last executing test programs:

2m42.870930759s ago: executing program 4 (id=608):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={'veth1_vlan\x00', {0x2, 0x4e22, @empty}})

2m41.265020195s ago: executing program 4 (id=611):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x92, 0xdf, 0x55, 0x10, 0x5ac, 0x9226, 0xb289, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0xe9}}]}}]}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x18)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r3, 0x8914, &(0x7f0000000000))
r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448e4, 0x0)
bind$ax25(0xffffffffffffffff, &(0x7f0000000540)={{0x3, @bcast, 0x1}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
ioctl$KDGKBDIACR(r1, 0x4b4a, &(0x7f0000000340)=""/98)
connect$ax25(0xffffffffffffffff, &(0x7f00000001c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x5}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48)
ioctl$sock_ifreq(r4, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'})
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f00000002c0)=@assoc_value, &(0x7f0000001080)=0x8)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0100000003000000610200000200000000000000", @ANYRES32, @ANYBLOB="000000d122821e8ca4f7ad9061ae97fdff900100", @ANYRES32, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x3, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000002000000000000000800000018110000", @ANYRES32=r6, @ANYBLOB="0000000000001bb0e2354accae11b51e1ed2c846390000b702b703000000efff008500000083000000bf0900000000"], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2m40.468190265s ago: executing program 4 (id=615):
socket$inet(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x7, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITE={0x17, 0x0, 0x4007, @fd=r1, 0x6, 0x0, 0x0, 0xa})
io_uring_enter(r2, 0x627, 0xc1040000, 0x43, 0x0, 0x0)

2m39.887188662s ago: executing program 4 (id=616):
socket$tipc(0x1e, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)
r0 = socket(0x2, 0x2, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000040)=0xfffffffd)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$unix(r0, &(0x7f0000000000)=@abs, 0x6e)

2m38.946067332s ago: executing program 4 (id=619):
getcwd(&(0x7f00000004c0)=""/185, 0xb9)

2m38.839182834s ago: executing program 4 (id=621):
openat$dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48850}, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f0000000480)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x0, 0x4, 0x772, 0x7, 0x0, 0x0, 0x0, 0xa0, 0x200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1, 0x12, r3, 0x75e7f000)
write$P9_RVERSION(r2, &(0x7f0000000180)={0x13, 0x65, 0xffff, 0xffffff77, 0x6, '9P2000'}, 0x13)
write$FUSE_INIT(r3, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x1282, 0x400c6001, 0x5, 0x8, 0x10, 0xc40b, 0x0, 0x0, 0x40, 0x6}}, 0x50)

2m23.373586216s ago: executing program 32 (id=621):
openat$dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48850}, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f0000000480)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x0, 0x4, 0x772, 0x7, 0x0, 0x0, 0x0, 0xa0, 0x200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1, 0x12, r3, 0x75e7f000)
write$P9_RVERSION(r2, &(0x7f0000000180)={0x13, 0x65, 0xffff, 0xffffff77, 0x6, '9P2000'}, 0x13)
write$FUSE_INIT(r3, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x1282, 0x400c6001, 0x5, 0x8, 0x10, 0xc40b, 0x0, 0x0, 0x40, 0x6}}, 0x50)

13.244209914s ago: executing program 1 (id=1176):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

13.203882942s ago: executing program 1 (id=1177):
socket$phonet(0x23, 0x2, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0x0)
r3 = socket$kcm(0x10, 0x400000002, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000)
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x34, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0x0, 0xf}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084)
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x2, &(0x7f0000000080)=[{&(0x7f0000000140)="600000002e000d190a762d7f089e", 0xfca2}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0)

13.122587229s ago: executing program 0 (id=1178):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x1a10c1, 0x9c37611dc13d0d83)
fchown(r5, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="d80000001e0081054e81f782060000000000000006007c095dd2466518000e800a00142603600e1208000f0000000406a80016c00800094014000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000", 0x6a}], 0x1}, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020d0000100000000000000000000000080012000200020000000000000000001000320003000000000000000000000010003300000000000000000000000000fc020000000000000000000000000000030005000000000002000000ac1414aa0000000000000000030006000000000002000000000000000000000000000000eb85dd07969c271f0d03149a73502482ffeb1e"], 0x80}}, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2000003})
r7 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)
ftruncate(r7, 0xc17a)
ioctl$FS_IOC_FIEMAP(r7, 0xc020660b, &(0x7f0000000440)=ANY=[])

10.149475213s ago: executing program 1 (id=1182):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000001540)={0x54, 0x2, 0x6, 0x201, 0x0, 0x0, {0xc, 0x0, 0x9}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x54}}, 0x0)

9.376177885s ago: executing program 0 (id=1186):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, &(0x7f0000002c40))
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000080)={0x7, 0x60, 0x4, 0xffffffff, 0x4, 0x7, 0x6, 0x9}, 0x20)

8.468279149s ago: executing program 1 (id=1189):
userfaultfd(0x801)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
memfd_create(&(0x7f0000000a00)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdymg\x1a&\x1b{K\xe9\x9f\xb7za]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1+#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9+\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xdd\x04B$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b\x9f-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x01\x00\x00\x00\x00\x00\x00\x00\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea\xe4\xdf\x9b\n5\xf5+Q\x93dz\x9b\xda\xac\tbkN\xf2U(\xef\x06\x18\x9c\xda\x99\x13\xdbJ3\x10\x02V\xe2\xf2\x97laq\xb1#\xa6u\xf18\b\x95\xf9\xc7Af\xcd\xa8\xcdBH\xa4v\xff\xf1\xf9?:\x9ee\xd5\xe1t\xd9\xa5\x85\xe8\x9b2\xdd!<\xae\x19\x96\x9d\xd6\x18jm\x00\xfc\x00\x12\xd2\x94\xfb\xee\xba\x97\xe9\xe0\x8c\xf071\xbf:\xdc\x04>o\xc0\xc9\x9aZ\xa1<\xe0\xfbU\xaa3vQ\xc0T9\xe8\xddG\xddr\'\xaf8\x99,\xa9\x01\xac\xf8\x89\xedLT_o\xeb 0\x8dD>\x1e\xfd\xd0\xfap\x9f\xe1\x1d.>', 0xd)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x810}, 0x20004000)
syz_usb_connect(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="120100009b23fd406d04c1088dee000000410902"], 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xcd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80003, 0x0, 0x0, 0x0, 0x200, 0x20000, 0x40000000000, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x6, 0x3, 0x0, 0x100000001]})
shutdown(0xffffffffffffffff, 0x1)
syz_usb_connect(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYRESDEC=0x0], 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = syz_io_uring_setup(0xa0, &(0x7f00000002c0)={0x0, 0x89b8, 0x8, 0x0, 0x207}, &(0x7f0000000040)=<r4=>0x0, &(0x7f00000000c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0)
r5 = syz_clone(0x8202e080, &(0x7f0000000340), 0x0, &(0x7f0000000240), &(0x7f0000000280), &(0x7f0000000400)="b7d9ba7156ebffd33e5ce5eac5b2beaedf387e")
sched_setattr(r5, &(0x7f0000000440)={0x38, 0x3, 0x2c, 0x2, 0xd5, 0x5, 0x6, 0x1ff, 0x7, 0x9}, 0x0)

8.465005448s ago: executing program 0 (id=1190):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x2, 'dh\x00', 0x1, 0x5, 0x4a}, 0x2c)
ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82187201, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x400448ca, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=ANY=[@ANYBLOB], 0x36)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000181000010000000000000000000000000a40000000060a010400000000000000000200050000000000000400000000000000796e7365740000180002800900010073797a300000000008000440000000001400000011000100"/101], 0x68}}, 0x0)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00', @ANYRES16=r2], 0x44}}, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r3, 0x400452c8, &(0x7f0000000100))
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newlink={0x40, 0x10, 0x503, 0x1, 0x700, {0x0, 0x0, 0x0, 0x0, 0x2201}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @multicast1}, @IFLA_GRE_IKEY={0x8, 0x4, 0x7ff}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8800}, 0xc0b0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0f0000"], 0x37)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x3, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff, @void, @value}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x32600)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x1c, r6, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

7.30712704s ago: executing program 0 (id=1194):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf018f000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)

7.131833951s ago: executing program 3 (id=1196):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
write(r0, &(0x7f0000000500)="14df806c9ab8c15f433568097c1919976c64a129a2cf0e0b7437dc2224b0331ed79b939408ba59f10a764a6c001d3d12a755709b27da753d606cad9efd97c42e4930f97c3c580e539b0436f9d424c9d78db470e3bcf4b1956106f2b7145a863a42f610974a7e619575e655ab2260fd921b0a500419e3e8e87a5c3311c859bce984740b0281f5e166a2f3303e6a8077cf4b6ffe6f944f8c57eb008bfc2fd74a5bb5b751f53c26f381bee70e06e87da71bbae3c9adfc5b8d11fb48ffb5c45c80812b8f6e998612324b43c09e5f54e28e6c1eb3ece7b50406e791d89e5aded351ac019bace04986cdbf16b00e472af5ec2c44b58f6fa5ab023c8b6e3907047c0064b168b3b83b51f9e05b9cd717c9f688d8742029603ffef23e1d9107096551638a3edbbdd07a8a526756df76a57ff0fce20dc1604c93d5fba0ca151c1b0a15dc8db94e90ba504537b89b8b084b8e5e06ec18cdb6fded2af9f4e5d32349d286ea5597271806ebde0d1e542d41ee686410c912410e14ad2c5a1ff260d9c8cffe47814c095a3371a627d3276a818dfee3ba1b68ca74d19e6e629d28478ed3220c3b87a7c0ffc3da66ded17c252b43c8eddb709c6ca5ff10ca7bbb514838c1edaee12fc9d21bb3bc3d1466753f6f05d725eeab4b3e7d254bfa396891623db5943c4d69ef97d53539694d2754834d058e9bbaae704e740c93c4fc42b300301fab025797b2ffd65671af57d5f7956accedfae08e4908257c9abd570ab4f1da5ff1b51d8eb99ce53a7093d1841fffd88599fd8bc741f62a9dd9c7a2b779bdd114b07b21152cec92c2b99c8c8db561b136409f48b16ba287683b96dbd9bb6d9c9dc0f6811acb993950b6af8a3c294ddd9f62eb1e56ba3951bad6f9e982563150669e9c83e865a5d617cf071e64963cccd9e60c11eed7bda5810de6e48840d5097f24c211034c6147b029adc2fda25f4162f8ece4c83c17a3bbb78cfb40d86fdc3f9d4e281e66ac03ef7d715ff0a1a7f35b22eb40fc3a1ad73596a5258ec3a851385f940e73205640fe1a2d61db5cc1a1a7350b0b98d8ee076984c6c03928e0807dddd8f67065c244b1328746ba29c107199c531d127b7cadd3b2fec1531ef74a2e286d7c0c1eb8a1ab8ecc099aca53512e417f213c42a5839a3e767b635cbe5ab759eaaa8c62edd77323a786b9688804fc099da865cabb5c376dbcd817fbef69b5b24103f9191e5ac3b9357737759284659349cff53bf5f9794ea8eda8ce315743f0c6755c327809cc4528614061ccd6d0579a7f90a9c6f169eccaa8e87ab358d7efc29aca3d6777f5c7449f7f13482098de2bae29d1025e35db22a1a8d1c5a813e8e2427cef541d8f9ac5aa506e195d45a4ae183a5f75c1b11cd89152507a6fc35a696c8c06944d49dcbd794df945364f1b1ab0763d9427df6d7dcb8a23ea95c4b47192b259d7b2e1d062973c5e5323486ab84993dc0bc2547cad4297026283f5c77e83e7e5962f6a11c66536928dfd22541718c84a9bddeda6c7359afd0708e56b8ee811d418dbbc048c9ecfe6aac3e85314991bdad7f96b3820e939b998a7b0fe60355a65a112cee7c591d0ad66bb56b093cf4d023f9bf581103f2c2850f1761ab1d88992202f690d202c0da7a7b7f0417b8eb6535c15e293e8e0dbfe33e1874b78b0ab7d3b89ab0579575e4a2be999773773066cc4cfb38ca21e5aecafe5e18f5f457ac30b5214e5655fcbf6ae640bfe0638fdb5410ff38984480181be7ffbe228977edf358d90b83b3d288f1d5455cf6b58444aab165a30c045b92202c45b112d1efcd88544518c2f7a6de9644c8db0993acfcafc936a6ecca270ab3b93c19792d6b03fdffa40c5dc9de33ef6bea5e0077abd01bcccc50f375428dfe3c55cb7638a381e8b9af81b07a3915c9eaf3ef07726c1ffdb825f82c4c5c6af6727a1c04984fede1e892cf27eda13fac1b144041b73b0d71375c4cca819afc8f895e4c42d9fee05a3ea29c28aab097f797e32f63bed1a2e15bb6ee0888388cb015e10dbeb07f0a42ad0398919a14863022fea24f4de7b66d973f767de91534db4e19cda7a318d25c78789e804da93ed7115792b5e55806fbc85a1bcd20e2dfd4df155d273636b75be0d551cebc5aacd578ed69561b84044d19e795b6024b8dbe7f443186a3695abc1a1dd9fcf3f5902439ba286c057efff37ba20742ed74b3292783570f3152a23e78c2e30191c11890880386fafcd352501911719572eee5daeba180f4d9480514e06a88389844d6d1533e17667dac8cc466a0875e691c77bf16263af832a7f99b2bd52c21a00241ad3af92590adc6009a07205d93416dd757db679c287035847077d878b32dfab3dc51be9fbdcf5ea89e29090f1f724a810885feac1de4cc1330ad2c0fb7e586a338fe9b1257507e2c89d95095973525be10bb32d4b5a4f431c79a75abdf9af3eb9090b922faac833ccc0bc0899273003e3dee72f2a03e7e7a19f2692c2e8e0b5d4b43e32d1602ab6c88ba1a03dfcc6c3ddaedfda4f460c367ccd7ca4f3b3be6ee3c4806b7a8c71a2597b742d80bd2a2c08e8252a02cb3b1afa524b9f86d4facefa979d763ca9f0cb6b33db16b2781a9dcf09036360062dac6ab3924952567fbd0bb2048a846791de2b68a93668c942a7503271450f9463b24d1198f738f0537b2cc77f13fde952f47c2d1c2b1e658aac5fae94462530ba1c4004e038e1771755d4342397813d44041513cc8dbee05abe8f0322d24c8615147524dbab9895888046bfc64f61e8a04c9db5695584c14508d15a30aafba973e50051ca878834864c1c9350b749be0a2656923d7403d6a978374eeecfbfcf98cdd6b7e97e924530b07d6211dd6b181e16fd5d0e061b4571acb633c51a1ed950cee198c42bb9df442ac50c9903cf2dc17310f0c5e48384060c23c5615ae6ac19966ae1045c315a51179e1d615089584caad77ff308729401f71beced6fea9f1466897888f7017822e8f55ee099c41947727d092cedaa770e5aa500f51cf4bbfd3da0cd454906a82245ebecd4f705668462e908310d26103b860da4fcf006121376db095b4d443a7614b4e0e604f6f265e01dd11cf98f0f6675038e4d33e416bd96531bbc5016432ec8d4c3e59839264ee25ae02c51912a5c0372a92376d28b6839ff5a082b7085e55fdb80ec8ab4d80a7d867356a4bb9e12fccad20c133e4c17512dd419c9a6e282e63d5237e9acb4b922b06748db75b7ed4038dc4dd3bcb8da5221d01d098573afa43ba0e5ea8f25bb186c76a21e9e0b3a2535783ae45e1e71deecb84b82dd32c2bf152e579005aedfe65626ea9e84625d34f6854d8c54713fee49fd12b5f15349d6ab591ebecf1456dcf12a18c6f3c73b0097d4392fe0d04fc340f9ae20a068e5f21f266b70a8655e56b815fac60730d52a2d1116d7c341817eb435a7b7e120de361eaa1a3899f6dd7fa9b61f0ec65fd8461db843470b239ed093af1b6e500fcd71280818d29b75f4e9fefc52251959eb7efa4508f42d9dd99bf4f3d76541e5a689caf2bc2060257fe5661c862791fb31440e70c712ba6ef44a8166ab381bd3f4e730ed6a8d5082502d65fa61d7a901a112ea5f248470c2c92e468b13e170fd373400ff2caebb5c0577078a25a2caca7b81ff6c4ae094030bbc6a36fd2a52255856b9862f83a36845c8702a2d4e5886abfa0d03fe16609d7cb69e40a57de3b413db970863b9a472883d4b58032dfb62ff000971743d9720e33775b655d1a538f1010d30d8095da1435fb305de31a4a67409b88081521dc2fcc838bd722c21584873488e61a02f0feb58fda83d1a4ce217f9220b1a05d8ae5c67f732ae2086e847cda5fe52086052961cdac09dc5e65f6a73721d250d8d98b295b6444658cd3b9ed66acf3d0e5bb100c2a32500fd757d6cb32dc7e2c233749b5beec269cb61070fe625f474bd04204e121c9d603b488249f8767d214ea30e19a349224b781bd7ca76d5cff85eaabea4240e73dca50bcc01a9dd2376fe3a239605d210b69627af2a5702ebf6feb89e80912fc1dbb9c965212229c5996ecfbbba729d8af3d331da6de84c44edaacb19bf2c1ee61b1b34d1f54cb7e4db1f727ec4a90d696189a1ab073ba0ee5b036353394fad17d4f4dde05e277947153627cf7f3017ff87bb6467658a380f118601fda952ee225cf68e7e8d3ef9961bb6126ffd3555105e2e6d95b9c35341c9e9192e8b4d9210f9a1e7c2e9dea2df2e32d8af16d61688e03d2ecb528999dd8ece73ebee6babb10b4d89a366cbe781a7004fdc30b5f74bdde11e53b38a5e48007bb911f345120dd12f2a3a4e2d9e693b7fe1a2f0e1c2370cb14b16f371008f50bcc498f717a09b4764d20655c4bbdec426fb83599817e6d81e8ab155cc9b9a44d623ba08fd215937479158f438c7c9fdb16dade902f8dbf9f78dbd4c52109353eaf020e8206dff619cd5d3ec574871c85d6d944806b731c78c196c05f54be393967c78f6cc34330b2c531c2c06a7eacfef066e0fa386ab422719363617aea9cab89f6c97f05a444ddf420f61728e362671237db44793949f40aba25a24465c4fbf289aad498d593d59916d96c234c77e610afd660004e8e29edad9c3f60e7ae88bd31c0fcadbf4ba84e3a3d50b091a30ab906fb327291ddd2ca5d116af5a4922d6103b342d5d356629c4354cd696794dd82a1678ea77c02d58187107f32bf0719cd277bfcba15ffcf211b589658f259cdd54772eae5ce6f315a070ddc094f9ec1fd7fb46fdbe18e44d9bf76583937e5c774abf16f6bf8a24994fa03e1a2d3b8602d1bbbf05a058174179d7b5c2d031e2f7f80ac43142b8777d739f49c22741cf731c11b9577994d6d3581a15e319c1e2cdba127dc8", 0xd80)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r2}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

6.792418585s ago: executing program 3 (id=1199):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000001540)={0x54, 0x2, 0x6, 0x201, 0x0, 0x0, {0xc, 0x0, 0x9}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x54}}, 0x0)

