASK>
[  550.916231][ T6053] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  551.472983][   T51] Bluetooth: hci3: command tx timeout
[  551.843070][  T996] hsr_slave_0: left promiscuous mode
[  551.855606][  T996] hsr_slave_1: left promiscuous mode
[  551.867009][  T996] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  551.888249][  T996] batman_adv: batadv0: Removing interface: batadv_slave_0
[  551.964025][T10153] random: crng reseeded on system resumption
[  552.620673][  T996] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  552.663107][  T996] batman_adv: batadv0: Removing interface: batadv_slave_1
[  552.947384][  T996] veth1_macvtap: left promiscuous mode
[  553.003490][  T996] veth0_macvtap: left promiscuous mode
[  553.023560][  T996] veth1_vlan: left promiscuous mode
[  553.028866][  T996] veth0_vlan: left promiscuous mode
[  553.072792][T10164] trusted_key: encrypted_key: insufficient parameters specified
[  553.553018][   T51] Bluetooth: hci3: command tx timeout
[  554.324008][T10172] loop0: detected capacity change from 0 to 256
[  555.681434][T10181] netlink: 8 bytes leftover after parsing attributes in process `syz.1.997'.
[  555.690503][T10181] netlink: 8 bytes leftover after parsing attributes in process `syz.1.997'.
[  557.251059][T10188] loop0: detected capacity change from 0 to 40427
[  557.254533][T10187] loop4: detected capacity change from 0 to 40427
[  557.282646][T10187] F2FS-fs (loop4): invalid crc value
[  557.290370][T10188] F2FS-fs (loop0): invalid crc value
[  557.367126][T10188] F2FS-fs (loop0): Start checkpoint disabled!
[  557.373779][T10187] F2FS-fs (loop4): Start checkpoint disabled!
[  557.392136][T10187] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  557.403040][T10188] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  557.966296][T10196] F2FS-fs (loop0): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  559.025176][ T6053] kworker/u8:12: attempt to access beyond end of device
[  559.025176][ T6053] loop0: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  559.041377][ T6053] kworker/u8:12: attempt to access beyond end of device
[  559.041377][ T6053] loop0: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  559.057077][ T6053] CPU: 0 UID: 0 PID: 6053 Comm: kworker/u8:12 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  559.057110][ T6053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  559.057126][ T6053] Workqueue: writeback wb_workfn (flush-7:0)
[  559.057167][ T6053] Call Trace:
[  559.057176][ T6053]  <TASK>
[  559.057185][ T6053]  dump_stack_lvl+0x189/0x250
[  559.057231][ T6053]  ? __pfx_dump_stack_lvl+0x10/0x10
[  559.057267][ T6053]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  559.057308][ T6053]  ? __pfx_queue_work_on+0x10/0x10
[  559.057333][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.057361][ T6053]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  559.057395][ T6053]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  559.057430][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.057458][ T6053]  ? f2fs_hw_is_readonly+0x39b/0x470
[  559.057493][ T6053]  f2fs_handle_critical_error+0x37c/0x540
[  559.057530][ T6053]  f2fs_write_end_io+0x495/0x810
[  559.057562][ T6053]  ? blkg_put+0x22/0x240
[  559.057605][ T6053]  __submit_merged_bio+0x27a/0x6a0
[  559.057641][ T6053]  __submit_merged_write_cond+0x255/0x530
[  559.057678][ T6053]  f2fs_write_data_pages+0x261d/0x3000
[  559.057751][ T6053]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  559.057875][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.057907][ T6053]  ? f2fs_write_meta_pages+0x357/0x450
[  559.057949][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.057977][ T6053]  ? __lock_acquire+0xab9/0xd20
[  559.058016][ T6053]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  559.058051][ T6053]  do_writepages+0x32e/0x550
[  559.058093][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.058121][ T6053]  ? reacquire_held_locks+0x127/0x1d0
[  559.058143][ T6053]  ? writeback_sb_inodes+0x372/0x1000
[  559.058204][ T6053]  __writeback_single_inode+0x145/0xff0
[  559.058242][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.058270][ T6053]  ? do_raw_spin_unlock+0x122/0x240
[  559.058309][ T6053]  writeback_sb_inodes+0x6b5/0x1000
[  559.058362][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.058405][ T6053]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  559.058491][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.058518][ T6053]  ? rcu_is_watching+0x15/0xb0
[  559.058556][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.058595][ T6053]  wb_writeback+0x43b/0xaf0
[  559.058642][ T6053]  ? queue_io+0x3a1/0x590
[  559.058682][ T6053]  ? __pfx_wb_writeback+0x10/0x10
