last executing test programs:

9m55.526255041s ago: executing program 0 (id=133):
syz_io_uring_setup(0x49f, &(0x7f0000000400)={0x0, 0xe7a8, 0x400, 0x7ffe, 0x40024e}, &(0x7f0000000340), 0x0)
eventfd2(0xff, 0x80001)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r1 = userfaultfd(0x801)
r2 = socket$inet6(0xa, 0x5, 0x0)
getsockopt$inet_sctp6_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f00000001c0), &(0x7f0000000280)=0x4)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_WRITEPROTECT(r1, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f000040a000/0x800000)=nil, 0x800000}, 0x1})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000001540), &(0x7f00000015c0)=0x8)
accept4(0xffffffffffffffff, &(0x7f0000000080)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000000)=0x80, 0x80800)

9m53.887192255s ago: executing program 0 (id=135):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
syz_open_procfs(0xffffffffffffffff, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000e00)=ANY=[@ANYBLOB="6c000000100003052bbd7000249d020000000000", @ANYRES32=0x0, @ANYBLOB="15440100018404003c0012800b00010067656e65766500002c00028005000a00000000000500030005000000050008000100000004000600050009"], 0x6c}}, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000300)={0x1fe, 0x0, &(0x7f0000ced000/0x4000)=nil})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r3, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
add_key$user(&(0x7f0000000000), 0x0, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x3)
ioctl$TIOCSSOFTCAR(r5, 0x80047437, &(0x7f0000000140)=0x10)
r6 = add_key$keyring(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f00000001c0)="a6", 0x1, r6)

9m52.509860413s ago: executing program 0 (id=139):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000004700)={'team0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r2, {}, {}, {0x8, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0)

9m48.668009168s ago: executing program 0 (id=146):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_RUN(0xffffffffffffffff, 0x8004ae98, 0x20e10000)

9m44.603663182s ago: executing program 0 (id=152):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
mq_open(0x0, 0x6e93ebbbcc0884f2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x0, 0x0)
getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0xc, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(0x0, 0x6ffffffffffffffe, 0x0)
read$msr(r1, &(0x7f000001b000)=""/102400, 0x19000)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000), 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r0, 0x0, 0x0)

9m42.152433756s ago: executing program 0 (id=155):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x8008, 0x0)

9m26.650549266s ago: executing program 32 (id=155):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x8008, 0x0)

2m44.924291223s ago: executing program 1 (id=941):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x14)
connect$inet(r3, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x8006d89, 0x400, 0x2, 0x66}, &(0x7f0000000400), &(0x7f0000000040))

2m43.634527474s ago: executing program 1 (id=942):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000680)='./file2\x00', 0x800000, &(0x7f00000007c0)=ANY=[@ANYBLOB="6e6f757365725f78617474722c666c7573685f6d657267652c6673796e635f6d6f64653d706f7369782c64697361626c655f6578745f6964656e746966792c6261636b67726f756e645f67633d73796e632c6673796e635f6d6f64653d7374726963742c6e6f626172726965722c6e6f696e6c696e655f646174612c6e6f626172726965722c71756f74612c6261636b67726f756e645f67633d6f66662c6e6f61636c2c6e6f657874656e745f63616368652c6e6f646973636172642c6163746976655f6c6f67733d342c00e62bc03000c35169ed09803fa1bee488c680f339e530b5e8ad120a2b4f078093a8e0ba2b3d1b5fe99356b80a454c1ec2f8e12392bbffe9fae2fa05e18a6b61f5eded2e484f574d2757a5fe762c770477aa3460313ee54451c6a6159eca600d6c85a8c09cef9996dc851a5f5edf1a4a22576c6dfe6b9e8dade2d3a8e6a8c7710733c1f69aabd8880291"], 0x1, 0x5504, &(0x7f000000c0c0)="$eJzs3M1rI2UYAPB32u1+uxbx4G0HFqGFTWj6seit6i5+YJey6sGTpsk0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJl3qls/QGma2O3vB5Nn5p03zzxvKIVnJiQA59Z8+vOPSbgRroQQZkMI10Mo9pNyK6zH8Fx5buaxLSnHfx+4GEK4GkK4MUoecyblqU9vD2+t/fDGT199c+nCtc++/HZ6qwam7fkQQncn7u93Y8xbMT4sx+vDdhG7q8MyxhPdR+VxHuN+tlVk2K8fzasXcaUV5+c7e/1R3O7UG6PYam8X4zu9eMH+sHWUp3jDw/pucdzMtorY7udFbB3Gug4O4/+2w/4g5mmW+T4o0ofB4CjG8ewgi+vZeVTERm9Qjse8eTM7GMVhGcvLhUbeaRZ1bJ3kk/5/e7Pd2ztIh9luv5330rVq7YVq7U6ltps3s0G2Wql3m3dW04VWZzStMsjq3fVWnrc6WbWRdxfThVajUanV0oW72Va73ktrtepKdamytlju3U5fvf9O2mmmC6P4cru3N2h3+ul2vpvGdyymy9WVFxfTW7X0rY3NdPPBvXsbm2+/d/fd+y9tvP5KOekvZaULy0vLy5XaUmW5tniO1v9RWfQY1w8nkky7AICz57/2/zf1/8AYnF7/v/sghNPv/4P+fyzOVP973vv/U1g/nIj+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3Ppu7vPXip35eHytHH+qHHqmPE5CCDMhhF//xmy4eCznbJln7h/mz/2phq+TUGQYXeNSuV0NIayX2y9Pn/anAAAAAE+uLz68+Uns1uPL/LQLYpLiTZuZ6++PKV8SQpib/35M2WZGL8+OKVnx930hHIwpW3ED6/KYksVbbhfGle1fmT0WLj8WkhhmJloOAAAwEcc7gcl2IQAAAEzSx9MugOlIwtGjzKNnwcU37/94IHjl2BEAAABwBiXTLgAAAAA4dUX/7/f/AAAA4MkWf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5j535yUgfiOID/WuiD9y+PvLj3Ku7gGB7BpUvDAbwER8AreAHPgDuPYMDQqUQU3XRKI/l8kjJMQ77MELqY3yQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTpsVrO7m7Ob9vmrDft5JkNAAAAcMiqWs7qN5PU/93c/9vc+t/0i4goI+LQ2n0QP/YyB01O9cnnq3djuI+oE7bfMWquXxFx0VzP/7r+FQAAAOB0PcwX07RaTy+TvgfEMaWiTfnnMlNeERHV5ClTWrnNO8sUVv+/h3GdKa0uYI0zhaWS2zBX2kcHouvHfVe1G79pitSUX0dmmzsAAHBEg72mw1UIAAAAPbvqewD0o4jXrczdVuAoNc323s+9HgAAAPANFX0PAAAAAOhcvf53/h8AAACctnT+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF1aVctZNV9M2+asN+3kmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALywP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/uzs7WVsUYJYeIKHjQi023tbU38aAED/4JQki3NXbrjzYHW4qQizfJuRfRo4igxFv/h55b6KXeesihghcvlTc/kmkMuFo7s20+H3jzvjsZ3vu+GQj5zkwWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNr2u7txljZzZdyv9t28d3U19bf29Mn1zduLqaW412bSj4eXmx96C90lAgAAwMGR1fV9RNzJt5ZT358r6v+8PibV/N89W8Z1Pb+37q/7uvZP7ddf7r64M9FcOU8a9OzaZHzs76kMHt0qZ9tz/3jEoDjzxb2XrLgg/Q82XtjOi/PZ++bGjfeGRXiojWwBgP/iaN1XQf33UOpHXSYGwIExaBTedf2fzXWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAbtjfi6TruRcTiYDdObt27urpff33z9mLdTl27ttkcMw2RR8TZtcn4WItrmXWXLl85vzKZjC+2H7wSEV3N/k61/PMfTXFwRCfnR/A/Bf3qYs9KPg8T5NVaHv1cHf1CAgDgiZVXLdX1d/Kt5bSvNx9x//sH6//XG3FMWf/f/fjUzeZczfp/1NoKZ9/S+oXPly5dvvLm2oWVc+Nz40/fOj56e3Ti9MmTp5eKeyVL7pgAAADwcIZVa9b/wz3HpJ8dacQxZf3/xbejr5rjZOr/fe0+9Os6EwAAgIPt+Vf/+L23z/7ecBhfrqyvXxyV253Px8ttB6n+a4eq1qz/s/muswIAAADasL3Re+D9/zONOKZ8/v/MDy/91Bwzi4jD1fP/o6ufTc60t5yZ1sa/Lne9RgAAALp1uGrN5//5fKr/+zuvPPQj4o3Xyrj6GsCp6v/s/a9/bM7VfP//RHtLnEn9hfJ8FP1CxGCh64wAAAB4Uv15P+KpKFsq9n/Lt5Y/+fnIh0Pv/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC07a8AAAD//3npOno=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
symlink(&(0x7f0000000440)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r1, 0x0, 0x0, 0x1000f4)
pwritev2(0xffffffffffffffff, &(0x7f0000000240), 0x1, 0x0, 0x0, 0x0)
r2 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0)
fallocate(r2, 0x20, 0x0, 0x10000)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x20242, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x8001})

2m40.086645352s ago: executing program 1 (id=949):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e0f30fa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400}, 0x4008840)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='status\x00')

2m35.939479378s ago: executing program 1 (id=957):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x14, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7, 0x0, 0xfffc}}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x3c}, 0x1, 0x0, 0x0, 0x4040854}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x58, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x7, 0x6, 0x81, '\x00', 0x3c})
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000000c0)=0xfffc)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2m35.567583837s ago: executing program 1 (id=961):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
syz_mount_image$bcachefs(&(0x7f00000058c0), &(0x7f0000005900)='./file0\x00', 0x10000, &(0x7f0000000240)=ANY=[@ANYBLOB='fsck,inline_data,nocow,degraded,str_hash=siphash,norecovery,discard,reconstruct_alloc,erasure_code,acl,no_splitbrain_check,hash,uid=', @ANYRESDEC=0x0, @ANYRES32], 0x0, 0x58b4, &(0x7f0000005980)="$eJzs3W2QXFXdIPBzu3synZm8TAJIBJkMgSiCmglvhS+l0fWtAKlYWErYKAxkgtEkpJIgEFCCCy4UYKGlpagf0EJq0WhRBatESuRlE1ZRitWltpBa3UU/+BTykBLIQ1k+5qmZvqfTc6fv3J7unpDA71fJ3D6nb//PueeevtP/Mz3TAQAAgNeE3ddv2XvOUR/41RdHX7rmwz/bcG3oL4/XV+MOA+n2ileqhxxIvZVF49vsvHjTVT/489DF7/vl3X3ff3nXmmPX/v79h118/2fO3Hnbtx96ce69/3ymKG6cTyfuLyfPJSFUf77n61/a9diRY3VJCKGcDGwPYUGy8KEFSSbE8N9DCGvSwqLMnfe8dMrase21N/VOqJ+f2c98f22rpvNs297LTwp/eO+q636z+Mc/6tnx7Pb9uyTVhvkUwrwLGx/fE0KYnf4fE2dbnI9x0q4MIfQ1PO6Mgn4d12L/l+WUj063s9Jtf0GceP+STLmU2S9bjnoy276C9jqV14929ysyJ1POXow6ldfPWL8g3f403Z44zfjl+D8JpSRU6t1fn+yfI6HhvCUhGT+X1Xq5VD+3IT3+TDnJlEuZcrknc1zj7aYTrZwkE+vjfpn6eDmupPXHNl6rmzg3p/716baaPlFfjuWQvVHTP+lG/bjGxX7tmaIvB0Kp4RrUrL5+4tOT0Z/W9ScLJz1mXxPxvl2rbl5aXv3w7oGcfiR3J2n8pK342369YM6nfnjjZdnv6/X4F5bS+KW24v/xrMefP//G730rN/6tMX65rfgnP9D33FmPXL8kd3z2xPGptBV/5JlHb1l8+EU7cvt/e4xfbSv+ip2P987d+8CDuf0fjuMzu634T7/zg3+668n7ns2NH2L8vrbir9656cu9g3tPyI3/YByf/vbmzws7Tn9qcPAvQ3nxn4jx57YV/87tt73jjvk3nZl7flfG8RloK/7Zx99/3Zy99x2Td+1Mbu/Wd06A16bD0tdYN6TldvPMTjXkC98cqtRe881J/8/tZkMZY+3Mm8H4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALw2HXHS//zQ///4wHOVtNyb3ni6VNvG+lkhJLNDCFu2jmzeum7jJUOfufSyzRtH1g+NbB0a3bh185VDp75laPPopvUjV47dO/zWU2qPWxiS2jY5ZlLb+/bt21camFgX2/tPx+/4w9Iz/uWvIQwf8bvBSm7/l9224Y7Dm3zNSFbse8+Gy8753WnfTY9rIO3XQE6/Qk6//vW8f9zx1T1/PiGE4ddN1a9Hn373LyZ0aLxif5xUqTfUOtSb9DXtR73XaX/ieFXWrls/Olw8vuWc4/jPVz3797VXfOUftfGt5h5Hi+M7e8W+9aVvrDr7379xda3iYD3vReMdjyL2L45fNR3veelxzcs5rkrOcV3/mwef/PlRN764PQxXXlg8ue2i4+pJJ0BP8vqW2o0t9CULJtRX0/3jGY+PW7Z1w6ZlW67c9tZ1G0YuGb1kdOPbl5+6/PTh004/bdn4kS/r8vHH9t/Y4vEfmPk0/3Pbfxq/tjafivpVNB5j/Soej8Ye5T3/+s790tfeftsj59QqiuZ53Lt+PUm3fWPneXlomG+Tx6rZcRWNQwhhqNk4PP/imeHI/7PuuqLrUOOZafyakazY99iSv333jO8selet4oBc5xs71OZ1vt7r/f0ZH69qej4O1vHtDeX0uPqb9mv5Y4/03Lz7r5+v92/WrHDFyNatm5fXvs5JezonObppv7K18bgWj38th3RYQn2aNpmvY3pCrX/Z62fcPTuq/el9/cnCpseVFe/btermpeXVD+/OG+nk7lqLs8Pc2jZ5Q86e6zMPLNc73Kz9Q3V+DH7oO/d+/N6fnDppfpxc+1p0XEnOcf34yTu/9v2v/NefdO+4PvTuxwf+9n8/vbRWcahcV+q9TvuTNF5XTg6h6Pm3ODQ/jtznX6n58RQ9/7Lt7N+/ebyhTLk/lNt6vp78QN9zZz1y/ZLc5+ueVp+vV08olQuerwfL/Hnlnl8TJkqyYt8vbzhs+0PXrDyqVlE0r+t7N5vXp7SQf+Qc1y/Of2rw0qH/8r+7d934wVvuueD3Iyu+UKs4WM57NR3fas741nsd887G8X3bxZeuX1OrP3hf/6bbgvwnXkq2XLntsyPr149u3tLacbX6/TS2kx3ldr+fxqvbwoLjKk06rpm70cp4tfp8i/1f0/Z4TXy+9Yekre8L2369YM6nfnjjZQOTHpU2dGEpjV9qK/4fz3r8+fNv/N63cuPfGuNX2oo/8syjtyw+/KIdufFvT9L41bbir9j5eO/cvQ88mBt/OPZ/dlvxn37nB/9015P3PZsbP8T4/e2N/ws7Tn9qcPAvufGfSNJ2xl4jhXDPS6esrZWT0JM+32I/eib0K2TLSaZcypTLjeVSba213kA5SSbWx/3S+mMb+tLMJ3Lq46uw6qLa9uVYDtkbU9cfbEoN1/5m9UWvUwEAXu3iz//ja9D48//R9IVS/koD7NdpHrYoJ27Mw/av58yacP+iNH58fFwHHHxbGB7bXjtUe6E/3XXO+HzIrnPGdk44bmKMdtc5i9bfl2TKsV+19fJKQx6ampzXVEIL6++T25l6/T1z+MXr40M3TOrWUMO6Vfb89aQrZs3e75Dpb2UsQt78yK6LxfdzDM4LK8fba3F+ZN9HE89D9n00sZ2jMhfOdt9H0+n8iN2eYn6Md7n45xuTz1+YYnz3n7/m0bLnbxrnuzq2/0z/fPbQXzec2Z+HWZfMiZ8+wQ72dcNYH4+j0uJ64sdz6ru1nhgvF7Ffe6boy4FgPRF4tYr5f/weMZb/j70A/7fMfkWvQ7OvGmO83PcJlZv3pyjvmPw+vb62vo+v3rnpy72De0/IfZ3zYKvv+9k0odRX8L6fonFcmikXjmPOAk1Rvpdtp2jcs+/L6A9z2xr3O7ff9o475t90Zu64r6x9Iy0e969NKM0tGHf5Qk58+cJBkS/M9PrZK5aPpG98mql85GM59dPNR/om3agf17hDLh/pObD9AgAOHTH/r//8LM3//19mv6K89cRMOcbLzVtzXp/k5a0fSbdXZPbvT3+jYrqvm88+/v7r5uy975jcvOX2VvPQ/zahNFCYh3aWN+fmESu7837x3Dyinmd1lifm9r+eJ3aWp+fGr+fpneXRueNTz6M7WwfIjV9fBzjU89yZXa971ebR6a/PzlQefW5O/XTz6P5JN+rHNU4eDQDwyor5f3wZF/P/RzL7dfq6PTcv6NLr9uzfA6nHf+JA5ZUznffNdN4603n9TK9LHOp58UyvC83sOpm8OC2H7I0aeTEAAAeDmP/PTsv5+X9n+Ulu/lbPT+TnTePLzw+S/PxQX/+S/8v/i8n/AQBe3WL+H3/tMf79v/+RlrN/t16enhNfni5Pn2r+tJynz/Q6m3UA6wDFrAMAALy69IxnSpN/z/6T6Tb7e/Z5v5d/fs7+raqM/459CBdt3Tw6esFlm9aMbB29YOOla0a3XHD55nVbt45urO3Xad6Ym7ekeWNPqKTj0Xy/bN42P/17CPNz/h5Cdv8Y9ujxG5P/HkK22dkFf0dg//lrrb955680xf7N5kfe+c6L/4mc/aP6+b/40ydfsHbLBes2rtu6bmT9um2jE/cby1r7pvG5mXFYpvW5mZkvk5Sm//md3elHaVI/etLxyPt89iTTjwVpTxbkff5BTr9/9b+++rnj9/3jrhCGjyi/oaPxS1bs++/njX5k6+7fbRrrf2nK/tf3TPtV9Hml2f3j8VTWX7pl60lrL71sY/YTJdsT1zNK9fIMrWekT/9yi+sTq3Pqp7s+UZ504+DU8voEAAATxJ//x9ez8eeHX0lfQMX61vP0zn5+nJunD7eWp2c/l6woT8/uH4+31Ty92mGenm2/KE9vtn+zPD0v786L/7Gc/aer9XnS2fs8cufJha3Nk+znGRTNk+z+050nSYfzJNt+0Txptn+zeZJ33vPifzRn/zytz4fO3peTOx9ubW0+vDlTLpoP2f2nOx9KHc6HbPtF86HZ/s3mQ975zYt/Ts7+rZo4P8Ymxvi8GL3g8ks3f7Zhv5n+/IvO+zezn//Rrtb7P7Pv+5r5/s/s+8pmvv+dva8st/9PdLYS1nr/Z/bzXdp1wNZr0zebFb3/rGgdd1VO/XTXcWdNunFwso4Lr5yY/8cf98T8/6Z02+0fAx36n5Pmc8yaxu/S55gVvY7x/XyKxg4Cvp8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtKa3smh8u/v6LXvPOeoDv/ri6EvXfPhnG65901U/+PPQxe/75d19339515pj1/7+/YddfP9nztx527cfenHuvf98pjDwQG1zYlqshpA8l4RQ/fmer39p12NHjtUlIYRyMrA9hAXJwocWJJkIw38PIayp93Pinfe8dMrase21N/VOqJ+fCZI9rtBfjv2Z0M9wReERcQiqpvNs297LTwp/eO+q636z+Mc/6tnx7Pb9uyTVhvkUwrwLGx/fE0KYnf4fE2fbovjgdLsyhNDX8LgzCvp1XIv9X5ZTPjrdzkq3/QVx4v1LMuVSZr9sOerJbPsK2utUXj/a3a/InEw5ezHqVF4/Y/2CdPvTdHviNOOX4/8klJJQqXd/fbJ/joSG85aEZPxcVuvlUv3chvT4M+UkUy5lyuWezHGNt5tOtHKSTKyP+2Xq4+W4ktYf23itbuLcnPrXp9tq+kR9OZZD9kZN/6Qb9eMaF/u1Z4q+HAilhmtQs/r6iU9PRn9a158snPSYfU3E+3atunlpefXDuwdy+pHcnaTxk7bib/v1gjmf+uGNly3Ki39hKY1faiv+H896/Pnzb/zet3Lj3xrjl9uKf/IDfc+d9cj1S3LHZ08cn0pb8UeeefSWxYdftCO3/7fH+NW24q/Y+Xjv3L0PPJjb/+E4PrPbiv/0Oz/4p7uevO/Z3Pghxu9rK/7qnZu+3Du494Tc+A/G8elvb/68sOP0pwYH/zKUF/+JGH9uW/Hv3H7bO+6Yf9OZued3ZRyfgbbin338/dfN2XvfMXnXzuT2bn3nBHhtOix9jXVDWm43z+xUQ77wzaFK7TXfnPT/3G42lDHWzrwZjA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKvTb68+9ZPnveejqypJCEnOPvuaiPeVZ61YMdRGuyPPPHrL4sMv2tFYt6iNOAAAAECxmIeX6jXVsChcnswORzfdP64RHB1LycT67BpCjJNdI2g3TqlLccpdilPpUpyeLsWZ1aU4vV2KUy2IUw2txZk9ZZxSy/3p61Kc/i7FmdOlOHO7FGdel+LM71KcgSnjtD4PF3QpzsIuxTmsS3EO71KcI7oU53VdinNkl+Jk15SnOw/npnselRdn/Ea5ME4lKdfvaLaeHts5psN2+ltsJ/f7cYvtzG6xneMyjytNs51qi+28scN2khbbeXOH7ZQK2onz9ops/2I7sdTi/L+yS3G2dSnOVV2Kc3WX4ny+S3G+0KU413QYB6BVMf/fn+8NhN7Ku0JfesXJrgLEfHfx+NfJ3+/yLkgx3hsy9bOy8bJhsol6Jt7i6fYvu4CQibckU98zIV6lno9MEa/aGG9p5s5Jx5vtX3ZBIdO/EzP1vUXxsgsLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCDfnv1qZ887z0fXRWSMPavqX1NxPvKs1asGGqj3V2rbl5aXv3w7sa63kobgQAAAIBCMQ/vqddUQ29leehNZk3Yr5quA1TTcnmgth2cF1aObZOh0ni5L1kw5eMq6eOWbd2wadmWK7e9dd2GkUtGLxnd+Pblpy4/ffi0009btnbd+tHh2tcQegvihRDGlx+2XLntsyPr149u3lKrzPZ/Ufq4RWk5SR83+LYwPLa9Nu3/woL2SpPam7kbxWcPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/2DX/kLdPOs4gD9vkpNkZ6uN7F9W1tPQP6Pq0LZm0ulYXhAcbG3pYSDJ9DiKa3F4upatHXXGreA2WxRho1AqvanU4ebwZn/cEPeHQmVWC55aZBu6C71QNp10oxfSEek5eXOSNGlO41i37vO5eN/keX7P88uTiwPf9wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA/WVL08Ua2M10ajEKI+NY0ekrl0No5LQ/T9+vNbf5wbO7m8fSyXGWIjAAAAYKAkh4+0RvIhl0mHdLhq+t3i0DYRZnM/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw8TNVL09UK+O1i6MQoj41jR6SuXQ2jktD9H3jnSe/8OrY2D/ax4pD7AMAAAAMluTwVGskH4phSRiJruqoS54NLOha312X7LNwjnXdzw761S2ZY901c6z71IC6dc37jgAAAAAffUn+z7RGCiGXmdc3/w/K9Undoq66dPM+zG8FAAAAgP9Pkv9zrZFiyGWKrbw+17y/uKsuWT/o//bJ+mV91g/6f/7a5t3/6QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgo2OqXp6oVsZr6SiEqE9No4dkLp2N49IQfVe9MPqvWw49tLh9LJcZYiMAAABgoCSHz0bvfMhlRsNIuHg694/dtP/prz79bDmEMBPzs9mwY8O2bXevmrkmdSuPHBr50eG3vndG3cqZ63k7IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8L6ZqpcnqpXx2kVRCFGfmkYPyVw6G8elIfq+/qWv/O3x48+92T5WHGIfAAAAYLAkh89m/3wohmzIhium37Vn/dNSXev7PTMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhz3fOe+b2+YnNx4txdeeOFF68X5/ssEAAC83xaFKDTO0ZXrz/enBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgym6uWJamW8lo9CiPrUNHpI5tLZOC4N0Td+/mhu3skXXmofKw6xDwAAADBYksNns38+FMNIGAmXT7/r9UxgOv8XPsAPCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHyoTNXLE9XKeG1eFELUp6bRQzKXzsZxaYi+j+3c98WD8394c/tYLjPERgAAAMBASQ7PtkbyIZf5dMiFq5vvJzsXROnmvfdzgdl1WzuWjc55Xb1jXXrO63Z1nSzTPM3MunyyX2Hm3lpXOnNdqW1dMbTalzrWhT0dq+YN+JwBAAAAzqMk/+daI4WQy+Tacu7PO+oLci4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0MdUvTxRrYzXoiiEqE9No4dkLp2N49IQfe/7/Scv+cYvdm9vHysOsQ8AAAAwWJLDZ7N/PhTDwvCJsHA694dCZ31S9+/qqYOP/ufvy0NYccWxsUzf/X/7+o0vdl9CSHUWpUKY3+wX9en3uz8+eu/SxqnHQ1hxefrqc+3XuWXceKa6ce22w8e2nuWLAQAAgAtIkv9HWiOFkMvc1Tf/J8n7nPL//Ht3/uqy5rWZyLtWpArNfqk+/b689Mm/Llv9z7dO5/+z9fvcvs0HL+toODPSJYoblc3b1x277kAqOfVM/3RX/+R7+dp33/zvph2PnJrpnw/55viCTK/+Z167XBQ3JlN7a2ve21vv7J/pc/6H/vDS8d8s2P3u6f7vLBpt9b/mLOc/e//RWx/ec/2+Q+s6+4cQSr36v/3uzeHKP9/5YPf5R7s2bv/m269dorhxZPGJA6v3F2/o7B919U++/18ef2zPzx75wbNJ/+S3IsuXzLV/qqv/K7su3fnyA+sXdPZP9Tn/i7e9Oral9P0/dZ//jqHP/8S1T93+2ob4/u4pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAC8tUvTxRrYzXUlEIUZ+aRg/JXDobx6Uh+r5xy9G3b9v905+0jxWH2AcAAAAYLMnhs9k/H4ohG7JhdDr3P1PduHbb4WNbQ2FmNmreM5Nb7tn2mU1btt91x3n65AAAAMBcJfk/0xophFxmaRhp5v/K5u3rjl13IJXk/1SS/zfdOblxRWjVvbLr0p0vP7B+Qes5QQjTPwvIn677/GzdTTceLZz4y7eW9axbNVt3ZPGJA6v3F29I6kJ73crQej7xxLVP3f7ahvj+1udrr/vsN7dMNh9PJPuO3vrwnuv3HVrXOkfzPtrcN6mbTO2trXlvbz2pSzfv+ea5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAzTdXLE9XKeC2kQ4j61DR6SObS2TguDdF3zdJfP3jJyecWto/lMkNsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8jx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirs101oHVUfB+Bz7k3e3OYmbdK+YFRM06oodWFRENGNioq0IgVXlSLV1i5EQRBR6sJUWrFUxY1gdVNEBTVKQcHGYmmVVPwqblyooFBdCKUY0IbiQiXJObc304xXJ1VQnweGc8+Zmd/8Z87J5F4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4R+npGpppD++4f+qWc2746NG7Tjxy0zv3brvo4Ve/G9l03Yd7e186ObF5xZYvr1+2af/da8Z3P3/op/63fjnaMfih2WZV6jZCiMdjCI13J595bOLjs6bHYgihHgdGQxiMSw8NxkLC6p9DCJtbdc7d+eaJy7dMt9t29cwZX1IIKd5XaNZzPbMG5tbLv0sjrbOtUw9eEr6+dv32T5e/8Xr32LHRU4fERtt6CmHxxvbzu0MIi9I2La+2oXxyateFEHrbzruyQ13n/8H6Ly3pn5va/6W22SEn719Z6NcKxxX7WXeh7e1wvYUqq6PqcZ30FfrFl9FCldWZxwdT+3ZqV/3J/HreYqjF0NUq/554ao2EtnmLIc7MZaPVr7XmNqT7L/RjoV8r9OvdhfuauW5aaPUY547n4wrj+XXclcZXtL+r53FryfjZqW2kP9STuR+KH2Y1T/vQuq8Zua7J36nl71BrewfNN96a+DQZzTTWjEtPO+fXeeR9E+ufuLC+4b3DAyV1xL0x5cdK+Vs/Gey7/bWdDwyV5W+spfxapfxv1h754badLzxXmv90zq9Xyr/sQO/xte/vWFn6fCbz8+mqlH/H0Q+eXP7/O8dK69+T8xuV8q8ZP9LTP3XgYGn9q/PzWVQp/6urb/z2lc/3HSvNDzm/t1L+hvH7nuoZnrq4NP9gfj7Nauvnx7Ervhge/n6kLP+znN9fKf/l0d1Xvbhk15rS+V2Xn89ApfybL9i/vW9q33ll786450z95wT4b1qWvmM9nvpVf2cuVNvvhWdHuma/8/Wlrf9MXqhg+jqL/8J8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Dd24IAEAAAAQND/1+0IFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAngoAAP//pkA1WQ==")
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x101100, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r2, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r1, 0x4010bc14, &(0x7f0000000200)={0x10, 0x10005, 0xffffffffffff8ab7, 0x2, 0x86b, 0x6})
close_range(r0, 0xffffffffffffffff, 0x0)