5.955110676s ago: executing program 2 (id=1202):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_proto_private(r5, 0x89e2, 0x0)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x2c, r6, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_PAGE={0x5, 0x7, 0x1f}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x3}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000010}, 0x40044)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000980), r7)
r9 = openat$smackfs_cipsonum(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/smackfs/doi\x00', 0x2, 0x0)
writev(r9, &(0x7f0000002680)=[{0x0}, {&(0x7f0000000700)='\x00', 0x1}], 0x2)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r7, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000500)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r8], 0x4c}, 0x1, 0x0, 0x0, 0x20000041}, 0x800)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r10, 0x400, 0x2)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001880)=ANY=[@ANYBLOB, @ANYBLOB="0b000080976b640868603000140001800d42af6425759db93efa660587014163"], 0x38}], 0x1}, 0x0)
quotactl$Q_QUOTAOFF(0x3, &(0x7f00000000c0)=@sg0, 0x0, 0x0)
fcntl$setlease(r11, 0x400, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

5.828242239s ago: executing program 3 (id=1203):
r0 = fanotify_init(0x4, 0x101000)
r1 = open$dir(0x0, 0x0, 0x0)
fanotify_mark(r0, 0x641, 0x1019, r1, 0x0)
fanotify_mark(r0, 0x1, 0x8001023, r1, 0x0)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg(r2, &(0x7f0000003680)=[{{&(0x7f0000000000)=@llc={0x1a, 0x207, 0x6, 0x10, 0xa, 0xf1, @broadcast}, 0x80, 0x0}}], 0x1, 0x8041)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x200002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000400)={0xc, 0x7cb3}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f00000000c0)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x2)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r6, &(0x7f0000000280), 0x8)

5.827371323s ago: executing program 5 (id=1204):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x2, 'dh\x00', 0x1, 0x5, 0x4a}, 0x2c)
ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82187201, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x400448ca, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=ANY=[@ANYBLOB], 0x36)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000181000010000000000000000000000000a40000000060a010400000000000000000200050000000000000400000000000000796e7365740000180002800900010073797a300000000008000440000000001400000011000100"/101], 0x68}}, 0x0)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00', @ANYRES16=r2], 0x44}}, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r3, 0x400452c8, &(0x7f0000000100))
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newlink={0x40, 0x10, 0x503, 0x1, 0x700, {0x0, 0x0, 0x0, 0x0, 0x2201}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @multicast1}, @IFLA_GRE_IKEY={0x8, 0x4, 0x7ff}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8800}, 0xc0b0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0f0000"], 0x37)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x3, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff, @void, @value}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x32600)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x1c, r6, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

5.000663045s ago: executing program 2 (id=1205):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r0 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
syz_clone3(&(0x7f0000000340)={0x201800000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58)
syz_clone(0x80843711, 0x0, 0xfffffcf7, 0x0, 0x0, 0x0)

4.47603387s ago: executing program 2 (id=1206):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$inet(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20020008008f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0x10000005}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$int_in(r2, 0x5452, &(0x7f00000001c0)=0x1)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000000)=0xffb)
fcntl$setstatus(r2, 0x4, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x0, 0x0, 0x80, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x8, 'syz1\x00', 0x0})
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
bind$ax25(r3, &(0x7f0000000000)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
r5 = dup3(r3, r4, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r5)
socket(0x200000000000011, 0x80000, 0x9)
pselect6(0x40, &(0x7f00000001c0)={0x1, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x1, 0x7fffffff}, 0x0, 0x0)

4.399500024s ago: executing program 5 (id=1207):
r0 = syz_io_uring_setup(0x3850, &(0x7f0000000440)={0x0, 0x86ed, 0x10100, 0x2, 0x1f}, &(0x7f0000000280)=<r1=>0x0, 0x0)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, &(0x7f0000000680)={&(0x7f0000002280)=@sco, 0x80, 0x0}})
io_uring_enter(r0, 0x291c, 0x0, 0x42, 0x0, 0x0)

4.375842727s ago: executing program 1 (id=1208):
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x4080c}, 0x2000c845)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280)=ANY=[], 0x17)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
socket(0x2, 0x80805, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000400)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[], 0x50)
removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00')
openat$proc_mixer(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_ifreq(r3, 0x89a2, &(0x7f0000000280)={'bridge0\x00', @ifru_settings={0x43, 0x0, @sync=0x0}})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

4.168213669s ago: executing program 3 (id=1209):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x5, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@none, 0xaa, 0x1, 0x7}}}, 0xc)
openat$dma_heap(0xffffffffffffff9c, 0x0, 0x100, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
bind$rds(0xffffffffffffffff, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x15, 0x17, &(0x7f0000000880)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0xa0}}, {{0x6, 0x0, 0x2, 0x9, 0x0, 0x6, 0xe7030000}, {0x4, 0x0, 0x0, 0x6}}, [@printk={@llx, {0x5, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x14}}], {{0x4, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x2}}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

4.150622305s ago: executing program 5 (id=1210):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='numa_maps\x00')
get_mempolicy(0x0, 0x0, 0x2, &(0x7f0000240000/0x1000)=nil, 0x3)
lseek(r4, 0x289e0cb5, 0x0)

2.792995057s ago: executing program 1 (id=1211):
socket$qrtr(0x2a, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$kcm(0x29, 0x2, 0x0)
sched_setscheduler(r0, 0x3, &(0x7f0000000180)=0x101)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r5 = socket$kcm(0x2, 0x1, 0x0)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
sendmsg$inet(r5, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x20000811)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000040)={r5, r4})
sendmsg$kcm(r3, &(0x7f0000002080)={0x0, 0x0, 0x0}, 0x0)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000000000040de28421100000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io(r6, &(0x7f00000001c0)={0x2c, &(0x7f0000000000)={0x0, 0x0, 0x5, {0x5, 0x0, "b1a748"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r7 = syz_open_dev$video4linux(&(0x7f0000000100), 0x7, 0x20000)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r7, 0xc040563d, &(0x7f0000000140)={0x0, 0x0, 0x103, 0x0, {0x8, 0x0, 0x9, 0x109a}})
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
epoll_create1(0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x58, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r8}, 0x10)
syz_open_procfs(0xffffffffffffffff, 0x0)

2.741990956s ago: executing program 2 (id=1212):
openat$nullb(0xffffffffffffff9c, 0x0, 0x42000, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = fsopen(&(0x7f0000000200)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f046bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000080)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
remap_file_pages(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)

2.741018464s ago: executing program 3 (id=1213):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
socket(0x1d, 0x2, 0x6)
r3 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000240)={0x1d, r4, 0x8000000000000002, {0x0, 0xf0, 0x4}}, 0x18)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r2, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4006}, 0x20008850)

1.336150197s ago: executing program 2 (id=1214):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000001540)={0x54, 0x2, 0x6, 0x201, 0x0, 0x0, {0xc, 0x0, 0x9}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x54}}, 0x0)

1.117055338s ago: executing program 5 (id=1215):
r0 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
io_setup(0x956, &(0x7f0000000000)=<r4=>0x0)
io_destroy(r4)

1.115825768s ago: executing program 0 (id=1216):
unshare(0x400)
socketpair(0x1e, 0x100000005, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
getpeername$packet(r0, 0x0, &(0x7f0000000040)=0x31)

916.143827ms ago: executing program 3 (id=1217):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x2, 'dh\x00', 0x1, 0x5, 0x4a}, 0x2c)
ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82187201, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x400448ca, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=ANY=[@ANYBLOB], 0x36)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000181000010000000000000000000000000a40000000060a010400000000000000000200050000000000000400000000000000796e7365740000180002800900010073797a300000000008000440000000001400000011000100"/101], 0x68}}, 0x0)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00', @ANYRES16=r2], 0x44}}, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r3, 0x400452c8, &(0x7f0000000100))
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newlink={0x40, 0x10, 0x503, 0x1, 0x700, {0x0, 0x0, 0x0, 0x0, 0x2201}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @multicast1}, @IFLA_GRE_IKEY={0x8, 0x4, 0x7ff}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8800}, 0xc0b0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0f0000"], 0x37)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=ANY=[@ANYBLOB="12000000020000000800"], 0x48)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x3, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff, @void, @value}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x32600)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x1c, r6, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

915.641223ms ago: executing program 0 (id=1218):
userfaultfd(0x801)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
memfd_create(&(0x7f0000000a00)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdymg\x1a&\x1b{K\xe9\x9f\xb7za]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1+#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9+\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xdd\x04B$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b\x9f-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x01\x00\x00\x00\x00\x00\x00\x00\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea\xe4\xdf\x9b\n5\xf5+Q\x93dz\x9b\xda\xac\tbkN\xf2U(\xef\x06\x18\x9c\xda\x99\x13\xdbJ3\x10\x02V\xe2\xf2\x97laq\xb1#\xa6u\xf18\b\x95\xf9\xc7Af\xcd\xa8\xcdBH\xa4v\xff\xf1\xf9?:\x9ee\xd5\xe1t\xd9\xa5\x85\xe8\x9b2\xdd!<\xae\x19\x96\x9d\xd6\x18jm\x00\xfc\x00\x12\xd2\x94\xfb\xee\xba\x97\xe9\xe0\x8c\xf071\xbf:\xdc\x04>o\xc0\xc9\x9aZ\xa1<\xe0\xfbU\xaa3vQ\xc0T9\xe8\xddG\xddr\'\xaf8\x99,\xa9\x01\xac\xf8\x89\xedLT_o\xeb 0\x8dD>\x1e\xfd\xd0\xfap\x9f\xe1\x1d.>', 0xd)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x810}, 0x20004000)
syz_usb_connect(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="120100009b23fd406d04c1088dee000000410902"], 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xcd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80003, 0x0, 0x0, 0x0, 0x200, 0x20000, 0x40000000000, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x6, 0x3, 0x0, 0x100000001]})
shutdown(0xffffffffffffffff, 0x1)
syz_usb_connect(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYRESDEC=0x0], 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = syz_io_uring_setup(0xa0, &(0x7f00000002c0)={0x0, 0x89b8, 0x8, 0x0, 0x207}, &(0x7f0000000040)=<r4=>0x0, &(0x7f00000000c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0)
r5 = syz_clone(0x8202e080, &(0x7f0000000340), 0x0, &(0x7f0000000240), &(0x7f0000000280), &(0x7f0000000400)="b7d9ba7156ebffd33e5ce5eac5b2beaedf387e")
sched_setattr(r5, &(0x7f0000000440)={0x38, 0x3, 0x2c, 0x2, 0xd5, 0x5, 0x6, 0x1ff, 0x7, 0x9}, 0x0)

198.504507ms ago: executing program 2 (id=1219):
r0 = fanotify_init(0x4, 0x101000)
r1 = open$dir(0x0, 0x0, 0x0)
fanotify_mark(r0, 0x641, 0x1019, r1, 0x0)
fanotify_mark(r0, 0x1, 0x8001023, r1, 0x0)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg(r2, &(0x7f0000003680)=[{{&(0x7f0000000000)=@llc={0x1a, 0x207, 0x6, 0x10, 0xa, 0xf1, @broadcast}, 0x80, 0x0}}], 0x1, 0x8041)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x200002, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f00000000c0)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x2)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r6, &(0x7f0000000280), 0x8)

108.561275ms ago: executing program 5 (id=1220):
r0 = syz_io_uring_setup(0x3850, &(0x7f0000000440)={0x0, 0x86ed, 0x10100, 0x2, 0x1f}, &(0x7f0000000280)=<r1=>0x0, 0x0)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, &(0x7f0000000680)={&(0x7f0000002280)=@sco, 0x80, 0x0}})
io_uring_enter(r0, 0x291c, 0x0, 0x42, 0x0, 0x0)

0s ago: executing program 5 (id=1221):
r0 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', <r1=>0x0})
socket$caif_seqpacket(0x25, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
r6 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
read$midi(r6, 0x0, 0x14)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=@ipv6_getnexthop={0x20, 0x6a, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@NHA_ID={0x8, 0x1, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="2400000018000109000000000010000002"], 0x24}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f0000000080)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfda0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

kernel console output (not intermixed with test programs):