[  559.058731][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  559.058770][ T6053]  wb_workfn+0x409/0xef0
[  559.058819][ T6053]  ? __pfx_wb_workfn+0x10/0x10
[  559.058856][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.058883][ T6053]  ? __lock_acquire+0xab9/0xd20
[  559.058931][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.058962][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.058994][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  559.059026][ T6053]  ? process_scheduled_works+0x9ef/0x17b0
[  559.059062][ T6053]  ? process_scheduled_works+0x9ef/0x17b0
[  559.059103][ T6053]  process_scheduled_works+0xae1/0x17b0
[  559.059158][ T6053]  ? __pfx_process_scheduled_works+0x10/0x10
[  559.059193][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.059221][ T6053]  worker_thread+0x8a0/0xda0
[  559.059273][ T6053]  kthread+0x711/0x8a0
[  559.059303][ T6053]  ? __pfx_worker_thread+0x10/0x10
[  559.059330][ T6053]  ? __pfx_kthread+0x10/0x10
[  559.059348][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.059372][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  559.059395][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.059415][ T6053]  ? lockdep_hardirqs_on+0x9c/0x150
[  559.059440][ T6053]  ? __pfx_kthread+0x10/0x10
[  559.059461][ T6053]  ret_from_fork+0x3fc/0x770
[  559.059490][ T6053]  ? __pfx_ret_from_fork+0x10/0x10
[  559.059521][ T6053]  ? __switch_to_asm+0x39/0x70
[  559.059539][ T6053]  ? __switch_to_asm+0x33/0x70
[  559.059558][ T6053]  ? __pfx_kthread+0x10/0x10
[  559.059580][ T6053]  ret_from_fork_asm+0x1a/0x30
[  559.059613][ T6053]  </TASK>
[  559.061908][ T6053] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  559.453640][ T6053] CPU: 0 UID: 0 PID: 6053 Comm: kworker/u8:12 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  559.453674][ T6053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  559.453691][ T6053] Workqueue: writeback wb_workfn (flush-7:0)
[  559.453732][ T6053] Call Trace:
[  559.453742][ T6053]  <TASK>
[  559.453754][ T6053]  dump_stack_lvl+0x189/0x250
[  559.453801][ T6053]  ? __pfx_dump_stack_lvl+0x10/0x10
[  559.453838][ T6053]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  559.453874][ T6053]  ? __pfx_queue_work_on+0x10/0x10
[  559.453900][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.453928][ T6053]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  559.453963][ T6053]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  559.453999][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.454027][ T6053]  ? f2fs_hw_is_readonly+0x39b/0x470
[  559.454065][ T6053]  f2fs_handle_critical_error+0x37c/0x540
[  559.454105][ T6053]  f2fs_write_end_io+0x495/0x810
[  559.454137][ T6053]  ? blkg_put+0x22/0x240
[  559.454186][ T6053]  __submit_merged_bio+0x27a/0x6a0
[  559.454226][ T6053]  __submit_merged_write_cond+0x255/0x530
[  559.454266][ T6053]  f2fs_write_data_pages+0x261d/0x3000
[  559.454349][ T6053]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  559.454495][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.454528][ T6053]  ? f2fs_write_meta_pages+0x357/0x450
[  559.454582][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.454610][ T6053]  ? __lock_acquire+0xab9/0xd20
[  559.454652][ T6053]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  559.454688][ T6053]  do_writepages+0x32e/0x550
[  559.454734][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.454762][ T6053]  ? reacquire_held_locks+0x127/0x1d0
[  559.454785][ T6053]  ? writeback_sb_inodes+0x372/0x1000
[  559.454836][ T6053]  __writeback_single_inode+0x145/0xff0
[  559.454875][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.454902][ T6053]  ? do_raw_spin_unlock+0x122/0x240
[  559.454939][ T6053]  writeback_sb_inodes+0x6b5/0x1000
[  559.454999][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.455046][ T6053]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  559.455146][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.455174][ T6053]  ? rcu_is_watching+0x15/0xb0
[  559.455213][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.455255][ T6053]  wb_writeback+0x43b/0xaf0
[  559.455305][ T6053]  ? queue_io+0x3a1/0x590
[  559.455348][ T6053]  ? __pfx_wb_writeback+0x10/0x10
[  559.455400][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  559.455442][ T6053]  wb_workfn+0x409/0xef0
[  559.455498][ T6053]  ? __pfx_wb_workfn+0x10/0x10
[  559.455545][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.455585][ T6053]  ? __lock_acquire+0xab9/0xd20
[  559.455637][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.455670][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.455704][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  559.455736][ T6053]  ? process_scheduled_works+0x9ef/0x17b0
[  559.455773][ T6053]  ? process_scheduled_works+0x9ef/0x17b0