2m33.700922442s ago: executing program 1 (id=964):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, 0x0, 0x809d)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2000, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0)
landlock_restrict_self(r1, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)

2m18.466787316s ago: executing program 33 (id=964):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, 0x0, 0x809d)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2000, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0)
landlock_restrict_self(r1, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)

27.611919894s ago: executing program 5 (id=1202):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r0, 0x71e4)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/stat\x00', 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000c80), 0x6, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet_mptcp(0x2, 0x1, 0x106)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x3, 0x8, 0x2, 0xb}, 0x0, &(0x7f0000000280)={0x3ff, 0x0, 0x0, 0x400d, 0x0, 0x9, 0x466}, 0x0, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000040000000160a01010000000000000000010000000900010073797a30000000000900020073797a300000000014000380080002400000000008000140000000002c000000180a05000000000000000000010000000900010073797a30000000000c000540000000000000000114000000020a01"], 0xc8}}, 0x4000450)

17.779989446s ago: executing program 5 (id=1220):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0x4, 0x1}]}, @void, @void, @void, @void, @void, @void}, 0x2f)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=ANY=[@ANYBLOB="1000000008021100000108021100000008021100"], 0x28)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000600)=ANY=[@ANYBLOB="5000000008021100000108021100000050505050505000000000000000000000000401000006020202020202"], 0x36)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_ASSOCIATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)={0x3c, r4, 0x1, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x96c}], @NL80211_ATTR_MAC={0xa}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000815}, 0x850)

16.404479352s ago: executing program 5 (id=1224):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002d9d7000000000000900020073797a30000000000800410073697700140033006c6f00"/56], 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
connect$inet(r3, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x8006d89, 0x400, 0x2, 0x66}, &(0x7f0000000400)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000180)='io_uring_poll_arm\x00'}, 0x18)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x100})
io_uring_enter(r5, 0x8aa, 0x0, 0x0, 0x0, 0x0)

16.282304023s ago: executing program 4 (id=1225):
socket(0xa, 0x801, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x11000)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

15.007709442s ago: executing program 4 (id=1229):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x235, &(0x7f0000000300)="$eJzs3T9oFFkcB/Df7J/LJVmO3F1zcHAniIgGQuwEm9goBCSIiKBCRMRKEiUmbWJlY6G1SiqbaGu0FJtgExGsgqaIjaBBxGChxcrsJBLNiuLGHXE+H5jdmd335veGme/bbYYJoLB6ImIgIsoR0RsR1YhI1jfYki09q5vTnXPDEfX6oVdJo122nVnr1x0RUxGx+2Y9U4mYmD229HZh//ZL49VtN2aPdrb1IFctLy0eWLk+dPH24K6Jh49fDCUxELVPjmvzJU0+qyQRf/2IYj+JpJL3CPgW5+aHXqe5/zsitjbyX41SZCfv8thv96ux89qX+l55+ejfdo4V2Hz1ejX9DZyqA4VTiohaJKW+iMjWS6W+vuw//JNyV+nM6Nj53tOj4yOn8p6pgM1Si1jcd7fjTvdn+X9ezvIP/LrS/B8+OPM0XV8p5z0aoJ3S/PeemNwR8g+FI/9QXPIPxSX/UFzyD8Ul/1Bc8g/FJf9QXPIPxSX/UFzr8w8AFEu9I+87kIG85D3/AAAAAAAAAAAAAAAAAAAAG013zg2vLe2q+eBqxPLeiKg0q19uPI844vfGa9ebJG32UZJ1a8nx/1vcQYtu5Xz39R/P8q0//1++9SdHIqYuRER/pbLx+ktWr7/v9+dXvq+ebLFAi/Ycybf++5l86w8uRNxL55/+ZvNPKf5pvDeff2rp+Wux/tl3Le4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAtvkQAAD//4XCc8o=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_genetlink_get_family_id$ethtool(0x0, r0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r4 = socket$kcm(0x2d, 0x2, 0x0)
r5 = fsopen(&(0x7f0000000500)='cgroup\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x3, &(0x7f00000000c0)='source', &(0x7f0000000100)='\x00\x10\x03@\xc4-\xeb6\xa7V\xbf\xb8h\x98\xd2\x00\x00\x00\x00\xa7m\b\x95\'\xc0D\x81\x1fj\xcd\x8a\n\xd5\xa3qZD|\x18+\x97\xee\x04\xc2+\x89SI=\xad1\xa4!\xaeq\r\xee&\xaa\xdah\xcf0\x04\x8b\x96\xee\x9f7\x8d\xbc\xab\x98\xd5.\xe9q\xb5[\xc2M9\xd6\x16\xff\x04R\xdej6\xcf\xde\x1dU\x9c\xc9\\&[\x82&\xda\xb1\xb2\x04\x00\x00\x82\xddi\xca\x05\xb1Vi>\xd6H', 0x0)
close(r4)

13.998098303s ago: executing program 6 (id=1231):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x854}, 0x0)
connect$inet(r3, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000980)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

13.600157122s ago: executing program 2 (id=1232):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r0, 0x0, 0x3, 0x4000043)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000180)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x9, 0x7, {0x5, 0x4, 0x0, 0x30, 0xfffa, 0x64, 0x81, 0xea, 0x32, 0x0, @private=0xa010101, @loopback}}}}}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_open_dev$swradio(&(0x7f0000003900), 0x1, 0x2)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0xffffffb3, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$FUSE_LSEEK(0xffffffffffffffff, &(0x7f0000000400)={0x18, 0x0, 0x0, {0x91b}}, 0x18)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6(0xa, 0x80001, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000000c0)='bbr\x00', 0x4)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

13.541007209s ago: executing program 3 (id=1233):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
socket(0x1d, 0x6, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x4f, &(0x7f00000000c0)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
r5 = syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x101)
dup3(0xffffffffffffffff, r5, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000900)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000bc0)=@newtaction={0x68, 0x30, 0x48b, 0x0, 0x0, {}, [{0x54, 0x1, [@m_simple={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'nat\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x6f8, 0x2, 0x0, 0x6, 0x1ff}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x68}}, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001ac0)={r0, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200"}})
dup(r1)
r7 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
io_uring_enter(r7, 0x627, 0x4c1, 0x9, 0x0, 0x18)

12.499191028s ago: executing program 4 (id=1234):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000000000)="b7", 0x1, 0x4000014, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d1bf91b4d090955f70e06d038e7ff7fc6e5539b0d3f0e8b089b3f35076e090890e0878f0e1ac6e7049b3346959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x96d)

11.901623055s ago: executing program 3 (id=1235):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0xe0, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_RATE={0x6, 0x5, {0x8, 0x81}}, @filter_kind_options=@f_bpf={{0x8}, {0xa4, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x8c, 0x1, [@m_connmark={0x34, 0x15, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_ct={0x54, 0x17, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @multicast2}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e22}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e20}, @TCA_CT_ZONE={0x6, 0x4, 0x3}, @TCA_CT_ZONE={0x6, 0x4, 0x8}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}]}]}}]}, 0xe0}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f, 0xa6}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

11.114098915s ago: executing program 2 (id=1236):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x4, &(0x7f0000000600)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

9.97217483s ago: executing program 2 (id=1237):
openat$sysfs(0xffffff9c, &(0x7f00000003c0)='/sys/power/pm_trace_dev_match', 0x20800, 0x2)
memfd_create(&(0x7f0000000000)=')\x00', 0x1)
close(0x3)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWSET={0x74, 0x9, 0xa, 0x3, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @quota={{0xa}, @void}}, @NFTA_SET_EXPR={0x50, 0x11, 0x0, 0x1, @dup={{0x8}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x13}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x1a}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x17}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x13}]}}}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x9c}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_procfs(0x0, &(0x7f00000000c0)='status\x00')
setgroups(0x400000000000026f, &(0x7f0000000080)=[0x0, 0xee00])
ioctl$HIDIOCGRDESC(0xffffffffffffffff, 0x90044802, 0x0)
bpf$BPF_GET_MAP_INFO(0x3, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x4008840)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r3, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r4 = socket$alg(0x26, 0x5, 0x0)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendto$unix(r5, &(0x7f0000000440), 0x0, 0x800, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)

9.690698665s ago: executing program 3 (id=1238):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
socket(0x1d, 0x6, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x4f, &(0x7f00000000c0)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
r5 = syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x101)
dup3(0xffffffffffffffff, r5, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000900)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000bc0)=@newtaction={0x68, 0x30, 0x48b, 0x0, 0x0, {}, [{0x54, 0x1, [@m_simple={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'nat\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x6f8, 0x2, 0x0, 0x6, 0x1ff}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x68}}, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001ac0)={r0, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200"}})
dup(r1)
r7 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
io_uring_enter(r7, 0x627, 0x4c1, 0x9, 0x0, 0x18)

9.445394267s ago: executing program 4 (id=1239):
r0 = syz_usb_connect(0x5, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$EVIOCGMASK(0xffffffffffffffff, 0x5b02, 0x0)

8.737609845s ago: executing program 6 (id=1240):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
socket$inet(0x2, 0x3, 0x8)
socket$inet(0x2, 0x3, 0x6)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x16, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000400)="e8", &(0x7f0000000480)=@tcp6=r2, 0x1}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r4, 0x5, 0xe, 0x0, &(0x7f00000003c0)="000000000000000000000001e370", 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x50)

6.450130188s ago: executing program 6 (id=1241):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002d9d7000000000000900020073797a30000000000800410073697700140033006c6f00"/56], 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
connect$inet(r3, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x8006d89, 0x400, 0x2, 0x66}, &(0x7f0000000400)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000180)='io_uring_poll_arm\x00'}, 0x18)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x100})
io_uring_enter(r5, 0x8aa, 0x0, 0x0, 0x0, 0x0)

6.25571866s ago: executing program 2 (id=1242):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x4, &(0x7f0000000600)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x2000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r1, &(0x7f0000000000)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0)
unlink(&(0x7f0000000080)='./file0\x00')

5.530670019s ago: executing program 3 (id=1243):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r1, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000000000000", 0xc)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e2b, 0xb, @private1={0xfc, 0x1, '\x00', 0x6}, 0x6}, 0x1c)

5.410836168s ago: executing program 6 (id=1244):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
socket(0x1d, 0x6, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x4f, &(0x7f00000000c0)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
r5 = syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x101)
dup3(0xffffffffffffffff, r5, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000900)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000bc0)=@newtaction={0x68, 0x30, 0x48b, 0x0, 0x0, {}, [{0x54, 0x1, [@m_simple={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'nat\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x6f8, 0x2, 0x0, 0x6, 0x1ff}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x68}}, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001ac0)={r0, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200"}})
r7 = dup(r1)
syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
read$FUSE(r7, &(0x7f0000003c40)={0x2020}, 0xffffff0a)

5.372396147s ago: executing program 4 (id=1245):
r0 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mknodat(0xffffffffffffff9c, 0x0, 0x21c0, 0x103)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f00000000c0)={[{@jqfmt_vfsold}, {@debug}, {@debug}, {@noload}, {@mblk_io_submit}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@debug}]}, 0xfe, 0x46d, &(0x7f0000000f00)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQKNbQmQohWD3g0JN6N/4XxpBejXjTxqndDQgwXUC9rZmemLMtu2aXbLnQ/n2S6zzPzdJ/nOzPP7jPz7G4APWsk+5NE/C8ifo+IoTx7a4GR/OHGtYtTf1+7OJVEpfLWX0m13PVrF6fKouX/bcszlUqR39Sg3kvvRkzOzc2cK/Jji2c+GFs4f+GF2TOTp2ZOzZydOHbs8KG9g0cnjnQkziyu67s/nt+z6/g7l9+YOnH5vZ+S/sjjjro4OmUk37sNPd3pyrpse026umOX7fvlZrrRmUA39UVEdrgGqv1/KPpiy/K2oXjts642DlhTlUqlssKr8lIF2MCS6HYLgO4o3+iz699yWaehxz3h6sv5BVAW941iybf0R5on9g3UXd920khEnFj656tsiTW6DwEAUOu7bPzzfKPxXxoP54nB7M//izmU4Yh4ICJ2RMSDEbEzIh6KqJZ9JCIebbP++hmS28c/6ZW7Dq4F2fjvpWJu69bxX1oWGe4rctur8Q8kJ2fnZg4W++RADGw6OZvMjK9Qx/ev/vZFs221479syeovx4JFO670192gm55cnFxNzLWufhqxu79R/EmU0zhJROyKiN13Wcfss/1Nt905/hU0f9qWVb6OeCY//ktRF38paTo/Of7i0YkjY5tjbubgWHlW3O7nXy+92az+VcXfAdnx39rw/F+OfzjZHLFw/sLp6nztQvt1XPrj86bXNG2e/8e3F+f/YPJ2dcVgseGjycXFc+MRg8nrt6+fuPlsZb4sn8V/YH/j/r8jbu6JxyJiT0TsjYjHs4vCou1PRMSTEbF/hfh/fOWp99uPf33mSrP4p+90/KP2+Lef6Dv9w7d3jn9zRDQ7/oerqQPFmlZe/1pt4Gr2HQAAANwv0upn4JN0dDmdpqOj+Wf4d8bWdG5+YfG5k/Mfnp3OPys/HANpeadrqOZ+6Hhxb7jMT9TlDxX3jb/s21LNj07Nz013O3jocdua9P/Mn33dbh2w5jowjwbcp/R/6F36P/SmRP+Hnqb/Q+9q1P8/aVp69Js1bQywrrz/Q+9qof8v5Q/NRwXA/cn7P/Qu/R96UtPvxqer+sr/uif+LX7P8F5pz8ZPRHpPNGPjJ/pb/jGLNhKVobz/Z2s2NSzT7VcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzvgvAAD//w3J5b0=")
rename(&(0x7f00000003c0)='./file0\x00', 0x0)

5.035193453s ago: executing program 2 (id=1246):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0x4, 0x1}]}, @void, @void, @void, @void, @void, @void}, 0x2f)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=ANY=[@ANYBLOB="1000000008021100000108021100000008021100"], 0x28)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000600)=ANY=[@ANYBLOB="5000000008021100000108021100000050505050505000000000000000000000000401000006020202020202"], 0x36)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_ASSOCIATE(r3, 0x0, 0x850)

3.920310115s ago: executing program 5 (id=1247):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002d9d7000000000000900020073797a30000000000800410073697700140033006c6f00"/56], 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
connect$inet(r3, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x8006d89, 0x400, 0x2, 0x66}, &(0x7f0000000400)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000980)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000180)='io_uring_poll_arm\x00', r8}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x100})
io_uring_enter(r5, 0x8aa, 0x0, 0x0, 0x0, 0x0)