64063][ T6514] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.165886][ T6514] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.193392][ T2163] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.193655][ T2163] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.204736][ T6514] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.211187][ T6514] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.211486][ T6514] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.211518][ T6514] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.241447][ T1638] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.243632][ T1638] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.296038][ T6519] veth0_vlan: entered promiscuous mode
[   41.304618][ T6519] veth1_vlan: entered promiscuous mode
[   41.314172][ T6522] 8021q: adding VLAN 0 to HW filter on device batadv0
[   41.338409][ T2163] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.338470][ T2163] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.360285][ T6519] veth0_macvtap: entered promiscuous mode
[   41.362321][ T6519] veth1_macvtap: entered promiscuous mode
[   41.370976][ T6527] 8021q: adding VLAN 0 to HW filter on device batadv0
[   41.386312][   T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.392744][   T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.394910][ T6519] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.405332][ T6515] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   41.413638][ T6519] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.423160][ T6519] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.425814][ T6519] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.429253][ T6519] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.431700][ T6519] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.495886][ T6625] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4'.
[   41.509499][ T6527] veth0_vlan: entered promiscuous mode
[   41.513946][ T6527] veth1_vlan: entered promiscuous mode
[   41.527348][ T6527] percpu: allocation failed, size=8 align=8 atomic=1, atomic alloc failed, no space left
[   41.532543][ T6527] IPv6: veth1_macvtap: Failed to add prefix route for address fe80::39; dropping
[   41.546772][ T6527] veth0_macvtap: entered promiscuous mode
[   41.586099][ T6527] veth1_macvtap: entered promiscuous mode
[   41.602553][ T6527] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.606802][ T6527] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.610547][ T6527] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.613085][ T6527] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.615841][ T6527] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.619026][ T6527] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.735722][   T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.735784][   T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.789004][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.789066][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.807132][ T6522] veth0_vlan: entered promiscuous mode
[   41.825148][  T260] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.825216][  T260] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.845592][ T6522] veth1_vlan: entered promiscuous mode
[   41.862413][  T260] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.862481][  T260] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.895665][ T6522] veth0_macvtap: entered promiscuous mode
[   41.900781][ T6522] veth1_macvtap: entered promiscuous mode
[   41.913077][ T6522] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.914969][ T6522] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.916447][ T6522] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.916486][ T6522] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.916517][ T6522] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.916547][ T6522] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   42.019114][   T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   42.019171][   T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   42.167479][ T6648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   42.182867][ T6648] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   42.283876][ T6652] mmap: syz.0.1 (6652) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   42.732685][   T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   42.732750][   T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   42.778312][ T6083] Bluetooth: hci0: command tx timeout
[   42.857675][ T6083] Bluetooth: hci3: command tx timeout
[   42.858678][   T52] Bluetooth: hci1: command tx timeout
[   42.858735][   T52] Bluetooth: hci2: command tx timeout
[   42.858768][   T52] Bluetooth: hci4: command tx timeout
[   43.074413][ T6661] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   43.074723][ T6661] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   43.108047][ T6661] 8021q: adding VLAN 0 to HW filter on device bond0
[   43.110918][ T6661] bond0: (slave rose0): Enslaving as an active interface with an up link
[   44.351811][ T6690] Zero length message leads to an empty skb
[   45.186810][ T6083] Bluetooth: hci0: command tx timeout
[   45.187701][ T6083] Bluetooth: hci4: command tx timeout
[   45.188415][ T6083] Bluetooth: hci2: command tx timeout
[   45.188453][ T6083] Bluetooth: hci1: command tx timeout
[   45.188487][ T6083] Bluetooth: hci3: command tx timeout
[   45.193100][ T6692] [U] „
[   46.209886][ T6529] Bluetooth: hci4: unexpected subevent 0x19 length: 10 < 28
[   46.386186][ T6721] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[   46.391765][ T6721] ubi31: attaching mtd0
[   46.422414][ T6721] ubi31: scanning is finished
[   46.422524][ T6721] ubi31: empty MTD device detected
[   47.262604][ T6529] Bluetooth: hci3: command tx timeout
[   47.262696][ T6529] Bluetooth: hci1: command tx timeout
[   47.262751][ T6529] Bluetooth: hci2: command tx timeout
[   47.262786][ T6529] Bluetooth: hci4: command tx timeout
[   47.262819][ T6529] Bluetooth: hci0: command tx timeout
[   47.277700][ T6721] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[   47.349872][ T6729] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   47.425455][ T6729] wireguard0: entered promiscuous mode
[   47.425520][ T6729] wireguard0: entered allmulticast mode
[   47.446078][ T6731] 9pnet_fd: Insufficient options for proto=fd
[   47.542241][ T6083] Bluetooth: hci1: Unknown advertising packet type: 0x11
[   47.542339][ T6083] Bluetooth: hci1: Unknown advertising packet type: 0x17
[   47.544607][ T6083] Bluetooth: hci1: Unknown advertising packet type: 0x1d
[   47.546634][ T6083] Bluetooth: hci1: Malformed LE Event: 0x0d
[   47.620349][ T6740] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   47.620646][ T6740] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   47.697203][ T6744] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[   48.857588][ T6764] capability: warning: `syz.2.29' uses 32-bit capabilities (legacy support in use)
[   51.538032][ T6800] veth0_to_team: entered promiscuous mode
[   51.538109][ T6800] veth0_to_team: entered allmulticast mode
[   51.949906][ T6595] IPVS: starting estimator thread 0...
[   51.996735][ T6814] netlink: 'syz.3.43': attribute type 12 has an invalid length.
[   52.009053][   T31] audit: type=1326 audit(51.620:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6813 comm="syz.3.43" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff8a55a7a8 code=0x0
[   52.025666][   T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   52.047743][ T6812] IPVS: using max 33 ests per chain, 79200 per kthread
[   52.076685][ T6818] warning: `syz.1.44' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   52.177921][   T24] usb 1-1: Using ep0 maxpacket: 16
[   52.183074][   T24] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 11
[   52.183327][   T24] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[   52.183441][   T24] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[   52.183552][   T24] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[   52.183655][   T24] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[   52.183817][   T24] usb 1-1: config 1 interface 0 has no altsetting 0
[   52.183934][   T24] usb 1-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[   52.184044][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   52.211164][   T24] ums-sddr09 1-1:1.0: USB Mass Storage device detected
[   53.085410][   T24] scsi host0: usb-storage 1-1:1.0
[   53.637665][ T6862] kAFS: Can only specify source 'none' with -o dyn
[   54.284817][ T6861] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   54.304602][   T61] scsi 0:0:0:0: Direct-Access     Sandisk  ImageMate SDDR09 0177 PQ: 0 ANSI: 0
[   54.421468][   T24] usb 1-1: USB disconnect, device number 2
[   54.840240][   T61] scsi 0:0:0:0: Attached scsi generic sg0 type 0
[   55.006372][ T6874] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   55.011583][ T6874] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   55.014056][   T61] sd 0:0:0:0: [sda] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK
[   55.018090][   T61] sd 0:0:0:0: [sda] Read Capacity(10) failed: Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK
[   55.021480][   T61] sd 0:0:0:0: [sda] Sense not available.
[   55.023451][   T61] sd 0:0:0:0: [sda] 0 512-byte logical blocks: (0 B/0 B)
[   55.025586][   T61] sd 0:0:0:0: [sda] 0-byte physical blocks
[   55.027383][   T61] sd 0:0:0:0: [sda] Write Protect is off
[   55.038398][   T61] sd 0:0:0:0: [sda] Asking for cache data failed
[   55.038465][   T61] sd 0:0:0:0: [sda] Assuming drive cache: write through
[   55.778253][ T6880] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[   55.810761][   T61] sd 0:0:0:0: [sda] Attached SCSI removable disk
[   56.848505][ T6894] process 'syz.1.61' launched '/dev/fd/3' with NULL argv: empty string added
[   57.713962][ T6888] udevd[6888]: inotify_add_watch(7, /dev/sda, 10) failed: No such file or directory
[   58.826000][ T6646] udevd[6646]: inotify_add_watch(7, /dev/sda, 10) failed: No such file or directory
[   61.340365][ T6943] veth0_vlan: entered allmulticast mode
[   61.722720][ T6951] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   61.723029][ T6951] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.058112][ T6954] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[   62.772395][ T6083] Bluetooth: hci5: Opcode 0x1003 failed: -110
[   62.946733][ T6968] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   62.949686][ T6968] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   63.134360][ T6970] vhci_hcd: invalid port number 96
[   63.134473][ T6970] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   64.863018][ T2408] ieee802154 phy0 wpan0: encryption failed: -22
[   64.865590][ T2408] ieee802154 phy1 wpan1: encryption failed: -22
[   65.074781][ T6989] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   65.075092][ T6989] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   66.796112][ T7023] vhci_hcd: invalid port number 96
[   66.796173][ T7023] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   67.037615][   T24] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   67.169872][ T7025] loop4: detected capacity change from 0 to 40427
[   67.187646][   T24] usb 1-1: Using ep0 maxpacket: 16
[   67.189198][   T24] usb 1-1: config 1 has an invalid interface number: 105 but max is 0
[   67.189269][   T24] usb 1-1: config 1 has no interface number 0
[   67.189305][   T24] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[   67.189340][   T24] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[   67.189373][   T24] usb 1-1: config 1 interface 105 has no altsetting 0
[   67.192071][   T24] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[   67.192107][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   67.192132][   T24] usb 1-1: Product: syz
[   67.192153][   T24] usb 1-1: Manufacturer: syz
[   67.192183][   T24] usb 1-1: SerialNumber: syz
[   67.200654][ T7022] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   67.200748][ T7022] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   67.219725][ T7025] F2FS-fs (loop4): invalid crc value
[   67.248054][ T7025] F2FS-fs (loop4): Start checkpoint disabled!
[   67.270396][ T7025] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[   67.294146][ T7004] team0 (unregistering): Port device team_slave_0 removed
[   67.329888][ T7004] team0 (unregistering): Port device team_slave_1 removed
[   68.370808][ T7033] F2FS-fs (loop4): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[   68.394170][ T7022] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   68.397008][ T7022] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   68.450162][ T7038] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.450473][ T7038] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   68.499915][   T12] kworker/u8:0: attempt to access beyond end of device
[   68.499915][   T12] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   68.500477][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[   68.500500][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   68.500508][   T12] Workqueue: writeback wb_workfn (flush-7:4)
[   68.500530][   T12] Call trace:
[   68.500534][   T12]  show_stack+0x2c/0x3c (C)
[   68.500552][   T12]  __dump_stack+0x30/0x40
[   68.500566][   T12]  dump_stack_lvl+0xd8/0x12c
[   68.500579][   T12]  dump_stack+0x1c/0x28
[   68.500592][   T12]  f2fs_handle_critical_error+0x34c/0x4b8
[   68.500605][   T12]  f2fs_stop_checkpoint+0x5c/0x70
[   68.500618][   T12]  f2fs_write_end_io+0x58c/0x818
[   68.500630][   T12]  bio_endio+0x804/0x840
[   68.500642][   T12]  submit_bio_noacct+0x158/0x176c
[   68.500656][   T12]  submit_bio+0x354/0x4d4
[   68.500668][   T12]  f2fs_submit_write_bio+0x13c/0x324
[   68.500680][   T12]  __submit_merged_bio+0x254/0x704
[   68.500692][   T12]  __submit_merged_write_cond+0x23c/0x4ac
[   68.500703][   T12]  f2fs_write_data_pages+0x1d28/0x2634
[   68.500715][   T12]  do_writepages+0x270/0x468
[   68.500729][   T12]  __writeback_single_inode+0x15c/0x13e8
[   68.500744][   T12]  writeback_sb_inodes+0x558/0xe38
[   68.500757][   T12]  wb_writeback+0x3cc/0xd70
[   68.500770][   T12]  wb_workfn+0x338/0xdc0
[   68.500783][   T12]  process_one_work+0x7e8/0x155c
[   68.500798][   T12]  worker_thread+0x958/0xed8
[   68.500811][   T12]  kthread+0x5fc/0x75c
[   68.500823][   T12]  ret_from_fork+0x10/0x20
[   68.505994][   T12] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[   68.506085][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[   68.506102][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   68.506110][   T12] Workqueue: writeback wb_workfn (flush-7:4)
[   68.506130][   T12] Call trace:
[   68.506134][   T12]  show_stack+0x2c/0x3c (C)
[   68.506151][   T12]  __dump_stack+0x30/0x40
[   68.506165][   T12]  dump_stack_lvl+0xd8/0x12c
[   68.506188][   T12]  dump_stack+0x1c/0x28
[   68.506201][   T12]  f2fs_handle_critical_error+0x34c/0x4b8
[   68.506220][   T12]  f2fs_stop_checkpoint+0x5c/0x70
[   68.506234][   T12]  f2fs_write_end_io+0x58c/0x818
[   68.506245][   T12]  bio_endio+0x804/0x840
[   68.506256][   T12]  submit_bio_noacct+0x158/0x176c
[   68.506276][   T12]  submit_bio+0x354/0x4d4
[   68.506289][   T12]  f2fs_submit_write_bio+0x13c/0x324
[   68.506300][   T12]  __submit_merged_bio+0x254/0x704
[   68.506312][   T12]  __submit_merged_write_cond+0x23c/0x4ac
[   68.506323][   T12]  f2fs_write_data_pages+0x1d28/0x2634
[   68.506335][   T12]  do_writepages+0x270/0x468
[   68.506349][   T12]  __writeback_single_inode+0x15c/0x13e8
[   68.506363][   T12]  writeback_sb_inodes+0x558/0xe38
[   68.506376][   T12]  wb_writeback+0x3cc/0xd70
[   68.506390][   T12]  wb_workfn+0x338/0xdc0
[   68.506402][   T12]  process_one_work+0x7e8/0x155c
[   68.506415][   T12]  worker_thread+0x958/0xed8
[   68.506429][   T12]  kthread+0x5fc/0x75c
[   68.506441][   T12]  ret_from_fork+0x10/0x20
[   68.506602][   T12] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[   68.654442][ T7043] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[   68.916161][ T7047] futex_wake_op: syz.3.101 tries to shift op by -1; fix this program
[   69.668094][   T24] aqc111 1-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32
[   70.701761][ T3911] cfg80211: failed to load regulatory.db
[   70.704648][   T24] aqc111 1-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[   70.740033][   T24] aqc111 1-1:1.105 eth0: register 'aqc111' at usb-dummy_hcd.0-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 20:fc:94:45:3a:41
[   70.745521][   T24] usb 1-1: USB disconnect, device number 3
[   70.748787][   T24] aqc111 1-1:1.105 eth0: unregister 'aqc111' usb-dummy_hcd.0-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[   71.936332][ T7063] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.936648][ T7063] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   72.030975][ T6529] Bluetooth: hci1: ISO packet for unknown connection handle 0
[   72.104545][   T24] aqc111 1-1:1.105 eth0 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[   72.107291][   T24] aqc111 1-1:1.105 eth0 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[   72.110019][   T24] aqc111 1-1:1.105 eth0 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[   72.348693][ T7074] binder: 7062:7074 tried to acquire reference to desc 0, got 1 instead
[   72.351602][ T7074] binder: 7062:7074 got transaction with out-of-order buffer fixup
[   72.351742][ T7074] binder: 7074:7062 failed to fixup parent
[   72.351872][ T7074] binder: 7062:7074 transaction async to 7062:0 failed 5/29201/-22, code 0 size 120-24 line 3645
[   73.258235][ T6656] binder: undelivered TRANSACTION_ERROR: 29201
[   74.399969][ T7082] loop2: detected capacity change from 0 to 40427
[   74.418156][ T7082] F2FS-fs (loop2): invalid crc value
[   74.479543][ T7082] F2FS-fs (loop2): Start checkpoint disabled!
[   74.486102][ T7082] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   75.283372][ T7103] F2FS-fs (loop2): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[   75.548360][ T2163] kworker/u8:8: attempt to access beyond end of device
[   75.548360][ T2163] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   75.548453][ T2163] CPU: 1 UID: 0 PID: 2163 Comm: kworker/u8:8 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[   75.548470][ T2163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   75.548478][ T2163] Workqueue: writeback wb_workfn (flush-7:2)
[   75.548499][ T2163] Call trace:
[   75.548503][ T2163]  show_stack+0x2c/0x3c (C)
[   75.548521][ T2163]  __dump_stack+0x30/0x40
[   75.548535][ T2163]  dump_stack_lvl+0xd8/0x12c
[   75.548548][ T2163]  dump_stack+0x1c/0x28
[   75.548561][ T2163]  f2fs_handle_critical_error+0x34c/0x4b8
[   75.548574][ T2163]  f2fs_stop_checkpoint+0x5c/0x70
[   75.548587][ T2163]  f2fs_write_end_io+0x58c/0x818
[   75.548599][ T2163]  bio_endio+0x804/0x840
[   75.548611][ T2163]  submit_bio_noacct+0x158/0x176c
[   75.548624][ T2163]  submit_bio+0x354/0x4d4
[   75.548637][ T2163]  f2fs_submit_write_bio+0x13c/0x324
[   75.548648][ T2163]  __submit_merged_bio+0x254/0x704
[   75.548659][ T2163]  __submit_merged_write_cond+0x23c/0x4ac
[   75.548671][ T2163]  f2fs_write_data_pages+0x1d28/0x2634
[   75.548682][ T2163]  do_writepages+0x270/0x468
[   75.548697][ T2163]  __writeback_single_inode+0x15c/0x13e8
[   75.548711][ T2163]  writeback_sb_inodes+0x558/0xe38
[   75.548724][ T2163]  wb_writeback+0x3cc/0xd70
[   75.548737][ T2163]  wb_workfn+0x338/0xdc0
[   75.548750][ T2163]  process_one_work+0x7e8/0x155c
[   75.548763][ T2163]  worker_thread+0x958/0xed8
[   75.548777][ T2163]  kthread+0x5fc/0x75c
[   75.548789][ T2163]  ret_from_fork+0x10/0x20
[   75.548953][ T2163] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   75.548998][ T2163] CPU: 1 UID: 0 PID: 2163 Comm: kworker/u8:8 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[   75.549015][ T2163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   75.549022][ T2163] Workqueue: writeback wb_workfn (flush-7:2)
[   75.549037][ T2163] Call trace:
[   75.549041][ T2163]  show_stack+0x2c/0x3c (C)
[   75.549055][ T2163]  __dump_stack+0x30/0x40
[   75.549068][ T2163]  dump_stack_lvl+0xd8/0x12c
[   75.549081][ T2163]  dump_stack+0x1c/0x28
[   75.549094][ T2163]  f2fs_handle_critical_error+0x34c/0x4b8
[   75.549105][ T2163]  f2fs_stop_checkpoint+0x5c/0x70
[   75.549118][ T2163]  f2fs_write_end_io+0x58c/0x818
[   75.549129][ T2163]  bio_endio+0x804/0x840
[   75.549140][ T2163]  submit_bio_noacct+0x158/0x176c
[   75.549153][ T2163]  submit_bio+0x354/0x4d4
[   75.549166][ T2163]  f2fs_submit_write_bio+0x13c/0x324
[   75.549184][ T2163]  __submit_merged_bio+0x254/0x704
[   75.549195][ T2163]  __submit_merged_write_cond+0x23c/0x4ac
[   75.549206][ T2163]  f2fs_write_data_pages+0x1d28/0x2634
[   75.549220][ T2163]  do_writepages+0x270/0x468