[  559.455815][ T6053]  process_scheduled_works+0xae1/0x17b0
[  559.455898][ T6053]  ? __pfx_process_scheduled_works+0x10/0x10
[  559.455949][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.455990][ T6053]  worker_thread+0x8a0/0xda0
[  559.456070][ T6053]  kthread+0x711/0x8a0
[  559.456104][ T6053]  ? __pfx_worker_thread+0x10/0x10
[  559.456143][ T6053]  ? __pfx_kthread+0x10/0x10
[  559.456167][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.456201][ T6053]  ? _raw_spin_unlock_irq+0x23/0x50
[  559.456233][ T6053]  ? srso_alias_return_thunk+0x5/0xfbef5
[  559.456261][ T6053]  ? lockdep_hardirqs_on+0x9c/0x150
[  559.456295][ T6053]  ? __pfx_kthread+0x10/0x10
[  559.456326][ T6053]  ret_from_fork+0x3fc/0x770
[  559.456367][ T6053]  ? __pfx_ret_from_fork+0x10/0x10
[  559.456414][ T6053]  ? __switch_to_asm+0x39/0x70
[  559.456438][ T6053]  ? __switch_to_asm+0x33/0x70
[  559.456463][ T6053]  ? __pfx_kthread+0x10/0x10
[  559.456494][ T6053]  ret_from_fork_asm+0x1a/0x30
[  559.456545][ T6053]  </TASK>
[  559.456560][ T6053] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  559.914283][  T996] team0 (unregistering): Port device team_slave_1 removed
[  559.994200][   T49] kworker/u8:3: attempt to access beyond end of device
[  559.994200][   T49] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  560.483664][   T49] CPU: 1 UID: 0 PID: 49 Comm: kworker/u8:3 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  560.483690][   T49] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  560.483703][   T49] Workqueue: writeback wb_workfn (flush-7:4)
[  560.483734][   T49] Call Trace:
[  560.483742][   T49]  <TASK>
[  560.483750][   T49]  dump_stack_lvl+0x189/0x250
[  560.483784][   T49]  ? __pfx_dump_stack_lvl+0x10/0x10
[  560.483822][   T49]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  560.483860][   T49]  ? __pfx_queue_work_on+0x10/0x10
[  560.483887][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  560.483908][   T49]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  560.483933][   T49]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  560.483959][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  560.483979][   T49]  ? f2fs_hw_is_readonly+0x39b/0x470
[  560.484007][   T49]  f2fs_handle_critical_error+0x37c/0x540
[  560.484036][   T49]  f2fs_write_end_io+0x495/0x810
[  560.484060][   T49]  ? blkg_put+0x22/0x240
[  560.484096][   T49]  __submit_merged_bio+0x27a/0x6a0
[  560.484125][   T49]  __submit_merged_write_cond+0x255/0x530
[  560.484154][   T49]  f2fs_write_data_pages+0x261d/0x3000
[  560.484216][   T49]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  560.484238][   T49]  ? __switch_to+0x6c0/0x1600
[  560.484310][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  560.484330][   T49]  ? trace_sched_exit_tp+0x38/0x120
[  560.484354][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  560.484373][   T49]  ? __schedule+0x1713/0x4d00
[  560.484416][   T49]  ? __pfx___schedule+0x10/0x10
[  560.484439][   T49]  ? preempt_schedule_common+0x83/0xd0
[  560.484471][   T49]  ? __pfx___schedule+0x10/0x10
[  560.484506][   T49]  ? sched_clock+0x3f/0x60
[  560.484534][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  560.484559][   T49]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  560.484585][   T49]  do_writepages+0x32e/0x550
[  560.484615][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  560.484635][   T49]  ? preempt_schedule+0xae/0xc0
[  560.484660][   T49]  ? __pfx_preempt_schedule+0x10/0x10
[  560.484683][   T49]  ? reacquire_held_locks+0x127/0x1d0
[  560.484699][   T49]  ? writeback_sb_inodes+0x372/0x1000
[  560.484737][   T49]  __writeback_single_inode+0x145/0xff0
[  560.484774][   T49]  writeback_sb_inodes+0x6b5/0x1000
[  560.484801][   T49]  ? lockdep_hardirqs_on+0x9c/0x150
[  560.484834][   T49]  ? rcu_is_watching+0x15/0xb0
[  560.484866][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  560.484900][   T49]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  560.485001][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  560.485023][   T49]  ? rcu_is_watching+0x15/0xb0
[  560.485051][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  560.485081][   T49]  wb_writeback+0x43b/0xaf0
[  560.485119][   T49]  ? queue_io+0x3a1/0x590
[  560.485151][   T49]  ? __pfx_wb_writeback+0x10/0x10
[  560.485189][   T49]  ? _raw_spin_unlock_irq+0x23/0x50
[  560.485220][   T49]  wb_workfn+0x409/0xef0
[  560.485261][   T49]  ? __pfx_wb_workfn+0x10/0x10
[  560.485291][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  560.485311][   T49]  ? __lock_acquire+0xab9/0xd20
[  560.485349][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  560.485373][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  560.485398][   T49]  ? _raw_spin_unlock_irq+0x23/0x50