3.865561937s ago: executing program 6 (id=1248):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r1, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000000000000", 0xc)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e2b, 0xb, @private1={0xfc, 0x1, '\x00', 0x6}, 0x6}, 0x1c)

3.737365085s ago: executing program 3 (id=1249):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
socket$inet6(0xa, 0x2, 0x3a)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000007c0)=[{{&(0x7f00000002c0)={0x2, 0x4e22, @local}, 0x10, 0x0}}], 0x400005c, 0x2400c8a0)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000480)='}', 0x1}], 0x1)
accept4$unix(r1, 0x0, 0x0, 0x800)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$VIDIOC_DBG_S_REGISTER(0xffffffffffffffff, 0x4038564f, &(0x7f00000001c0)={{0x2, @name="b8c6e6f5afbfc109a47a71a6402ba1874e6f33852edeb9a06c19de9e4e8f4d38"}, 0x8, 0xffff, 0x3})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x1000000, 0x4}, 0x48)

2.710993968s ago: executing program 5 (id=1250):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
socket$inet6(0xa, 0x2, 0x3a)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000007c0)=[{{&(0x7f00000002c0)={0x2, 0x4e22, @local}, 0x10, 0x0}}], 0x400005c, 0x2400c8a0)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000480)='}', 0x1}], 0x1)
recvfrom$unix(0xffffffffffffffff, &(0x7f0000000240)=""/148, 0x94, 0x10100, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$VIDIOC_DBG_S_REGISTER(0xffffffffffffffff, 0x4038564f, &(0x7f00000001c0)={{0x2, @name="b8c6e6f5afbfc109a47a71a6402ba1874e6f33852edeb9a06c19de9e4e8f4d38"}, 0x8, 0xffff, 0x3})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x1000000, 0x4}, 0x48)

1.757539801s ago: executing program 2 (id=1251):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x200000100000011, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x0, 0x20000090}, 0x48091)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(0x0, r1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r2 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7278, 0x0, 0x2, 0x156}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
io_uring_enter(r2, 0x26c8, 0x0, 0x1, 0x0, 0x10)

1.161974098s ago: executing program 6 (id=1252):
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140))
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)

534.643373ms ago: executing program 3 (id=1253):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
socket(0x1d, 0x6, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x4f, &(0x7f00000000c0)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
r5 = syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x101)
dup3(0xffffffffffffffff, r5, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000900)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001ac0)={r0, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200"}})
dup(r1)
r6 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
io_uring_enter(r6, 0x627, 0x4c1, 0x9, 0x0, 0x18)

68.775805ms ago: executing program 5 (id=1254):
r0 = openat$sysfs(0xffffff9c, &(0x7f00000003c0)='/sys/power/pm_trace_dev_match', 0x20800, 0x2)
memfd_create(&(0x7f0000000000)=')\x00', 0x1)
close(0x3)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWSET={0x74, 0x9, 0xa, 0x3, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @quota={{0xa}, @void}}, @NFTA_SET_EXPR={0x50, 0x11, 0x0, 0x1, @dup={{0x8}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x13}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x1a}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x17}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x13}]}}}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x9c}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_procfs(0x0, &(0x7f00000000c0)='status\x00')
setgroups(0x400000000000026f, &(0x7f0000000080)=[0x0, 0xee00])
ioctl$HIDIOCGRDESC(0xffffffffffffffff, 0x90044802, 0x0)
bpf$BPF_GET_MAP_INFO(0x3, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x4008840)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r4, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r5 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendto$unix(r5, &(0x7f0000000440), 0x0, 0x800, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
finit_module(r0, 0x0, 0x3)

0s ago: executing program 4 (id=1255):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
socket(0x1d, 0x6, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x4f, &(0x7f00000000c0)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
r5 = syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x101)
dup3(0xffffffffffffffff, r5, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000900)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001ac0)={r0, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200"}})
dup(r1)
r6 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
io_uring_enter(r6, 0x627, 0x4c1, 0x9, 0x0, 0x18)

kernel console output (not intermixed with test programs):