[   75.549238][ T2163]  __writeback_single_inode+0x15c/0x13e8
[   75.549252][ T2163]  writeback_sb_inodes+0x558/0xe38
[   75.549266][ T2163]  wb_writeback+0x3cc/0xd70
[   75.549279][ T2163]  wb_workfn+0x338/0xdc0
[   75.549291][ T2163]  process_one_work+0x7e8/0x155c
[   75.549304][ T2163]  worker_thread+0x958/0xed8
[   75.549317][ T2163]  kthread+0x5fc/0x75c
[   75.549329][ T2163]  ret_from_fork+0x10/0x20
[   75.650762][ T2163] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   75.673812][ T7070] team0 (unregistering): Port device team_slave_0 removed
[   75.684265][ T7070] team0 (unregistering): Port device team_slave_1 removed
[   76.806525][ T7114] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   76.806852][ T7114] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   77.003028][ T7120] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[   77.748090][ T6083] Bluetooth: hci4: command 0x0405 tx timeout
[   78.318455][ T6083] Bluetooth: hci0: ISO packet for unknown connection handle 0
[   78.374891][ T7131] binder: 7127:7131 ioctl 40046210 0 returned -14
[   78.693883][ T7135] netlink: 12 bytes leftover after parsing attributes in process `syz.3.126'.
[   81.243570][ T7152] binder: 7139:7152 tried to acquire reference to desc 0, got 1 instead
[   81.243975][ T7152] binder: 7139:7152 got transaction with out-of-order buffer fixup
[   81.244004][ T7152] binder: 7152:7139 failed to fixup parent
[   81.244070][ T7152] binder: 7139:7152 transaction async to 7139:0 failed 10/29201/-22, code 0 size 120-24 line 3645
[   81.395671][ T6571] binder: undelivered TRANSACTION_ERROR: 29201
[   83.413031][ T7147] team0 (unregistering): Port device team_slave_0 removed
[   83.421806][ T7147] team0 (unregistering): Port device team_slave_1 removed
[   84.278847][ T6083] Bluetooth: hci1: ISO packet for unknown connection handle 0
[   89.626469][ T7210] loop1: detected capacity change from 0 to 40427
[   89.641075][ T7210] F2FS-fs (loop1): invalid crc value
[   89.692010][ T7210] F2FS-fs (loop1): Start checkpoint disabled!
[   89.704384][ T7210] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   89.904459][ T7241] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[   90.529616][ T7245] F2FS-fs (loop1): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[   90.631671][ T7247] binder: 7243:7247 ioctl c0306201 0 returned -14
[   90.648199][ T7247] o2cb: This node has not been configured.
[   90.661612][ T7247] o2cb: Cluster check failed. Fix errors before retrying.
[   90.661680][ T7247] (syz.4.153,7247,0):user_dlm_register:674 ERROR: status = -22
[   90.661715][ T7247] (syz.4.153,7247,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[   90.688419][   T61] kworker/u8:4: attempt to access beyond end of device
[   90.688419][   T61] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   90.688519][   T61] CPU: 0 UID: 0 PID: 61 Comm: kworker/u8:4 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[   90.688536][   T61] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   90.688544][   T61] Workqueue: writeback wb_workfn (flush-7:1)
[   90.688565][   T61] Call trace:
[   90.688569][   T61]  show_stack+0x2c/0x3c (C)
[   90.688588][   T61]  __dump_stack+0x30/0x40
[   90.688602][   T61]  dump_stack_lvl+0xd8/0x12c
[   90.688616][   T61]  dump_stack+0x1c/0x28
[   90.688630][   T61]  f2fs_handle_critical_error+0x34c/0x4b8
[   90.688643][   T61]  f2fs_stop_checkpoint+0x5c/0x70
[   90.688657][   T61]  f2fs_write_end_io+0x58c/0x818
[   90.688668][   T61]  bio_endio+0x804/0x840
[   90.688680][   T61]  submit_bio_noacct+0x158/0x176c
[   90.688694][   T61]  submit_bio+0x354/0x4d4
[   90.688706][   T61]  f2fs_submit_write_bio+0x13c/0x324
[   90.688717][   T61]  __submit_merged_bio+0x254/0x704
[   90.688728][   T61]  __submit_merged_write_cond+0x23c/0x4ac
[   90.688740][   T61]  f2fs_write_data_pages+0x1d28/0x2634
[   90.688752][   T61]  do_writepages+0x270/0x468
[   90.688766][   T61]  __writeback_single_inode+0x15c/0x13e8
[   90.688781][   T61]  writeback_sb_inodes+0x558/0xe38
[   90.688794][   T61]  wb_writeback+0x3cc/0xd70
[   90.688807][   T61]  wb_workfn+0x338/0xdc0
[   90.688819][   T61]  process_one_work+0x7e8/0x155c
[   90.688833][   T61]  worker_thread+0x958/0xed8
[   90.688846][   T61]  kthread+0x5fc/0x75c
[   90.688858][   T61]  ret_from_fork+0x10/0x20
[   90.689035][   T61] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   90.689081][   T61] CPU: 0 UID: 0 PID: 61 Comm: kworker/u8:4 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[   90.689096][   T61] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   90.689103][   T61] Workqueue: writeback wb_workfn (flush-7:1)
[   90.689118][   T61] Call trace:
[   90.689122][   T61]  show_stack+0x2c/0x3c (C)
[   90.689136][   T61]  __dump_stack+0x30/0x40
[   90.689149][   T61]  dump_stack_lvl+0xd8/0x12c
[   90.689162][   T61]  dump_stack+0x1c/0x28
[   90.689175][   T61]  f2fs_handle_critical_error+0x34c/0x4b8
[   90.689193][   T61]  f2fs_stop_checkpoint+0x5c/0x70
[   90.689206][   T61]  f2fs_write_end_io+0x58c/0x818
[   90.689218][   T61]  bio_endio+0x804/0x840
[   90.689228][   T61]  submit_bio_noacct+0x158/0x176c
[   90.689241][   T61]  submit_bio+0x354/0x4d4
[   90.689253][   T61]  f2fs_submit_write_bio+0x13c/0x324
[   90.689264][   T61]  __submit_merged_bio+0x254/0x704
[   90.689275][   T61]  __submit_merged_write_cond+0x23c/0x4ac
[   90.689287][   T61]  f2fs_write_data_pages+0x1d28/0x2634
[   90.689299][   T61]  do_writepages+0x270/0x468
[   90.689312][   T61]  __writeback_single_inode+0x15c/0x13e8
[   90.689326][   T61]  writeback_sb_inodes+0x558/0xe38
[   90.689339][   T61]  wb_writeback+0x3cc/0xd70
[   90.689352][   T61]  wb_workfn+0x338/0xdc0
[   90.689365][   T61]  process_one_work+0x7e8/0x155c
[   90.689378][   T61]  worker_thread+0x958/0xed8
[   90.689391][   T61]  kthread+0x5fc/0x75c
[   90.689402][   T61]  ret_from_fork+0x10/0x20
[   90.689553][   T61] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   90.999772][ T7256] binder: 7250:7256 ioctl 40046210 0 returned -14
[   91.038823][ T6083] Bluetooth: hci4: ISO packet for unknown connection handle 0
[   91.884541][ T7262] loop0: detected capacity change from 0 to 4096
[   91.924959][ T7262] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[   91.956641][ T7262] ntfs3(loop0): Failed to load $Extend (-22).
[   91.956758][ T7262] ntfs3(loop0): Failed to initialize $Extend.
[   94.649535][ T7305] Cannot find add_set index 0 as target
[   95.661410][ T7309] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[  100.743957][ T7358] binder: 7343:7358 tried to acquire reference to desc 0, got 1 instead
[  100.749657][ T7355] binder: 7343:7355 got transaction with out-of-order buffer fixup
[  100.749720][ T7355] binder: 7355:7343 failed to fixup parent
[  100.749821][ T7355] binder: 7343:7355 transaction async to 7343:0 failed 15/29201/-22, code 0 size 120-24 line 3645
[  101.048172][   T24] binder: undelivered TRANSACTION_ERROR: 29201
[  101.265236][ T7365] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  101.265546][ T7365] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  106.523485][ T7397] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  106.547961][ T7397] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  109.950495][ T7434] loop0: detected capacity change from 0 to 4096
[  110.312335][ T7442] batadv1: entered promiscuous mode
[  110.873766][ T2163] batman_adv: batadv1: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1
[  110.948395][ T7434] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  110.977599][ T7434] ntfs3(loop0): Failed to load $Extend (-22).
[  110.981052][ T7434] ntfs3(loop0): Failed to initialize $Extend.
[  111.345721][ T7459] binder: BINDER_SET_CONTEXT_MGR already set
[  111.355211][ T7459] binder: 7452:7459 ioctl 4018620d 20000040 returned -16
[  111.357950][ T7459] binder: 7452:7459 got transaction to invalid handle, 1
[  111.360035][ T7459] binder: 7459:7452 cannot find target node
[  111.362010][ T7459] binder: 7452:7459 transaction async to 0:0 failed 18/29201/-22, code 0 size 0-0 line 3152
[  112.088393][   T24] binder: undelivered TRANSACTION_ERROR: 29201
[  119.301173][ T7541] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  119.305221][ T7541] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  120.536837][ T7555] loop4: detected capacity change from 0 to 4096
[  120.601542][ T7555] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  121.491247][ T7555] ntfs3(loop4): Failed to load $Extend (-22).
[  121.491317][ T7555] ntfs3(loop4): Failed to initialize $Extend.
[  122.403925][ T7593] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  122.406881][ T7593] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  124.901451][ T6571] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  125.270736][ T6571] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  125.276436][ T6571] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  125.279560][ T6571] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.282267][ T6571] usb 1-1: Product: syz
[  125.283712][ T6571] usb 1-1: Manufacturer: syz
[  125.285331][ T6571] usb 1-1: SerialNumber: syz
[  125.290897][ T6571] usb 1-1: config 0 descriptor??
[  125.301443][ T6571] dm9601 1-1:0.0: probe with driver dm9601 failed with error -22
[  125.535168][ T6656] usb 1-1: USB disconnect, device number 4
[  126.364149][ T2408] ieee802154 phy0 wpan0: encryption failed: -22
[  126.366285][ T2408] ieee802154 phy1 wpan1: encryption failed: -22
[  129.805666][ T7681] loop2: detected capacity change from 0 to 4096
[  130.559100][ T7681] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  130.580166][ T7681] ntfs3(loop2): Failed to load $Extend (-22).
[  130.580259][ T7681] ntfs3(loop2): Failed to initialize $Extend.
[  130.628212][ T7700] trusted_key: syz.4.279 sent an empty control message without MSG_MORE.
[  131.311034][ T7709] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  131.311381][ T7709] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.332678][ T7726] hub 8-0:1.0: USB hub found
[  133.335450][ T7726] hub 8-0:1.0: 8 ports detected
[  135.113126][ T7748] loop1: detected capacity change from 0 to 4096
[  135.173963][ T7748] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  135.183891][ T7748] ntfs3(loop1): Failed to load $Extend (-22).
[  135.183963][ T7748] ntfs3(loop1): Failed to initialize $Extend.
[  140.341984][ T7787] loop0: detected capacity change from 0 to 4096
[  140.506293][ T7787] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  140.655714][ T7787] ntfs3(loop0): Failed to load $Extend (-22).
[  140.657585][ T7787] ntfs3(loop0): Failed to initialize $Extend.
[  144.354430][ T7861] loop4: detected capacity change from 0 to 4096
[  144.807820][ T7861] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  145.093541][ T7861] ntfs3(loop4): Failed to load $Extend (-22).
[  145.093605][ T7861] ntfs3(loop4): Failed to initialize $Extend.
[  147.078898][ T7898] netlink: 28 bytes leftover after parsing attributes in process `syz.3.337'.
[  147.078979][ T7898] netlink: 28 bytes leftover after parsing attributes in process `syz.3.337'.
[  147.090139][ T7898] bridge0: entered promiscuous mode
[  147.090985][ T7898] ip6gretap0: entered promiscuous mode
[  147.874580][ T3911] Process accounting resumed
[  150.397956][ T7937] loop4: detected capacity change from 0 to 16
[  150.398976][ T7937] erofs: Unknown parameter '0xffffffffffffffff'
[  150.441920][ T7937] loop4: detected capacity change from 0 to 4096
[  150.442673][ T7937] ntfs3: Unknown parameter ''
[  154.804291][ T7993] IPVS: sync thread started: state = MASTER, mcast_ifn = sit0, syncid = 0, id = 0
[  155.433974][ T7989] netlink: 14 bytes leftover after parsing attributes in process `syz.4.366'.
[  155.497797][ T3911] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  155.648264][ T3911] usb 1-1: Using ep0 maxpacket: 16
[  155.649608][ T3911] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  155.649666][ T3911] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  155.649703][ T3911] usb 1-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00
[  155.649729][ T3911] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.654054][ T3911] usb 1-1: config 0 descriptor??
[  156.423896][ T7988] netlink: 28 bytes leftover after parsing attributes in process `syz.0.365'.
[  156.426529][ T7988] netlink: 28 bytes leftover after parsing attributes in process `syz.0.365'.
[  156.473771][ T3911] usbhid 1-1:0.0: can't add hid device: -71
[  156.473898][ T3911] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  156.476268][ T3911] usb 1-1: USB disconnect, device number 5
[  159.959457][ T8041] loop0: detected capacity change from 0 to 16
[  159.963772][ T8041] erofs: Unknown parameter '0xffffffffffffffff'
[  160.199692][ T8041] loop0: detected capacity change from 0 to 4096
[  160.203267][ T8041] ntfs3: Unknown parameter ''
[  161.446954][ T8062] netlink: 28 bytes leftover after parsing attributes in process `syz.3.389'.
[  161.447037][ T8062] netlink: 28 bytes leftover after parsing attributes in process `syz.3.389'.
[  163.345365][ T6656] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  164.415283][ T8095] loop4: detected capacity change from 0 to 16
[  164.415866][ T8095] erofs: Unknown parameter '0xffffffffffffffff'
[  164.442638][ T8095] loop4: detected capacity change from 0 to 4096
[  164.443117][ T8095] ntfs3: Unknown parameter ''
[  164.475551][ T6523] Bluetooth: hci0: command 0x0406 tx timeout
[  164.478019][ T6523] Bluetooth: hci4: command 0x0405 tx timeout
[  164.480479][ T6523] Bluetooth: hci1: command 0x0406 tx timeout
[  164.482668][ T6523] Bluetooth: hci2: command 0x0406 tx timeout
[  164.485322][ T6523] Bluetooth: hci3: command 0x0406 tx timeout
[  164.607890][ T6656] usb 1-1: Using ep0 maxpacket: 16
[  164.615587][ T6656] usb 1-1: config 1 has an invalid interface number: 105 but max is 0
[  164.624516][ T6656] usb 1-1: config 1 has no interface number 0
[  164.626419][ T6656] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  164.632380][ T6656] usb 1-1: config 1 interface 105 has no altsetting 0
[  165.136531][ T6656] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  165.136596][ T6656] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.136642][ T6656] usb 1-1: Product: syz
[  165.136670][ T6656] usb 1-1: Manufacturer: syz
[  165.136697][ T6656] usb 1-1: SerialNumber: syz
[  165.156974][ T8079] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  166.167904][ T6656] aqc111 1-1:1.105: probe with driver aqc111 failed with error -22
[  167.185572][   T26] usb 1-1: USB disconnect, device number 6
[  167.670065][ T8135] loop1: detected capacity change from 0 to 16
[  167.670667][ T8135] erofs: Unknown parameter '0xffffffffffffffff'
[  167.815302][ T8135] loop1: detected capacity change from 0 to 4096
[  167.818215][ T8135] ntfs3: Unknown parameter ''
[  169.733582][ T8151] loop1: detected capacity change from 0 to 4096
[  169.845859][ T8151] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  169.874042][ T8151] ntfs3(loop1): Failed to load $Extend (-22).
[  169.874114][ T8151] ntfs3(loop1): Failed to initialize $Extend.
[  169.933428][ T8158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  169.933728][ T8158] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  169.936455][ T8158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  169.936750][ T8158] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  170.116354][ T8162] netlink: 14 bytes leftover after parsing attributes in process `syz.0.419'.
[  170.647159][ T8167] binder: 8148:8167 tried to acquire reference to desc 0, got 1 instead
[  170.647664][ T8167] binder: 8148:8167 got transaction with out-of-order buffer fixup
[  170.647703][ T8167] binder: 8167:8148 failed to fixup parent
[  170.647776][ T8167] binder: 8148:8167 transaction async to 8148:0 failed 23/29201/-22, code 0 size 120-24 line 3645
[  170.755004][ T6656] binder: undelivered TRANSACTION_ERROR: 29201
[  174.200451][ T8199] loop4: detected capacity change from 0 to 4096
[  174.235035][ T8199] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  174.259696][ T8205] netlink: 14 bytes leftover after parsing attributes in process `syz.0.433'.
[  174.282409][ T8199] ntfs3(loop4): Failed to load $Extend (-22).
[  174.282491][ T8199] ntfs3(loop4): Failed to initialize $Extend.
[  175.300767][ T8217] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  175.301105][ T8217] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  175.589461][ T8229] binder: 8211:8229 tried to acquire reference to desc 0, got 1 instead
[  175.592355][ T8229] binder: 8211:8229 got transaction with out-of-order buffer fixup
[  175.592389][ T8229] binder: 8229:8211 failed to fixup parent
[  175.592456][ T8229] binder: 8211:8229 transaction async to 8211:0 failed 28/29201/-22, code 0 size 120-24 line 3645
[  175.720968][   T26] binder: undelivered TRANSACTION_ERROR: 29201
[  176.362957][ T8234] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.367690][ T8234] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  176.370274][ T8234] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  176.372405][ T8234] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.372686][ T8234] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  176.628785][ T8241] netlink: 48 bytes leftover after parsing attributes in process `syz.4.444'.
[  176.764554][ T8244] netlink: 14 bytes leftover after parsing attributes in process `syz.3.445'.
[  177.024106][ T8248] loop0: detected capacity change from 0 to 4096
[  177.126735][ T8248] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  177.153212][ T8248] ntfs3(loop0): Failed to load $Extend (-22).
[  177.158039][ T8248] ntfs3(loop0): Failed to initialize $Extend.
[  177.737611][   T52] Bluetooth: hci4: command 0x0405 tx timeout
[  179.215797][ T8275] netlink: 48 bytes leftover after parsing attributes in process `syz.0.456'.
[  180.834734][    T9] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  180.977981][    T9] usb 1-1: Using ep0 maxpacket: 16
[  180.981753][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  180.981819][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.981851][    T9] usb 1-1: Product: syz
[  180.981879][    T9] usb 1-1: Manufacturer: syz
[  180.981906][    T9] usb 1-1: SerialNumber: syz
[  180.987657][    T9] usb 1-1: config 0 descriptor??
[  180.989871][    T9] appledisplay 1-1:0.0: Could not find int-in endpoint
[  180.990870][    T9] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  182.024702][ T3911] usb 1-1: USB disconnect, device number 7
[  182.237571][ T8312] netlink: 48 bytes leftover after parsing attributes in process `syz.4.468'.
[  183.276312][ T8320] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  183.276638][ T8320] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  185.354867][ T8336] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  185.486378][ T8336] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  187.823876][ T2408] ieee802154 phy0 wpan0: encryption failed: -22
[  187.825888][ T2408] ieee802154 phy1 wpan1: encryption failed: -22
[  191.210101][ T8384] loop4: detected capacity change from 0 to 40427
[  191.224094][ T8384] F2FS-fs (loop4): invalid crc value
[  192.093415][ T8384] F2FS-fs (loop4): Start checkpoint disabled!
[  192.104222][ T8384] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  192.781178][ T8416] F2FS-fs (loop4): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  192.927547][ T7530] kworker/u8:13: attempt to access beyond end of device
[  192.927547][ T7530] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  192.927638][ T7530] CPU: 1 UID: 0 PID: 7530 Comm: kworker/u8:13 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  192.927655][ T7530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  192.927663][ T7530] Workqueue: writeback wb_workfn (flush-7:4)
[  192.927685][ T7530] Call trace:
[  192.927689][ T7530]  show_stack+0x2c/0x3c (C)
[  192.927707][ T7530]  __dump_stack+0x30/0x40
[  192.927721][ T7530]  dump_stack_lvl+0xd8/0x12c
[  192.927735][ T7530]  dump_stack+0x1c/0x28
[  192.927748][ T7530]  f2fs_handle_critical_error+0x34c/0x4b8
[  192.927760][ T7530]  f2fs_stop_checkpoint+0x5c/0x70
[  192.927774][ T7530]  f2fs_write_end_io+0x58c/0x818
[  192.927786][ T7530]  bio_endio+0x804/0x840
[  192.927798][ T7530]  submit_bio_noacct+0x158/0x176c
[  192.927812][ T7530]  submit_bio+0x354/0x4d4
[  192.927825][ T7530]  f2fs_submit_write_bio+0x13c/0x324
[  192.927836][ T7530]  __submit_merged_bio+0x254/0x704
[  192.927847][ T7530]  __submit_merged_write_cond+0x23c/0x4ac
[  192.927859][ T7530]  f2fs_write_data_pages+0x1d28/0x2634
[  192.927871][ T7530]  do_writepages+0x270/0x468
[  192.927885][ T7530]  __writeback_single_inode+0x15c/0x13e8
[  192.927899][ T7530]  writeback_sb_inodes+0x558/0xe38
[  192.927913][ T7530]  wb_writeback+0x3cc/0xd70
[  192.927926][ T7530]  wb_workfn+0x338/0xdc0
[  192.927938][ T7530]  process_one_work+0x7e8/0x155c