[  560.485422][   T49]  ? process_scheduled_works+0x9ef/0x17b0
[  560.485449][   T49]  ? process_scheduled_works+0x9ef/0x17b0
[  560.485479][   T49]  process_scheduled_works+0xae1/0x17b0
[  560.485543][   T49]  ? __pfx_process_scheduled_works+0x10/0x10
[  560.485580][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  560.485610][   T49]  worker_thread+0x8a0/0xda0
[  560.485654][   T49]  ? __kthread_parkme+0x7b/0x200
[  560.485684][   T49]  kthread+0x711/0x8a0
[  560.485709][   T49]  ? __pfx_worker_thread+0x10/0x10
[  560.485737][   T49]  ? __pfx_kthread+0x10/0x10
[  560.485754][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  560.485779][   T49]  ? _raw_spin_unlock_irq+0x23/0x50
[  560.485802][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  560.485822][   T49]  ? lockdep_hardirqs_on+0x9c/0x150
[  560.485846][   T49]  ? __pfx_kthread+0x10/0x10
[  560.485869][   T49]  ret_from_fork+0x3fc/0x770
[  560.485899][   T49]  ? __pfx_ret_from_fork+0x10/0x10
[  560.485932][   T49]  ? __switch_to_asm+0x39/0x70
[  560.485950][   T49]  ? __switch_to_asm+0x33/0x70
[  560.485967][   T49]  ? __pfx_kthread+0x10/0x10
[  560.485990][   T49]  ret_from_fork_asm+0x1a/0x30
[  560.486034][   T49]  </TASK>
[  560.486044][   T49] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  561.201426][  T996] team0 (unregistering): Port device team_slave_0 removed
[  561.508472][T10209] random: crng reseeded on system resumption
[  562.161376][T10215] loop5: detected capacity change from 0 to 512
[  562.176944][T10215] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  562.200513][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  562.207208][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  562.232568][T10215] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  562.285051][T10215] EXT4-fs (loop5): 1 truncate cleaned up
[  562.292643][T10215] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  562.436165][ T5830] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.013303][ T1205] usb 5-1: new low-speed USB device number 5 using dummy_hcd
[  565.346554][T10246] loop0: detected capacity change from 0 to 40427
[  566.183814][T10246] F2FS-fs (loop0): invalid crc value
[  566.252675][T10246] F2FS-fs (loop0): Start checkpoint disabled!
[  566.266281][T10246] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  566.289369][ T1205] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  566.317820][ T1205] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  566.330950][T10254] loop5: detected capacity change from 0 to 24
[  566.553888][T10255] F2FS-fs (loop0): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  566.792945][ T1205] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  566.794135][T10254] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  566.804212][ T1205] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  566.820811][ T1205] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  566.833291][ T1205] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  566.853683][ T7208] kworker/u8:16: attempt to access beyond end of device
[  566.853683][ T7208] loop0: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  566.862229][T10254] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  566.885294][ T1205] hub 5-1:1.0: bad descriptor, ignoring hub
[  566.898253][ T1205] hub 5-1:1.0: probe with driver hub failed with error -5
[  566.901007][ T7208] kworker/u8:16: attempt to access beyond end of device
[  566.901007][ T7208] loop0: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  566.913500][ T1205] cdc_wdm 5-1:1.0: skipping garbage
[  566.927954][ T1205] cdc_wdm 5-1:1.0: skipping garbage
[  566.945314][ T1205] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  566.951233][ T1205] cdc_wdm 5-1:1.0: Unknown control protocol
[  566.973203][ T7208] CPU: 0 UID: 0 PID: 7208 Comm: kworker/u8:16 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  566.973240][ T7208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  566.973255][ T7208] Workqueue: writeback wb_workfn (flush-7:0)
[  566.973292][ T7208] Call Trace:
[  566.973299][ T7208]  <TASK>
[  566.973308][ T7208]  dump_stack_lvl+0x189/0x250
[  566.973342][ T7208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  566.973368][ T7208]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  566.973394][ T7208]  ? __pfx_queue_work_on+0x10/0x10
[  566.973412][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  566.973432][ T7208]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  566.973456][ T7208]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  566.973482][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  566.973502][ T7208]  ? f2fs_hw_is_readonly+0x39b/0x470
[  566.973530][ T7208]  f2fs_handle_critical_error+0x37c/0x540
[  566.973557][ T7208]  f2fs_write_end_io+0x495/0x810