as 2 endpoint descriptors, different from the interface descriptor's value: 18
[  605.095219][    T9] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  605.115142][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  605.145463][T10950] loop3: detected capacity change from 0 to 512
[  605.168175][    T9] usb 3-1: config 0 descriptor??
[  605.190586][T10950] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.951: casefold flag without casefold feature
[  605.344675][T10950] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.951: couldn't read orphan inode 15 (err -117)
[  605.392013][    T9] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 13 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  605.427619][T10950] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  605.457476][T10956] syz.5.950 (10956): drop_caches: 2
[  605.773531][    C0] usblp0: nonzero read bulk status received: -71
[  605.784044][    T9] usb 3-1: USB disconnect, device number 13
[  605.952585][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  606.004467][T10939] usblp0: removed
[  607.481343][T10978] loop2: detected capacity change from 0 to 40427
[  607.491197][T10978] F2FS-fs (loop2): invalid crc value
[  607.557604][T10978] F2FS-fs (loop2): Start checkpoint disabled!
[  607.578969][T10978] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  607.956367][T10984] binder: BINDER_SET_CONTEXT_MGR already set
[  607.976578][T10984] binder: 10983:10984 ioctl 4018620d 200000000040 returned -16
[  608.038634][T10984] syz.5.958 (10984): drop_caches: 2
[  608.155386][ T3459] kworker/u8:11: attempt to access beyond end of device
[  608.155386][ T3459] loop2: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  608.201245][ T3459] kworker/u8:11: attempt to access beyond end of device
[  608.201245][ T3459] loop2: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  608.247716][ T3459] CPU: 0 UID: 0 PID: 3459 Comm: kworker/u8:11 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  608.247753][ T3459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  608.247764][ T3459] Workqueue: writeback wb_workfn (flush-7:2)
[  608.247795][ T3459] Call Trace:
[  608.247802][ T3459]  <TASK>
[  608.247811][ T3459]  dump_stack_lvl+0x189/0x250
[  608.247842][ T3459]  ? __pfx_dump_stack_lvl+0x10/0x10
[  608.247864][ T3459]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  608.247887][ T3459]  ? __pfx_queue_work_on+0x10/0x10
[  608.247913][ T3459]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  608.247936][ T3459]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  608.247961][ T3459]  ? f2fs_hw_is_readonly+0x39b/0x470
[  608.247989][ T3459]  f2fs_handle_critical_error+0x37c/0x540
[  608.248018][ T3459]  f2fs_write_end_io+0x495/0x810
[  608.248040][ T3459]  ? blkg_put+0x22/0x240
[  608.248079][ T3459]  __submit_merged_bio+0x27a/0x6a0
[  608.248110][ T3459]  __submit_merged_write_cond+0x255/0x530
[  608.248141][ T3459]  f2fs_write_data_pages+0x261d/0x3000
[  608.248206][ T3459]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  608.248327][ T3459]  ? f2fs_write_meta_pages+0x357/0x450
[  608.248363][ T3459]  ? __lock_acquire+0xab9/0xd20
[  608.248389][ T3459]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  608.248414][ T3459]  do_writepages+0x32e/0x550
[  608.248444][ T3459]  ? reacquire_held_locks+0x127/0x1d0
[  608.248465][ T3459]  ? writeback_sb_inodes+0x384/0x1010
[  608.248499][ T3459]  __writeback_single_inode+0x145/0xff0
[  608.248523][ T3459]  ? do_raw_spin_unlock+0x122/0x240
[  608.248551][ T3459]  writeback_sb_inodes+0x6c7/0x1010
[  608.248608][ T3459]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  608.248683][ T3459]  ? rcu_is_watching+0x15/0xb0
[  608.248719][ T3459]  wb_writeback+0x43b/0xaf0
[  608.248759][ T3459]  ? queue_io+0x3d1/0x590
[  608.248787][ T3459]  ? __pfx_wb_writeback+0x10/0x10
[  608.248822][ T3459]  ? _raw_spin_unlock_irq+0x23/0x50
[  608.248851][ T3459]  wb_workfn+0x409/0xef0
[  608.248892][ T3459]  ? __pfx_wb_workfn+0x10/0x10
[  608.248919][ T3459]  ? __lock_acquire+0xab9/0xd20
[  608.248954][ T3459]  ? process_scheduled_works+0x9ef/0x17b0
[  608.248984][ T3459]  ? _raw_spin_unlock_irq+0x23/0x50
[  608.249006][ T3459]  ? process_scheduled_works+0x9ef/0x17b0
[  608.249026][ T3459]  ? process_scheduled_works+0x9ef/0x17b0
[  608.249051][ T3459]  process_scheduled_works+0xae1/0x17b0
[  608.249111][ T3459]  ? __pfx_process_scheduled_works+0x10/0x10
[  608.249155][ T3459]  worker_thread+0x8a0/0xda0
[  608.249182][ T3459]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  608.249215][ T3459]  ? __kthread_parkme+0x7b/0x200
[  608.249252][ T3459]  kthread+0x70e/0x8a0
[  608.249275][ T3459]  ? __pfx_worker_thread+0x10/0x10
[  608.249296][ T3459]  ? __pfx_kthread+0x10/0x10
[  608.249317][ T3459]  ? _raw_spin_unlock_irq+0x23/0x50
[  608.249339][ T3459]  ? lockdep_hardirqs_on+0x9c/0x150
[  608.249361][ T3459]  ? __pfx_kthread+0x10/0x10
[  608.249381][ T3459]  ret_from_fork+0x3fc/0x770
[  608.249407][ T3459]  ? __pfx_ret_from_fork+0x10/0x10
[  608.249437][ T3459]  ? __switch_to_asm+0x39/0x70
[  608.249453][ T3459]  ? __switch_to_asm+0x33/0x70
[  608.249468][ T3459]  ? __pfx_kthread+0x10/0x10
[  608.249487][ T3459]  ret_from_fork_asm+0x1a/0x30
[  608.249526][ T3459]  </TASK>
[  608.250625][ T3459] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  608.598318][ T3459] CPU: 0 UID: 0 PID: 3459 Comm: kworker/u8:11 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  608.598346][ T3459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  608.598358][ T3459] Workqueue: writeback wb_workfn (flush-7:2)
[  608.598387][ T3459] Call Trace:
[  608.598394][ T3459]  <TASK>
[  608.598402][ T3459]  dump_stack_lvl+0x189/0x250
[  608.598429][ T3459]  ? __pfx_dump_stack_lvl+0x10/0x10
[  608.598451][ T3459]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  608.598472][ T3459]  ? __pfx_queue_work_on+0x10/0x10
[  608.598497][ T3459]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  608.598520][ T3459]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  608.598544][ T3459]  ? f2fs_hw_is_readonly+0x39b/0x470
[  608.598580][ T3459]  f2fs_handle_critical_error+0x37c/0x540
[  608.598607][ T3459]  f2fs_write_end_io+0x495/0x810
[  608.598629][ T3459]  ? blkg_put+0x22/0x240
[  608.598668][ T3459]  __submit_merged_bio+0x27a/0x6a0
[  608.598694][ T3459]  __submit_merged_write_cond+0x255/0x530
[  608.598723][ T3459]  f2fs_write_data_pages+0x261d/0x3000
[  608.598783][ T3459]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  608.598898][ T3459]  ? f2fs_write_meta_pages+0x357/0x450
[  608.598927][ T3459]  ? __lock_acquire+0xab9/0xd20
[  608.598953][ T3459]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  608.598982][ T3459]  do_writepages+0x32e/0x550
[  608.599012][ T3459]  ? reacquire_held_locks+0x127/0x1d0
[  608.599032][ T3459]  ? writeback_sb_inodes+0x384/0x1010
[  608.599060][ T3459]  __writeback_single_inode+0x145/0xff0
[  608.599081][ T3459]  ? do_raw_spin_unlock+0x122/0x240
[  608.599101][ T3459]  writeback_sb_inodes+0x6c7/0x1010
[  608.599155][ T3459]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  608.599227][ T3459]  ? rcu_is_watching+0x15/0xb0
[  608.599261][ T3459]  wb_writeback+0x43b/0xaf0
[  608.599292][ T3459]  ? queue_io+0x3d1/0x590
[  608.599319][ T3459]  ? __pfx_wb_writeback+0x10/0x10
[  608.599353][ T3459]  ? _raw_spin_unlock_irq+0x23/0x50
[  608.599379][ T3459]  wb_workfn+0x409/0xef0
[  608.599415][ T3459]  ? __pfx_wb_workfn+0x10/0x10
[  608.599439][ T3459]  ? __lock_acquire+0xab9/0xd20
[  608.599472][ T3459]  ? process_scheduled_works+0x9ef/0x17b0
[  608.599503][ T3459]  ? _raw_spin_unlock_irq+0x23/0x50
[  608.599525][ T3459]  ? process_scheduled_works+0x9ef/0x17b0
[  608.599546][ T3459]  ? process_scheduled_works+0x9ef/0x17b0
[  608.599571][ T3459]  process_scheduled_works+0xae1/0x17b0
[  608.599632][ T3459]  ? __pfx_process_scheduled_works+0x10/0x10
[  608.599678][ T3459]  worker_thread+0x8a0/0xda0
[  608.599704][ T3459]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  608.599738][ T3459]  ? __kthread_parkme+0x7b/0x200
[  608.599774][ T3459]  kthread+0x70e/0x8a0
[  608.599796][ T3459]  ? __pfx_worker_thread+0x10/0x10
[  608.599818][ T3459]  ? __pfx_kthread+0x10/0x10
[  608.599838][ T3459]  ? _raw_spin_unlock_irq+0x23/0x50
[  608.599861][ T3459]  ? lockdep_hardirqs_on+0x9c/0x150
[  608.599884][ T3459]  ? __pfx_kthread+0x10/0x10
[  608.599903][ T3459]  ret_from_fork+0x3fc/0x770
[  608.599930][ T3459]  ? __pfx_ret_from_fork+0x10/0x10
[  608.599960][ T3459]  ? __switch_to_asm+0x39/0x70
[  608.599983][ T3459]  ? __switch_to_asm+0x33/0x70
[  608.599999][ T3459]  ? __pfx_kthread+0x10/0x10
[  608.600018][ T3459]  ret_from_fork_asm+0x1a/0x30
[  608.600057][ T3459]  </TASK>
[  608.600066][ T3459] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  608.936896][ T6157] kworker/u8:13 (6157) used greatest stack depth: 18016 bytes left
[  609.016709][T10982] loop3: detected capacity change from 0 to 32768
[  609.171230][T10991] loop1: detected capacity change from 0 to 32768
[  609.469199][T10982] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  609.469228][T10982]   allowing incompatible features above 0.0: (unknown version)
[  609.469240][T10982]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  609.550840][T10991] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded=yes,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow
[  609.550869][T10991]   allowing incompatible features above 0.0: (unknown version)
[  609.550881][T10991]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  609.550910][T10991] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  609.551211][T10991] bcachefs (loop1): recovering from clean shutdown, journal seq 10
[  609.551483][T10991] bcachefs (loop1): Version upgrade required:
[  609.551483][T10991] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  609.551483][T10991] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  609.551483][T10991]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  609.551945][T10991] bcachefs (loop1): dropping and reconstructing all alloc info
[  609.765724][T10991] bcachefs (loop1): accounting_read... done
[  609.855845][T10991] bcachefs (loop1): alloc_read... done
[  609.856304][T10991] bcachefs (loop1): snapshots_read... done
[  609.858028][T10991] bcachefs (loop1): done starting filesystem
[  610.074553][ T5833] bcachefs (loop1): shutting down
[  610.191875][T10982] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  610.200166][T10982] bcachefs (loop3): initializing new filesystem
[  610.215045][T10982] bcachefs (loop3): going read-write
[  610.252506][T10982] bcachefs (loop3): marking superblocks
[  610.338899][T11022] siw: device registration error -23
[  611.139622][T10982] bcachefs (loop3): initializing freespace
[  611.431063][T11021] loop2: detected capacity change from 0 to 4096
[  611.443388][T11027] loop4: detected capacity change from 0 to 512
[  611.458200][T10982] bcachefs (loop3): done initializing freespace
[  611.507422][T11027] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.965: casefold flag without casefold feature
[  611.517817][T10982] bcachefs (loop3): reading snapshots table
[  611.540979][T10982] bcachefs (loop3): reading snapshots done
[  611.577639][T11030] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  611.622932][T11027] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.965: couldn't read orphan inode 15 (err -117)
[  611.670720][T11027] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  611.716860][T10982] bcachefs (loop3): done starting filesystem
[  611.915299][T10982] syz.3.956 (10982) used greatest stack depth: 16216 bytes left
[  611.934078][ T5837] bcachefs (loop3): shutting down
[  611.966569][ T5837] bcachefs (loop3): going read-only
[  611.973477][ T5837] bcachefs (loop3): finished waiting for writes to stop
[  611.994680][ T5837] bcachefs (loop3): flushing journal and stopping allocators, journal seq 3
[  612.030672][ T5837] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 4
[  612.040684][T11035] loop5: detected capacity change from 0 to 2048
[  612.060548][ T5837] bcachefs (loop3): clean shutdown complete, journal seq 5
[  612.070310][ T5837] bcachefs (loop3): marking filesystem clean
[  612.115980][T11035] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  612.146460][T11035] ext4 filesystem being mounted at /126/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  612.163193][ T5837] bcachefs (loop3): shutdown complete
[  612.199793][T11039] binder: BINDER_SET_CONTEXT_MGR already set
[  612.226627][T11039] binder: 11038:11039 ioctl 4018620d 200000000040 returned -16
[  612.234829][   T30] audit: type=1800 audit(1751438294.537:36): pid=11035 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.967" name="file0" dev="loop5" ino=13 res=0 errno=0
[  612.340113][ T5843] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  612.351614][T11039] syz.2.969 (11039): drop_caches: 2
[  612.650778][T11043] loop4: detected capacity change from 0 to 2048
[  612.871265][T11043] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  612.917784][T11043] ext4 filesystem being mounted at /194/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  612.935249][T11035] fs-verity (loop5, inode 13): Error -4 building Merkle tree
[  613.011568][   T30] audit: type=1800 audit(1751438295.327:37): pid=11043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.970" name="file0" dev="loop4" ino=13 res=0 errno=0
[  613.094142][ T7315] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  613.402231][T11054] loop3: detected capacity change from 0 to 1024
[  613.419431][T11054] EXT4-fs: inline encryption not supported
[  613.434464][T11054] EXT4-fs: Ignoring removed bh option
[  613.507426][T11054] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  613.638895][T11043] fs-verity (loop4, inode 13): Error -4 building Merkle tree
[  613.689342][ T5843] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  613.761636][T11054] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.968: Allocating blocks 497-513 which overlap fs metadata
[  613.803858][T11045] loop2: detected capacity change from 0 to 40427
[  613.820782][T11045] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  613.832080][T11045] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  613.849632][T11045] F2FS-fs (loop2): build fault injection rate: 17008
[  613.860090][T11054] EXT4-fs (loop3): Remounting filesystem read-only
[  613.881617][T11045] F2FS-fs (loop2): build fault injection type: 0x1f8
[  613.909275][T11045] F2FS-fs (loop2): invalid crc value
[  613.959969][T11054] EXT4-fs (loop3): pa ffff88803200e2b8: logic 256, phys. 385, len 8
[  614.283895][T11066] syz.4.974 (11066): drop_caches: 2
[  614.331378][T11045] F2FS-fs (loop2): Start checkpoint disabled!
[  614.385495][T11045] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  614.392560][T11045] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  614.442020][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  614.537390][ T1105] kworker/u8:6: attempt to access beyond end of device
[  614.537390][ T1105] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  614.571850][ T1105] CPU: 1 UID: 0 PID: 1105 Comm: kworker/u8:6 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  614.571878][ T1105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  614.571890][ T1105] Workqueue: writeback wb_workfn (flush-7:2)
[  614.571921][ T1105] Call Trace:
[  614.571929][ T1105]  <TASK>
[  614.571938][ T1105]  dump_stack_lvl+0x189/0x250
[  614.571970][ T1105]  ? __pfx_dump_stack_lvl+0x10/0x10
[  614.571991][ T1105]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  614.572015][ T1105]  ? __pfx_queue_work_on+0x10/0x10
[  614.572040][ T1105]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  614.572082][ T1105]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  614.572106][ T1105]  ? f2fs_hw_is_readonly+0x39b/0x470
[  614.572136][ T1105]  f2fs_handle_critical_error+0x37c/0x540
[  614.572166][ T1105]  f2fs_write_end_io+0x495/0x810
[  614.572187][ T1105]  ? blkg_put+0x22/0x240
[  614.572228][ T1105]  __submit_merged_bio+0x27a/0x6a0
[  614.572258][ T1105]  __submit_merged_write_cond+0x255/0x530
[  614.572289][ T1105]  f2fs_write_data_pages+0x261d/0x3000
[  614.572361][ T1105]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  614.572401][ T1105]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  614.572467][ T1105]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  614.572506][ T1105]  ? trace_f2fs_writepages+0x7f/0x200
[  614.572531][ T1105]  ? f2fs_write_node_pages+0x478/0x6e0
[  614.572558][ T1105]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  614.572599][ T1105]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  614.572624][ T1105]  do_writepages+0x32e/0x550
[  614.572655][ T1105]  ? reacquire_held_locks+0x127/0x1d0
[  614.572678][ T1105]  ? writeback_sb_inodes+0x384/0x1010
[  614.572713][ T1105]  __writeback_single_inode+0x145/0xff0
[  614.572737][ T1105]  ? do_raw_spin_unlock+0x122/0x240
[  614.572760][ T1105]  writeback_sb_inodes+0x6c7/0x1010
[  614.572813][ T1105]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  614.572889][ T1105]  ? rcu_is_watching+0x15/0xb0
[  614.572925][ T1105]  wb_writeback+0x43b/0xaf0
[  614.572958][ T1105]  ? queue_io+0x3d1/0x590
[  614.572987][ T1105]  ? __pfx_wb_writeback+0x10/0x10
[  614.573021][ T1105]  ? _raw_spin_unlock_irq+0x23/0x50
[  614.573051][ T1105]  wb_workfn+0x409/0xef0
[  614.573091][ T1105]  ? __pfx_wb_workfn+0x10/0x10
[  614.573118][ T1105]  ? __lock_acquire+0xab9/0xd20
[  614.573153][ T1105]  ? process_scheduled_works+0x9ef/0x17b0
[  614.573185][ T1105]  ? _raw_spin_unlock_irq+0x23/0x50
[  614.573206][ T1105]  ? process_scheduled_works+0x9ef/0x17b0
[  614.573227][ T1105]  ? process_scheduled_works+0x9ef/0x17b0
[  614.573252][ T1105]  process_scheduled_works+0xae1/0x17b0
[  614.573313][ T1105]  ? __pfx_process_scheduled_works+0x10/0x10
[  614.573365][ T1105]  worker_thread+0x8a0/0xda0
[  614.573421][ T1105]  kthread+0x70e/0x8a0
[  614.573444][ T1105]  ? __pfx_worker_thread+0x10/0x10
[  614.573466][ T1105]  ? __pfx_kthread+0x10/0x10
[  614.573486][ T1105]  ? _raw_spin_unlock_irq+0x23/0x50
[  614.573507][ T1105]  ? lockdep_hardirqs_on+0x9c/0x150
[  614.573528][ T1105]  ? __pfx_kthread+0x10/0x10
[  614.573546][ T1105]  ret_from_fork+0x3fc/0x770
[  614.573572][ T1105]  ? __pfx_ret_from_fork+0x10/0x10
[  614.573601][ T1105]  ? __switch_to_asm+0x39/0x70
[  614.573617][ T1105]  ? __switch_to_asm+0x33/0x70
[  614.573631][ T1105]  ? __pfx_kthread+0x10/0x10
[  614.573648][ T1105]  ret_from_fork_asm+0x1a/0x30
[  614.573682][ T1105]  </TASK>
[  614.573690][ T1105] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  615.501958][T11074] loop3: detected capacity change from 0 to 4096
[  615.570419][T11075] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  616.082872][T11079] loop4: detected capacity change from 0 to 2048
[  616.189998][T11079] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  616.298331][T11079] ext4 filesystem being mounted at /196/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  616.404325][   T30] audit: type=1800 audit(1751438298.707:38): pid=11079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.979" name="file0" dev="loop4" ino=13 res=0 errno=0
[  617.229186][T11079] fs-verity (loop4, inode 13): Error -4 building Merkle tree
[  617.352053][ T5843] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  617.505773][T11094] binder: BINDER_SET_CONTEXT_MGR already set
[  617.532201][T11094] binder: 11092:11094 ioctl 4018620d 200000000040 returned -16
[  617.550370][T11093] syz.2.980 (11093): drop_caches: 2
[  617.569996][T11094] syz.4.981 (11094): drop_caches: 2
[  617.585372][T11077] loop3: detected capacity change from 0 to 32768
[  617.820220][T11077] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  617.820249][T11077]   allowing incompatible features above 0.0: (unknown version)
[  617.820260][T11077]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  617.888120][T11077] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  617.899303][T11077] bcachefs (loop3): initializing new filesystem
[  617.916565][T11077] bcachefs (loop3): going read-write
[  617.937816][T11077] bcachefs (loop3): marking superblocks
[  617.972277][T11077] bcachefs (loop3): initializing freespace
[  617.996018][T11077] bcachefs (loop3): done initializing freespace
[  618.019106][T11077] bcachefs (loop3): reading snapshots table
[  618.025229][T11077] bcachefs (loop3): reading snapshots done
[  618.053270][T11077] bcachefs (loop3): done starting filesystem
[  618.120963][   T30] audit: type=1804 audit(1751438300.437:39): pid=11077 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.978" name="/newroot/211/bus/bus" dev="loop3" ino=4098 res=1 errno=0
[  618.205268][ T5837] bcachefs (loop3): shutting down
[  618.234277][ T5837] bcachefs (loop3): going read-only
[  618.251712][ T5837] bcachefs (loop3): finished waiting for writes to stop
[  618.260924][ T5837] bcachefs (loop3): flushing journal and stopping allocators, journal seq 3
[  618.366278][ T5837] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 3
[  618.387203][ T5837] bcachefs (loop3): clean shutdown complete, journal seq 4
[  618.397770][ T5837] bcachefs (loop3): marking filesystem clean
[  618.506744][ T5837] bcachefs (loop3): shutdown complete
[  618.871732][T11112] loop2: detected capacity change from 0 to 512
[  618.974805][T11112] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.985: casefold flag without casefold feature
[  619.018176][T11112] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.985: couldn't read orphan inode 15 (err -117)
[  619.060996][T11112] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  619.401789][T11118] siw: device registration error -23
[  620.603400][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  620.840974][T11122] syz.3.983 (11122): drop_caches: 2
[  622.495300][T11134] syz.5.988 (11134): drop_caches: 2
[  623.383874][T11139] syz.4.990 (11139): drop_caches: 2
[  623.612820][T11136] loop2: detected capacity change from 0 to 32768
[  623.748152][T11136] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.989 (11136)
[  623.782240][T11136] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  623.796515][T11136] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm
[  623.807218][T11136] BTRFS info (device loop2): using free-space-tree
[  624.303984][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  624.310770][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  624.457068][T11160] binder: 11159:11160 ioctl c0306201 0 returned -14
[  624.473654][T11160] syz.5.992 (11160): drop_caches: 2
[  624.627048][T11136] BTRFS info (device loop2): rebuilding free space tree
[  624.854390][   T30] audit: type=1804 audit(1751438307.157:40): pid=11170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.989" name="/newroot/198/bus/bus" dev="loop2" ino=263 res=1 errno=0
[  625.204453][ T5835] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  625.260155][T11168] siw: device registration error -23
[  625.376979][T11175] siw: device registration error -23
[  626.102888][T11177] loop3: detected capacity change from 0 to 256
[  627.877178][T11191] siw: device registration error -23
[  628.421114][T11195] siw: device registration error -23
[  629.145266][ T5851] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  629.156482][ T5851] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  629.165608][ T5851] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  629.178814][ T5851] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  629.196592][ T5851] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  629.210757][T11026] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  629.261861][T11026] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  629.269431][T11026] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  629.289992][T11026] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  629.300516][T11026] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  629.376936][T11201] siw: device registration error -23
[  629.965037][T11198] lo speed is unknown, defaulting to 1000
[  630.338112][T11205] binder: 11204:11205 ioctl c0306201 0 returned -14
[  630.451473][T11208] siw: device registration error -23
[  631.163188][T11205] syz.2.1003 (11205): drop_caches: 2
[  631.239805][T11212] syz.2.1007 (11212): drop_caches: 2
[  631.507776][T11198] chnl_net:caif_netlink_parms(): no params data found
[  632.035561][ T5851] Bluetooth: hci1: command tx timeout
[  632.279042][  T978] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  632.498135][T11198] bridge0: port 1(bridge_slave_0) entered blocking state
[  632.507948][T11198] bridge0: port 1(bridge_slave_0) entered disabled state
[  632.514455][  T978] usb 3-1: Using ep0 maxpacket: 8
[  632.526004][  T978] usb 3-1: config 0 has no interfaces?
[  632.528251][T11198] bridge_slave_0: entered allmulticast mode
[  632.537065][  T978] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  632.557995][  T978] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  632.565330][T11198] bridge_slave_0: entered promiscuous mode
[  632.590354][T11198] bridge0: port 2(bridge_slave_1) entered blocking state
[  632.603587][  T978] usb 3-1: config 0 descriptor??
[  632.607942][T11198] bridge0: port 2(bridge_slave_1) entered disabled state
[  632.634588][T11198] bridge_slave_1: entered allmulticast mode
[  632.653978][T11198] bridge_slave_1: entered promiscuous mode
[  632.769781][T11232] loop4: detected capacity change from 0 to 256
[  633.043832][T11214] loop3: detected capacity change from 0 to 40427
[  633.985909][T11238] siw: device registration error -23
[  634.054298][ T5851] Bluetooth: hci1: command tx timeout
[  634.065636][T11214] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[  634.159774][  T978] usb 3-1: USB disconnect, device number 14