[  192.927952][ T7530]  worker_thread+0x958/0xed8
[  192.927973][ T7530]  kthread+0x5fc/0x75c
[  192.927986][ T7530]  ret_from_fork+0x10/0x20
[  192.931271][ T7530] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  192.931342][ T7530] CPU: 1 UID: 0 PID: 7530 Comm: kworker/u8:13 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  192.931356][ T7530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  192.931364][ T7530] Workqueue: writeback wb_workfn (flush-7:4)
[  192.931383][ T7530] Call trace:
[  192.931387][ T7530]  show_stack+0x2c/0x3c (C)
[  192.931403][ T7530]  __dump_stack+0x30/0x40
[  192.931417][ T7530]  dump_stack_lvl+0xd8/0x12c
[  192.931430][ T7530]  dump_stack+0x1c/0x28
[  192.931443][ T7530]  f2fs_handle_critical_error+0x34c/0x4b8
[  192.931455][ T7530]  f2fs_stop_checkpoint+0x5c/0x70
[  192.931468][ T7530]  f2fs_write_end_io+0x58c/0x818
[  192.931480][ T7530]  bio_endio+0x804/0x840
[  192.931492][ T7530]  submit_bio_noacct+0x158/0x176c
[  192.931506][ T7530]  submit_bio+0x354/0x4d4
[  192.931518][ T7530]  f2fs_submit_write_bio+0x13c/0x324
[  192.931530][ T7530]  __submit_merged_bio+0x254/0x704
[  192.931541][ T7530]  __submit_merged_write_cond+0x23c/0x4ac
[  192.931552][ T7530]  f2fs_write_data_pages+0x1d28/0x2634
[  192.931564][ T7530]  do_writepages+0x270/0x468
[  192.931578][ T7530]  __writeback_single_inode+0x15c/0x13e8
[  192.931592][ T7530]  writeback_sb_inodes+0x558/0xe38
[  192.931606][ T7530]  wb_writeback+0x3cc/0xd70
[  192.931619][ T7530]  wb_workfn+0x338/0xdc0
[  192.931631][ T7530]  process_one_work+0x7e8/0x155c
[  192.931645][ T7530]  worker_thread+0x958/0xed8
[  192.931658][ T7530]  kthread+0x5fc/0x75c
[  192.931670][ T7530]  ret_from_fork+0x10/0x20
[  192.931703][ T7530] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  198.187968][ T8486] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  198.188335][ T8486] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  199.258733][ T8500] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  199.259044][ T8500] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  199.279639][ T8500] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  202.097512][ T3911] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  202.697893][ T3911] usb 1-1: too many configurations: 65, using maximum allowed: 8
[  202.856139][ T3911] usb 1-1: config 0 has no interfaces?
[  202.941672][ T3911] usb 1-1: config 0 has no interfaces?
[  202.946163][ T3911] usb 1-1: config 0 has no interfaces?
[  202.949350][ T3911] usb 1-1: config 0 has no interfaces?
[  202.951781][ T3911] usb 1-1: config 0 has no interfaces?
[  202.954421][ T3911] usb 1-1: config 0 has no interfaces?
[  202.956963][ T3911] usb 1-1: config 0 has no interfaces?
[  202.962601][ T3911] usb 1-1: config 0 has no interfaces?
[  202.962658][ T3911] usb 1-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  202.962686][ T3911] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.966803][ T3911] usb 1-1: config 0 descriptor??
[  203.035607][ T8519] team0 (unregistering): Port device team_slave_0 removed
[  203.051425][ T8519] team0 (unregistering): Port device team_slave_1 removed
[  203.231097][ T8527] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  203.237315][ T8527] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  203.246045][ T8527] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  203.427708][ T8555] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  203.428103][ T8555] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  203.436012][ T8555] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  203.447135][ T8559] netlink: 4 bytes leftover after parsing attributes in process `syz.1.544'.
[  203.451771][ T8559] netlink: 14 bytes leftover after parsing attributes in process `syz.1.544'.
[  204.735820][ T3911] usb 1-1: USB disconnect, device number 8
[  208.450141][ T8625] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  208.450470][ T8625] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  208.456924][ T8625] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  208.465129][ T8625] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  208.465457][ T8625] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  209.237747][    T9] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  209.389096][    T9] usb 1-1: Using ep0 maxpacket: 16
[  209.398329][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  209.398389][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.398429][    T9] usb 1-1: Product: syz
[  209.398456][    T9] usb 1-1: Manufacturer: syz
[  209.398483][    T9] usb 1-1: SerialNumber: syz
[  209.409641][    T9] usb 1-1: config 0 descriptor??
[  209.423391][    T9] appledisplay 1-1:0.0: Could not find int-in endpoint
[  209.428503][    T9] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  209.634130][ T8618] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  209.649734][    T9] usb 1-1: USB disconnect, device number 9
[  213.303240][ T8690] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  213.303559][ T8690] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  213.571988][ T8693] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  213.575218][ T8693] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  214.058959][ T8694] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  214.067567][ T8694] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  214.072128][ T8694] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  217.652477][ T8732] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  217.706110][ T8732] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  217.784942][ T8744] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  217.785281][ T8744] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  217.876135][ T8744] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  218.318144][ T6571] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  219.169216][ T6571] usb 1-1: too many configurations: 65, using maximum allowed: 8
[  219.323232][ T6571] usb 1-1: config 0 has no interfaces?
[  219.325856][ T6571] usb 1-1: config 0 has no interfaces?
[  219.328266][ T6571] usb 1-1: config 0 has no interfaces?
[  219.330690][ T6571] usb 1-1: config 0 has no interfaces?
[  219.333096][ T6571] usb 1-1: config 0 has no interfaces?
[  219.335572][ T6571] usb 1-1: config 0 has no interfaces?
[  219.338053][ T6571] usb 1-1: config 0 has no interfaces?
[  219.340424][ T6571] usb 1-1: config 0 has no interfaces?
[  219.341997][ T6571] usb 1-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  219.344538][ T6571] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.349043][ T6571] usb 1-1: config 0 descriptor??
[  219.658033][ T8746] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  219.661695][ T8746] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  219.667873][ T8746] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  222.212450][ T6595] usb 1-1: USB disconnect, device number 10
[  222.306765][ T8796] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  222.307077][ T8796] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  222.347102][ T8793] binder: 8792:8793 tried to acquire reference to desc 0, got 1 instead
[  222.367621][ T8796] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  222.368855][    T9] binder: release 8792:8793 transaction 34 out, still active
[  222.368937][    T9] binder: undelivered TRANSACTION_COMPLETE
[  222.368967][    T9] binder: undelivered TRANSACTION_COMPLETE
[  222.378125][   T24] binder: undelivered transaction 33, process died.
[  222.378177][   T24] binder: send failed reply for transaction 34, target dead
[  222.647519][ T6595] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  222.797559][ T6595] usb 1-1: Using ep0 maxpacket: 16
[  222.800714][ T6595] usb 1-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  222.800786][ T6595] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.800818][ T6595] usb 1-1: Product: syz
[  222.800846][ T6595] usb 1-1: Manufacturer: syz
[  222.800873][ T6595] usb 1-1: SerialNumber: syz
[  222.823126][ T6595] usb 1-1: config 0 descriptor??
[  222.826504][ T6595] appledisplay 1-1:0.0: Could not find int-in endpoint
[  222.830340][ T6595] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  223.105011][ T6595] usb 1-1: USB disconnect, device number 11
[  224.722112][    T9] IPVS: starting estimator thread 0...
[  224.798969][ T8837] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  224.799329][ T8837] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  224.814893][ T8837] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  224.827772][ T8831] IPVS: using max 34 ests per chain, 81600 per kthread
[  224.830255][ T8837] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  224.833262][ T8837] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  225.219366][ T8849] random: crng reseeded on system resumption
[  226.072931][ T8853] netlink: 192 bytes leftover after parsing attributes in process `syz.0.626'.
[  226.126117][ T7182] IPVS: stop unused estimator thread 0...
[  227.542140][ T8863] netlink: 4 bytes leftover after parsing attributes in process `syz.2.629'.
[  227.542232][ T8863] tipc: Enabling of bearer <eth:syz_tu> rejected, failed to enable media
[  227.544777][ T8863] netlink: 14 bytes leftover after parsing attributes in process `syz.2.629'.
[  228.152274][ T6571] IPVS: starting estimator thread 0...
[  228.238777][ T8878] IPVS: using max 33 ests per chain, 79200 per kthread
[  229.901948][   T12] IPVS: stop unused estimator thread 0...
[  229.906160][ T8907] netlink: 4 bytes leftover after parsing attributes in process `syz.2.643'.
[  229.906276][ T8907] tipc: Enabling of bearer <eth:syz_tu> rejected, failed to enable media
[  229.907444][ T8907] netlink: 14 bytes leftover after parsing attributes in process `syz.2.643'.
[  230.124831][ T8910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  230.126595][ T8910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  230.130216][ T8910] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  230.132015][ T8910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  230.132324][ T8910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  230.921254][   T26] IPVS: starting estimator thread 0...
[  231.009288][ T8934] IPVS: using max 33 ests per chain, 79200 per kthread
[  231.554257][   T12] IPVS: stop unused estimator thread 0...
[  231.703967][ T8947] netlink: 4 bytes leftover after parsing attributes in process `syz.0.654'.
[  231.704046][ T8947] tipc: Enabling of bearer <eth:syz_tu> rejected, failed to enable media
[  231.711857][ T8947] netlink: 14 bytes leftover after parsing attributes in process `syz.0.654'.
[  232.977220][   T24] IPVS: starting estimator thread 0...
[  233.068780][ T8971] IPVS: using max 33 ests per chain, 79200 per kthread
[  233.441724][ T8981] netlink: 14 bytes leftover after parsing attributes in process `syz.3.665'.
[  235.150182][ T9001] netlink: 12 bytes leftover after parsing attributes in process `syz.3.672'.
[  235.150284][ T9001] netlink: 12 bytes leftover after parsing attributes in process `syz.3.672'.
[  235.895057][ T9011] netlink: 14 bytes leftover after parsing attributes in process `syz.3.676'.
[  236.062006][ T9019] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  236.062333][ T9019] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  236.078388][ T9019] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  236.096824][ T9020] syz.3.679 uses obsolete (PF_INET,SOCK_PACKET)
[  236.099651][ T9019] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  236.102429][ T9019] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  236.955069][ T9007] loop0: detected capacity change from 0 to 40427
[  236.993690][ T9007] F2FS-fs (loop0): invalid crc value
[  237.265139][ T9007] F2FS-fs (loop0): Start checkpoint disabled!
[  237.269236][ T9007] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  237.868704][ T9039] hub 8-0:1.0: USB hub found
[  237.869677][ T9039] hub 8-0:1.0: 8 ports detected
[  238.834943][ T9043] F2FS-fs (loop0): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  238.901175][ T6682] kworker/u8:9: attempt to access beyond end of device
[  238.901175][ T6682] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  238.901287][ T6682] CPU: 0 UID: 0 PID: 6682 Comm: kworker/u8:9 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  238.901304][ T6682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  238.901311][ T6682] Workqueue: writeback wb_workfn (flush-7:0)
[  238.901333][ T6682] Call trace:
[  238.901337][ T6682]  show_stack+0x2c/0x3c (C)
[  238.901355][ T6682]  __dump_stack+0x30/0x40
[  238.901369][ T6682]  dump_stack_lvl+0xd8/0x12c
[  238.901382][ T6682]  dump_stack+0x1c/0x28
[  238.901395][ T6682]  f2fs_handle_critical_error+0x34c/0x4b8
[  238.901408][ T6682]  f2fs_stop_checkpoint+0x5c/0x70
[  238.901422][ T6682]  f2fs_write_end_io+0x58c/0x818
[  238.901434][ T6682]  bio_endio+0x804/0x840
[  238.901446][ T6682]  submit_bio_noacct+0x158/0x176c
[  238.901460][ T6682]  submit_bio+0x354/0x4d4
[  238.901473][ T6682]  f2fs_submit_write_bio+0x13c/0x324
[  238.901484][ T6682]  __submit_merged_bio+0x254/0x704
[  238.901495][ T6682]  __submit_merged_write_cond+0x23c/0x4ac
[  238.901506][ T6682]  f2fs_write_data_pages+0x1d28/0x2634
[  238.901518][ T6682]  do_writepages+0x270/0x468
[  238.901532][ T6682]  __writeback_single_inode+0x15c/0x13e8
[  238.901547][ T6682]  writeback_sb_inodes+0x558/0xe38
[  238.901560][ T6682]  wb_writeback+0x3cc/0xd70
[  238.901573][ T6682]  wb_workfn+0x338/0xdc0
[  238.901585][ T6682]  process_one_work+0x7e8/0x155c
[  238.901599][ T6682]  worker_thread+0x958/0xed8
[  238.901612][ T6682]  kthread+0x5fc/0x75c
[  238.901624][ T6682]  ret_from_fork+0x10/0x20
[  238.901799][ T6682] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  238.901846][ T6682] CPU: 0 UID: 0 PID: 6682 Comm: kworker/u8:9 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  238.901861][ T6682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  238.901868][ T6682] Workqueue: writeback wb_workfn (flush-7:0)
[  238.901883][ T6682] Call trace:
[  238.901886][ T6682]  show_stack+0x2c/0x3c (C)
[  238.901900][ T6682]  __dump_stack+0x30/0x40
[  238.901913][ T6682]  dump_stack_lvl+0xd8/0x12c
[  238.901926][ T6682]  dump_stack+0x1c/0x28
[  238.901939][ T6682]  f2fs_handle_critical_error+0x34c/0x4b8
[  238.901950][ T6682]  f2fs_stop_checkpoint+0x5c/0x70
[  238.901963][ T6682]  f2fs_write_end_io+0x58c/0x818
[  238.901975][ T6682]  bio_endio+0x804/0x840
[  238.901985][ T6682]  submit_bio_noacct+0x158/0x176c
[  238.901998][ T6682]  submit_bio+0x354/0x4d4
[  238.902011][ T6682]  f2fs_submit_write_bio+0x13c/0x324
[  238.902021][ T6682]  __submit_merged_bio+0x254/0x704
[  238.902034][ T6682]  __submit_merged_write_cond+0x23c/0x4ac
[  238.902046][ T6682]  f2fs_write_data_pages+0x1d28/0x2634
[  238.902058][ T6682]  do_writepages+0x270/0x468
[  238.902071][ T6682]  __writeback_single_inode+0x15c/0x13e8
[  238.902085][ T6682]  writeback_sb_inodes+0x558/0xe38
[  238.902098][ T6682]  wb_writeback+0x3cc/0xd70
[  238.902111][ T6682]  wb_workfn+0x338/0xdc0
[  238.902123][ T6682]  process_one_work+0x7e8/0x155c
[  238.902136][ T6682]  worker_thread+0x958/0xed8
[  238.902149][ T6682]  kthread+0x5fc/0x75c
[  238.902161][ T6682]  ret_from_fork+0x10/0x20
[  238.902411][ T6682] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  239.108876][ T9050] netlink: 14 bytes leftover after parsing attributes in process `syz.1.687'.
[  240.342506][   T52] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  240.345943][   T52] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  240.348582][   T52] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  240.351325][   T52] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  240.360372][   T52] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  240.517488][ T6595] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  240.697646][ T6595] usb 1-1: Using ep0 maxpacket: 16
[  240.702122][ T6595] usb 1-1: config index 0 descriptor too short (expected 42, got 18)
[  240.702196][ T6595] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  240.702235][ T6595] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  240.713032][ T6595] usb 1-1: New USB device found, idVendor=09ef, idProduct=0000, bcdDevice= 7.00
[  240.713085][ T6595] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  240.713127][ T6595] usb 1-1: Product: syz
[  240.713155][ T6595] usb 1-1: SerialNumber: syz
[  240.723339][ T6595] usb 1-1: config 0 descriptor??
[  240.793273][ T9084] netlink: 14 bytes leftover after parsing attributes in process `syz.3.698'.
[  241.017486][ T9065] chnl_net:caif_netlink_parms(): no params data found
[  242.133330][ T9065] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.135675][ T9065] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.823676][   T52] Bluetooth: hci5: command tx timeout
[  242.829248][ T9065] bridge_slave_0: entered allmulticast mode
[  242.844765][ T9065] bridge_slave_0: entered promiscuous mode
[  242.851863][ T9065] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.854145][ T9065] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.856605][ T9065] bridge_slave_1: entered allmulticast mode
[  242.877639][ T9065] bridge_slave_1: entered promiscuous mode
[  242.899789][ T9112] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  242.900083][ T9112] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  242.901648][ T9112] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  242.902688][ T9112] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  242.902955][ T9112] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  243.101417][ T9065] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  243.103159][ T9065] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  243.121566][ T9065] team0: Port device team_slave_0 added
[  243.124591][ T9065] team0: Port device team_slave_1 added
[  243.141689][ T9065] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.141736][ T9065] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.142083][ T9065] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.143993][ T9065] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.144489][ T9065] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.144734][ T9065] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  243.559507][ T9065] hsr_slave_0: entered promiscuous mode
[  243.562748][ T9065] hsr_slave_1: entered promiscuous mode
[  243.565641][ T9065] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  243.565687][ T9065] Cannot create hsr debugfs directory
[  243.643056][   T26] usb 1-1: USB disconnect, device number 12
[  244.036509][ T9130] netlink: 14 bytes leftover after parsing attributes in process `syz.0.708'.
[  244.858959][   T52] Bluetooth: hci5: command tx timeout
[  244.864812][ T9065] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  244.872682][ T9065] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  244.891877][ T9065] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  244.945394][ T9065] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  246.079826][ T9065] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.101006][ T9065] 8021q: adding VLAN 0 to HW filter on device team0
[  246.133953][ T7738] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.134030][ T7738] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.145916][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.146007][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.185862][ T9065] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  246.185939][ T9065] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  246.541735][ T9065] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.521052][   T52] Bluetooth: hci5: command tx timeout
[  247.619529][ T9178] netlink: 8 bytes leftover after parsing attributes in process `syz.1.718'.
[  247.671948][ T9178] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  247.672019][ T9178] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  247.964855][ T9065] veth0_vlan: entered promiscuous mode
[  247.986484][ T9065] veth1_vlan: entered promiscuous mode
[  248.035911][ T9065] veth0_macvtap: entered promiscuous mode
[  248.054086][ T9065] veth1_macvtap: entered promiscuous mode
[  248.085771][ T9065] batman_adv: batadv0: Interface activated: batadv_slave_0
[  248.101086][ T9065] batman_adv: batadv0: Interface activated: batadv_slave_1
[  248.102697][ T9065] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.102738][ T9065] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.102768][ T9065] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.102799][ T9065] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  248.271874][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  248.274203][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  248.321612][   T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  248.324156][   T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.252464][ T2408] ieee802154 phy0 wpan0: encryption failed: -22