[  566.973580][ T7208]  ? blkg_put+0x22/0x240
[  566.973612][ T7208]  __submit_merged_bio+0x27a/0x6a0
[  566.973640][ T7208]  __submit_merged_write_cond+0x255/0x530
[  566.973667][ T7208]  f2fs_write_data_pages+0x261d/0x3000
[  566.973721][ T7208]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  566.973810][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  566.973832][ T7208]  ? f2fs_write_meta_pages+0x357/0x450
[  566.973863][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  566.973883][ T7208]  ? __lock_acquire+0xab9/0xd20
[  566.973912][ T7208]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  566.973937][ T7208]  do_writepages+0x32e/0x550
[  566.973969][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  566.973989][ T7208]  ? reacquire_held_locks+0x127/0x1d0
[  566.974006][ T7208]  ? writeback_sb_inodes+0x372/0x1000
[  566.974041][ T7208]  __writeback_single_inode+0x145/0xff0
[  566.974069][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  566.974089][ T7208]  ? do_raw_spin_unlock+0x122/0x240
[  566.974114][ T7208]  writeback_sb_inodes+0x6b5/0x1000
[  566.974153][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  566.974184][ T7208]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  566.974248][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  566.974272][ T7208]  ? rcu_is_watching+0x15/0xb0
[  566.974300][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  566.974328][ T7208]  wb_writeback+0x43b/0xaf0
[  566.974362][ T7208]  ? queue_io+0x3a1/0x590
[  566.974392][ T7208]  ? __pfx_wb_writeback+0x10/0x10
[  566.974427][ T7208]  ? _raw_spin_unlock_irq+0x23/0x50
[  566.974456][ T7208]  wb_workfn+0x409/0xef0
[  566.974493][ T7208]  ? __pfx_wb_workfn+0x10/0x10
[  566.974521][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  566.974541][ T7208]  ? __lock_acquire+0xab9/0xd20
[  566.974575][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  566.974599][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  566.974623][ T7208]  ? _raw_spin_unlock_irq+0x23/0x50
[  566.974645][ T7208]  ? process_scheduled_works+0x9ef/0x17b0
[  566.974671][ T7208]  ? process_scheduled_works+0x9ef/0x17b0
[  566.974701][ T7208]  process_scheduled_works+0xae1/0x17b0
[  566.974754][ T7208]  ? __pfx_process_scheduled_works+0x10/0x10
[  566.974788][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  566.974816][ T7208]  worker_thread+0x8a0/0xda0
[  566.974847][ T7208]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  566.974879][ T7208]  ? __kthread_parkme+0x7b/0x200
[  566.974906][ T7208]  kthread+0x711/0x8a0
[  566.974929][ T7208]  ? __pfx_worker_thread+0x10/0x10
[  566.974956][ T7208]  ? __pfx_kthread+0x10/0x10
[  566.974974][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  566.974997][ T7208]  ? _raw_spin_unlock_irq+0x23/0x50
[  566.975020][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  566.975040][ T7208]  ? lockdep_hardirqs_on+0x9c/0x150
[  566.975064][ T7208]  ? __pfx_kthread+0x10/0x10
[  566.975086][ T7208]  ret_from_fork+0x3fc/0x770
[  566.975114][ T7208]  ? __pfx_ret_from_fork+0x10/0x10
[  566.975146][ T7208]  ? __switch_to_asm+0x39/0x70
[  566.975163][ T7208]  ? __switch_to_asm+0x33/0x70
[  566.975181][ T7208]  ? __pfx_kthread+0x10/0x10
[  566.975202][ T7208]  ret_from_fork_asm+0x1a/0x30
[  566.975235][ T7208]  </TASK>
[  566.975243][ T7208] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  567.386871][ T7208] CPU: 0 UID: 0 PID: 7208 Comm: kworker/u8:16 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  567.386906][ T7208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  567.386923][ T7208] Workqueue: writeback wb_workfn (flush-7:0)
[  567.386963][ T7208] Call Trace:
[  567.386973][ T7208]  <TASK>
[  567.386984][ T7208]  dump_stack_lvl+0x189/0x250
[  567.387031][ T7208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  567.387068][ T7208]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  567.387103][ T7208]  ? __pfx_queue_work_on+0x10/0x10
[  567.387128][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.387156][ T7208]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  567.387191][ T7208]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  567.387227][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.387255][ T7208]  ? f2fs_hw_is_readonly+0x39b/0x470
[  567.387303][ T7208]  f2fs_handle_critical_error+0x37c/0x540
[  567.387342][ T7208]  f2fs_write_end_io+0x495/0x810
[  567.387375][ T7208]  ? blkg_put+0x22/0x240
[  567.387424][ T7208]  __submit_merged_bio+0x27a/0x6a0
[  567.387464][ T7208]  __submit_merged_write_cond+0x255/0x530
[  567.387504][ T7208]  f2fs_write_data_pages+0x261d/0x3000
[  567.387587][ T7208]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  567.387733][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.387766][ T7208]  ? f2fs_write_meta_pages+0x357/0x450