[  634.175881][T11214] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  634.261308][T11198] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  634.421761][T11198] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  634.490463][T11214] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  634.510360][T11214] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  634.708083][T11198] team0: Port device team_slave_0 added
[  634.743705][T11198] team0: Port device team_slave_1 added
[  634.884293][T11251] siw: device registration error -23
[  635.380417][T11198] batman_adv: batadv0: Adding interface: batadv_slave_0
[  635.401248][T11198] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  635.529990][T11198] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  635.750293][T11255] siw: device registration error -23
[  636.194500][ T5851] Bluetooth: hci1: command tx timeout
[  636.354907][T11198] batman_adv: batadv0: Adding interface: batadv_slave_1
[  636.361878][T11198] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  636.394849][T11198] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  636.561937][T11198] hsr_slave_0: entered promiscuous mode
[  636.589205][T11198] hsr_slave_1: entered promiscuous mode
[  636.610718][T11198] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  636.635039][T11198] Cannot create hsr debugfs directory
[  636.793307][T11262] siw: device registration error -23
[  637.289532][ T5893] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  637.446811][ T5893] usb 6-1: Using ep0 maxpacket: 32
[  637.469108][T11248] siw: device registration error -23
[  637.496860][ T5893] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  637.526963][ T5893] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  637.556237][ T5893] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  637.586723][ T5893] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  637.606810][ T5893] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  637.637703][ T5893] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  637.684629][ T5893] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  637.712123][ T5893] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  637.741975][ T5893] usb 6-1: config 0 descriptor??
[  638.040717][T11198] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  638.070021][T11198] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  638.097623][T11198] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  638.112715][T11264] loop3: detected capacity change from 0 to 32768
[  638.142567][T11198] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  638.324922][T11264] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  638.324949][T11264]   allowing incompatible features above 0.0: (unknown version)
[  638.324961][T11264]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  638.373890][T11264] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  638.388028][ T5851] Bluetooth: hci1: command tx timeout
[  638.393545][T11264] bcachefs (loop3): initializing new filesystem
[  638.416225][T11264] bcachefs (loop3): going read-write
[  638.440729][T11266] loop2: detected capacity change from 0 to 40427
[  638.452766][T11264] bcachefs (loop3): marking superblocks
[  638.497480][T11266] F2FS-fs (loop2): invalid crc value
[  638.509043][T11198] 8021q: adding VLAN 0 to HW filter on device bond0
[  638.510936][T11264] bcachefs (loop3): initializing freespace
[  638.567737][T11264] bcachefs (loop3): done initializing freespace
[  638.591430][T11198] 8021q: adding VLAN 0 to HW filter on device team0
[  638.603702][T11264] bcachefs (loop3): reading snapshots table
[  638.641252][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  638.648461][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  638.666396][T11264] bcachefs (loop3): reading snapshots done
[  638.679405][ T3459] bridge0: port 2(bridge_slave_1) entered blocking state
[  638.686596][ T3459] bridge0: port 2(bridge_slave_1) entered forwarding state
[  638.700016][T11266] F2FS-fs (loop2): Start checkpoint disabled!
[  638.730267][T11266] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  638.832678][T11289] syz.4.1018 (11289): drop_caches: 2
[  638.890712][T11264] bcachefs (loop3): done starting filesystem
[  639.316905][   T30] audit: type=1804 audit(1751438321.617:41): pid=11264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1014" name="/newroot/220/bus/bus" dev="loop3" ino=4098 res=1 errno=0
[  639.615822][   T10] usb 6-1: USB disconnect, device number 4
[  639.623248][   T13] kworker/u8:1: attempt to access beyond end of device
[  639.623248][   T13] loop2: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  639.623855][   T13] kworker/u8:1: attempt to access beyond end of device
[  639.623855][   T13] loop2: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  639.623921][   T13] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  639.623942][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  639.623953][   T13] Workqueue: writeback wb_workfn (flush-7:2)
[  639.623982][   T13] Call Trace:
[  639.623990][   T13]  <TASK>
[  639.623998][   T13]  dump_stack_lvl+0x189/0x250
[  639.624027][   T13]  ? __pfx_dump_stack_lvl+0x10/0x10
[  639.624057][   T13]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  639.624081][   T13]  ? __pfx_queue_work_on+0x10/0x10
[  639.624105][   T13]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  639.624127][   T13]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  639.624153][   T13]  ? f2fs_hw_is_readonly+0x39b/0x470
[  639.624176][   T13]  f2fs_handle_critical_error+0x37c/0x540
[  639.624203][   T13]  f2fs_write_end_io+0x495/0x810
[  639.624225][   T13]  ? blkg_put+0x22/0x240
[  639.624261][   T13]  __submit_merged_bio+0x27a/0x6a0
[  639.624288][   T13]  __submit_merged_write_cond+0x255/0x530
[  639.624317][   T13]  f2fs_write_data_pages+0x261d/0x3000
[  639.624371][   T13]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  639.624474][   T13]  ? f2fs_write_meta_pages+0x357/0x450
[  639.624506][   T13]  ? __lock_acquire+0xab9/0xd20
[  639.624530][   T13]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  639.624554][   T13]  do_writepages+0x32e/0x550
[  639.624581][   T13]  ? reacquire_held_locks+0x127/0x1d0
[  639.624601][   T13]  ? writeback_sb_inodes+0x384/0x1010
[  639.624627][   T13]  __writeback_single_inode+0x145/0xff0
[  639.624649][   T13]  ? do_raw_spin_unlock+0x122/0x240
[  639.624670][   T13]  writeback_sb_inodes+0x6c7/0x1010
[  639.624718][   T13]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  639.624787][   T13]  ? rcu_is_watching+0x15/0xb0
[  639.624819][   T13]  wb_writeback+0x43b/0xaf0
[  639.624848][   T13]  ? queue_io+0x3d1/0x590
[  639.624873][   T13]  ? __pfx_wb_writeback+0x10/0x10
[  639.624903][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  639.624929][   T13]  wb_workfn+0x409/0xef0
[  639.624963][   T13]  ? __pfx_wb_workfn+0x10/0x10
[  639.624987][   T13]  ? __lock_acquire+0xab9/0xd20
[  639.625017][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  639.625044][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  639.625065][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  639.625084][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  639.625106][   T13]  process_scheduled_works+0xae1/0x17b0
[  639.625156][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  639.625194][   T13]  worker_thread+0x8a0/0xda0
[  639.625242][   T13]  kthread+0x70e/0x8a0
[  639.625261][   T13]  ? __pfx_worker_thread+0x10/0x10
[  639.625281][   T13]  ? __pfx_kthread+0x10/0x10
[  639.625299][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  639.625320][   T13]  ? lockdep_hardirqs_on+0x9c/0x150
[  639.625341][   T13]  ? __pfx_kthread+0x10/0x10
[  639.625358][   T13]  ret_from_fork+0x3fc/0x770
[  639.625381][   T13]  ? __pfx_ret_from_fork+0x10/0x10
[  639.625408][   T13]  ? __switch_to_asm+0x39/0x70
[  639.625423][   T13]  ? __switch_to_asm+0x33/0x70
[  639.625438][   T13]  ? __pfx_kthread+0x10/0x10
[  639.625456][   T13]  ret_from_fork_asm+0x1a/0x30
[  639.625488][   T13]  </TASK>
[  639.626186][   T13] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  639.965979][ T5837] bcachefs (loop3): shutting down
[  639.971025][ T5837] bcachefs (loop3): going read-only
[  640.012899][   T13] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  640.012925][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  640.012936][   T13] Workqueue: writeback wb_workfn (flush-7:2)
[  640.012966][   T13] Call Trace:
[  640.012973][   T13]  <TASK>
[  640.012980][   T13]  dump_stack_lvl+0x189/0x250
[  640.013007][   T13]  ? __pfx_dump_stack_lvl+0x10/0x10
[  640.013026][   T13]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  640.013048][   T13]  ? __pfx_queue_work_on+0x10/0x10
[  640.013072][   T13]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  640.013092][   T13]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  640.013115][   T13]  ? f2fs_hw_is_readonly+0x39b/0x470
[  640.013141][   T13]  f2fs_handle_critical_error+0x37c/0x540
[  640.013170][   T13]  f2fs_write_end_io+0x495/0x810
[  640.013191][   T13]  ? blkg_put+0x22/0x240
[  640.013224][   T13]  __submit_merged_bio+0x27a/0x6a0
[  640.013253][   T13]  __submit_merged_write_cond+0x255/0x530
[  640.013282][   T13]  f2fs_write_data_pages+0x261d/0x3000
[  640.013348][   T13]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  640.013474][   T13]  ? f2fs_write_meta_pages+0x357/0x450
[  640.013509][   T13]  ? __lock_acquire+0xab9/0xd20
[  640.013543][   T13]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  640.013568][   T13]  do_writepages+0x32e/0x550
[  640.013600][   T13]  ? reacquire_held_locks+0x127/0x1d0
[  640.013622][   T13]  ? writeback_sb_inodes+0x384/0x1010
[  640.013655][   T13]  __writeback_single_inode+0x145/0xff0
[  640.013679][   T13]  ? do_raw_spin_unlock+0x122/0x240
[  640.013702][   T13]  writeback_sb_inodes+0x6c7/0x1010
[  640.013760][   T13]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  640.013833][   T13]  ? rcu_is_watching+0x15/0xb0
[  640.013869][   T13]  wb_writeback+0x43b/0xaf0
[  640.013904][   T13]  ? queue_io+0x3d1/0x590
[  640.013932][   T13]  ? __pfx_wb_writeback+0x10/0x10
[  640.013966][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  640.013995][   T13]  wb_workfn+0x409/0xef0
[  640.014036][   T13]  ? __pfx_wb_workfn+0x10/0x10
[  640.014064][   T13]  ? __lock_acquire+0xab9/0xd20
[  640.014098][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  640.014128][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  640.014153][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  640.014169][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  640.014192][   T13]  process_scheduled_works+0xae1/0x17b0
[  640.014242][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  640.014287][   T13]  worker_thread+0x8a0/0xda0
[  640.014343][   T13]  kthread+0x70e/0x8a0
[  640.014366][   T13]  ? __pfx_worker_thread+0x10/0x10
[  640.014388][   T13]  ? __pfx_kthread+0x10/0x10
[  640.014408][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  640.014431][   T13]  ? lockdep_hardirqs_on+0x9c/0x150
[  640.014453][   T13]  ? __pfx_kthread+0x10/0x10
[  640.014471][   T13]  ret_from_fork+0x3fc/0x770
[  640.014496][   T13]  ? __pfx_ret_from_fork+0x10/0x10
[  640.014523][   T13]  ? __switch_to_asm+0x39/0x70
[  640.014544][   T13]  ? __switch_to_asm+0x33/0x70
[  640.014557][   T13]  ? __pfx_kthread+0x10/0x10
[  640.014574][   T13]  ret_from_fork_asm+0x1a/0x30
[  640.014612][   T13]  </TASK>
[  640.312681][ T5837] bcachefs (loop3): finished waiting for writes to stop
[  640.341183][ T5837] bcachefs (loop3): flushing journal and stopping allocators, journal seq 3
[  640.468047][   T13] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  640.582633][ T5837] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 4
[  640.638965][ T5837] bcachefs (loop3): clean shutdown complete, journal seq 5
[  640.650901][T11198] 8021q: adding VLAN 0 to HW filter on device batadv0
[  640.665111][ T5837] bcachefs (loop3): marking filesystem clean
[  640.830638][ T5837] bcachefs (loop3): shutdown complete
[  640.965021][T11304] siw: device registration error -23
[  641.570163][T11198] veth0_vlan: entered promiscuous mode
[  641.603457][T11198] veth1_vlan: entered promiscuous mode
[  641.656776][T11311] loop2: detected capacity change from 0 to 2048
[  641.673194][T11198] veth0_macvtap: entered promiscuous mode
[  641.696246][T11198] veth1_macvtap: entered promiscuous mode
[  641.745814][T11198] batman_adv: batadv0: Interface activated: batadv_slave_0
[  641.757126][T11311] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  641.768199][T11198] batman_adv: batadv0: Interface activated: batadv_slave_1
[  641.772358][T11317] siw: device registration error -23
[  641.905151][T11311] ext4 filesystem being mounted at /206/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  641.964486][ T1165] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  642.029260][   T30] audit: type=1800 audit(1751438324.337:42): pid=11311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1021" name="file0" dev="loop2" ino=13 res=0 errno=0
[  642.126080][T11320] siw: device registration error -23
[  642.244210][ T1165] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  642.253387][ T1165] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  642.390968][ T1165] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  642.691416][ T1136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  642.792878][ T1136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  642.796242][T11311] fs-verity (loop2, inode 13): Error -4 building Merkle tree
[  642.882633][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  642.905058][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  642.907513][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  643.190184][T11327] loop6: detected capacity change from 0 to 512
[  643.235308][T11327] EXT4-fs: Ignoring removed nomblk_io_submit option
[  643.369541][T11327] EXT4-fs (loop6): can't mount with data_err=abort, fs mounted w/o journal
[  644.763670][T11346] siw: device registration error -23
[  644.782331][T11343] loop5: detected capacity change from 0 to 32768
[  644.790796][T11343] XFS: ikeep mount option is deprecated.
[  645.017984][T11343] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  645.551164][T11343] XFS (loop5): Ending clean mount
[  645.583881][T11343] XFS (loop5): Quotacheck needed: Please wait.
[  645.866339][T11343] XFS (loop5): Quotacheck: Done.
[  646.917050][T11367] siw: device registration error -23
[  647.467840][ T7315] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  647.906189][T11371] loop2: detected capacity change from 0 to 32768
[  647.913641][T11371] XFS: ikeep mount option is deprecated.
[  648.010696][T11371] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  648.151034][T11371] XFS (loop2): Ending clean mount
[  648.167391][T11371] XFS (loop2): Quotacheck needed: Please wait.
[  648.258430][T11371] XFS (loop2): Quotacheck: Done.
[  648.616058][T11383] loop5: detected capacity change from 0 to 32768
[  648.623518][T11383] XFS: ikeep mount option is deprecated.
[  649.293885][T11383] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  649.315814][ T5835] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  649.553171][T11383] XFS (loop5): Ending clean mount
[  649.650683][T11397] loop6: detected capacity change from 0 to 32768
[  649.658166][T11397] XFS: ikeep mount option is deprecated.
[  649.869984][T11383] XFS (loop5): Quotacheck needed: Please wait.
[  650.297532][T11397] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  650.361578][T11383] XFS (loop5): Quotacheck: Done.
[  650.545469][T11397] XFS (loop6): Ending clean mount
[  650.552749][T11397] XFS (loop6): Quotacheck needed: Please wait.
[  650.697236][T11397] XFS (loop6): Quotacheck: Done.
[  651.434387][ T7315] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  652.668294][T11198] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  653.934902][T11433] loop5: detected capacity change from 0 to 512
[  654.179392][T11433] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.1041: casefold flag without casefold feature
[  654.212369][T11433] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.1041: couldn't read orphan inode 15 (err -117)
[  654.228092][T11433] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  654.850083][T11446] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1048'.
[  654.946708][ T7315] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  655.991789][T11456] siw: device registration error -23
[  656.503696][  T978] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  656.709155][  T978] usb 6-1: Using ep0 maxpacket: 8
[  656.765800][  T978] usb 6-1: config 0 has no interfaces?
[  656.771316][  T978] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  656.873117][  T978] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  656.959969][  T978] usb 6-1: config 0 descriptor??
[  657.175570][T11462] loop3: detected capacity change from 0 to 32768
[  657.183017][T11462] XFS: ikeep mount option is deprecated.
[  657.190189][T11464] siw: device registration error -23
[  657.255127][T11462] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  657.332124][T11462] XFS (loop3): Ending clean mount
[  657.339545][T11462] XFS (loop3): Quotacheck needed: Please wait.
[  657.408479][T11462] XFS (loop3): Quotacheck: Done.
[  657.854094][T10259] usb 6-1: USB disconnect, device number 5
[  658.431837][ T5837] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  660.524724][T11486] siw: device registration error -23
[  661.254093][T11492] siw: device registration error -23
[  661.915100][T11503] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  661.930849][T11503] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  661.945817][T11503] iommufd_mock iommufd_mock2: Adding to iommu group 2
[  662.050731][T11505] siw: device registration error -23
[  662.983957][T11513] siw: device registration error -23
[  663.694463][T11514] siw: device registration error -23
[  664.975888][T11523] loop2: detected capacity change from 0 to 256
[  665.036002][T11523] exFAT-fs (loop2): failed to read boot sector
[  665.091484][T11523] exFAT-fs (loop2): failed to recognize exfat type
[  665.388042][T11525] loop4: detected capacity change from 0 to 32768
[  665.395446][T11525] XFS: ikeep mount option is deprecated.
[  665.917011][T11525] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  666.097341][T11525] XFS (loop4): Ending clean mount
[  666.103732][T11525] XFS (loop4): Quotacheck needed: Please wait.
[  666.194390][T11525] XFS (loop4): Quotacheck: Done.
[  666.252773][T11541] syz.2.1071 (11541): drop_caches: 2
[  667.424284][  T978] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  667.452145][ T5843] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  667.624773][  T978] usb 3-1: Using ep0 maxpacket: 8
[  667.637050][  T978] usb 3-1: config 0 has no interfaces?
[  667.649241][T11553] syz.3.1074 (11553): drop_caches: 2
[  667.663275][  T978] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  667.709692][  T978] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  667.895733][  T978] usb 3-1: config 0 descriptor??
[  668.586944][   T10] usb 3-1: USB disconnect, device number 15
[  668.707972][T11559] loop5: detected capacity change from 0 to 256
[  668.764279][T11559] exFAT-fs (loop5): failed to read boot sector
[  668.770461][T11559] exFAT-fs (loop5): failed to recognize exfat type
[  668.798106][T11562] loop4: detected capacity change from 0 to 512
[  670.111020][T11562] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.1075: casefold flag without casefold feature
[  670.393608][T11562] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1075: couldn't read orphan inode 15 (err -117)
[  670.842613][T11562] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  672.094499][T11577] siw: device registration error -23
[  672.610463][ T5843] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  673.704616][T11585] siw: device registration error -23
[  675.297110][T11592] loop2: detected capacity change from 0 to 256
[  675.441405][T11592] exFAT-fs (loop2): failed to read boot sector
[  675.812599][T11592] exFAT-fs (loop2): failed to recognize exfat type
[  676.853868][T11605] syz.6.1086 (11605): drop_caches: 2
[  678.041178][ T5950] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  678.391505][T11621] loop3: detected capacity change from 0 to 40427
[  678.397951][ T5950] usb 7-1: Using ep0 maxpacket: 8
[  678.406264][ T5950] usb 7-1: config 0 has no interfaces?
[  678.422037][ T5950] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  678.424959][T11621] F2FS-fs (loop3): invalid crc value
[  678.507539][T11626] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2
[  678.516945][T11626] netdevsim netdevsim2: Falling back to sysfs fallback for: ./file0
[  678.660834][T11621] F2FS-fs (loop3): Start checkpoint disabled!
[  678.676581][T11621] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  678.877374][ T5950] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  678.909844][ T5950] usb 7-1: config 0 descriptor??
[  679.182919][   T10] usb 7-1: USB disconnect, device number 2
[  679.247931][ T3459] kworker/u8:11: attempt to access beyond end of device
[  679.247931][ T3459] loop3: rw=1, sector=77824, nr_sectors = 3824 limit=40427
[  679.288060][ T3459] kworker/u8:11: attempt to access beyond end of device
[  679.288060][ T3459] loop3: rw=1, sector=81648, nr_sectors = 272 limit=40427
[  679.402616][ T3459] kworker/u8:11: attempt to access beyond end of device
[  679.402616][ T3459] loop3: rw=1, sector=49152, nr_sectors = 4096 limit=40427
[  679.507898][T11631] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  679.520306][T11631] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  679.619713][ T3459] kworker/u8:11: attempt to access beyond end of device
[  679.619713][ T3459] loop3: rw=1, sector=57344, nr_sectors = 8192 limit=40427
[  679.639920][ T3459] kworker/u8:11: attempt to access beyond end of device
[  679.639920][ T3459] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  679.659114][ T3459] CPU: 1 UID: 0 PID: 3459 Comm: kworker/u8:11 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  679.659141][ T3459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  679.659153][ T3459] Workqueue: writeback wb_workfn (flush-7:3)
[  679.659186][ T3459] Call Trace:
[  679.659193][ T3459]  <TASK>
[  679.659202][ T3459]  dump_stack_lvl+0x189/0x250
[  679.659233][ T3459]  ? __pfx_dump_stack_lvl+0x10/0x10
[  679.659255][ T3459]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  679.659280][ T3459]  ? __pfx_queue_work_on+0x10/0x10
[  679.659305][ T3459]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  679.659328][ T3459]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  679.659354][ T3459]  ? f2fs_hw_is_readonly+0x39b/0x470
[  679.659382][ T3459]  f2fs_handle_critical_error+0x37c/0x540
[  679.659443][ T3459]  f2fs_write_end_io+0x495/0x810
[  679.659466][ T3459]  ? blkg_put+0x22/0x240
[  679.659505][ T3459]  __submit_merged_bio+0x27a/0x6a0
[  679.659536][ T3459]  __submit_merged_write_cond+0x255/0x530
[  679.659568][ T3459]  f2fs_write_data_pages+0x261d/0x3000
[  679.659633][ T3459]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  679.659756][ T3459]  ? f2fs_write_meta_pages+0x357/0x450
[  679.659791][ T3459]  ? __lock_acquire+0xab9/0xd20
[  679.659818][ T3459]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  679.659843][ T3459]  do_writepages+0x32e/0x550
[  679.659873][ T3459]  ? reacquire_held_locks+0x127/0x1d0
[  679.659895][ T3459]  ? writeback_sb_inodes+0x384/0x1010
[  679.659929][ T3459]  __writeback_single_inode+0x145/0xff0
[  679.659952][ T3459]  ? do_raw_spin_unlock+0x122/0x240
[  679.659974][ T3459]  writeback_sb_inodes+0x6c7/0x1010
[  679.660030][ T3459]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  679.660107][ T3459]  ? rcu_is_watching+0x15/0xb0
[  679.660142][ T3459]  wb_writeback+0x43b/0xaf0
[  679.660176][ T3459]  ? queue_io+0x3d1/0x590
[  679.660203][ T3459]  ? __pfx_wb_writeback+0x10/0x10
[  679.660238][ T3459]  ? _raw_spin_unlock_irq+0x23/0x50
[  679.660267][ T3459]  wb_workfn+0x409/0xef0
[  679.660308][ T3459]  ? __pfx_wb_workfn+0x10/0x10
[  679.660335][ T3459]  ? __lock_acquire+0xab9/0xd20
[  679.660370][ T3459]  ? process_scheduled_works+0x9ef/0x17b0
[  679.660401][ T3459]  ? _raw_spin_unlock_irq+0x23/0x50
[  679.660428][ T3459]  ? process_scheduled_works+0x9ef/0x17b0
[  679.660448][ T3459]  ? process_scheduled_works+0x9ef/0x17b0
[  679.660473][ T3459]  process_scheduled_works+0xae1/0x17b0
[  679.660533][ T3459]  ? __pfx_process_scheduled_works+0x10/0x10
[  679.660579][ T3459]  worker_thread+0x8a0/0xda0
[  679.660605][ T3459]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  679.660639][ T3459]  ? __kthread_parkme+0x7b/0x200
[  679.660675][ T3459]  kthread+0x70e/0x8a0
[  679.660697][ T3459]  ? __pfx_worker_thread+0x10/0x10
[  679.660719][ T3459]  ? __pfx_kthread+0x10/0x10
[  679.660739][ T3459]  ? _raw_spin_unlock_irq+0x23/0x50
[  679.660762][ T3459]  ? lockdep_hardirqs_on+0x9c/0x150
[  679.660784][ T3459]  ? __pfx_kthread+0x10/0x10
[  679.660803][ T3459]  ret_from_fork+0x3fc/0x770
[  679.660829][ T3459]  ? __pfx_ret_from_fork+0x10/0x10
[  679.660860][ T3459]  ? __switch_to_asm+0x39/0x70
[  679.660876][ T3459]  ? __switch_to_asm+0x33/0x70
[  679.660891][ T3459]  ? __pfx_kthread+0x10/0x10
[  679.660911][ T3459]  ret_from_fork_asm+0x1a/0x30
[  679.660950][ T3459]  </TASK>
[  679.660958][ T3459] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  680.314644][T11635] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  681.536460][T11647] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  681.569126][T11647] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  681.649750][T11647] iommufd_mock iommufd_mock2: Adding to iommu group 2