[  249.254593][ T2408] ieee802154 phy1 wpan1: encryption failed: -22
[  249.539493][ T9213] netlink: 12 bytes leftover after parsing attributes in process `syz.3.729'.
[  249.578253][   T52] Bluetooth: hci5: command tx timeout
[  250.298145][ T9220] random: crng reseeded on system resumption
[  251.499609][ T6595] IPVS: starting estimator thread 0...
[  251.707666][ T9241] IPVS: using max 34 ests per chain, 81600 per kthread
[  252.827037][   T41] IPVS: stop unused estimator thread 0...
[  253.919832][ T9270] syz_tun: entered allmulticast mode
[  255.843636][ T6571] IPVS: starting estimator thread 0...
[  256.067525][ T9302] IPVS: using max 33 ests per chain, 79200 per kthread
[  258.295614][ T9327] netlink: 24 bytes leftover after parsing attributes in process `syz.2.760'.
[  260.588415][ T7091] IPVS: stop unused estimator thread 0...
[  261.136892][   T26] IPVS: starting estimator thread 0...
[  261.227639][ T9371] IPVS: using max 33 ests per chain, 79200 per kthread
[  262.333390][ T7091] IPVS: stop unused estimator thread 0...
[  262.719302][ T9380] loop1: detected capacity change from 0 to 40427
[  262.735339][ T9380] F2FS-fs (loop1): invalid crc value
[  262.777603][ T9380] F2FS-fs (loop1): Start checkpoint disabled!
[  262.784455][ T9380] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  263.513895][ T9395] F2FS-fs (loop1): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  263.696673][ T7126] kworker/u8:11: attempt to access beyond end of device
[  263.696673][ T7126] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  263.698091][ T7126] CPU: 1 UID: 0 PID: 7126 Comm: kworker/u8:11 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  263.698109][ T7126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  263.698117][ T7126] Workqueue: writeback wb_workfn (flush-7:1)
[  263.698139][ T7126] Call trace:
[  263.698143][ T7126]  show_stack+0x2c/0x3c (C)
[  263.698161][ T7126]  __dump_stack+0x30/0x40
[  263.698175][ T7126]  dump_stack_lvl+0xd8/0x12c
[  263.698195][ T7126]  dump_stack+0x1c/0x28
[  263.698209][ T7126]  f2fs_handle_critical_error+0x34c/0x4b8
[  263.698222][ T7126]  f2fs_stop_checkpoint+0x5c/0x70
[  263.698239][ T7126]  f2fs_write_end_io+0x58c/0x818
[  263.698253][ T7126]  bio_endio+0x804/0x840
[  263.698265][ T7126]  submit_bio_noacct+0x158/0x176c
[  263.698279][ T7126]  submit_bio+0x354/0x4d4
[  263.698292][ T7126]  f2fs_submit_write_bio+0x13c/0x324
[  263.698303][ T7126]  __submit_merged_bio+0x254/0x704
[  263.698314][ T7126]  __submit_merged_write_cond+0x23c/0x4ac
[  263.698326][ T7126]  f2fs_write_data_pages+0x1d28/0x2634
[  263.698338][ T7126]  do_writepages+0x270/0x468
[  263.698352][ T7126]  __writeback_single_inode+0x15c/0x13e8
[  263.698366][ T7126]  writeback_sb_inodes+0x558/0xe38
[  263.698380][ T7126]  wb_writeback+0x3cc/0xd70
[  263.698393][ T7126]  wb_workfn+0x338/0xdc0
[  263.698405][ T7126]  process_one_work+0x7e8/0x155c
[  263.698420][ T7126]  worker_thread+0x958/0xed8
[  263.698433][ T7126]  kthread+0x5fc/0x75c
[  263.698445][ T7126]  ret_from_fork+0x10/0x20
[  263.699334][ T7126] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  263.699571][ T7126] CPU: 1 UID: 0 PID: 7126 Comm: kworker/u8:11 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  263.699586][ T7126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  263.699594][ T7126] Workqueue: writeback wb_workfn (flush-7:1)
[  263.699611][ T7126] Call trace:
[  263.699615][ T7126]  show_stack+0x2c/0x3c (C)
[  263.699630][ T7126]  __dump_stack+0x30/0x40
[  263.699643][ T7126]  dump_stack_lvl+0xd8/0x12c
[  263.699656][ T7126]  dump_stack+0x1c/0x28
[  263.699669][ T7126]  f2fs_handle_critical_error+0x34c/0x4b8
[  263.699681][ T7126]  f2fs_stop_checkpoint+0x5c/0x70
[  263.699694][ T7126]  f2fs_write_end_io+0x58c/0x818
[  263.699706][ T7126]  bio_endio+0x804/0x840
[  263.699717][ T7126]  submit_bio_noacct+0x158/0x176c
[  263.699730][ T7126]  submit_bio+0x354/0x4d4
[  263.699742][ T7126]  f2fs_submit_write_bio+0x13c/0x324
[  263.699754][ T7126]  __submit_merged_bio+0x254/0x704
[  263.699765][ T7126]  __submit_merged_write_cond+0x23c/0x4ac
[  263.699776][ T7126]  f2fs_write_data_pages+0x1d28/0x2634
[  263.699788][ T7126]  do_writepages+0x270/0x468
[  263.699802][ T7126]  __writeback_single_inode+0x15c/0x13e8
[  263.699816][ T7126]  writeback_sb_inodes+0x558/0xe38
[  263.699829][ T7126]  wb_writeback+0x3cc/0xd70
[  263.699842][ T7126]  wb_workfn+0x338/0xdc0
[  263.699854][ T7126]  process_one_work+0x7e8/0x155c
[  263.699868][ T7126]  worker_thread+0x958/0xed8
[  263.699881][ T7126]  kthread+0x5fc/0x75c
[  263.699893][ T7126]  ret_from_fork+0x10/0x20
[  263.701454][ T7126] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  266.257485][ T6595] IPVS: starting estimator thread 0...
[  266.384646][ T9441] IPVS: using max 33 ests per chain, 79200 per kthread
[  267.003009][ T9444] Driver unsupported XDP return value 0 on prog  (id 10) dev N/A, expect packet loss!
[  267.246309][ T9437] loop1: detected capacity change from 0 to 40427
[  267.328405][ T9437] F2FS-fs (loop1): invalid crc value
[  267.496506][ T9437] F2FS-fs (loop1): Start checkpoint disabled!
[  267.592743][ T9437] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  268.809369][ T9463] F2FS-fs (loop1): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  268.917810][ T1638] kworker/u8:7: attempt to access beyond end of device
[  268.917810][ T1638] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  268.917904][ T1638] CPU: 0 UID: 0 PID: 1638 Comm: kworker/u8:7 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  268.917922][ T1638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  268.917929][ T1638] Workqueue: writeback wb_workfn (flush-7:1)
[  268.917951][ T1638] Call trace:
[  268.917955][ T1638]  show_stack+0x2c/0x3c (C)
[  268.917973][ T1638]  __dump_stack+0x30/0x40
[  268.917988][ T1638]  dump_stack_lvl+0xd8/0x12c
[  268.918001][ T1638]  dump_stack+0x1c/0x28
[  268.918014][ T1638]  f2fs_handle_critical_error+0x34c/0x4b8
[  268.918027][ T1638]  f2fs_stop_checkpoint+0x5c/0x70
[  268.918040][ T1638]  f2fs_write_end_io+0x58c/0x818
[  268.918052][ T1638]  bio_endio+0x804/0x840
[  268.918063][ T1638]  submit_bio_noacct+0x158/0x176c
[  268.918077][ T1638]  submit_bio+0x354/0x4d4
[  268.918090][ T1638]  f2fs_submit_write_bio+0x13c/0x324
[  268.918101][ T1638]  __submit_merged_bio+0x254/0x704
[  268.918112][ T1638]  __submit_merged_write_cond+0x23c/0x4ac
[  268.918123][ T1638]  f2fs_write_data_pages+0x1d28/0x2634
[  268.918135][ T1638]  do_writepages+0x270/0x468
[  268.918150][ T1638]  __writeback_single_inode+0x15c/0x13e8
[  268.918164][ T1638]  writeback_sb_inodes+0x558/0xe38
[  268.918178][ T1638]  wb_writeback+0x3cc/0xd70
[  268.918200][ T1638]  wb_workfn+0x338/0xdc0
[  268.918212][ T1638]  process_one_work+0x7e8/0x155c
[  268.918226][ T1638]  worker_thread+0x958/0xed8
[  268.918240][ T1638]  kthread+0x5fc/0x75c
[  268.918252][ T1638]  ret_from_fork+0x10/0x20
[  268.918432][ T1638] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  268.918479][ T1638] CPU: 0 UID: 0 PID: 1638 Comm: kworker/u8:7 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  268.918494][ T1638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  268.918501][ T1638] Workqueue: writeback wb_workfn (flush-7:1)
[  268.918516][ T1638] Call trace:
[  268.918520][ T1638]  show_stack+0x2c/0x3c (C)
[  268.918534][ T1638]  __dump_stack+0x30/0x40
[  268.918547][ T1638]  dump_stack_lvl+0xd8/0x12c
[  268.918560][ T1638]  dump_stack+0x1c/0x28
[  268.918572][ T1638]  f2fs_handle_critical_error+0x34c/0x4b8
[  268.918584][ T1638]  f2fs_stop_checkpoint+0x5c/0x70
[  268.918597][ T1638]  f2fs_write_end_io+0x58c/0x818
[  268.918608][ T1638]  bio_endio+0x804/0x840
[  268.918619][ T1638]  submit_bio_noacct+0x158/0x176c
[  268.918632][ T1638]  submit_bio+0x354/0x4d4
[  268.918644][ T1638]  f2fs_submit_write_bio+0x13c/0x324
[  268.918655][ T1638]  __submit_merged_bio+0x254/0x704
[  268.918666][ T1638]  __submit_merged_write_cond+0x23c/0x4ac
[  268.918677][ T1638]  f2fs_write_data_pages+0x1d28/0x2634
[  268.918689][ T1638]  do_writepages+0x270/0x468
[  268.918703][ T1638]  __writeback_single_inode+0x15c/0x13e8
[  268.918716][ T1638]  writeback_sb_inodes+0x558/0xe38
[  268.918730][ T1638]  wb_writeback+0x3cc/0xd70
[  268.918743][ T1638]  wb_workfn+0x338/0xdc0
[  268.918755][ T1638]  process_one_work+0x7e8/0x155c
[  268.918768][ T1638]  worker_thread+0x958/0xed8
[  268.918781][ T1638]  kthread+0x5fc/0x75c
[  268.918793][ T1638]  ret_from_fork+0x10/0x20
[  268.918941][ T1638] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  269.081610][ T9470] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  269.084393][ T9470] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  269.095588][ T9470] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  269.120468][ T9470] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  269.127633][ T9470] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  269.926121][ T7126] IPVS: stop unused estimator thread 0...
[  270.223244][ T6595] IPVS: starting estimator thread 0...
[  270.256868][ T6516] IPVS: starting estimator thread 0...
[  270.308183][ T9488] IPVS: using max 33 ests per chain, 79200 per kthread
[  270.321938][ T9487] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  270.344044][ T9489] IPVS: using max 34 ests per chain, 81600 per kthread
[  270.478118][ T6571] usb 1-1: new full-speed USB device number 13 using dummy_hcd
[  270.633232][ T6571] usb 1-1: New USB device found, idVendor=1397, idProduct=00bd, bcdDevice=c5.66
[  270.636072][ T6571] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.643125][ T6571] usb 1-1: config 0 descriptor??
[  270.651281][ T6571] usb 1-1: invalid MIDI EP
[  270.655075][ T6571] usb 1-1: snd-bcd2000: error during probing
[  270.657851][ T6571] snd-bcd2000 1-1:0.0: probe with driver snd-bcd2000 failed with error -22
[  270.911503][   T26] usb 1-1: USB disconnect, device number 13
[  271.140213][ T1638] IPVS: stop unused estimator thread 0...
[  271.545861][ T9507] loop1: detected capacity change from 0 to 40427
[  271.565990][ T9507] F2FS-fs (loop1): invalid crc value
[  271.634561][ T9507] F2FS-fs (loop1): Start checkpoint disabled!
[  271.636526][ T9507] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  272.140428][ T9519] F2FS-fs (loop1): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  272.145308][   T26] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  272.379863][   T26] usb 1-1: Using ep0 maxpacket: 32
[  272.412730][   T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  272.415875][   T26] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  272.419922][   T26] usb 1-1: New USB device found, idVendor=06cb, idProduct=73f6, bcdDevice= 0.00
[  272.422478][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.426860][   T26] usb 1-1: config 0 descriptor??
[  272.619010][  T202] kworker/u8:5: attempt to access beyond end of device
[  272.619010][  T202] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  272.619120][  T202] CPU: 1 UID: 0 PID: 202 Comm: kworker/u8:5 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  272.619138][  T202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  272.619146][  T202] Workqueue: writeback wb_workfn (flush-7:1)
[  272.619168][  T202] Call trace:
[  272.619172][  T202]  show_stack+0x2c/0x3c (C)
[  272.619199][  T202]  __dump_stack+0x30/0x40
[  272.619216][  T202]  dump_stack_lvl+0xd8/0x12c
[  272.619229][  T202]  dump_stack+0x1c/0x28
[  272.619242][  T202]  f2fs_handle_critical_error+0x34c/0x4b8
[  272.619255][  T202]  f2fs_stop_checkpoint+0x5c/0x70
[  272.619269][  T202]  f2fs_write_end_io+0x58c/0x818
[  272.619281][  T202]  bio_endio+0x804/0x840
[  272.619292][  T202]  submit_bio_noacct+0x158/0x176c
[  272.619306][  T202]  submit_bio+0x354/0x4d4
[  272.619319][  T202]  f2fs_submit_write_bio+0x13c/0x324
[  272.619330][  T202]  __submit_merged_bio+0x254/0x704
[  272.619341][  T202]  __submit_merged_write_cond+0x23c/0x4ac
[  272.619353][  T202]  f2fs_write_data_pages+0x1d28/0x2634
[  272.619365][  T202]  do_writepages+0x270/0x468
[  272.619379][  T202]  __writeback_single_inode+0x15c/0x13e8
[  272.619394][  T202]  writeback_sb_inodes+0x558/0xe38
[  272.619407][  T202]  wb_writeback+0x3cc/0xd70
[  272.619420][  T202]  wb_workfn+0x338/0xdc0
[  272.619433][  T202]  process_one_work+0x7e8/0x155c
[  272.619446][  T202]  worker_thread+0x958/0xed8
[  272.619467][  T202]  kthread+0x5fc/0x75c
[  272.619480][  T202]  ret_from_fork+0x10/0x20
[  272.669676][  T202] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  272.671937][  T202] CPU: 1 UID: 0 PID: 202 Comm: kworker/u8:5 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  272.671958][  T202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  272.671967][  T202] Workqueue: writeback wb_workfn (flush-7:1)
[  272.671992][  T202] Call trace:
[  272.671996][  T202]  show_stack+0x2c/0x3c (C)
[  272.672014][  T202]  __dump_stack+0x30/0x40
[  272.672029][  T202]  dump_stack_lvl+0xd8/0x12c
[  272.672042][  T202]  dump_stack+0x1c/0x28
[  272.672055][  T202]  f2fs_handle_critical_error+0x34c/0x4b8
[  272.672067][  T202]  f2fs_stop_checkpoint+0x5c/0x70
[  272.672081][  T202]  f2fs_write_end_io+0x58c/0x818
[  272.672093][  T202]  bio_endio+0x804/0x840
[  272.672105][  T202]  submit_bio_noacct+0x158/0x176c
[  272.672119][  T202]  submit_bio+0x354/0x4d4
[  272.672131][  T202]  f2fs_submit_write_bio+0x13c/0x324
[  272.672142][  T202]  __submit_merged_bio+0x254/0x704
[  272.672153][  T202]  __submit_merged_write_cond+0x23c/0x4ac
[  272.672165][  T202]  f2fs_write_data_pages+0x1d28/0x2634
[  272.672177][  T202]  do_writepages+0x270/0x468
[  272.672200][  T202]  __writeback_single_inode+0x15c/0x13e8
[  272.672214][  T202]  writeback_sb_inodes+0x558/0xe38
[  272.672228][  T202]  wb_writeback+0x3cc/0xd70
[  272.672241][  T202]  wb_workfn+0x338/0xdc0
[  272.672253][  T202]  process_one_work+0x7e8/0x155c
[  272.672267][  T202]  worker_thread+0x958/0xed8
[  272.672280][  T202]  kthread+0x5fc/0x75c
[  272.672292][  T202]  ret_from_fork+0x10/0x20
[  272.719796][  T202] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  272.897763][   T26] itetech 0003:06CB:73F6.0001: unknown main item tag 0x0
[  272.897884][   T26] itetech 0003:06CB:73F6.0001: unknown main item tag 0x0
[  272.897936][   T26] itetech 0003:06CB:73F6.0001: unknown main item tag 0x0
[  272.897968][   T26] itetech 0003:06CB:73F6.0001: unknown main item tag 0x0
[  272.897999][   T26] itetech 0003:06CB:73F6.0001: unknown main item tag 0x0
[  272.920235][   T26] itetech 0003:06CB:73F6.0001: hidraw0: USB HID v0.00 Device [HID 06cb:73f6] on usb-dummy_hcd.0-1/input0
[  273.028574][ T9534] netlink: 8 bytes leftover after parsing attributes in process `syz.3.817'.
[  273.626092][ T9534] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  273.626162][ T9534] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  273.919434][ T6595] usb 1-1: USB disconnect, device number 14
[  276.805502][ T6662] IPVS: starting estimator thread 0...
[  276.897722][ T9579] IPVS: using max 34 ests per chain, 81600 per kthread
[  277.283545][ T9575] loop2: detected capacity change from 0 to 40427
[  277.627500][ T9575] F2FS-fs (loop2): invalid crc value
[  278.382418][ T9575] F2FS-fs (loop2): Start checkpoint disabled!
[  278.384320][ T9575] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  278.425395][ T7126] IPVS: stop unused estimator thread 0...
[  279.188141][ T9613] F2FS-fs (loop2): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  279.334233][ T6682] kworker/u8:9: attempt to access beyond end of device
[  279.334233][ T6682] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  279.334336][ T6682] CPU: 0 UID: 0 PID: 6682 Comm: kworker/u8:9 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  279.334351][ T6682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  279.334358][ T6682] Workqueue: writeback wb_workfn (flush-7:2)
[  279.334380][ T6682] Call trace:
[  279.334384][ T6682]  show_stack+0x2c/0x3c (C)
[  279.334402][ T6682]  __dump_stack+0x30/0x40
[  279.334416][ T6682]  dump_stack_lvl+0xd8/0x12c
[  279.334430][ T6682]  dump_stack+0x1c/0x28
[  279.334442][ T6682]  f2fs_handle_critical_error+0x34c/0x4b8
[  279.334455][ T6682]  f2fs_stop_checkpoint+0x5c/0x70
[  279.334468][ T6682]  f2fs_write_end_io+0x58c/0x818
[  279.334480][ T6682]  bio_endio+0x804/0x840
[  279.334492][ T6682]  submit_bio_noacct+0x158/0x176c
[  279.334506][ T6682]  submit_bio+0x354/0x4d4
[  279.334518][ T6682]  f2fs_submit_write_bio+0x13c/0x324
[  279.334529][ T6682]  __submit_merged_bio+0x254/0x704
[  279.334541][ T6682]  __submit_merged_write_cond+0x23c/0x4ac
[  279.334552][ T6682]  f2fs_write_data_pages+0x1d28/0x2634
[  279.334564][ T6682]  do_writepages+0x270/0x468
[  279.334578][ T6682]  __writeback_single_inode+0x15c/0x13e8
[  279.334592][ T6682]  writeback_sb_inodes+0x558/0xe38
[  279.334606][ T6682]  wb_writeback+0x3cc/0xd70
[  279.334619][ T6682]  wb_workfn+0x338/0xdc0
[  279.334631][ T6682]  process_one_work+0x7e8/0x155c
[  279.334645][ T6682]  worker_thread+0x958/0xed8
[  279.334658][ T6682]  kthread+0x5fc/0x75c
[  279.334670][ T6682]  ret_from_fork+0x10/0x20
[  279.334683][ T6682] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  279.334923][ T6682] CPU: 0 UID: 0 PID: 6682 Comm: kworker/u8:9 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  279.334937][ T6682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  279.334943][ T6682] Workqueue: writeback wb_workfn (flush-7:2)
[  279.334958][ T6682] Call trace:
[  279.334962][ T6682]  show_stack+0x2c/0x3c (C)
[  279.334976][ T6682]  __dump_stack+0x30/0x40
[  279.334989][ T6682]  dump_stack_lvl+0xd8/0x12c
[  279.335002][ T6682]  dump_stack+0x1c/0x28
[  279.335014][ T6682]  f2fs_handle_critical_error+0x34c/0x4b8
[  279.335026][ T6682]  f2fs_stop_checkpoint+0x5c/0x70
[  279.335038][ T6682]  f2fs_write_end_io+0x58c/0x818
[  279.335050][ T6682]  bio_endio+0x804/0x840
[  279.335060][ T6682]  submit_bio_noacct+0x158/0x176c
[  279.335073][ T6682]  submit_bio+0x354/0x4d4
[  279.335086][ T6682]  f2fs_submit_write_bio+0x13c/0x324
[  279.335097][ T6682]  __submit_merged_bio+0x254/0x704
[  279.335108][ T6682]  __submit_merged_write_cond+0x23c/0x4ac
[  279.335119][ T6682]  f2fs_write_data_pages+0x1d28/0x2634
[  279.335131][ T6682]  do_writepages+0x270/0x468
[  279.335144][ T6682]  __writeback_single_inode+0x15c/0x13e8
[  279.335158][ T6682]  writeback_sb_inodes+0x558/0xe38
[  279.335171][ T6682]  wb_writeback+0x3cc/0xd70
[  279.335184][ T6682]  wb_workfn+0x338/0xdc0
[  279.335205][ T6682]  process_one_work+0x7e8/0x155c
[  279.335218][ T6682]  worker_thread+0x958/0xed8
[  279.335231][ T6682]  kthread+0x5fc/0x75c
[  279.335242][ T6682]  ret_from_fork+0x10/0x20
[  279.335255][ T6682] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  280.693436][   T26] IPVS: starting estimator thread 0...
[  280.737645][ T9632] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  280.748943][ T9635] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  280.751734][ T9635] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  280.797778][ T9633] IPVS: using max 33 ests per chain, 79200 per kthread
[  280.808289][ T6595] IPVS: starting estimator thread 0...
[  281.008044][ T9639] IPVS: using max 34 ests per chain, 81600 per kthread
[  281.098036][ T9642] delete_channel: no stack
[  282.156240][   T12] IPVS: stop unused estimator thread 0...
[  282.988683][ T9672] netlink: 8 bytes leftover after parsing attributes in process `syz.2.855'.
[  283.162956][ T9672] netlink: 8 bytes leftover after parsing attributes in process `syz.2.855'.
[  286.190084][ T9715] binder: 9714:9715 ioctl 400c620e 20000280 returned -22
[  288.991585][ T9728] loop0: detected capacity change from 0 to 40427
[  289.014646][ T9728] F2FS-fs (loop0): invalid crc value
[  289.145939][ T9728] F2FS-fs (loop0): Start checkpoint disabled!
[  289.173914][ T9728] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  289.368806][ T9753] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  289.369124][ T9753] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  290.008583][ T9755] F2FS-fs (loop0): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  290.401229][   T52] Bluetooth: hci5: unexpected event 0x2f length: 763 > 260
[  290.536887][   T41] kworker/u8:2: attempt to access beyond end of device
[  290.536887][   T41] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  290.536988][   T41] CPU: 1 UID: 0 PID: 41 Comm: kworker/u8:2 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  290.537005][   T41] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  290.537013][   T41] Workqueue: writeback wb_workfn (flush-7:0)
[  290.537034][   T41] Call trace:
[  290.537038][   T41]  show_stack+0x2c/0x3c (C)
[  290.537057][   T41]  __dump_stack+0x30/0x40
[  290.537071][   T41]  dump_stack_lvl+0xd8/0x12c