[  567.387813][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.387840][ T7208]  ? __lock_acquire+0xab9/0xd20
[  567.387882][ T7208]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  567.387918][ T7208]  do_writepages+0x32e/0x550
[  567.387964][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.387996][ T7208]  ? reacquire_held_locks+0x127/0x1d0
[  567.388018][ T7208]  ? writeback_sb_inodes+0x372/0x1000
[  567.388057][ T7208]  __writeback_single_inode+0x145/0xff0
[  567.388084][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.388104][ T7208]  ? do_raw_spin_unlock+0x122/0x240
[  567.388131][ T7208]  writeback_sb_inodes+0x6b5/0x1000
[  567.388174][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.388207][ T7208]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  567.388285][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.388305][ T7208]  ? rcu_is_watching+0x15/0xb0
[  567.388334][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.388364][ T7208]  wb_writeback+0x43b/0xaf0
[  567.388401][ T7208]  ? queue_io+0x3a1/0x590
[  567.388433][ T7208]  ? __pfx_wb_writeback+0x10/0x10
[  567.388470][ T7208]  ? _raw_spin_unlock_irq+0x23/0x50
[  567.388502][ T7208]  wb_workfn+0x409/0xef0
[  567.388545][ T7208]  ? __pfx_wb_workfn+0x10/0x10
[  567.388574][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.388594][ T7208]  ? __lock_acquire+0xab9/0xd20
[  567.388631][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.388655][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.388680][ T7208]  ? _raw_spin_unlock_irq+0x23/0x50
[  567.388703][ T7208]  ? process_scheduled_works+0x9ef/0x17b0
[  567.388730][ T7208]  ? process_scheduled_works+0x9ef/0x17b0
[  567.388760][ T7208]  process_scheduled_works+0xae1/0x17b0
[  567.388820][ T7208]  ? __pfx_process_scheduled_works+0x10/0x10
[  567.388857][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.388887][ T7208]  worker_thread+0x8a0/0xda0
[  567.388919][ T7208]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  567.388959][ T7208]  ? __kthread_parkme+0x7b/0x200
[  567.389000][ T7208]  kthread+0x711/0x8a0
[  567.389036][ T7208]  ? __pfx_worker_thread+0x10/0x10
[  567.389065][ T7208]  ? __pfx_kthread+0x10/0x10
[  567.389082][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.389107][ T7208]  ? _raw_spin_unlock_irq+0x23/0x50
[  567.389130][ T7208]  ? srso_alias_return_thunk+0x5/0xfbef5
[  567.389150][ T7208]  ? lockdep_hardirqs_on+0x9c/0x150
[  567.389175][ T7208]  ? __pfx_kthread+0x10/0x10
[  567.389197][ T7208]  ret_from_fork+0x3fc/0x770
[  567.389227][ T7208]  ? __pfx_ret_from_fork+0x10/0x10
[  567.389261][ T7208]  ? __switch_to_asm+0x39/0x70
[  567.389284][ T7208]  ? __switch_to_asm+0x33/0x70
[  567.389301][ T7208]  ? __pfx_kthread+0x10/0x10
[  567.389324][ T7208]  ret_from_fork_asm+0x1a/0x30
[  567.389361][ T7208]  </TASK>
[  567.389416][ T7208] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  567.826708][T10254] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  568.054336][T10257] loop5: detected capacity change from 0 to 128
[  568.067739][T10257] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  568.276282][T10257] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  568.343339][ T5928] usb 5-1: USB disconnect, device number 5
[  569.752675][T10077] chnl_net:caif_netlink_parms(): no params data found
[  570.215853][T10273] loop4: detected capacity change from 0 to 8
[  572.353173][   T30] audit: type=1800 audit(2000000042.430:165): pid=10270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1022" name="file1" dev="loop4" ino=5 res=0 errno=0
[  572.407777][T10283] loop1: detected capacity change from 0 to 256
[  572.461503][T10283] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  572.973674][T10283] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  572.996680][T10283] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x062de574, utbl_chksum : 0xe619d30d)
[  573.635059][T10077] bridge0: port 1(bridge_slave_0) entered blocking state
[  573.665790][T10077] bridge0: port 1(bridge_slave_0) entered disabled state
[  573.697879][T10077] bridge_slave_0: entered allmulticast mode
[  573.734358][T10077] bridge_slave_0: entered promiscuous mode
[  573.773428][T10077] bridge0: port 2(bridge_slave_1) entered blocking state
[  573.790871][T10077] bridge0: port 2(bridge_slave_1) entered disabled state
[  573.834815][T10077] bridge_slave_1: entered allmulticast mode
[  573.842698][T10077] bridge_slave_1: entered promiscuous mode
[  574.120326][T10306] IPv6: NLM_F_CREATE should be specified when creating new route
[  574.413385][T10311] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1031'.
[  574.422446][T10311] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1031'.