[  683.731201][T11658] loop4: detected capacity change from 0 to 512
[  683.839342][T11658] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.1103: casefold flag without casefold feature
[  683.893599][T11658] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1103: couldn't read orphan inode 15 (err -117)
[  683.926928][T11658] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  684.838522][T11665] loop2: detected capacity change from 0 to 40427
[  684.870519][T11665] F2FS-fs (loop2): invalid crc value
[  684.981962][T11665] F2FS-fs (loop2): Start checkpoint disabled!
[  685.009150][T11665] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  685.741571][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  685.748076][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  685.899840][T11679] siw: device registration error -23
[  686.780949][   T12] kworker/u8:0: attempt to access beyond end of device
[  686.780949][   T12] loop2: rw=1, sector=77824, nr_sectors = 2072 limit=40427
[  687.008439][   T12] kworker/u8:0: attempt to access beyond end of device
[  687.008439][   T12] loop2: rw=1, sector=79896, nr_sectors = 2024 limit=40427
[  687.056542][   T12] kworker/u8:0: attempt to access beyond end of device
[  687.056542][   T12] loop2: rw=1, sector=49152, nr_sectors = 2048 limit=40427
[  687.137113][T11690] siw: device registration error -23
[  687.824473][   T12] kworker/u8:0: attempt to access beyond end of device
[  687.824473][   T12] loop2: rw=1, sector=51200, nr_sectors = 2048 limit=40427
[  687.910251][   T12] kworker/u8:0: attempt to access beyond end of device
[  687.910251][   T12] loop2: rw=1, sector=57344, nr_sectors = 8192 limit=40427
[  687.936006][ T1136] kworker/u8:8: attempt to access beyond end of device
[  687.936006][ T1136] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  687.967293][ T1136] CPU: 0 UID: 0 PID: 1136 Comm: kworker/u8:8 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  687.967319][ T1136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  687.967330][ T1136] Workqueue: writeback wb_workfn (flush-7:2)
[  687.967360][ T1136] Call Trace:
[  687.967368][ T1136]  <TASK>
[  687.967376][ T1136]  dump_stack_lvl+0x189/0x250
[  687.967406][ T1136]  ? __pfx_dump_stack_lvl+0x10/0x10
[  687.967428][ T1136]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  687.967451][ T1136]  ? __pfx_queue_work_on+0x10/0x10
[  687.967475][ T1136]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  687.967497][ T1136]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  687.967521][ T1136]  ? f2fs_hw_is_readonly+0x39b/0x470
[  687.967548][ T1136]  f2fs_handle_critical_error+0x37c/0x540
[  687.967576][ T1136]  f2fs_write_end_io+0x495/0x810
[  687.967608][ T1136]  ? blkg_put+0x22/0x240
[  687.967644][ T1136]  __submit_merged_bio+0x27a/0x6a0
[  687.967672][ T1136]  __submit_merged_write_cond+0x255/0x530
[  687.967701][ T1136]  f2fs_write_data_pages+0x261d/0x3000
[  687.967759][ T1136]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  687.967862][ T1136]  ? f2fs_write_meta_pages+0x357/0x450
[  687.967895][ T1136]  ? __lock_acquire+0xab9/0xd20
[  687.967920][ T1136]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  687.967944][ T1136]  do_writepages+0x32e/0x550
[  687.967973][ T1136]  ? reacquire_held_locks+0x127/0x1d0
[  687.967994][ T1136]  ? writeback_sb_inodes+0x384/0x1010
[  687.968026][ T1136]  __writeback_single_inode+0x145/0xff0
[  687.968049][ T1136]  ? do_raw_spin_unlock+0x122/0x240
[  687.968071][ T1136]  writeback_sb_inodes+0x6c7/0x1010
[  687.968121][ T1136]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  687.968187][ T1136]  ? rcu_is_watching+0x15/0xb0
[  687.968220][ T1136]  wb_writeback+0x43b/0xaf0
[  687.968251][ T1136]  ? queue_io+0x3d1/0x590
[  687.968277][ T1136]  ? __pfx_wb_writeback+0x10/0x10
[  687.968309][ T1136]  ? _raw_spin_unlock_irq+0x23/0x50
[  687.968337][ T1136]  wb_workfn+0x409/0xef0
[  687.968373][ T1136]  ? __pfx_wb_workfn+0x10/0x10
[  687.968399][ T1136]  ? __lock_acquire+0xab9/0xd20
[  687.968430][ T1136]  ? process_scheduled_works+0x9ef/0x17b0
[  687.968459][ T1136]  ? _raw_spin_unlock_irq+0x23/0x50
[  687.968479][ T1136]  ? process_scheduled_works+0x9ef/0x17b0
[  687.968499][ T1136]  ? process_scheduled_works+0x9ef/0x17b0
[  687.968522][ T1136]  process_scheduled_works+0xae1/0x17b0
[  687.968575][ T1136]  ? __pfx_process_scheduled_works+0x10/0x10
[  687.968620][ T1136]  worker_thread+0x8a0/0xda0
[  687.968671][ T1136]  kthread+0x70e/0x8a0
[  687.968691][ T1136]  ? __pfx_worker_thread+0x10/0x10
[  687.968712][ T1136]  ? __pfx_kthread+0x10/0x10
[  687.968731][ T1136]  ? _raw_spin_unlock_irq+0x23/0x50
[  687.968751][ T1136]  ? lockdep_hardirqs_on+0x9c/0x150
[  687.968774][ T1136]  ? __pfx_kthread+0x10/0x10
[  687.968791][ T1136]  ret_from_fork+0x3fc/0x770
[  687.968816][ T1136]  ? __pfx_ret_from_fork+0x10/0x10
[  687.968844][ T1136]  ? __switch_to_asm+0x39/0x70
[  687.968859][ T1136]  ? __switch_to_asm+0x33/0x70
[  687.968875][ T1136]  ? __pfx_kthread+0x10/0x10
[  687.968892][ T1136]  ret_from_fork_asm+0x1a/0x30
[  687.968926][ T1136]  </TASK>
[  687.968934][ T1136] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  690.976165][ T5843] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  691.831043][T11723] loop3: detected capacity change from 0 to 40427
[  692.082867][T11723] F2FS-fs (loop3): invalid crc value
[  692.505834][T11727] loop2: detected capacity change from 0 to 256
[  692.568458][T11723] F2FS-fs (loop3): Start checkpoint disabled!
[  692.583262][T11727] exFAT-fs (loop2): failed to read boot sector
[  692.594955][T11723] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  692.635923][T11727] exFAT-fs (loop2): failed to recognize exfat type
[  692.733645][T11732] fuse: Unknown parameter '00000000000000000000'
[  692.993261][   T12] kworker/u8:0: attempt to access beyond end of device
[  692.993261][   T12] loop3: rw=1, sector=77824, nr_sectors = 2624 limit=40427
[  693.076826][   T12] kworker/u8:0: attempt to access beyond end of device
[  693.076826][   T12] loop3: rw=1, sector=80448, nr_sectors = 1472 limit=40427
[  693.140072][   T12] kworker/u8:0: attempt to access beyond end of device
[  693.140072][   T12] loop3: rw=1, sector=49152, nr_sectors = 3368 limit=40427
[  693.299744][   T12] kworker/u8:0: attempt to access beyond end of device
[  693.299744][   T12] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  694.218792][T11721] siw: device registration error -23
[  694.278941][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  694.278967][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  694.278978][   T12] Workqueue: writeback wb_workfn (flush-7:3)
[  694.279007][   T12] Call Trace:
[  694.279014][   T12]  <TASK>
[  694.279022][   T12]  dump_stack_lvl+0x189/0x250
[  694.279051][   T12]  ? __pfx_dump_stack_lvl+0x10/0x10
[  694.279071][   T12]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  694.279102][   T12]  ? __pfx_queue_work_on+0x10/0x10
[  694.279126][   T12]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  694.279147][   T12]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  694.279171][   T12]  ? f2fs_hw_is_readonly+0x39b/0x470
[  694.279198][   T12]  f2fs_handle_critical_error+0x37c/0x540
[  694.279226][   T12]  f2fs_write_end_io+0x495/0x810
[  694.279248][   T12]  ? blkg_put+0x22/0x240
[  694.279280][   T12]  __submit_merged_bio+0x27a/0x6a0
[  694.279304][   T12]  __submit_merged_write_cond+0x255/0x530
[  694.279328][   T12]  f2fs_write_data_pages+0x261d/0x3000
[  694.279378][   T12]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  694.279469][   T12]  ? f2fs_write_meta_pages+0x357/0x450
[  694.279501][   T12]  ? __lock_acquire+0xab9/0xd20
[  694.279527][   T12]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  694.279550][   T12]  do_writepages+0x32e/0x550
[  694.279580][   T12]  ? reacquire_held_locks+0x127/0x1d0
[  694.279601][   T12]  ? writeback_sb_inodes+0x384/0x1010
[  694.279633][   T12]  __writeback_single_inode+0x145/0xff0
[  694.279657][   T12]  ? do_raw_spin_unlock+0x122/0x240
[  694.279679][   T12]  writeback_sb_inodes+0x6c7/0x1010
[  694.279729][   T12]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  694.279795][   T12]  ? rcu_is_watching+0x15/0xb0
[  694.279827][   T12]  wb_writeback+0x43b/0xaf0
[  694.279858][   T12]  ? queue_io+0x3d1/0x590
[  694.279883][   T12]  ? __pfx_wb_writeback+0x10/0x10
[  694.279915][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  694.279942][   T12]  wb_workfn+0x409/0xef0
[  694.279978][   T12]  ? __pfx_wb_workfn+0x10/0x10
[  694.280001][   T12]  ? __lock_acquire+0xab9/0xd20
[  694.280032][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  694.280062][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  694.280082][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  694.280112][   T12]  process_scheduled_works+0xae1/0x17b0
[  694.280164][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  694.280204][   T12]  worker_thread+0x8a0/0xda0
[  694.280254][   T12]  kthread+0x70e/0x8a0
[  694.280275][   T12]  ? __pfx_worker_thread+0x10/0x10
[  694.280296][   T12]  ? __pfx_kthread+0x10/0x10
[  694.280314][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  694.280336][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[  694.280358][   T12]  ? __pfx_kthread+0x10/0x10
[  694.280376][   T12]  ret_from_fork+0x3fc/0x770
[  694.280401][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[  694.280427][   T12]  ? __switch_to_asm+0x39/0x70
[  694.280441][   T12]  ? __switch_to_asm+0x33/0x70
[  694.280455][   T12]  ? __pfx_kthread+0x10/0x10
[  694.280472][   T12]  ret_from_fork_asm+0x1a/0x30
[  694.280506][   T12]  </TASK>
[  694.280591][   T12] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  694.604694][T11735] loop6: detected capacity change from 0 to 32768
[  694.612140][T11735] XFS: ikeep mount option is deprecated.
[  694.838880][T11735] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  695.618773][T11735] XFS (loop6): Ending clean mount
[  695.646960][T11735] XFS (loop6): Quotacheck needed: Please wait.
[  695.711053][T11735] XFS (loop6): Quotacheck: Done.
[  695.885383][ T5893] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  695.924752][T11198] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  696.054477][ T5893] usb 3-1: Using ep0 maxpacket: 8
[  696.104398][ T5893] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  696.115161][ T5893] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  696.149820][ T5893] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  696.180997][ T5893] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  696.408458][ T5893] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  696.481567][T11760] loop4: detected capacity change from 0 to 40427
[  696.530323][T11760] F2FS-fs (loop4): invalid crc value
[  696.754895][T11760] F2FS-fs (loop4): Start checkpoint disabled!
[  697.196111][ T5893] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  697.229961][T11760] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  697.265006][ T5893] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  697.839039][ T5893] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  697.879011][ T5893] usbtmc 3-1:16.0: probe with driver usbtmc failed with error -22
[  698.807247][   T36] kworker/u8:2: attempt to access beyond end of device
[  698.807247][   T36] loop4: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  698.821516][T11783] loop5: detected capacity change from 0 to 256
[  698.841850][T11783] exFAT-fs (loop5): failed to read boot sector
[  698.871562][   T12] kworker/u8:0: attempt to access beyond end of device
[  698.871562][   T12] loop4: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  698.889792][T11783] exFAT-fs (loop5): failed to recognize exfat type
[  698.910309][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  698.910332][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  698.910343][   T12] Workqueue: writeback wb_workfn (flush-7:4)
[  698.910372][   T12] Call Trace:
[  698.910388][   T12]  <TASK>
[  698.910395][   T12]  dump_stack_lvl+0x189/0x250
[  698.910426][   T12]  ? __pfx_dump_stack_lvl+0x10/0x10
[  698.910447][   T12]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  698.910472][   T12]  ? __pfx_queue_work_on+0x10/0x10
[  698.910498][   T12]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  698.910521][   T12]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  698.910546][   T12]  ? f2fs_hw_is_readonly+0x39b/0x470
[  698.910575][   T12]  f2fs_handle_critical_error+0x37c/0x540
[  698.910605][   T12]  f2fs_write_end_io+0x495/0x810
[  698.910627][   T12]  ? blkg_put+0x22/0x240
[  698.910667][   T12]  __submit_merged_bio+0x27a/0x6a0
[  698.910696][   T12]  __submit_merged_write_cond+0x255/0x530
[  698.910727][   T12]  f2fs_write_data_pages+0x261d/0x3000
[  698.910792][   T12]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  698.910914][   T12]  ? f2fs_write_meta_pages+0x357/0x450
[  698.910948][   T12]  ? __lock_acquire+0xab9/0xd20
[  698.910975][   T12]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  698.910999][   T12]  do_writepages+0x32e/0x550
[  698.911030][   T12]  ? reacquire_held_locks+0x127/0x1d0
[  698.911051][   T12]  ? writeback_sb_inodes+0x384/0x1010
[  698.911085][   T12]  __writeback_single_inode+0x145/0xff0
[  698.911109][   T12]  ? do_raw_spin_unlock+0x122/0x240
[  698.911133][   T12]  writeback_sb_inodes+0x6c7/0x1010
[  698.911189][   T12]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  698.911264][   T12]  ? rcu_is_watching+0x15/0xb0
[  698.911299][   T12]  wb_writeback+0x43b/0xaf0
[  698.911333][   T12]  ? queue_io+0x3d1/0x590
[  698.911360][   T12]  ? __pfx_wb_writeback+0x10/0x10
[  698.911400][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  698.911428][   T12]  wb_workfn+0x409/0xef0
[  698.911466][   T12]  ? __pfx_wb_workfn+0x10/0x10
[  698.911492][   T12]  ? __lock_acquire+0xab9/0xd20
[  698.911526][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  698.911556][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  698.911577][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  698.911598][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  698.911622][   T12]  process_scheduled_works+0xae1/0x17b0
[  698.911680][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  698.911725][   T12]  worker_thread+0x8a0/0xda0
[  698.911781][   T12]  kthread+0x70e/0x8a0
[  698.911804][   T12]  ? __pfx_worker_thread+0x10/0x10
[  698.911826][   T12]  ? __pfx_kthread+0x10/0x10
[  698.911845][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  698.911867][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[  698.911889][   T12]  ? __pfx_kthread+0x10/0x10
[  698.911908][   T12]  ret_from_fork+0x3fc/0x770
[  698.911934][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[  698.911964][   T12]  ? __switch_to_asm+0x39/0x70
[  698.911980][   T12]  ? __switch_to_asm+0x33/0x70
[  698.911995][   T12]  ? __pfx_kthread+0x10/0x10
[  698.912014][   T12]  ret_from_fork_asm+0x1a/0x30
[  698.912052][   T12]  </TASK>
[  698.912059][   T12] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  699.228546][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  699.228572][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  699.228584][   T12] Workqueue: writeback wb_workfn (flush-7:4)
[  699.228614][   T12] Call Trace:
[  699.228622][   T12]  <TASK>
[  699.228631][   T12]  dump_stack_lvl+0x189/0x250
[  699.228663][   T12]  ? __pfx_dump_stack_lvl+0x10/0x10
[  699.228685][   T12]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  699.228708][   T12]  ? __pfx_queue_work_on+0x10/0x10
[  699.228733][   T12]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  699.228755][   T12]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  699.228780][   T12]  ? f2fs_hw_is_readonly+0x39b/0x470
[  699.228808][   T12]  f2fs_handle_critical_error+0x37c/0x540
[  699.228839][   T12]  f2fs_write_end_io+0x495/0x810
[  699.228861][   T12]  ? blkg_put+0x22/0x240
[  699.228901][   T12]  __submit_merged_bio+0x27a/0x6a0
[  699.228931][   T12]  __submit_merged_write_cond+0x255/0x530
[  699.228963][   T12]  f2fs_write_data_pages+0x261d/0x3000
[  699.229027][   T12]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  699.229134][   T12]  ? f2fs_write_meta_pages+0x357/0x450
[  699.229168][   T12]  ? __lock_acquire+0xab9/0xd20
[  699.229193][   T12]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  699.229217][   T12]  do_writepages+0x32e/0x550
[  699.229245][   T12]  ? reacquire_held_locks+0x127/0x1d0
[  699.229266][   T12]  ? writeback_sb_inodes+0x384/0x1010
[  699.229298][   T12]  __writeback_single_inode+0x145/0xff0
[  699.229320][   T12]  ? do_raw_spin_unlock+0x122/0x240
[  699.229350][   T12]  writeback_sb_inodes+0x6c7/0x1010
[  699.229407][   T12]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  699.229482][   T12]  ? rcu_is_watching+0x15/0xb0
[  699.229517][   T12]  wb_writeback+0x43b/0xaf0
[  699.229550][   T12]  ? queue_io+0x3d1/0x590
[  699.229576][   T12]  ? __pfx_wb_writeback+0x10/0x10
[  699.229610][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  699.229639][   T12]  wb_workfn+0x409/0xef0
[  699.229679][   T12]  ? __pfx_wb_workfn+0x10/0x10
[  699.229706][   T12]  ? __lock_acquire+0xab9/0xd20
[  699.229736][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  699.229763][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  699.229782][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  699.229801][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  699.229823][   T12]  process_scheduled_works+0xae1/0x17b0
[  699.229884][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  699.229930][   T12]  worker_thread+0x8a0/0xda0
[  699.229988][   T12]  kthread+0x70e/0x8a0
[  699.230011][   T12]  ? __pfx_worker_thread+0x10/0x10
[  699.230033][   T12]  ? __pfx_kthread+0x10/0x10
[  699.230054][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  699.230075][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[  699.230097][   T12]  ? __pfx_kthread+0x10/0x10
[  699.230116][   T12]  ret_from_fork+0x3fc/0x770
[  699.230143][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[  699.230174][   T12]  ? __switch_to_asm+0x39/0x70
[  699.230190][   T12]  ? __switch_to_asm+0x33/0x70
[  699.230204][   T12]  ? __pfx_kthread+0x10/0x10
[  699.230224][   T12]  ret_from_fork_asm+0x1a/0x30
[  699.230260][   T12]  </TASK>
[  699.230267][   T12] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  699.851584][  T978] usb 3-1: USB disconnect, device number 16
[  701.455908][T11802] loop5: detected capacity change from 0 to 40427
[  701.533585][T11802] F2FS-fs (loop5): invalid crc value
[  701.786741][T11802] F2FS-fs (loop5): Start checkpoint disabled!
[  701.802302][T11786] loop3: detected capacity change from 0 to 40427
[  701.842933][T11786] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[  701.849853][T11786] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  701.858236][T11802] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  701.922647][T11786] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-4)
[  702.074637][T11805] loop2: detected capacity change from 0 to 32768
[  702.081785][T11805] XFS: ikeep mount option is deprecated.
[  702.480355][T11814] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  702.520770][T11814] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  703.223221][T11805] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  703.612742][T11805] XFS (loop2): Ending clean mount
[  703.620253][T11805] XFS (loop2): Quotacheck needed: Please wait.
[  703.755220][   T13] kworker/u8:1: attempt to access beyond end of device
[  703.755220][   T13] loop5: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  703.787629][   T13] kworker/u8:1: attempt to access beyond end of device
[  703.787629][   T13] loop5: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  703.811119][T11805] XFS (loop2): Quotacheck: Done.
[  703.956604][   T13] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  703.956633][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  703.956646][   T13] Workqueue: writeback wb_workfn (flush-7:5)
[  703.956676][   T13] Call Trace:
[  703.956684][   T13]  <TASK>
[  703.956693][   T13]  dump_stack_lvl+0x189/0x250
[  703.956724][   T13]  ? __pfx_dump_stack_lvl+0x10/0x10
[  703.956746][   T13]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  703.956770][   T13]  ? __pfx_queue_work_on+0x10/0x10
[  703.956794][   T13]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  703.956813][   T13]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  703.956839][   T13]  ? f2fs_hw_is_readonly+0x39b/0x470
[  703.956869][   T13]  f2fs_handle_critical_error+0x37c/0x540
[  703.956899][   T13]  f2fs_write_end_io+0x495/0x810
[  703.956921][   T13]  ? blkg_put+0x22/0x240
[  703.956968][   T13]  __submit_merged_bio+0x27a/0x6a0
[  703.956996][   T13]  __submit_merged_write_cond+0x255/0x530
[  703.957027][   T13]  f2fs_write_data_pages+0x261d/0x3000
[  703.957090][   T13]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  703.957207][   T13]  ? f2fs_write_meta_pages+0x357/0x450
[  703.957241][   T13]  ? __lock_acquire+0xab9/0xd20
[  703.957268][   T13]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  703.957291][   T13]  do_writepages+0x32e/0x550
[  703.957322][   T13]  ? reacquire_held_locks+0x127/0x1d0
[  703.957343][   T13]  ? writeback_sb_inodes+0x384/0x1010
[  703.957376][   T13]  __writeback_single_inode+0x145/0xff0
[  703.957399][   T13]  ? do_raw_spin_unlock+0x122/0x240
[  703.957422][   T13]  writeback_sb_inodes+0x6c7/0x1010
[  703.957477][   T13]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  703.957550][   T13]  ? rcu_is_watching+0x15/0xb0
[  703.957583][   T13]  wb_writeback+0x43b/0xaf0
[  703.957616][   T13]  ? queue_io+0x3d1/0x590
[  703.957642][   T13]  ? __pfx_wb_writeback+0x10/0x10
[  703.957675][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  703.957704][   T13]  wb_workfn+0x409/0xef0
[  703.957743][   T13]  ? __pfx_wb_workfn+0x10/0x10
[  703.957768][   T13]  ? __lock_acquire+0xab9/0xd20
[  703.957801][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  703.957831][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  703.957851][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  703.957870][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  703.957894][   T13]  process_scheduled_works+0xae1/0x17b0
[  703.957957][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  703.958000][   T13]  worker_thread+0x8a0/0xda0
[  703.958055][   T13]  kthread+0x70e/0x8a0
[  703.958077][   T13]  ? __pfx_worker_thread+0x10/0x10
[  703.958097][   T13]  ? __pfx_kthread+0x10/0x10
[  703.958117][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  703.958137][   T13]  ? lockdep_hardirqs_on+0x9c/0x150
[  703.958159][   T13]  ? __pfx_kthread+0x10/0x10
[  703.958177][   T13]  ret_from_fork+0x3fc/0x770
[  703.958203][   T13]  ? __pfx_ret_from_fork+0x10/0x10
[  703.958232][   T13]  ? __switch_to_asm+0x39/0x70
[  703.958247][   T13]  ? __switch_to_asm+0x33/0x70
[  703.958262][   T13]  ? __pfx_kthread+0x10/0x10
[  703.958280][   T13]  ret_from_fork_asm+0x1a/0x30
[  703.958317][   T13]  </TASK>
[  703.958325][   T13] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  704.384031][T11827] loop6: detected capacity change from 0 to 32768
[  704.391140][T11827] XFS: ikeep mount option is deprecated.
[  705.660265][   T13] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  705.660292][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  705.660303][   T13] Workqueue: writeback wb_workfn (flush-7:5)
[  705.660332][   T13] Call Trace:
[  705.660340][   T13]  <TASK>
[  705.660348][   T13]  dump_stack_lvl+0x189/0x250
[  705.660378][   T13]  ? __pfx_dump_stack_lvl+0x10/0x10
[  705.660398][   T13]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  705.660422][   T13]  ? __pfx_queue_work_on+0x10/0x10
[  705.660453][   T13]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  705.660475][   T13]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  705.660500][   T13]  ? f2fs_hw_is_readonly+0x39b/0x470
[  705.660526][   T13]  f2fs_handle_critical_error+0x37c/0x540
[  705.660555][   T13]  f2fs_write_end_io+0x495/0x810
[  705.660575][   T13]  ? blkg_put+0x22/0x240
[  705.660613][   T13]  __submit_merged_bio+0x27a/0x6a0
[  705.660641][   T13]  __submit_merged_write_cond+0x255/0x530
[  705.660673][   T13]  f2fs_write_data_pages+0x261d/0x3000
[  705.660737][   T13]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  705.660856][   T13]  ? f2fs_write_meta_pages+0x357/0x450
[  705.660889][   T13]  ? __lock_acquire+0xab9/0xd20
[  705.660915][   T13]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  705.660936][   T13]  do_writepages+0x32e/0x550
[  705.660970][   T13]  ? reacquire_held_locks+0x127/0x1d0
[  705.660991][   T13]  ? writeback_sb_inodes+0x384/0x1010
[  705.661025][   T13]  __writeback_single_inode+0x145/0xff0
[  705.661047][   T13]  ? do_raw_spin_unlock+0x122/0x240
[  705.661069][   T13]  writeback_sb_inodes+0x6c7/0x1010
[  705.661126][   T13]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  705.661199][   T13]  ? rcu_is_watching+0x15/0xb0
[  705.661235][   T13]  wb_writeback+0x43b/0xaf0
[  705.661271][   T13]  ? queue_io+0x3d1/0x590
[  705.661300][   T13]  ? __pfx_wb_writeback+0x10/0x10
[  705.661336][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  705.661365][   T13]  wb_workfn+0x409/0xef0
[  705.661405][   T13]  ? __pfx_wb_workfn+0x10/0x10
[  705.661431][   T13]  ? __lock_acquire+0xab9/0xd20
[  705.661465][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  705.661494][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  705.661515][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  705.661536][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  705.661561][   T13]  process_scheduled_works+0xae1/0x17b0