[  290.537084][   T41]  dump_stack+0x1c/0x28
[  290.537097][   T41]  f2fs_handle_critical_error+0x34c/0x4b8
[  290.537110][   T41]  f2fs_stop_checkpoint+0x5c/0x70
[  290.537123][   T41]  f2fs_write_end_io+0x58c/0x818
[  290.537135][   T41]  bio_endio+0x804/0x840
[  290.537147][   T41]  submit_bio_noacct+0x158/0x176c
[  290.537160][   T41]  submit_bio+0x354/0x4d4
[  290.537173][   T41]  f2fs_submit_write_bio+0x13c/0x324
[  290.537184][   T41]  __submit_merged_bio+0x254/0x704
[  290.537204][   T41]  __submit_merged_write_cond+0x23c/0x4ac
[  290.537216][   T41]  f2fs_write_data_pages+0x1d28/0x2634
[  290.537228][   T41]  do_writepages+0x270/0x468
[  290.537243][   T41]  __writeback_single_inode+0x15c/0x13e8
[  290.537262][   T41]  writeback_sb_inodes+0x558/0xe38
[  290.537276][   T41]  wb_writeback+0x3cc/0xd70
[  290.537289][   T41]  wb_workfn+0x338/0xdc0
[  290.537301][   T41]  process_one_work+0x7e8/0x155c
[  290.537315][   T41]  worker_thread+0x958/0xed8
[  290.537328][   T41]  kthread+0x5fc/0x75c
[  290.537341][   T41]  ret_from_fork+0x10/0x20
[  290.544267][   T41] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  290.544351][   T41] CPU: 1 UID: 0 PID: 41 Comm: kworker/u8:2 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  290.544369][   T41] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  290.544376][   T41] Workqueue: writeback wb_workfn (flush-7:0)
[  290.544395][   T41] Call trace:
[  290.544399][   T41]  show_stack+0x2c/0x3c (C)
[  290.544415][   T41]  __dump_stack+0x30/0x40
[  290.544429][   T41]  dump_stack_lvl+0xd8/0x12c
[  290.544442][   T41]  dump_stack+0x1c/0x28
[  290.544455][   T41]  f2fs_handle_critical_error+0x34c/0x4b8
[  290.544466][   T41]  f2fs_stop_checkpoint+0x5c/0x70
[  290.544479][   T41]  f2fs_write_end_io+0x58c/0x818
[  290.544492][   T41]  bio_endio+0x804/0x840
[  290.544503][   T41]  submit_bio_noacct+0x158/0x176c
[  290.544516][   T41]  submit_bio+0x354/0x4d4
[  290.544529][   T41]  f2fs_submit_write_bio+0x13c/0x324
[  290.544540][   T41]  __submit_merged_bio+0x254/0x704
[  290.544551][   T41]  __submit_merged_write_cond+0x23c/0x4ac
[  290.544562][   T41]  f2fs_write_data_pages+0x1d28/0x2634
[  290.544574][   T41]  do_writepages+0x270/0x468
[  290.544588][   T41]  __writeback_single_inode+0x15c/0x13e8
[  290.544602][   T41]  writeback_sb_inodes+0x558/0xe38
[  290.544615][   T41]  wb_writeback+0x3cc/0xd70
[  290.544628][   T41]  wb_workfn+0x338/0xdc0
[  290.544640][   T41]  process_one_work+0x7e8/0x155c
[  290.544654][   T41]  worker_thread+0x958/0xed8
[  290.544667][   T41]  kthread+0x5fc/0x75c
[  290.544679][   T41]  ret_from_fork+0x10/0x20
[  290.544835][   T41] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  290.676151][ T9772] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  290.740727][ T9772] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  290.788032][ T9774] tipc: Can't bind to reserved service type 1
[  290.793178][ T9774] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  290.798104][ T9774] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  292.233233][ T9794] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  292.233535][ T9794] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  292.260523][ T9794] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  292.260843][ T9794] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  294.130067][ T9810] netlink: 4 bytes leftover after parsing attributes in process `syz.1.898'.
[  294.447519][ T9798] loop0: detected capacity change from 0 to 40427
[  294.460516][ T9798] F2FS-fs (loop0): invalid crc value
[  294.558549][ T9798] F2FS-fs (loop0): Start checkpoint disabled!
[  294.563788][ T9798] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  295.364990][ T9821] F2FS-fs (loop0): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  295.644341][ T7738] kworker/u8:15: attempt to access beyond end of device
[  295.644341][ T7738] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  295.644440][ T7738] CPU: 1 UID: 0 PID: 7738 Comm: kworker/u8:15 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  295.644455][ T7738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  295.644462][ T7738] Workqueue: writeback wb_workfn (flush-7:0)
[  295.644484][ T7738] Call trace:
[  295.644488][ T7738]  show_stack+0x2c/0x3c (C)
[  295.644506][ T7738]  __dump_stack+0x30/0x40
[  295.644520][ T7738]  dump_stack_lvl+0xd8/0x12c
[  295.644533][ T7738]  dump_stack+0x1c/0x28
[  295.644546][ T7738]  f2fs_handle_critical_error+0x34c/0x4b8
[  295.644559][ T7738]  f2fs_stop_checkpoint+0x5c/0x70
[  295.644572][ T7738]  f2fs_write_end_io+0x58c/0x818
[  295.644584][ T7738]  bio_endio+0x804/0x840
[  295.644597][ T7738]  submit_bio_noacct+0x158/0x176c
[  295.644610][ T7738]  submit_bio+0x354/0x4d4
[  295.644623][ T7738]  f2fs_submit_write_bio+0x13c/0x324
[  295.644634][ T7738]  __submit_merged_bio+0x254/0x704
[  295.644646][ T7738]  __submit_merged_write_cond+0x23c/0x4ac
[  295.644657][ T7738]  f2fs_write_data_pages+0x1d28/0x2634
[  295.644669][ T7738]  do_writepages+0x270/0x468
[  295.644684][ T7738]  __writeback_single_inode+0x15c/0x13e8
[  295.644698][ T7738]  writeback_sb_inodes+0x558/0xe38
[  295.644711][ T7738]  wb_writeback+0x3cc/0xd70
[  295.644724][ T7738]  wb_workfn+0x338/0xdc0
[  295.644737][ T7738]  process_one_work+0x7e8/0x155c
[  295.644751][ T7738]  worker_thread+0x958/0xed8
[  295.644764][ T7738]  kthread+0x5fc/0x75c
[  295.644776][ T7738]  ret_from_fork+0x10/0x20
[  295.644944][ T7738] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  295.645171][ T7738] CPU: 1 UID: 0 PID: 7738 Comm: kworker/u8:15 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  295.645186][ T7738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  295.645202][ T7738] Workqueue: writeback wb_workfn (flush-7:0)
[  295.645218][ T7738] Call trace:
[  295.645222][ T7738]  show_stack+0x2c/0x3c (C)
[  295.645236][ T7738]  __dump_stack+0x30/0x40
[  295.645249][ T7738]  dump_stack_lvl+0xd8/0x12c
[  295.645262][ T7738]  dump_stack+0x1c/0x28
[  295.645275][ T7738]  f2fs_handle_critical_error+0x34c/0x4b8
[  295.645287][ T7738]  f2fs_stop_checkpoint+0x5c/0x70
[  295.645300][ T7738]  f2fs_write_end_io+0x58c/0x818
[  295.645311][ T7738]  bio_endio+0x804/0x840
[  295.645322][ T7738]  submit_bio_noacct+0x158/0x176c
[  295.645340][ T7738]  submit_bio+0x354/0x4d4
[  295.645353][ T7738]  f2fs_submit_write_bio+0x13c/0x324
[  295.645364][ T7738]  __submit_merged_bio+0x254/0x704
[  295.645375][ T7738]  __submit_merged_write_cond+0x23c/0x4ac
[  295.645386][ T7738]  f2fs_write_data_pages+0x1d28/0x2634
[  295.645398][ T7738]  do_writepages+0x270/0x468
[  295.645411][ T7738]  __writeback_single_inode+0x15c/0x13e8
[  295.645425][ T7738]  writeback_sb_inodes+0x558/0xe38
[  295.645439][ T7738]  wb_writeback+0x3cc/0xd70
[  295.645452][ T7738]  wb_workfn+0x338/0xdc0
[  295.645464][ T7738]  process_one_work+0x7e8/0x155c
[  295.645477][ T7738]  worker_thread+0x958/0xed8
[  295.645491][ T7738]  kthread+0x5fc/0x75c
[  295.645502][ T7738]  ret_from_fork+0x10/0x20
[  295.646844][ T7738] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  295.678028][ T9829] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  295.678318][ T9829] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  296.448154][   T31] audit: type=1326 audit(295.390:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9823 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9575a7a8 code=0x7ffc0000
[  296.454008][   T31] audit: type=1326 audit(295.390:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9823 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9575a7a8 code=0x7ffc0000
[  296.460033][   T31] audit: type=1326 audit(295.410:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9823 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=75 compat=0 ip=0xffff9575a7a8 code=0x7ffc0000
[  296.465722][   T31] audit: type=1326 audit(295.410:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9823 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9575a7a8 code=0x7ffc0000
[  296.471540][   T31] audit: type=1326 audit(295.410:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9823 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9575a7a8 code=0x7ffc0000
[  296.477391][   T31] audit: type=1326 audit(295.430:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9823 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=190 compat=0 ip=0xffff9575a7a8 code=0x7ffc0000
[  296.483068][   T31] audit: type=1326 audit(295.430:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9823 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9575a7a8 code=0x7ffc0000
[  296.488712][   T31] audit: type=1326 audit(295.430:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9823 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9575a7a8 code=0x7ffc0000
[  296.494433][   T31] audit: type=1326 audit(295.440:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9823 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=193 compat=0 ip=0xffff9575a7a8 code=0x7ffc0000
[  296.500372][   T31] audit: type=1326 audit(295.440:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9823 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9575a7a8 code=0x7ffc0000
[  296.990827][ T9839] 9pnet_fd: Insufficient options for proto=fd
[  299.576377][ T6595] IPVS: starting estimator thread 0...
[  299.617558][ T9862] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  299.670574][ T9863] IPVS: using max 33 ests per chain, 79200 per kthread
[  300.217591][ T9867] loop2: detected capacity change from 0 to 40427
[  300.224253][ T9867] F2FS-fs (loop2): invalid crc value
[  300.270718][ T9867] F2FS-fs (loop2): Start checkpoint disabled!
[  300.276865][ T9867] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  300.512490][ T9878] IPVS: sync thread started: state = MASTER, mcast_ifn = sit0, syncid = 0, id = 0
[  301.165104][ T9880] F2FS-fs (loop2): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  301.289161][ T7182] kworker/u8:12: attempt to access beyond end of device
[  301.289161][ T7182] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  301.289260][ T7182] CPU: 0 UID: 0 PID: 7182 Comm: kworker/u8:12 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  301.289277][ T7182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  301.289285][ T7182] Workqueue: writeback wb_workfn (flush-7:2)
[  301.289306][ T7182] Call trace:
[  301.289310][ T7182]  show_stack+0x2c/0x3c (C)
[  301.289328][ T7182]  __dump_stack+0x30/0x40
[  301.289351][ T7182]  dump_stack_lvl+0xd8/0x12c
[  301.289364][ T7182]  dump_stack+0x1c/0x28
[  301.289377][ T7182]  f2fs_handle_critical_error+0x34c/0x4b8
[  301.289390][ T7182]  f2fs_stop_checkpoint+0x5c/0x70
[  301.289404][ T7182]  f2fs_write_end_io+0x58c/0x818
[  301.289416][ T7182]  bio_endio+0x804/0x840
[  301.289427][ T7182]  submit_bio_noacct+0x158/0x176c
[  301.289441][ T7182]  submit_bio+0x354/0x4d4
[  301.289454][ T7182]  f2fs_submit_write_bio+0x13c/0x324
[  301.289465][ T7182]  __submit_merged_bio+0x254/0x704
[  301.289476][ T7182]  __submit_merged_write_cond+0x23c/0x4ac
[  301.289487][ T7182]  f2fs_write_data_pages+0x1d28/0x2634
[  301.289499][ T7182]  do_writepages+0x270/0x468
[  301.289514][ T7182]  __writeback_single_inode+0x15c/0x13e8
[  301.289528][ T7182]  writeback_sb_inodes+0x558/0xe38
[  301.289541][ T7182]  wb_writeback+0x3cc/0xd70
[  301.289554][ T7182]  wb_workfn+0x338/0xdc0
[  301.289567][ T7182]  process_one_work+0x7e8/0x155c
[  301.289581][ T7182]  worker_thread+0x958/0xed8
[  301.289594][ T7182]  kthread+0x5fc/0x75c
[  301.289606][ T7182]  ret_from_fork+0x10/0x20
[  301.289772][ T7182] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  301.289818][ T7182] CPU: 0 UID: 0 PID: 7182 Comm: kworker/u8:12 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  301.289834][ T7182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  301.289841][ T7182] Workqueue: writeback wb_workfn (flush-7:2)
[  301.289856][ T7182] Call trace:
[  301.289859][ T7182]  show_stack+0x2c/0x3c (C)
[  301.289873][ T7182]  __dump_stack+0x30/0x40
[  301.289886][ T7182]  dump_stack_lvl+0xd8/0x12c
[  301.289900][ T7182]  dump_stack+0x1c/0x28
[  301.289912][ T7182]  f2fs_handle_critical_error+0x34c/0x4b8
[  301.289924][ T7182]  f2fs_stop_checkpoint+0x5c/0x70
[  301.289936][ T7182]  f2fs_write_end_io+0x58c/0x818
[  301.289948][ T7182]  bio_endio+0x804/0x840
[  301.289959][ T7182]  submit_bio_noacct+0x158/0x176c
[  301.289972][ T7182]  submit_bio+0x354/0x4d4
[  301.289984][ T7182]  f2fs_submit_write_bio+0x13c/0x324
[  301.289995][ T7182]  __submit_merged_bio+0x254/0x704
[  301.290006][ T7182]  __submit_merged_write_cond+0x23c/0x4ac
[  301.290017][ T7182]  f2fs_write_data_pages+0x1d28/0x2634
[  301.290029][ T7182]  do_writepages+0x270/0x468
[  301.290043][ T7182]  __writeback_single_inode+0x15c/0x13e8
[  301.290057][ T7182]  writeback_sb_inodes+0x558/0xe38
[  301.290070][ T7182]  wb_writeback+0x3cc/0xd70
[  301.290083][ T7182]  wb_workfn+0x338/0xdc0
[  301.290095][ T7182]  process_one_work+0x7e8/0x155c
[  301.290108][ T7182]  worker_thread+0x958/0xed8
[  301.290122][ T7182]  kthread+0x5fc/0x75c
[  301.290133][ T7182]  ret_from_fork+0x10/0x20
[  301.290288][ T7182] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  304.307002][ T9914] qrtr: Invalid version 0
[  307.936649][ T9950] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  307.945209][ T9950] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  308.355764][ T9950] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  308.804424][ T2303] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  308.841782][ T9950] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  309.068393][ T2303] usb 1-1: Using ep0 maxpacket: 16
[  309.071179][ T2303] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  309.071227][ T2303] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  309.071278][ T2303] usb 1-1: New USB device found, idVendor=1e71, idProduct=170e, bcdDevice= 0.00
[  309.071305][ T2303] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.073420][ T2303] usb 1-1: config 0 descriptor??
[  309.284963][ T9952] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  309.290647][ T9952] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  309.547524][ T2303] usbhid 1-1:0.0: can't add hid device: -71
[  309.547655][ T2303] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  309.549343][ T2303] usb 1-1: USB disconnect, device number 15
[  309.658024][ T9973] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  309.661775][ T9973] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  309.689100][ T9969] loop2: detected capacity change from 0 to 40427
[  309.691501][ T9969] F2FS-fs (loop2): invalid crc value
[  309.714932][ T9969] F2FS-fs (loop2): Start checkpoint disabled!
[  309.719265][ T9969] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  310.550778][ T9981] F2FS-fs (loop2): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  310.726992][ T2408] ieee802154 phy0 wpan0: encryption failed: -22
[  310.727076][ T2408] ieee802154 phy1 wpan1: encryption failed: -22
[  310.766181][ T7530] kworker/u8:13: attempt to access beyond end of device
[  310.766181][ T7530] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  310.766306][ T7530] CPU: 0 UID: 0 PID: 7530 Comm: kworker/u8:13 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  310.766323][ T7530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  310.766331][ T7530] Workqueue: writeback wb_workfn (flush-7:2)
[  310.766351][ T7530] Call trace:
[  310.766356][ T7530]  show_stack+0x2c/0x3c (C)
[  310.766374][ T7530]  __dump_stack+0x30/0x40
[  310.766389][ T7530]  dump_stack_lvl+0xd8/0x12c
[  310.766402][ T7530]  dump_stack+0x1c/0x28
[  310.766415][ T7530]  f2fs_handle_critical_error+0x34c/0x4b8
[  310.766428][ T7530]  f2fs_stop_checkpoint+0x5c/0x70
[  310.766441][ T7530]  f2fs_write_end_io+0x58c/0x818
[  310.766453][ T7530]  bio_endio+0x804/0x840
[  310.766465][ T7530]  submit_bio_noacct+0x158/0x176c
[  310.766479][ T7530]  submit_bio+0x354/0x4d4
[  310.766491][ T7530]  f2fs_submit_write_bio+0x13c/0x324
[  310.766502][ T7530]  __submit_merged_bio+0x254/0x704
[  310.766514][ T7530]  __submit_merged_write_cond+0x23c/0x4ac
[  310.766525][ T7530]  f2fs_write_data_pages+0x1d28/0x2634
[  310.766537][ T7530]  do_writepages+0x270/0x468
[  310.766552][ T7530]  __writeback_single_inode+0x15c/0x13e8
[  310.766566][ T7530]  writeback_sb_inodes+0x558/0xe38
[  310.766579][ T7530]  wb_writeback+0x3cc/0xd70
[  310.766592][ T7530]  wb_workfn+0x338/0xdc0
[  310.766605][ T7530]  process_one_work+0x7e8/0x155c
[  310.766619][ T7530]  worker_thread+0x958/0xed8
[  310.766632][ T7530]  kthread+0x5fc/0x75c
[  310.766644][ T7530]  ret_from_fork+0x10/0x20
[  310.776518][ T7530] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  310.782896][ T7530] CPU: 1 UID: 0 PID: 7530 Comm: kworker/u8:13 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  310.782919][ T7530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  310.782927][ T7530] Workqueue: writeback wb_workfn (flush-7:2)
[  310.782949][ T7530] Call trace:
[  310.782954][ T7530]  show_stack+0x2c/0x3c (C)
[  310.782972][ T7530]  __dump_stack+0x30/0x40
[  310.782986][ T7530]  dump_stack_lvl+0xd8/0x12c
[  310.782999][ T7530]  dump_stack+0x1c/0x28
[  310.783012][ T7530]  f2fs_handle_critical_error+0x34c/0x4b8
[  310.783024][ T7530]  f2fs_stop_checkpoint+0x5c/0x70
[  310.783037][ T7530]  f2fs_write_end_io+0x58c/0x818
[  310.783049][ T7530]  bio_endio+0x804/0x840
[  310.783061][ T7530]  submit_bio_noacct+0x158/0x176c
[  310.783075][ T7530]  submit_bio+0x354/0x4d4
[  310.783087][ T7530]  f2fs_submit_write_bio+0x13c/0x324
[  310.783098][ T7530]  __submit_merged_bio+0x254/0x704
[  310.783109][ T7530]  __submit_merged_write_cond+0x23c/0x4ac
[  310.783121][ T7530]  f2fs_write_data_pages+0x1d28/0x2634
[  310.783132][ T7530]  do_writepages+0x270/0x468
[  310.783147][ T7530]  __writeback_single_inode+0x15c/0x13e8
[  310.783161][ T7530]  writeback_sb_inodes+0x558/0xe38
[  310.783175][ T7530]  wb_writeback+0x3cc/0xd70
[  310.783188][ T7530]  wb_workfn+0x338/0xdc0
[  310.783209][ T7530]  process_one_work+0x7e8/0x155c
[  310.783223][ T7530]  worker_thread+0x958/0xed8
[  310.783237][ T7530]  kthread+0x5fc/0x75c
[  310.783249][ T7530]  ret_from_fork+0x10/0x20
[  310.783293][ T7530] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  312.088793][T10001] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  312.090848][T10001] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  312.799666][T10012] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  312.811894][T10012] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  312.900233][T10012] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  312.903128][T10012] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  313.037814][ T6662] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  313.188637][ T6662] usb 1-1: Using ep0 maxpacket: 16
[  313.622763][ T6662] usb 1-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  313.622832][ T6662] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.622877][ T6662] usb 1-1: Product: syz
[  313.622906][ T6662] usb 1-1: Manufacturer: syz
[  313.622933][ T6662] usb 1-1: SerialNumber: syz
[  313.639040][ T6662] usb 1-1: config 0 descriptor??
[  313.646478][ T6662] appledisplay 1-1:0.0: Could not find int-in endpoint
[  313.651870][ T6662] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  314.045594][ T6662] usb 1-1: USB disconnect, device number 16
[  316.481702][ T6662] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  316.630242][ T6662] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  316.630319][ T6662] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  316.630367][ T6662] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.632739][ T6662] usb 1-1: config 0 descriptor??
[  316.645984][ T6662] pwc: Askey VC010 type 2 USB webcam detected.
[  316.876574][ T6662] pwc: send_video_command error -71
[  316.876632][ T6662] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  316.877122][ T6662] Philips webcam 1-1:0.0: probe with driver Philips webcam failed with error -71
[  316.887386][ T6662] usb 1-1: USB disconnect, device number 17
[  317.987725][ T6662] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  318.138970][ T6662] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  318.139044][ T6662] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  318.139091][ T6662] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.150735][ T6662] usb 1-1: config 0 descriptor??
[  318.157930][ T6662] pwc: Askey VC010 type 2 USB webcam detected.
[  318.636236][T10069] loop2: detected capacity change from 0 to 40427
[  318.673054][T10069] F2FS-fs (loop2): invalid crc value
[  318.745087][ T6662] pwc: recv_control_msg error -32 req 02 val 2b00
[  318.746824][ T6662] pwc: recv_control_msg error -32 req 02 val 2700
[  318.747388][ T6662] pwc: recv_control_msg error -32 req 02 val 2c00