[  575.212108][T10077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  575.229429][T10316] loop5: detected capacity change from 0 to 4096
[  575.262752][T10077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  575.355562][T10316] NILFS (loop5): invalid segment: Checksum error in segment payload
[  575.390005][ T1205] usb 4-1: new low-speed USB device number 5 using dummy_hcd
[  575.418634][T10316] NILFS (loop5): trying rollback from an earlier position
[  575.523379][T10316] NILFS (loop5): recovery complete
[  575.747466][T10323] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  575.761250][ T1205] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  575.775845][ T1205] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  575.788400][ T1205] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  575.815973][ T1205] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  575.851767][ T1205] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  575.907522][ T1205] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.945241][ T1205] hub 4-1:1.0: bad descriptor, ignoring hub
[  575.959813][T10077] team0: Port device team_slave_0 added
[  575.960321][ T1205] hub 4-1:1.0: probe with driver hub failed with error -5
[  575.981332][ T1205] cdc_wdm 4-1:1.0: skipping garbage
[  575.992343][ T1205] cdc_wdm 4-1:1.0: skipping garbage
[  576.007274][ T1205] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  576.019326][ T1205] cdc_wdm 4-1:1.0: Unknown control protocol
[  576.064096][T10077] team0: Port device team_slave_1 added
[  576.440644][T10077] batman_adv: batadv0: Adding interface: batadv_slave_0
[  576.673986][T10077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  576.705899][T10077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  576.719074][T10077] batman_adv: batadv0: Adding interface: batadv_slave_1
[  576.726255][T10077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  576.752935][T10077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  577.029809][T10077] hsr_slave_0: entered promiscuous mode
[  577.038234][T10077] hsr_slave_1: entered promiscuous mode
[  578.475171][ T5928] usb 4-1: USB disconnect, device number 5
[  579.111659][T10345] loop0: detected capacity change from 0 to 256
[  579.213113][T10347] trusted_key: encrypted_key: insufficient parameters specified
[  579.230027][T10345] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  579.350708][T10345] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  579.490521][T10345] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x062de574, utbl_chksum : 0xe619d30d)
[  580.050978][T10332] loop5: detected capacity change from 0 to 32768
[  580.331536][T10332] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1038 (10332)
[  581.327068][T10077] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  581.386346][T10077] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  581.497533][T10077] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  581.573071][T10077] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  582.221246][T10077] 8021q: adding VLAN 0 to HW filter on device bond0
[  582.473518][T10077] 8021q: adding VLAN 0 to HW filter on device team0
[  582.564522][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  582.571722][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  582.672166][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  582.679370][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  585.048820][T10077] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  587.384783][T10407] loop1: detected capacity change from 0 to 128
[  587.399476][T10407] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  587.544325][T10407] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  587.652143][T10411] 9pnet_virtio: no channels available for device syz
[  587.725861][T10077] 8021q: adding VLAN 0 to HW filter on device batadv0
[  587.783986][T10414] netlink: 'syz.4.1057': attribute type 2 has an invalid length.
[  587.826891][T10414] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1057'.
[  588.032923][T10416] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1058'.
[  588.042254][T10416] trusted_key: encrypted_key: insufficient parameters specified
[  588.050414][T10416] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1058'.
[  588.115224][T10077] veth0_vlan: entered promiscuous mode
[  588.216070][T10077] veth1_vlan: entered promiscuous mode
[  588.480024][T10077] veth0_macvtap: entered promiscuous mode
[  588.535975][T10077] veth1_macvtap: entered promiscuous mode
[  589.277340][T10077] batman_adv: batadv0: Interface activated: batadv_slave_0
[  589.356589][T10077] batman_adv: batadv0: Interface activated: batadv_slave_1
[  589.432126][T10077] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  589.481233][T10077] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  589.539367][T10077] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  589.604402][T10429] trusted_key: encrypted_key: insufficient parameters specified
[  589.612135][T10077] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  589.743203][T10431] fuse: Unknown parameter '0x0000000000000004'
[  589.916799][T10419] loop0: detected capacity change from 0 to 32768
[  589.959272][T10419] BTRFS: device /dev/loop0 (7:0) using temp-fsid 8aab9241-fd4f-4843-b2e2-41fe742d3513
[  590.006033][T10419] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1059 (10419)
[  590.060186][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  590.071761][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  590.112493][T10419] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  590.131638][T10419] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  590.154689][T10419] BTRFS info (device loop0): disk space caching is enabled
[  590.173889][T10419] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  590.350452][T10419] BTRFS info (device loop0): rebuilding free space tree
[  590.404298][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  590.495985][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  590.563996][T10419] BTRFS info (device loop0): disabling free space tree
[  590.613990][T10419] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  590.723398][T10419] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  591.853236][ T5842] BTRFS info (device loop0): last unmount of filesystem 8aab9241-fd4f-4843-b2e2-41fe742d3513
[  591.971593][ T5826]  non-paged memory
[  591.975911][ T5826] list_del corruption, ffff88805794b300->next is LIST_POISON1 (dead000000000100)
[  591.987570][ T5826] ------------[ cut here ]------------
[  591.993104][ T5826] kernel BUG at lib/list_debug.c:58!