[  705.661620][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  705.661664][   T13]  worker_thread+0x8a0/0xda0
[  705.661727][   T13]  kthread+0x70e/0x8a0
[  705.661750][   T13]  ? __pfx_worker_thread+0x10/0x10
[  705.661771][   T13]  ? __pfx_kthread+0x10/0x10
[  705.661790][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  705.661813][   T13]  ? lockdep_hardirqs_on+0x9c/0x150
[  705.661835][   T13]  ? __pfx_kthread+0x10/0x10
[  705.661856][   T13]  ret_from_fork+0x3fc/0x770
[  705.661884][   T13]  ? __pfx_ret_from_fork+0x10/0x10
[  705.661916][   T13]  ? __switch_to_asm+0x39/0x70
[  705.661933][   T13]  ? __switch_to_asm+0x33/0x70
[  705.661955][   T13]  ? __pfx_kthread+0x10/0x10
[  705.661975][   T13]  ret_from_fork_asm+0x1a/0x30
[  705.662012][   T13]  </TASK>
[  705.662021][   T13] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  706.174637][T11827] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  706.240301][ T5835] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  706.447835][T11827] XFS (loop6): Ending clean mount
[  706.456321][T11827] XFS (loop6): Quotacheck needed: Please wait.
[  706.483941][T11827] XFS (loop6): Quotacheck: Done.
[  707.494477][ T5940] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  707.647947][ T5940] usb 3-1: Using ep0 maxpacket: 8
[  707.853715][ T5940] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  707.886468][T11860] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  707.909056][ T5940] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  707.935737][ T5940] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  707.974214][ T5940] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  708.144458][ T5940] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  708.165201][ T5940] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  708.184514][ T5940] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  708.193651][ T5940] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  708.216408][ T5940] usbtmc 3-1:16.0: probe with driver usbtmc failed with error -22
[  708.633219][T11862] loop4: detected capacity change from 0 to 40427
[  708.670129][T11862] F2FS-fs (loop4): invalid crc value
[  708.734577][T11862] F2FS-fs (loop4): Start checkpoint disabled!
[  708.743884][T11862] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  709.767321][T11872] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  709.820020][T11872] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  710.451695][  T978] usb 3-1: USB disconnect, device number 17
[  710.456838][T11198] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  710.479595][ T1165] kworker/u8:10: attempt to access beyond end of device
[  710.479595][ T1165] loop4: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  710.532427][ T1165] kworker/u8:10: attempt to access beyond end of device
[  710.532427][ T1165] loop4: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  710.549530][T11874] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  710.563824][ T1165] CPU: 1 UID: 0 PID: 1165 Comm: kworker/u8:10 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  710.563851][ T1165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  710.563865][ T1165] Workqueue: writeback wb_workfn (flush-7:4)
[  710.563895][ T1165] Call Trace:
[  710.563903][ T1165]  <TASK>
[  710.563910][ T1165]  dump_stack_lvl+0x189/0x250
[  710.563939][ T1165]  ? __pfx_dump_stack_lvl+0x10/0x10
[  710.563958][ T1165]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  710.563980][ T1165]  ? __pfx_queue_work_on+0x10/0x10
[  710.564003][ T1165]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  710.564022][ T1165]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  710.564043][ T1165]  ? f2fs_hw_is_readonly+0x39b/0x470
[  710.564070][ T1165]  f2fs_handle_critical_error+0x37c/0x540
[  710.564098][ T1165]  f2fs_write_end_io+0x495/0x810
[  710.564123][ T1165]  ? blkg_put+0x22/0x240
[  710.564159][ T1165]  __submit_merged_bio+0x27a/0x6a0
[  710.564187][ T1165]  __submit_merged_write_cond+0x255/0x530
[  710.564218][ T1165]  f2fs_write_data_pages+0x261d/0x3000
[  710.564280][ T1165]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  710.564399][ T1165]  ? f2fs_write_meta_pages+0x357/0x450
[  710.564434][ T1165]  ? __lock_acquire+0xab9/0xd20
[  710.564461][ T1165]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  710.564491][ T1165]  do_writepages+0x32e/0x550
[  710.564521][ T1165]  ? reacquire_held_locks+0x127/0x1d0
[  710.564542][ T1165]  ? writeback_sb_inodes+0x384/0x1010
[  710.564576][ T1165]  __writeback_single_inode+0x145/0xff0
[  710.564605][ T1165]  ? do_raw_spin_unlock+0x122/0x240
[  710.564629][ T1165]  writeback_sb_inodes+0x6c7/0x1010
[  710.564687][ T1165]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  710.564763][ T1165]  ? rcu_is_watching+0x15/0xb0
[  710.564798][ T1165]  wb_writeback+0x43b/0xaf0
[  710.564833][ T1165]  ? queue_io+0x3d1/0x590
[  710.564861][ T1165]  ? __pfx_wb_writeback+0x10/0x10
[  710.564895][ T1165]  ? _raw_spin_unlock_irq+0x23/0x50
[  710.564925][ T1165]  wb_workfn+0x409/0xef0
[  710.564966][ T1165]  ? __pfx_wb_workfn+0x10/0x10
[  710.564993][ T1165]  ? __lock_acquire+0xab9/0xd20
[  710.565028][ T1165]  ? process_scheduled_works+0x9ef/0x17b0
[  710.565059][ T1165]  ? _raw_spin_unlock_irq+0x23/0x50
[  710.565080][ T1165]  ? process_scheduled_works+0x9ef/0x17b0
[  710.565100][ T1165]  ? process_scheduled_works+0x9ef/0x17b0
[  710.565126][ T1165]  process_scheduled_works+0xae1/0x17b0
[  710.565186][ T1165]  ? __pfx_process_scheduled_works+0x10/0x10
[  710.565230][ T1165]  worker_thread+0x8a0/0xda0
[  710.565257][ T1165]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  710.565292][ T1165]  ? __kthread_parkme+0x7b/0x200
[  710.565333][ T1165]  kthread+0x70e/0x8a0
[  710.565355][ T1165]  ? __pfx_worker_thread+0x10/0x10
[  710.565378][ T1165]  ? __pfx_kthread+0x10/0x10
[  710.565399][ T1165]  ? _raw_spin_unlock_irq+0x23/0x50
[  710.565421][ T1165]  ? lockdep_hardirqs_on+0x9c/0x150
[  710.565443][ T1165]  ? __pfx_kthread+0x10/0x10
[  710.565463][ T1165]  ret_from_fork+0x3fc/0x770
[  710.565497][ T1165]  ? __pfx_ret_from_fork+0x10/0x10
[  710.565528][ T1165]  ? __switch_to_asm+0x39/0x70
[  710.565545][ T1165]  ? __switch_to_asm+0x33/0x70
[  710.565561][ T1165]  ? __pfx_kthread+0x10/0x10
[  710.565580][ T1165]  ret_from_fork_asm+0x1a/0x30
[  710.565616][ T1165]  </TASK>
[  710.900902][ T1165] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  710.923288][T11873] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  711.040107][ T1165] CPU: 1 UID: 0 PID: 1165 Comm: kworker/u8:10 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  711.040136][ T1165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  711.040149][ T1165] Workqueue: writeback wb_workfn (flush-7:4)
[  711.040180][ T1165] Call Trace:
[  711.040189][ T1165]  <TASK>
[  711.040198][ T1165]  dump_stack_lvl+0x189/0x250
[  711.040231][ T1165]  ? __pfx_dump_stack_lvl+0x10/0x10
[  711.040253][ T1165]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  711.040277][ T1165]  ? __pfx_queue_work_on+0x10/0x10
[  711.040302][ T1165]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  711.040325][ T1165]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  711.040350][ T1165]  ? f2fs_hw_is_readonly+0x39b/0x470
[  711.040379][ T1165]  f2fs_handle_critical_error+0x37c/0x540
[  711.040417][ T1165]  f2fs_write_end_io+0x495/0x810
[  711.040439][ T1165]  ? blkg_put+0x22/0x240
[  711.040478][ T1165]  __submit_merged_bio+0x27a/0x6a0
[  711.040509][ T1165]  __submit_merged_write_cond+0x255/0x530
[  711.040539][ T1165]  f2fs_write_data_pages+0x261d/0x3000
[  711.040604][ T1165]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  711.040727][ T1165]  ? f2fs_write_meta_pages+0x357/0x450
[  711.040762][ T1165]  ? __lock_acquire+0xab9/0xd20
[  711.040789][ T1165]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  711.040814][ T1165]  do_writepages+0x32e/0x550
[  711.040845][ T1165]  ? reacquire_held_locks+0x127/0x1d0
[  711.040866][ T1165]  ? writeback_sb_inodes+0x384/0x1010
[  711.040900][ T1165]  __writeback_single_inode+0x145/0xff0
[  711.040924][ T1165]  ? do_raw_spin_unlock+0x122/0x240
[  711.040948][ T1165]  writeback_sb_inodes+0x6c7/0x1010
[  711.041004][ T1165]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  711.041080][ T1165]  ? rcu_is_watching+0x15/0xb0
[  711.041114][ T1165]  wb_writeback+0x43b/0xaf0
[  711.041148][ T1165]  ? queue_io+0x3d1/0x590
[  711.041175][ T1165]  ? __pfx_wb_writeback+0x10/0x10
[  711.041209][ T1165]  ? _raw_spin_unlock_irq+0x23/0x50
[  711.041238][ T1165]  wb_workfn+0x409/0xef0
[  711.041278][ T1165]  ? __pfx_wb_workfn+0x10/0x10
[  711.041305][ T1165]  ? __lock_acquire+0xab9/0xd20
[  711.041340][ T1165]  ? process_scheduled_works+0x9ef/0x17b0
[  711.041371][ T1165]  ? _raw_spin_unlock_irq+0x23/0x50
[  711.041392][ T1165]  ? process_scheduled_works+0x9ef/0x17b0
[  711.041420][ T1165]  ? process_scheduled_works+0x9ef/0x17b0
[  711.041446][ T1165]  process_scheduled_works+0xae1/0x17b0
[  711.041504][ T1165]  ? __pfx_process_scheduled_works+0x10/0x10
[  711.041549][ T1165]  worker_thread+0x8a0/0xda0
[  711.041575][ T1165]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  711.041609][ T1165]  ? __kthread_parkme+0x7b/0x200
[  711.041645][ T1165]  kthread+0x70e/0x8a0
[  711.041668][ T1165]  ? __pfx_worker_thread+0x10/0x10
[  711.041690][ T1165]  ? __pfx_kthread+0x10/0x10
[  711.041710][ T1165]  ? _raw_spin_unlock_irq+0x23/0x50
[  711.041732][ T1165]  ? lockdep_hardirqs_on+0x9c/0x150
[  711.041755][ T1165]  ? __pfx_kthread+0x10/0x10
[  711.041774][ T1165]  ret_from_fork+0x3fc/0x770
[  711.041800][ T1165]  ? __pfx_ret_from_fork+0x10/0x10
[  711.041830][ T1165]  ? __switch_to_asm+0x39/0x70
[  711.041847][ T1165]  ? __switch_to_asm+0x33/0x70
[  711.041862][ T1165]  ? __pfx_kthread+0x10/0x10
[  711.041882][ T1165]  ret_from_fork_asm+0x1a/0x30
[  711.041920][ T1165]  </TASK>
[  711.041928][ T1165] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  711.951939][T11878] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1153'.
[  714.249076][    T9] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  714.416526][T11904] loop4: detected capacity change from 0 to 256
[  714.450136][T11904] exFAT-fs (loop4): failed to read boot sector
[  714.456923][    T9] usb 3-1: Using ep0 maxpacket: 8
[  714.480140][    T9] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  714.498840][T11904] exFAT-fs (loop4): failed to recognize exfat type
[  714.523354][    T9] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  715.254696][    T9] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  715.289326][    T9] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  715.299507][    T9] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  715.312812][    T9] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  715.323639][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  715.512322][T11913] loop5: detected capacity change from 0 to 32768
[  715.519414][T11913] XFS: ikeep mount option is deprecated.
[  715.582979][T11913] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  715.731715][    T9] usb 3-1: usb_control_msg returned -32
[  715.737943][    T9] usbtmc 3-1:16.0: can't read capabilities
[  715.788184][T11913] XFS (loop5): Ending clean mount
[  715.795498][T11913] XFS (loop5): Quotacheck needed: Please wait.
[  715.848134][T11893] loop6: detected capacity change from 0 to 40427
[  715.891350][T11893] F2FS-fs (loop6): Small segment_count (9 < 1 * 24)
[  715.986692][T11893] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  716.053003][T11913] XFS (loop5): Quotacheck: Done.
[  716.312022][T11931] siw: device registration error -23
[  717.070400][ T7315] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  717.268520][ T5940] usb 3-1: USB disconnect, device number 18
[  717.394945][T11893] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  717.414832][T11893] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  717.641318][T11938] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  718.711174][T11961] siw: device registration error -23
[  720.884309][ T5893] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  721.371034][T11974] loop2: detected capacity change from 0 to 40427
[  721.555853][T11974] F2FS-fs (loop2): invalid crc value
[  721.643729][T11974] F2FS-fs (loop2): Start checkpoint disabled!
[  721.804482][T11974] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  722.044489][ T5893] usb 7-1: Using ep0 maxpacket: 8
[  722.181469][ T5893] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  722.276325][ T5893] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  722.421675][ T5893] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  722.555013][ T5893] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  722.682572][ T5893] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  722.738942][ T1136] kworker/u8:8: attempt to access beyond end of device
[  722.738942][ T1136] loop2: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  722.753515][ T5893] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  722.779808][ T5893] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  723.049462][T11983] loop3: detected capacity change from 0 to 32768
[  723.056948][T11983] XFS: ikeep mount option is deprecated.
[  723.069678][ T1136] kworker/u8:8: attempt to access beyond end of device
[  723.069678][ T1136] loop2: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  723.095850][ T5893] usb 7-1: usb_control_msg returned -32
[  723.111705][ T5893] usbtmc 7-1:16.0: can't read capabilities
[  723.164805][ T1136] CPU: 0 UID: 0 PID: 1136 Comm: kworker/u8:8 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  723.164832][ T1136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  723.164845][ T1136] Workqueue: writeback wb_workfn (flush-7:2)
[  723.164875][ T1136] Call Trace:
[  723.164883][ T1136]  <TASK>
[  723.164892][ T1136]  dump_stack_lvl+0x189/0x250
[  723.164930][ T1136]  ? __pfx_dump_stack_lvl+0x10/0x10
[  723.164952][ T1136]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  723.164975][ T1136]  ? __pfx_queue_work_on+0x10/0x10
[  723.165001][ T1136]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  723.165024][ T1136]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  723.165049][ T1136]  ? f2fs_hw_is_readonly+0x39b/0x470
[  723.165076][ T1136]  f2fs_handle_critical_error+0x37c/0x540
[  723.165105][ T1136]  f2fs_write_end_io+0x495/0x810
[  723.165127][ T1136]  ? blkg_put+0x22/0x240
[  723.165163][ T1136]  __submit_merged_bio+0x27a/0x6a0
[  723.165190][ T1136]  __submit_merged_write_cond+0x255/0x530
[  723.165219][ T1136]  f2fs_write_data_pages+0x261d/0x3000
[  723.165278][ T1136]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  723.165385][ T1136]  ? f2fs_write_meta_pages+0x357/0x450
[  723.165419][ T1136]  ? __lock_acquire+0xab9/0xd20
[  723.165443][ T1136]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  723.165467][ T1136]  do_writepages+0x32e/0x550
[  723.165497][ T1136]  ? reacquire_held_locks+0x127/0x1d0
[  723.165519][ T1136]  ? writeback_sb_inodes+0x384/0x1010
[  723.165552][ T1136]  __writeback_single_inode+0x145/0xff0
[  723.165576][ T1136]  ? do_raw_spin_unlock+0x122/0x240
[  723.165598][ T1136]  writeback_sb_inodes+0x6c7/0x1010
[  723.165649][ T1136]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  723.165716][ T1136]  ? rcu_is_watching+0x15/0xb0
[  723.165749][ T1136]  wb_writeback+0x43b/0xaf0
[  723.165781][ T1136]  ? queue_io+0x3d1/0x590
[  723.165807][ T1136]  ? __pfx_wb_writeback+0x10/0x10
[  723.165839][ T1136]  ? _raw_spin_unlock_irq+0x23/0x50
[  723.165867][ T1136]  wb_workfn+0x409/0xef0
[  723.165904][ T1136]  ? __pfx_wb_workfn+0x10/0x10
[  723.165936][ T1136]  ? __lock_acquire+0xab9/0xd20
[  723.165968][ T1136]  ? process_scheduled_works+0x9ef/0x17b0
[  723.165998][ T1136]  ? _raw_spin_unlock_irq+0x23/0x50
[  723.166019][ T1136]  ? process_scheduled_works+0x9ef/0x17b0
[  723.166041][ T1136]  ? process_scheduled_works+0x9ef/0x17b0
[  723.166065][ T1136]  process_scheduled_works+0xae1/0x17b0
[  723.166118][ T1136]  ? __pfx_process_scheduled_works+0x10/0x10
[  723.166161][ T1136]  worker_thread+0x8a0/0xda0
[  723.166210][ T1136]  kthread+0x70e/0x8a0
[  723.166231][ T1136]  ? __pfx_worker_thread+0x10/0x10
[  723.166253][ T1136]  ? __pfx_kthread+0x10/0x10
[  723.166272][ T1136]  ? _raw_spin_unlock_irq+0x23/0x50
[  723.166294][ T1136]  ? lockdep_hardirqs_on+0x9c/0x150
[  723.166317][ T1136]  ? __pfx_kthread+0x10/0x10
[  723.166334][ T1136]  ret_from_fork+0x3fc/0x770
[  723.166360][ T1136]  ? __pfx_ret_from_fork+0x10/0x10
[  723.166388][ T1136]  ? __switch_to_asm+0x39/0x70
[  723.166404][ T1136]  ? __switch_to_asm+0x33/0x70
[  723.166420][ T1136]  ? __pfx_kthread+0x10/0x10
[  723.166438][ T1136]  ret_from_fork_asm+0x1a/0x30
[  723.166473][ T1136]  </TASK>
[  723.166481][ T1136] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  723.480505][ T1136] CPU: 0 UID: 0 PID: 1136 Comm: kworker/u8:8 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  723.480531][ T1136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  723.480544][ T1136] Workqueue: writeback wb_workfn (flush-7:2)
[  723.480575][ T1136] Call Trace:
[  723.480583][ T1136]  <TASK>
[  723.480592][ T1136]  dump_stack_lvl+0x189/0x250
[  723.480624][ T1136]  ? __pfx_dump_stack_lvl+0x10/0x10
[  723.480646][ T1136]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  723.480676][ T1136]  ? __pfx_queue_work_on+0x10/0x10
[  723.480702][ T1136]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  723.480725][ T1136]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  723.480751][ T1136]  ? f2fs_hw_is_readonly+0x39b/0x470
[  723.480781][ T1136]  f2fs_handle_critical_error+0x37c/0x540
[  723.480811][ T1136]  f2fs_write_end_io+0x495/0x810
[  723.480856][ T1136]  ? blkg_put+0x22/0x240
[  723.480897][ T1136]  __submit_merged_bio+0x27a/0x6a0
[  723.480938][ T1136]  __submit_merged_write_cond+0x255/0x530
[  723.480970][ T1136]  f2fs_write_data_pages+0x261d/0x3000
[  723.481036][ T1136]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  723.481159][ T1136]  ? f2fs_write_meta_pages+0x357/0x450
[  723.481194][ T1136]  ? __lock_acquire+0xab9/0xd20
[  723.481222][ T1136]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  723.481248][ T1136]  do_writepages+0x32e/0x550
[  723.481279][ T1136]  ? reacquire_held_locks+0x127/0x1d0
[  723.481302][ T1136]  ? writeback_sb_inodes+0x384/0x1010
[  723.481336][ T1136]  __writeback_single_inode+0x145/0xff0
[  723.481360][ T1136]  ? do_raw_spin_unlock+0x122/0x240
[  723.481384][ T1136]  writeback_sb_inodes+0x6c7/0x1010
[  723.481441][ T1136]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  723.481517][ T1136]  ? rcu_is_watching+0x15/0xb0
[  723.481554][ T1136]  wb_writeback+0x43b/0xaf0
[  723.481588][ T1136]  ? queue_io+0x3d1/0x590
[  723.481615][ T1136]  ? __pfx_wb_writeback+0x10/0x10
[  723.481651][ T1136]  ? _raw_spin_unlock_irq+0x23/0x50
[  723.481680][ T1136]  wb_workfn+0x409/0xef0
[  723.481721][ T1136]  ? __pfx_wb_workfn+0x10/0x10
[  723.481748][ T1136]  ? __lock_acquire+0xab9/0xd20
[  723.481783][ T1136]  ? process_scheduled_works+0x9ef/0x17b0
[  723.481813][ T1136]  ? _raw_spin_unlock_irq+0x23/0x50
[  723.481835][ T1136]  ? process_scheduled_works+0x9ef/0x17b0
[  723.481856][ T1136]  ? process_scheduled_works+0x9ef/0x17b0
[  723.481881][ T1136]  process_scheduled_works+0xae1/0x17b0
[  723.481947][ T1136]  ? __pfx_process_scheduled_works+0x10/0x10
[  723.481993][ T1136]  worker_thread+0x8a0/0xda0
[  723.482050][ T1136]  kthread+0x70e/0x8a0
[  723.482073][ T1136]  ? __pfx_worker_thread+0x10/0x10
[  723.482095][ T1136]  ? __pfx_kthread+0x10/0x10
[  723.482116][ T1136]  ? _raw_spin_unlock_irq+0x23/0x50
[  723.482139][ T1136]  ? lockdep_hardirqs_on+0x9c/0x150
[  723.482161][ T1136]  ? __pfx_kthread+0x10/0x10
[  723.482181][ T1136]  ret_from_fork+0x3fc/0x770
[  723.482208][ T1136]  ? __pfx_ret_from_fork+0x10/0x10
[  723.482239][ T1136]  ? __switch_to_asm+0x39/0x70
[  723.482255][ T1136]  ? __switch_to_asm+0x33/0x70
[  723.482271][ T1136]  ? __pfx_kthread+0x10/0x10
[  723.482291][ T1136]  ret_from_fork_asm+0x1a/0x30
[  723.482328][ T1136]  </TASK>
[  723.482337][ T1136] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  723.792577][T11983] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  723.811859][T11978] loop5: detected capacity change from 0 to 40427
[  723.834413][T11995] usbtmc 7-1:16.0: usb_control_msg returned -32
[  723.835699][T11978] F2FS-fs (loop5): Small segment_count (9 < 1 * 24)
[  723.907470][T11978] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  723.929632][T11983] XFS (loop3): Ending clean mount
[  723.936934][T11983] XFS (loop3): Quotacheck needed: Please wait.
[  723.990887][T11983] XFS (loop3): Quotacheck: Done.
[  724.288336][T11978] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  724.516295][T11978] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  724.589937][T11978] syz.5.1179: attempt to access beyond end of device
[  724.589937][T11978] loop5: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  724.714963][ T7315] syz-executor: attempt to access beyond end of device
[  724.714963][ T7315] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  724.734353][ T7315] CPU: 0 UID: 0 PID: 7315 Comm: syz-executor Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  724.734381][ T7315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  724.734393][ T7315] Call Trace:
[  724.734401][ T7315]  <TASK>
[  724.734410][ T7315]  dump_stack_lvl+0x189/0x250
[  724.734445][ T7315]  ? __pfx_dump_stack_lvl+0x10/0x10
[  724.734467][ T7315]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  724.734491][ T7315]  ? __pfx_queue_work_on+0x10/0x10
[  724.734516][ T7315]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  724.734540][ T7315]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  724.734565][ T7315]  ? f2fs_hw_is_readonly+0x39b/0x470
[  724.734593][ T7315]  f2fs_handle_critical_error+0x37c/0x540
[  724.734621][ T7315]  f2fs_write_end_io+0x495/0x810
[  724.734643][ T7315]  ? blkg_put+0x22/0x240
[  724.734680][ T7315]  __submit_merged_bio+0x27a/0x6a0
[  724.734708][ T7315]  __submit_merged_write_cond+0x255/0x530
[  724.734740][ T7315]  f2fs_write_data_pages+0x261d/0x3000
[  724.734798][ T7315]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  724.734897][ T7315]  ? rcu_is_watching+0x15/0xb0
[  724.734923][ T7315]  ? __lock_acquire+0xab9/0xd20
[  724.734957][ T7315]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  724.734990][ T7315]  do_writepages+0x32e/0x550
[  724.735027][ T7315]  ? do_raw_spin_unlock+0x122/0x240
[  724.735050][ T7315]  filemap_fdatawrite+0x199/0x240
[  724.735075][ T7315]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  724.735149][ T7315]  ? do_raw_spin_unlock+0x122/0x240
[  724.735172][ T7315]  f2fs_sync_dirty_inodes+0x31f/0x830
[  724.735213][ T7315]  f2fs_write_checkpoint+0x95a/0x1df0
[  724.735264][ T7315]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  724.735329][ T7315]  ? trace_irq_disable+0x37/0x110
[  724.735349][ T7315]  ? preempt_schedule_irq+0xde/0x150
[  724.735373][ T7315]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  724.735398][ T7315]  ? kill_f2fs_super+0x298/0x6c0
[  724.735428][ T7315]  kill_f2fs_super+0x2c3/0x6c0
[  724.735452][ T7315]  ? lockdep_hardirqs_on+0x9c/0x150
[  724.735480][ T7315]  ? __pfx_kill_f2fs_super+0x10/0x10
[  724.735519][ T7315]  deactivate_locked_super+0xbc/0x130
[  724.735544][ T7315]  cleanup_mnt+0x425/0x4c0
[  724.735565][ T7315]  ? lockdep_hardirqs_on+0x9c/0x150
[  724.735593][ T7315]  task_work_run+0x1d1/0x260
[  724.735616][ T7315]  ? __pfx_task_work_run+0x10/0x10
[  724.735632][ T7315]  ? __x64_sys_umount+0x122/0x160
[  724.735662][ T7315]  ? exit_to_user_mode_loop+0x40/0x110
[  724.735688][ T7315]  exit_to_user_mode_loop+0xec/0x110
[  724.735710][ T7315]  do_syscall_64+0x2bd/0x3b0
[  724.735726][ T7315]  ? lockdep_hardirqs_on+0x9c/0x150
[  724.735744][ T7315]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  724.735757][ T7315]  ? clear_bhb_loop+0x60/0xb0
[  724.735776][ T7315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  724.735793][ T7315] RIP: 0033:0x7f2373b8fc57
[  724.735811][ T7315] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  724.735826][ T7315] RSP: 002b:00007fffc9027468 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  724.735846][ T7315] RAX: 0000000000000000 RBX: 00007f2373c10925 RCX: 00007f2373b8fc57
[  724.735859][ T7315] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffc9027520
[  724.735871][ T7315] RBP: 00007fffc9027520 R08: 0000000000000000 R09: 0000000000000000
[  724.735883][ T7315] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffc90285b0
[  724.735895][ T7315] R13: 00007f2373c10925 R14: 00000000000b0e89 R15: 00007fffc90285f0
[  724.735927][ T7315]  </TASK>
[  724.740827][ T7315] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  724.994260][ T5940] usb 7-1: USB disconnect, device number 3
[  726.472329][T12005] loop2: detected capacity change from 0 to 32768
[  726.497741][ T5837] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  726.518129][T12005] XFS: ikeep mount option is deprecated.
[  726.701162][T12005] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  727.506766][T12005] XFS (loop2): Ending clean mount
[  727.577841][T12005] XFS (loop2): Quotacheck needed: Please wait.
[  727.742319][T12005] XFS (loop2): Quotacheck: Done.
[  728.705109][ T5835] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  729.134826][T12038] loop3: detected capacity change from 0 to 32768
[  729.142223][T12038] XFS: ikeep mount option is deprecated.
[  729.202160][T12038] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  729.454331][T12038] XFS (loop3): Ending clean mount
[  729.492909][T12038] XFS (loop3): Quotacheck needed: Please wait.
[  729.804592][T12038] XFS (loop3): Quotacheck: Done.