[  318.755052][ T6662] pwc: recv_control_msg error -32 req 04 val 1000
[  318.755499][ T6662] pwc: recv_control_msg error -32 req 04 val 1300
[  318.761521][ T6662] pwc: recv_control_msg error -32 req 04 val 1400
[  318.768337][ T6662] pwc: recv_control_msg error -32 req 02 val 2000
[  318.770790][ T6662] pwc: recv_control_msg error -32 req 02 val 2100
[  318.773648][ T6662] pwc: recv_control_msg error -32 req 04 val 1500
[  318.780101][ T6662] pwc: recv_control_msg error -32 req 02 val 2500
[  318.782686][ T6662] pwc: recv_control_msg error -32 req 02 val 2400
[  318.785413][ T6662] pwc: recv_control_msg error -32 req 02 val 2600
[  318.791778][ T6662] pwc: recv_control_msg error -32 req 02 val 2900
[  319.498173][T10069] F2FS-fs (loop2): Start checkpoint disabled!
[  319.506680][T10069] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  319.512140][ T6662] pwc: recv_control_msg error -32 req 02 val 2800
[  319.526399][T10100] block device autoloading is deprecated and will be removed.
[  319.727661][ T6662] pwc: recv_control_msg error -71 req 04 val 1200
[  319.743147][ T6662] pwc: Registered as video11.
[  319.744337][ T6662] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input2
[  320.305486][T10112] F2FS-fs (loop2): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  320.368560][ T6662] usb 1-1: USB disconnect, device number 18
[  320.468424][ T7695] kworker/u8:14: attempt to access beyond end of device
[  320.468424][ T7695] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  320.468523][ T7695] CPU: 1 UID: 0 PID: 7695 Comm: kworker/u8:14 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  320.468538][ T7695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  320.468545][ T7695] Workqueue: writeback wb_workfn (flush-7:2)
[  320.468567][ T7695] Call trace:
[  320.468571][ T7695]  show_stack+0x2c/0x3c (C)
[  320.468589][ T7695]  __dump_stack+0x30/0x40
[  320.468603][ T7695]  dump_stack_lvl+0xd8/0x12c
[  320.468616][ T7695]  dump_stack+0x1c/0x28
[  320.468629][ T7695]  f2fs_handle_critical_error+0x34c/0x4b8
[  320.468642][ T7695]  f2fs_stop_checkpoint+0x5c/0x70
[  320.468655][ T7695]  f2fs_write_end_io+0x58c/0x818
[  320.468667][ T7695]  bio_endio+0x804/0x840
[  320.468679][ T7695]  submit_bio_noacct+0x158/0x176c
[  320.468693][ T7695]  submit_bio+0x354/0x4d4
[  320.468705][ T7695]  f2fs_submit_write_bio+0x13c/0x324
[  320.468717][ T7695]  __submit_merged_bio+0x254/0x704
[  320.468728][ T7695]  __submit_merged_write_cond+0x23c/0x4ac
[  320.468739][ T7695]  f2fs_write_data_pages+0x1d28/0x2634
[  320.468751][ T7695]  do_writepages+0x270/0x468
[  320.468766][ T7695]  __writeback_single_inode+0x15c/0x13e8
[  320.468780][ T7695]  writeback_sb_inodes+0x558/0xe38
[  320.468793][ T7695]  wb_writeback+0x3cc/0xd70
[  320.468806][ T7695]  wb_workfn+0x338/0xdc0
[  320.468819][ T7695]  process_one_work+0x7e8/0x155c
[  320.468833][ T7695]  worker_thread+0x958/0xed8
[  320.468846][ T7695]  kthread+0x5fc/0x75c
[  320.468858][ T7695]  ret_from_fork+0x10/0x20
[  320.468871][ T7695] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  320.469083][ T7695] CPU: 1 UID: 0 PID: 7695 Comm: kworker/u8:14 Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  320.469097][ T7695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  320.469104][ T7695] Workqueue: writeback wb_workfn (flush-7:2)
[  320.469118][ T7695] Call trace:
[  320.469122][ T7695]  show_stack+0x2c/0x3c (C)
[  320.469136][ T7695]  __dump_stack+0x30/0x40
[  320.469149][ T7695]  dump_stack_lvl+0xd8/0x12c
[  320.469162][ T7695]  dump_stack+0x1c/0x28
[  320.469174][ T7695]  f2fs_handle_critical_error+0x34c/0x4b8
[  320.469186][ T7695]  f2fs_stop_checkpoint+0x5c/0x70
[  320.469208][ T7695]  f2fs_write_end_io+0x58c/0x818
[  320.469219][ T7695]  bio_endio+0x804/0x840
[  320.469230][ T7695]  submit_bio_noacct+0x158/0x176c
[  320.469243][ T7695]  submit_bio+0x354/0x4d4
[  320.469255][ T7695]  f2fs_submit_write_bio+0x13c/0x324
[  320.469267][ T7695]  __submit_merged_bio+0x254/0x704
[  320.469282][ T7695]  __submit_merged_write_cond+0x23c/0x4ac
[  320.469293][ T7695]  f2fs_write_data_pages+0x1d28/0x2634
[  320.469305][ T7695]  do_writepages+0x270/0x468
[  320.469318][ T7695]  __writeback_single_inode+0x15c/0x13e8
[  320.469332][ T7695]  writeback_sb_inodes+0x558/0xe38
[  320.469345][ T7695]  wb_writeback+0x3cc/0xd70
[  320.469358][ T7695]  wb_workfn+0x338/0xdc0
[  320.469371][ T7695]  process_one_work+0x7e8/0x155c
[  320.469384][ T7695]  worker_thread+0x958/0xed8
[  320.469397][ T7695]  kthread+0x5fc/0x75c
[  320.469409][ T7695]  ret_from_fork+0x10/0x20
[  320.469421][ T7695] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  323.415829][T10177] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1018'.
[  326.557918][T10214] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  330.477599][ T6516] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  330.480600][T10255] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1041'.
[  330.642080][ T6516] usb 1-1: unable to get BOS descriptor or descriptor too short
[  330.696817][ T6516] usb 1-1: unable to read config index 0 descriptor/start: -71
[  330.696890][ T6516] usb 1-1: can't read configurations, error -71
[  330.914768][T10235] loop1: detected capacity change from 0 to 40427
[  330.926766][T10235] F2FS-fs (loop1): invalid crc value
[  330.999559][T10235] F2FS-fs (loop1): Start checkpoint disabled!
[  331.009962][T10235] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  331.485857][T10269] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  331.491559][T10269] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  337.019752][T10340] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  337.027256][T10340] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  344.527519][T10425] loop7: detected capacity change from 0 to 16384
[  348.017189][   T31] kauditd_printk_skb: 16 callbacks suppressed
[  348.025634][   T31] audit: type=1326 audit(347.620:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10461 comm="syz.2.1108" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  348.041047][   T31] audit: type=1326 audit(347.620:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10461 comm="syz.2.1108" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  348.048070][   T31] audit: type=1326 audit(347.620:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10461 comm="syz.2.1108" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=75 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  348.055677][   T31] audit: type=1326 audit(347.620:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10461 comm="syz.2.1108" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  348.055922][   T31] audit: type=1326 audit(347.620:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10461 comm="syz.2.1108" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  348.056193][   T31] audit: type=1326 audit(347.620:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10461 comm="syz.2.1108" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=191 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  348.056412][   T31] audit: type=1326 audit(347.620:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10461 comm="syz.2.1108" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  348.056821][   T31] audit: type=1326 audit(347.620:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10461 comm="syz.2.1108" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  348.790706][T10469] IPVS: sync thread started: state = MASTER, mcast_ifn = sit0, syncid = 0, id = 0
[  348.904228][ T6595] IPVS: starting estimator thread 0...
[  349.020288][T10475] IPVS: using max 33 ests per chain, 79200 per kthread
[  350.121454][T10496] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  350.121764][T10496] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  351.808102][   T31] audit: type=1326 audit(351.210:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10500 comm="syz.5.1119" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa735a7a8 code=0x7ffc0000
[  351.808189][   T31] audit: type=1326 audit(351.210:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10500 comm="syz.5.1119" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa735a7a8 code=0x7ffc0000
[  353.098562][T10521] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1123'.
[  353.195765][T10523] vlan2: entered promiscuous mode
[  353.195916][T10523] vlan2: entered allmulticast mode
[  353.195939][T10523] hsr_slave_1: entered allmulticast mode
[  353.359647][T10521] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1123'.
[  353.869302][  T260] IPVS: stop unused estimator thread 0...
[  355.309039][   T52] Bluetooth: hci4: command 0x0405 tx timeout
[  355.427490][   T31] kauditd_printk_skb: 6 callbacks suppressed
[  355.427573][   T31] audit: type=1326 audit(355.030:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10542 comm="syz.2.1131" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  355.427626][   T31] audit: type=1326 audit(355.030:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10542 comm="syz.2.1131" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  355.427675][   T31] audit: type=1326 audit(355.030:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10542 comm="syz.2.1131" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=190 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  355.427723][   T31] audit: type=1326 audit(355.030:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10542 comm="syz.2.1131" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  355.427770][   T31] audit: type=1326 audit(355.030:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10542 comm="syz.2.1131" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  355.427817][   T31] audit: type=1326 audit(355.030:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10542 comm="syz.2.1131" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=191 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  355.427864][   T31] audit: type=1326 audit(355.030:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10542 comm="syz.2.1131" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  355.427905][   T31] audit: type=1326 audit(355.030:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10542 comm="syz.2.1131" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa955a7a8 code=0x7ffc0000
[  355.701603][T10552] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1133'.
[  355.704280][T10552] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1133'.
[  356.712628][T10568] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  356.712949][T10568] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  357.719989][   T31] audit: type=1326 audit(357.330:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10558 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffaa36b8bc code=0x7ffc0000
[  357.726644][   T31] audit: type=1326 audit(357.330:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10558 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffaa36b8bc code=0x7ffc0000
[  357.757644][   T26] IPVS: starting estimator thread 0...
[  357.847528][T10575] IPVS: using max 34 ests per chain, 81600 per kthread
[  358.876448][T10582] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1141'.
[  359.311193][   T13] IPVS: stop unused estimator thread 0...
[  360.337241][T10600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  360.339087][T10600] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  360.343728][T10602] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  360.346395][T10600] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  360.349004][T10602] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  360.373802][T10602] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1147'.
[  360.373877][T10602] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1147'.
[  360.578396][T10600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  360.578729][T10600] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  363.892777][T10631] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1154'.
[  365.884963][T10651] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  365.893521][T10651] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  365.929654][T10651] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1160'.
[  365.930525][T10651] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1160'.
[  368.421959][T10686] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  368.424960][T10686] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  368.435628][T10686] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  368.439747][T10686] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  368.443730][T10686] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  369.387766][T10693] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1171'.
[  369.387842][T10693] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1171'.
[  371.595480][T10717] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1177'.
[  372.110207][ T2408] ieee802154 phy0 wpan0: encryption failed: -22
[  372.110294][ T2408] ieee802154 phy1 wpan1: encryption failed: -22
[  375.273360][T10760] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  375.308942][T10762] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  375.311759][T10762] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  375.315417][T10762] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  375.328218][T10762] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  375.328536][T10762] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  376.451824][T10779] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1196'.
[  376.620172][T10779] hsr_slave_1 (unregistering): left promiscuous mode
[  378.564101][T10801] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  380.009289][T10821] bridge0: port 3(netdevsim0) entered blocking state
[  380.009455][T10821] bridge0: port 3(netdevsim0) entered disabled state
[  380.009937][T10821] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  380.012621][T10821] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  380.013723][T10821] bridge0: port 3(netdevsim0) entered blocking state
[  380.013843][T10821] bridge0: port 3(netdevsim0) entered forwarding state
[  381.899018][T10828] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1213'.
[  381.968523][T10836] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  381.968826][T10836] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  383.357762][T10850] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  383.707874][ T6516] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  384.023366][T10862] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1221'.
[  384.375725][   T32] INFO: task kworker/1:2:3911 blocked for more than 143 seconds.
[  384.417705][   T32]       Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0
[  384.420406][   T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  384.423338][   T32] task:kworker/1:2     state:D stack:0     pid:3911  tgid:3911  ppid:2      task_flags:0x4208060 flags:0x00000010
[  384.427636][   T32] Workqueue: events p9_write_work
[  384.429683][   T32] Call trace:
[  384.431108][   T32]  __switch_to+0x414/0x834 (T)
[  384.432904][   T32]  __schedule+0x1414/0x2a28
[  384.434665][   T32]  schedule+0xb4/0x230
[  384.436399][   T32]  schedule_preempt_disabled+0x18/0x2c
[  384.438502][   T32]  __mutex_lock_common+0xbd0/0x2190
[  384.440487][   T32]  mutex_lock_nested+0x2c/0x38
[  384.442400][   T32]  anon_pipe_write+0x130/0xfa0
[  384.444217][   T32]  __kernel_write_iter+0x2b8/0x6c8
[  384.446111][   T32]  kernel_write+0x18c/0x28c
[  384.457735][   T32]  p9_write_work+0x450/0xc20
[  384.457769][   T32]  process_one_work+0x7e8/0x155c
[  384.457797][   T32]  worker_thread+0x958/0xed8
[  384.457824][   T32]  kthread+0x5fc/0x75c
[  384.457849][   T32]  ret_from_fork+0x10/0x20
[  384.457926][   T32] INFO: task syz.4.621:8839 blocked for more than 143 seconds.
[  384.457948][   T32]       Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0
[  384.457967][   T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  384.457985][   T32] task:syz.4.621       state:D stack:0     pid:8839  tgid:8830  ppid:6522   task_flags:0x400040 flags:0x00000011
[  384.458023][   T32] Call trace:
[  384.458039][   T32]  __switch_to+0x414/0x834 (T)
[  384.458064][   T32]  __schedule+0x1414/0x2a28
[  384.458087][   T32]  schedule+0xb4/0x230
[  384.458109][   T32]  schedule_preempt_disabled+0x18/0x2c
[  384.458133][   T32]  rwsem_down_write_slowpath+0xa80/0x10f0
[  384.458158][   T32]  down_write+0xb4/0xc0
[  384.458181][   T32]  filemap_invalidate_inode+0x118/0x2f8
[  384.458221][   T32]  netfs_unbuffered_write_iter+0x304/0x654
[  384.458249][   T32]  v9fs_file_write_iter+0xa4/0xd8
[  384.458285][   T32]  vfs_write+0x62c/0x97c
[  384.458312][   T32]  ksys_write+0x120/0x210
[  384.458337][   T32]  __arm64_sys_write+0x7c/0x90
[  384.458363][   T32]  invoke_syscall+0x98/0x2b8
[  384.458390][   T32]  el0_svc_common+0x130/0x23c
[  384.458416][   T32]  do_el0_svc+0x48/0x58
[  384.458442][   T32]  el0_svc+0x58/0x17c
[  384.458466][   T32]  el0t_64_sync_handler+0x78/0x108
[  384.458491][   T32]  el0t_64_sync+0x198/0x19c
[  384.458535][   T32] 
[  384.458535][   T32] Showing all locks held in the system:
[  384.458555][   T32] 3 locks held by kworker/u8:0/12:
[  384.458577][   T32] 1 lock held by khungtaskd/32:
[  384.458596][   T32]  #0: ffff80008f819e40 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[  384.458670][   T32] 1 lock held by pr/ttyAMA0/43:
[  384.458691][   T32] 3 locks held by kworker/u8:4/61:
[  384.458714][   T32] 4 locks held by kworker/u8:6/260:
[  384.458744][   T32] 3 locks held by kworker/1:2/3911:
[  384.458763][   T32]  #0: ffff0000c0028d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x63c/0x155c
[  384.458836][   T32]  #1: ffff8000a26f7bc0 ((work_completion)(&m->wq)){+.+.}-{0:0}, at: process_one_work+0x6d4/0x155c
[  384.458909][   T32]  #2: ffff0000f6499468 (&pipe->mutex){+.+.}-{4:4}, at: anon_pipe_write+0x130/0xfa0
[  384.458984][   T32] 2 locks held by getty/6285:
[  384.459002][   T32]  #0: ffff0000d21b30a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[  384.459074][   T32]  #1: ffff80009b9fb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x34c/0xfa4
[  384.459147][   T32] 5 locks held by kworker/1:3/6516:
[  384.459166][   T32]  #0: ffff0000c2c28948 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x63c/0x155c
[  384.459246][   T32]  #1: ffff8000a5227bc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x6d4/0x155c
[  384.459324][   T32]  #2: ffff0000cced6198 (&dev->mutex){....}-{4:4}, at: hub_event+0x13c/0x3cf0
[  384.459394][   T32]  #3: ffff0000cd5e1520 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_event+0x1b90/0x3cf0
[  384.459464][   T32]  #4: ffff0000cd25f668 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_event+0x1bb4/0x3cf0
[  384.459534][   T32] 1 lock held by syz-executor/6519:
[  384.459559][   T32] 3 locks held by kworker/u8:12/7182:
[  384.459579][   T32] 2 locks held by kworker/u8:15/7738:
[  384.459598][   T32] 2 locks held by syz.4.621/8832:
[  384.459617][   T32]  #0: ffff0000f6499468 (&pipe->mutex){+.+.}-{4:4}, at: anon_pipe_write+0x130/0xfa0
[  384.459689][   T32]  #1: ffff0000f73482e8 (mapping.invalidate_lock#3){++++}-{4:4}, at: filemap_fault+0x94c/0x1280
[  384.459769][   T32] 4 locks held by syz.4.621/8839:
[  384.459788][   T32]  #0: ffff0000c60a7b38 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x1fc/0x2a0
[  384.459860][   T32]  #1: ffff0000f902a428 (sb_writers#15){.+.+}-{0:0}, at: vfs_write+0x244/0x97c
[  384.459940][   T32]  #2: ffff0000f7348148 (&sb->s_type->i_mutex_key#24){++++}-{4:4}, at: netfs_start_io_direct+0x1a4/0x234
[  384.460019][   T32]  #3: ffff0000f73482e8 (mapping.invalidate_lock#3){++++}-{4:4}, at: filemap_invalidate_inode+0x118/0x2f8
[  384.460101][   T32] 
[  384.460116][   T32] =============================================
[  384.460116][   T32] 
[  384.460135][   T32] Kernel panic - not syncing: hung_task: blocked tasks
[  384.572050][   T32] CPU: 0 UID: 0 PID: 32 Comm: khungtaskd Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT 
[  384.575025][   T32] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  384.577769][   T32] Call trace:
[  384.578681][   T32]  show_stack+0x2c/0x3c (C)
[  384.580044][   T32]  __dump_stack+0x30/0x40
[  384.581245][   T32]  dump_stack_lvl+0x30/0x12c
[  384.582555][   T32]  dump_stack+0x1c/0x28
[  384.583788][   T32]  panic+0x2bc/0x7ac
[  384.584851][   T32]  hung_task_panic+0x0/0x2c
[  384.586044][   T32]  kthread+0x5fc/0x75c
[  384.587165][   T32]  ret_from_fork+0x10/0x20
[  384.588357][   T32] SMP: stopping secondary CPUs
[  384.589732][   T32] Kernel Offset: disabled
[  384.590988][   T32] CPU features: 0x2000,000081c0,020004a1,04017203
[  384.592735][   T32] Memory Limit: none
[  385.171295][   T32] Rebooting in 86400 seconds..