[  591.999348][ T5826] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[  592.005861][ T5826] CPU: 1 UID: 0 PID: 5826 Comm: kworker/u9:2 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  592.018028][ T5826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  592.028099][ T5826] Workqueue: hci5 hci_conn_timeout
[  592.033729][ T5826] RIP: 0010:__list_del_entry_valid_or_report+0x10e/0x190
[  592.040774][ T5826] Code: c0 90 e2 8b 48 89 de e8 10 f0 5f fc 90 0f 0b 4c 89 e7 e8 d5 5a 3b fd 48 c7 c7 20 91 e2 8b 48 89 de 4c 89 e2 e8 f3 ef 5f fc 90 <0f> 0b 4c 89 e7 e8 b8 5a 3b fd 48 c7 c7 80 91 e2 8b 48 89 de 4c 89
[  592.060401][ T5826] RSP: 0018:ffffc90003d6f980 EFLAGS: 00010246
[  592.066576][ T5826] RAX: 000000000000004e RBX: ffff88805794b300 RCX: 3ef90a118ed38e00
[  592.074568][ T5826] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  592.082552][ T5826] RBP: ffffffff8a75c860 R08: 0000000000000003 R09: 0000000000000004
[  592.090541][ T5826] R10: dffffc0000000000 R11: fffffbfff1bfaa04 R12: dead000000000100
[  592.098533][ T5826] R13: dffffc0000000000 R14: dead000000000100 R15: dead000000000122
[  592.106536][ T5826] FS:  0000000000000000(0000) GS:ffff888125d51000(0000) knlGS:0000000000000000
[  592.115484][ T5826] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  592.122088][ T5826] CR2: 000000110c39bc04 CR3: 000000005ea94000 CR4: 0000000000350ef0
[  592.130258][ T5826] Call Trace:
[  592.133555][ T5826]  <TASK>
[  592.136500][ T5826]  hci_cmd_sync_dequeue_once+0x24a/0x370
[  592.142181][ T5826]  hci_cancel_connect_sync+0xc8/0x120
[  592.147583][ T5826]  hci_abort_conn+0x191/0x330
[  592.152285][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  592.158022][ T5826]  ? process_scheduled_works+0x9ef/0x17b0
[  592.163774][ T5826]  process_scheduled_works+0xae1/0x17b0
[  592.169371][ T5826]  ? __pfx_process_scheduled_works+0x10/0x10
[  592.175390][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  592.181045][ T5826]  worker_thread+0x8a0/0xda0
[  592.185678][ T5826]  kthread+0x711/0x8a0
[  592.189767][ T5826]  ? __pfx_worker_thread+0x10/0x10
[  592.194906][ T5826]  ? __pfx_kthread+0x10/0x10
[  592.199516][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  592.205169][ T5826]  ? _raw_spin_unlock_irq+0x23/0x50
[  592.210395][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  592.216042][ T5826]  ? lockdep_hardirqs_on+0x9c/0x150
[  592.221266][ T5826]  ? __pfx_kthread+0x10/0x10
[  592.225873][ T5826]  ret_from_fork+0x3fc/0x770
[  592.230485][ T5826]  ? __pfx_ret_from_fork+0x10/0x10
[  592.235627][ T5826]  ? __switch_to_asm+0x39/0x70
[  592.240397][ T5826]  ? __switch_to_asm+0x33/0x70
[  592.245250][ T5826]  ? __pfx_kthread+0x10/0x10
[  592.249851][ T5826]  ret_from_fork_asm+0x1a/0x30
[  592.254633][ T5826]  </TASK>
[  592.257646][ T5826] Modules linked in:
[  592.262685][ T5826] ---[ end trace 0000000000000000 ]---
[  592.280796][ T5826] RIP: 0010:__list_del_entry_valid_or_report+0x10e/0x190
[  592.287991][ T5826] Code: c0 90 e2 8b 48 89 de e8 10 f0 5f fc 90 0f 0b 4c 89 e7 e8 d5 5a 3b fd 48 c7 c7 20 91 e2 8b 48 89 de 4c 89 e2 e8 f3 ef 5f fc 90 <0f> 0b 4c 89 e7 e8 b8 5a 3b fd 48 c7 c7 80 91 e2 8b 48 89 de 4c 89
[  592.308198][ T5826] RSP: 0018:ffffc90003d6f980 EFLAGS: 00010246
[  592.314701][ T5826] RAX: 000000000000004e RBX: ffff88805794b300 RCX: 3ef90a118ed38e00
[  592.323113][ T5826] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  592.331195][ T5826] RBP: ffffffff8a75c860 R08: 0000000000000003 R09: 0000000000000004
[  592.339316][ T5826] R10: dffffc0000000000 R11: fffffbfff1bfaa04 R12: dead000000000100
[  592.347526][ T5826] R13: dffffc0000000000 R14: dead000000000100 R15: dead000000000122
[  592.355710][ T5826] FS:  0000000000000000(0000) GS:ffff888125d51000(0000) knlGS:0000000000000000
[  592.364888][ T5826] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  592.372712][ T5826] CR2: 000000110c39bc04 CR3: 000000005ea94000 CR4: 0000000000350ef0
[  592.402638][ T5826] Kernel panic - not syncing: Fatal exception
[  592.408945][ T5826] Kernel Offset: disabled
[  592.413357][ T5826] Rebooting in 86400 seconds..