[  730.904257][ T5837] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  731.339153][T12066] loop2: detected capacity change from 0 to 512
[  731.350766][T12066] EXT4-fs: Ignoring removed mblk_io_submit option
[  731.414602][T12066] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  731.477182][T12066] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  731.486286][T12066] System zones: 1-12
[  731.506446][T12066] EXT4-fs error (device loop2): ext4_iget_extra_inode:5034: inode #15: comm syz.2.1196: corrupted in-inode xattr: e_value size too large
[  731.535330][T12066] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.1196: couldn't read orphan inode 15 (err -117)
[  731.558443][T12066] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  732.503016][T12077] loop6: detected capacity change from 0 to 512
[  732.514999][T12077] EXT4-fs: Ignoring removed mblk_io_submit option
[  733.141186][T12077] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  733.284327][  T978] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  733.302822][T12077] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  733.310899][T12077] System zones: 1-12
[  733.317596][T12077] EXT4-fs error (device loop6): ext4_iget_extra_inode:5034: inode #15: comm syz.6.1197: corrupted in-inode xattr: e_value size too large
[  733.334852][T12077] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.1197: couldn't read orphan inode 15 (err -117)
[  733.350985][T12077] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  733.574441][  T978] usb 4-1: Using ep0 maxpacket: 8
[  733.588900][  T978] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  733.607228][  T978] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  733.633833][  T978] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  733.658408][  T978] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  733.680905][  T978] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  733.709348][  T978] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  733.730598][  T978] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.811028][T12081] loop5: detected capacity change from 0 to 40427
[  733.831789][T12081] F2FS-fs (loop5): invalid crc value
[  733.907589][T12081] F2FS-fs (loop5): Start checkpoint disabled!
[  733.915747][T12081] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  734.038054][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  734.134829][  T978] usb 4-1: usb_control_msg returned -32
[  734.530534][  T978] usbtmc 4-1:16.0: can't read capabilities
[  736.219960][T11198] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  736.310049][T10259] usb 4-1: USB disconnect, device number 11
[  736.325677][ T1105] kworker/u8:6: attempt to access beyond end of device
[  736.325677][ T1105] loop5: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  736.423649][ T1105] kworker/u8:6: attempt to access beyond end of device
[  736.423649][ T1105] loop5: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  736.495977][ T1105] CPU: 0 UID: 0 PID: 1105 Comm: kworker/u8:6 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  736.496005][ T1105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  736.496017][ T1105] Workqueue: writeback wb_workfn (flush-7:5)
[  736.496048][ T1105] Call Trace:
[  736.496056][ T1105]  <TASK>
[  736.496065][ T1105]  dump_stack_lvl+0x189/0x250
[  736.496100][ T1105]  ? __pfx_dump_stack_lvl+0x10/0x10
[  736.496123][ T1105]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  736.496148][ T1105]  ? __pfx_queue_work_on+0x10/0x10
[  736.496176][ T1105]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  736.496200][ T1105]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  736.496226][ T1105]  ? f2fs_hw_is_readonly+0x39b/0x470
[  736.496256][ T1105]  f2fs_handle_critical_error+0x37c/0x540
[  736.496287][ T1105]  f2fs_write_end_io+0x495/0x810
[  736.496310][ T1105]  ? blkg_put+0x22/0x240
[  736.496351][ T1105]  __submit_merged_bio+0x27a/0x6a0
[  736.496383][ T1105]  __submit_merged_write_cond+0x255/0x530
[  736.496411][ T1105]  f2fs_write_data_pages+0x261d/0x3000
[  736.496467][ T1105]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  736.496600][ T1105]  ? f2fs_write_meta_pages+0x357/0x450
[  736.496637][ T1105]  ? __lock_acquire+0xab9/0xd20
[  736.496665][ T1105]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  736.496691][ T1105]  do_writepages+0x32e/0x550
[  736.496723][ T1105]  ? reacquire_held_locks+0x127/0x1d0
[  736.496746][ T1105]  ? writeback_sb_inodes+0x384/0x1010
[  736.496782][ T1105]  __writeback_single_inode+0x145/0xff0
[  736.496807][ T1105]  ? do_raw_spin_unlock+0x122/0x240
[  736.496832][ T1105]  writeback_sb_inodes+0x6c7/0x1010
[  736.496891][ T1105]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  736.496968][ T1105]  ? rcu_is_watching+0x15/0xb0
[  736.497004][ T1105]  wb_writeback+0x43b/0xaf0
[  736.497039][ T1105]  ? queue_io+0x3d1/0x590
[  736.497068][ T1105]  ? __pfx_wb_writeback+0x10/0x10
[  736.497104][ T1105]  ? _raw_spin_unlock_irq+0x23/0x50
[  736.497134][ T1105]  wb_workfn+0x409/0xef0
[  736.497175][ T1105]  ? __pfx_wb_workfn+0x10/0x10
[  736.497204][ T1105]  ? __lock_acquire+0xab9/0xd20
[  736.497240][ T1105]  ? process_scheduled_works+0x9ef/0x17b0
[  736.497273][ T1105]  ? _raw_spin_unlock_irq+0x23/0x50
[  736.497295][ T1105]  ? process_scheduled_works+0x9ef/0x17b0
[  736.497317][ T1105]  ? process_scheduled_works+0x9ef/0x17b0
[  736.497343][ T1105]  process_scheduled_works+0xae1/0x17b0
[  736.497405][ T1105]  ? __pfx_process_scheduled_works+0x10/0x10
[  736.497452][ T1105]  worker_thread+0x8a0/0xda0
[  736.497517][ T1105]  kthread+0x70e/0x8a0
[  736.497541][ T1105]  ? __pfx_worker_thread+0x10/0x10
[  736.497563][ T1105]  ? __pfx_kthread+0x10/0x10
[  736.497585][ T1105]  ? _raw_spin_unlock_irq+0x23/0x50
[  736.497608][ T1105]  ? lockdep_hardirqs_on+0x9c/0x150
[  736.497632][ T1105]  ? __pfx_kthread+0x10/0x10
[  736.497652][ T1105]  ret_from_fork+0x3fc/0x770
[  736.497679][ T1105]  ? __pfx_ret_from_fork+0x10/0x10
[  736.497710][ T1105]  ? __switch_to_asm+0x39/0x70
[  736.497726][ T1105]  ? __switch_to_asm+0x33/0x70
[  736.497742][ T1105]  ? __pfx_kthread+0x10/0x10
[  736.497763][ T1105]  ret_from_fork_asm+0x1a/0x30
[  736.497803][ T1105]  </TASK>
[  736.497812][ T1105] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  736.861955][ T1105] CPU: 0 UID: 0 PID: 1105 Comm: kworker/u8:6 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  736.861984][ T1105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  736.861996][ T1105] Workqueue: writeback wb_workfn (flush-7:5)
[  736.862027][ T1105] Call Trace:
[  736.862035][ T1105]  <TASK>
[  736.862045][ T1105]  dump_stack_lvl+0x189/0x250
[  736.862078][ T1105]  ? __pfx_dump_stack_lvl+0x10/0x10
[  736.862100][ T1105]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  736.862124][ T1105]  ? __pfx_queue_work_on+0x10/0x10
[  736.862150][ T1105]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  736.862174][ T1105]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  736.862200][ T1105]  ? f2fs_hw_is_readonly+0x39b/0x470
[  736.862229][ T1105]  f2fs_handle_critical_error+0x37c/0x540
[  736.862260][ T1105]  f2fs_write_end_io+0x495/0x810
[  736.862282][ T1105]  ? blkg_put+0x22/0x240
[  736.862323][ T1105]  __submit_merged_bio+0x27a/0x6a0
[  736.862354][ T1105]  __submit_merged_write_cond+0x255/0x530
[  736.862386][ T1105]  f2fs_write_data_pages+0x261d/0x3000
[  736.862462][ T1105]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  736.862586][ T1105]  ? f2fs_write_meta_pages+0x357/0x450
[  736.862623][ T1105]  ? __lock_acquire+0xab9/0xd20
[  736.862651][ T1105]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  736.862676][ T1105]  do_writepages+0x32e/0x550
[  736.862705][ T1105]  ? reacquire_held_locks+0x127/0x1d0
[  736.862723][ T1105]  ? writeback_sb_inodes+0x384/0x1010
[  736.862757][ T1105]  __writeback_single_inode+0x145/0xff0
[  736.862781][ T1105]  ? do_raw_spin_unlock+0x122/0x240
[  736.862805][ T1105]  writeback_sb_inodes+0x6c7/0x1010
[  736.862863][ T1105]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  736.862940][ T1105]  ? rcu_is_watching+0x15/0xb0
[  736.862976][ T1105]  wb_writeback+0x43b/0xaf0
[  736.863011][ T1105]  ? queue_io+0x3d1/0x590
[  736.863039][ T1105]  ? __pfx_wb_writeback+0x10/0x10
[  736.863074][ T1105]  ? _raw_spin_unlock_irq+0x23/0x50
[  736.863104][ T1105]  wb_workfn+0x409/0xef0
[  736.863145][ T1105]  ? __pfx_wb_workfn+0x10/0x10
[  736.863173][ T1105]  ? __lock_acquire+0xab9/0xd20
[  736.863208][ T1105]  ? process_scheduled_works+0x9ef/0x17b0
[  736.863239][ T1105]  ? _raw_spin_unlock_irq+0x23/0x50
[  736.863261][ T1105]  ? process_scheduled_works+0x9ef/0x17b0
[  736.863283][ T1105]  ? process_scheduled_works+0x9ef/0x17b0
[  736.863308][ T1105]  process_scheduled_works+0xae1/0x17b0
[  736.863368][ T1105]  ? __pfx_process_scheduled_works+0x10/0x10
[  736.863414][ T1105]  worker_thread+0x8a0/0xda0
[  736.863478][ T1105]  kthread+0x70e/0x8a0
[  736.863502][ T1105]  ? __pfx_worker_thread+0x10/0x10
[  736.863524][ T1105]  ? __pfx_kthread+0x10/0x10
[  736.863545][ T1105]  ? _raw_spin_unlock_irq+0x23/0x50
[  736.863567][ T1105]  ? lockdep_hardirqs_on+0x9c/0x150
[  736.863590][ T1105]  ? __pfx_kthread+0x10/0x10
[  736.863616][ T1105]  ret_from_fork+0x3fc/0x770
[  736.863642][ T1105]  ? __pfx_ret_from_fork+0x10/0x10
[  736.863672][ T1105]  ? __switch_to_asm+0x39/0x70
[  736.863688][ T1105]  ? __switch_to_asm+0x33/0x70
[  736.863703][ T1105]  ? __pfx_kthread+0x10/0x10
[  736.863722][ T1105]  ret_from_fork_asm+0x1a/0x30
[  736.863761][ T1105]  </TASK>
[  736.863769][ T1105] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  737.529372][T12101] loop3: detected capacity change from 0 to 40427
[  737.887278][T12109] loop4: detected capacity change from 0 to 512
[  737.895067][T12109] EXT4-fs: Ignoring removed mblk_io_submit option
[  738.003562][T12101] F2FS-fs (loop3): invalid crc value
[  738.051006][T12109] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  738.219643][T12101] F2FS-fs (loop3): Start checkpoint disabled!
[  738.226160][T12109] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  738.234472][T12109] System zones: 1-12
[  738.262320][T12109] EXT4-fs error (device loop4): ext4_iget_extra_inode:5034: inode #15: comm syz.4.1205: corrupted in-inode xattr: e_value size too large
[  738.314637][T12109] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1205: couldn't read orphan inode 15 (err -117)
[  738.365558][T12109] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  738.497685][T12101] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  739.476692][T12124] loop3: detected capacity change from 0 to 32768
[  739.484179][T12124] XFS: ikeep mount option is deprecated.
[  739.612935][T12124] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  739.730003][T12133] netlink: 'syz.2.1208': attribute type 62 has an invalid length.
[  741.097621][ T5843] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  741.165517][T12124] XFS (loop3): Ending clean mount
[  741.208164][T12124] XFS (loop3): Quotacheck needed: Please wait.
[  741.398845][T12124] XFS (loop3): Quotacheck: Done.
[  742.600526][ T5837] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  744.333064][T12165] loop6: detected capacity change from 0 to 128
[  744.352372][ T5940] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  744.689146][ T5940] usb 4-1: Using ep0 maxpacket: 8
[  744.800765][ T5940] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  744.816765][ T5940] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  744.875168][ T5940] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  744.894693][T12165] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  744.984408][ T5940] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  745.023502][ T5940] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  745.068791][T12165] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  745.125850][ T5940] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  745.208488][ T5940] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  745.353508][T12165] EXT4-fs warning (device loop6): ext4_group_extend:1862: can't shrink FS - resize aborted
[  745.627624][ T5940] usb 4-1: usb_control_msg returned -32
[  745.636944][ T5940] usbtmc 4-1:16.0: can't read capabilities
[  745.962445][T12180] loop2: detected capacity change from 0 to 128
[  746.104161][T12180] EXT4-fs warning (device loop2): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  746.181672][T12180] EXT4-fs (loop2): Encoding requested by superblock is unknown
[  746.484020][T12184] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  746.548849][T12185] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  746.583976][T12184] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  746.671912][T11198] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  747.180786][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  747.187229][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  747.282093][T12191] loop6: detected capacity change from 0 to 32768
[  747.290835][T12191] XFS: ikeep mount option is deprecated.
[  747.470608][ T5893] usb 4-1: USB disconnect, device number 12
[  747.524870][T12191] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  747.630538][T12207] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1223'.
[  747.913964][T12191] XFS (loop6): Ending clean mount
[  747.933588][T12191] XFS (loop6): Quotacheck needed: Please wait.
[  748.664616][T12191] XFS (loop6): Quotacheck: Done.
[  749.925798][T12223] loop4: detected capacity change from 0 to 128
[  750.066178][T11198] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  750.078797][T12223] EXT4-fs warning (device loop4): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  750.188004][T12223] EXT4-fs (loop4): Encoding requested by superblock is unknown
[  750.475266][T12226] siw: device registration error -23
[  754.545662][ T5851] Bluetooth: hci1: command 0x0406 tx timeout
[  755.687285][ T5989] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  755.922335][ T5989] usb 5-1: Using ep0 maxpacket: 8
[  755.970112][ T5989] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  756.066971][ T5989] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  756.165212][ T5989] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  756.257383][ T5989] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  756.345612][ T5989] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  756.458485][ T5989] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  756.538969][ T5989] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  757.077308][ T5989] usb 5-1: usb_control_msg returned -32
[  757.155739][ T5989] usbtmc 5-1:16.0: can't read capabilities
[  757.311425][ T5989] usb 5-1: USB disconnect, device number 9
[  757.590893][T12267] siw: device registration error -23
[  759.247737][T12280] loop6: detected capacity change from 0 to 524287999
[  759.888405][T12282] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  760.007915][T12282] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  760.230349][T12292] siw: device registration error -23
[  760.957664][T12287] loop4: detected capacity change from 0 to 512
[  761.106562][T12287] EXT4-fs: Ignoring removed mblk_io_submit option
[  761.113132][   T30] audit: type=1326 audit(1751438443.407:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12290 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcda9f8e929 code=0x7ffc0000
[  761.268863][T12287] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  761.510881][   T30] audit: type=1326 audit(1751438443.407:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12290 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcda9f8e929 code=0x7ffc0000
[  761.602519][T12287] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  761.616137][T12287] EXT4-fs: failed to create workqueue
[  761.819897][   T30] audit: type=1326 audit(1751438443.407:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12290 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcda9f8e929 code=0x7ffc0000
[  761.820095][T12287] EXT4-fs (loop4): mount failed
[  761.864056][   T30] audit: type=1326 audit(1751438443.407:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12290 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcda9f8e929 code=0x7ffc0000
[  762.391125][   T30] audit: type=1326 audit(1751438443.407:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12290 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcda9f8e929 code=0x7ffc0000
[  762.413749][   T30] audit: type=1326 audit(1751438443.417:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12290 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcda9f8e929 code=0x7ffc0000
[  762.450891][   T30] audit: type=1326 audit(1751438443.417:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12290 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcda9f8e929 code=0x7ffc0000
[  762.496744][   T30] audit: type=1326 audit(1751438443.417:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12290 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcda9f8e929 code=0x7ffc0000
[  762.605998][   T30] audit: type=1326 audit(1751438443.417:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12290 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fcda9f8e929 code=0x7ffc0000
[  763.639067][   T30] audit: type=1326 audit(1751438443.417:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12290 comm="syz.3.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcda9f8e929 code=0x7ffc0000
[  764.024873][T12315] loop6: detected capacity change from 0 to 524287999
[  764.460463][   T31] INFO: task syz-executor:5833 blocked for more than 143 seconds.
[  765.166621][   T31]       Not tainted 6.16.0-rc4-next-20250630-syzkaller #0
[  765.173776][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  765.215062][   T31] task:syz-executor    state:D stack:20664 pid:5833  tgid:5833  ppid:1      task_flags:0x400140 flags:0x00004006
[  765.251762][   T31] Call Trace:
[  765.261839][   T31]  <TASK>
[  766.524589][   T31]  __schedule+0x16f5/0x4d00
[  766.559441][   T31]  ? do_raw_spin_lock+0x121/0x290
[  766.606474][   T31]  ? schedule+0x165/0x360
[  766.640234][   T31]  ? __lock_acquire+0xab9/0xd20
[  766.820809][   T31]  ? __pfx___schedule+0x10/0x10
[  766.914772][T12322] loop6: detected capacity change from 0 to 524287999
[  767.565486][   T31]  ? schedule+0x91/0x360
[  767.585838][   T31]  schedule+0x165/0x360
[  767.614705][   T31]  __bch2_fs_stop+0x704/0x900
[  767.619433][   T31]  ? __pfx___bch2_fs_stop+0x10/0x10
[  767.634209][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  767.640478][   T31]  ? __pfx_evict_inodes+0x10/0x10
[  767.653928][   T31]  ? dput+0x37/0x2b0
[  767.663250][   T31]  ? __pfx_bch2_put_super+0x10/0x10
[  767.668900][   T31]  generic_shutdown_super+0x132/0x2c0
[  767.674648][   T31]  bch2_kill_sb+0x41/0x50
[  767.679130][   T31]  deactivate_locked_super+0xbc/0x130
[  767.684929][   T31]  cleanup_mnt+0x425/0x4c0
[  767.689570][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  767.695280][   T31]  task_work_run+0x1d1/0x260
[  767.700093][   T31]  ? __pfx_task_work_run+0x10/0x10
[  767.705670][   T31]  ? __x64_sys_umount+0x122/0x160
[  767.710875][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  767.716915][   T31]  exit_to_user_mode_loop+0xec/0x110
[  767.722420][   T31]  do_syscall_64+0x2bd/0x3b0
[  767.727499][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  767.732868][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  767.740016][   T31]  ? clear_bhb_loop+0x60/0xb0
[  767.745118][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  767.751216][   T31] RIP: 0033:0x7fdcba78fc57
[  767.756701][   T31] RSP: 002b:00007fff8e07d148 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  767.767375][   T31] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fdcba78fc57
[  767.775437][   T31] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff8e07d200
[  767.783409][   T31] RBP: 00007fff8e07d200 R08: 0000000000000000 R09: 0000000000000000
[  767.791529][   T31] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff8e07e290
[  767.802072][   T31] R13: 00007fdcba810925 R14: 0000000000094eb7 R15: 00007fff8e07e2d0
[  767.810175][   T31]  </TASK>
[  767.828663][   T31] 
[  767.828663][   T31] Showing all locks held in the system:
[  767.883530][   T31] 2 locks held by kworker/u8:1/13:
[  767.901621][   T31]  #0: ffff888145299148 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  767.979049][   T31]  #1: ffffc90000127bc0 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  768.017578][   T31] 1 lock held by khungtaskd/31:
[  768.022533][   T31]  #0: ffffffff8e13bee0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  768.032986][   T31] 2 locks held by kworker/u8:6/1105:
[  768.038494][   T31]  #0: ffff8880b8639f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xad/0x140
[  768.053320][   T31]  #1: ffff8880b8723f08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x39a/0x6d0
[  768.065015][   T31] 2 locks held by kworker/u8:11/3459:
[  768.070384][   T31]  #0: ffff888145299148 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  768.081638][   T31]  #1: ffffc9000c9b7bc0 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  768.093856][   T31] 2 locks held by getty/5596:
[  768.098596][   T31]  #0: ffff88802fd640a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  768.108780][   T31]  #1: ffffc9000331b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  768.118946][   T31] 1 lock held by syz-executor/5833:
[  768.124223][   T31]  #0: ffff8880524100e0 (&type->s_umount_key#86){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0
[  768.135179][   T31] 
[  768.137520][   T31] =============================================
[  768.137520][   T31] 
[  768.147327][   T31] NMI backtrace for cpu 0
[  768.147343][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  768.147364][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  768.147375][   T31] Call Trace:
[  768.147383][   T31]  <TASK>
[  768.147391][   T31]  dump_stack_lvl+0x189/0x250
[  768.147419][   T31]  ? __wake_up_klogd+0xd9/0x110
[  768.147439][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  768.147463][   T31]  ? __pfx__printk+0x10/0x10
[  768.147493][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  768.147519][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  768.147538][   T31]  ? _printk+0xcf/0x120
[  768.147561][   T31]  ? __pfx__printk+0x10/0x10
[  768.147582][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  768.147606][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  768.147631][   T31]  watchdog+0xfee/0x1030
[  768.147653][   T31]  ? watchdog+0x1de/0x1030
[  768.147679][   T31]  kthread+0x70e/0x8a0
[  768.147701][   T31]  ? __pfx_watchdog+0x10/0x10
[  768.147719][   T31]  ? __pfx_kthread+0x10/0x10
[  768.147738][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  768.147761][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  768.147783][   T31]  ? __pfx_kthread+0x10/0x10
[  768.147802][   T31]  ret_from_fork+0x3fc/0x770
[  768.147826][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  768.147854][   T31]  ? __switch_to_asm+0x39/0x70
[  768.147870][   T31]  ? __switch_to_asm+0x33/0x70
[  768.147886][   T31]  ? __pfx_kthread+0x10/0x10
[  768.147904][   T31]  ret_from_fork_asm+0x1a/0x30
[  768.147936][   T31]  </TASK>
[  768.147946][   T31] Sending NMI from CPU 0 to CPUs 1:
[  768.310530][    C1] NMI backtrace for cpu 1
[  768.310548][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  768.310566][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  768.310576][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  768.310603][    C1] Code: 43 dd 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 43 82 18 00 f3 0f 1e fa fb f4 <e9> 18 dd 02 00 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  768.310616][    C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c6
[  768.310631][    C1] RAX: 36bd4ef84e213300 RBX: ffffffff8196c188 RCX: 36bd4ef84e213300
[  768.310644][    C1] RDX: 0000000000000001 RSI: ffffffff8d992cd0 RDI: ffffffff8be31d00
[  768.310655][    C1] RBP: ffffc90000197f20 R08: ffff8880b8732f1b R09: 1ffff110170e65e3
[  768.310667][    C1] R10: dffffc0000000000 R11: ffffed10170e65e4 R12: ffffffff8fa17430
[  768.310679][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110039d6b40
[  768.310690][    C1] FS:  0000000000000000(0000) GS:ffff888125d1d000(0000) knlGS:0000000000000000
[  768.310703][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  768.310715][    C1] CR2: 00007f6059f80ab8 CR3: 0000000076604000 CR4: 00000000003526f0
[  768.310729][    C1] Call Trace:
[  768.310736][    C1]  <TASK>
[  768.310743][    C1]  default_idle+0x13/0x20
[  768.310759][    C1]  default_idle_call+0x74/0xb0
[  768.310774][    C1]  do_idle+0x1e8/0x510
[  768.310797][    C1]  ? __pfx_do_idle+0x10/0x10
[  768.310824][    C1]  cpu_startup_entry+0x44/0x60
[  768.310843][    C1]  start_secondary+0x101/0x110
[  768.310861][    C1]  common_startup_64+0x13e/0x147
[  768.310884][    C1]  </TASK>
[  768.475561][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  768.482421][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  768.493709][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  768.503758][   T31] Call Trace:
[  768.507030][   T31]  <TASK>
[  768.509953][   T31]  dump_stack_lvl+0x99/0x250
[  768.514539][   T31]  ? __asan_memcpy+0x40/0x70
[  768.519116][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  768.524302][   T31]  ? __pfx__printk+0x10/0x10
[  768.528886][   T31]  panic+0x2db/0x790
[  768.532773][   T31]  ? __pfx_panic+0x10/0x10
[  768.537182][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[  768.542980][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  768.548340][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  768.554486][   T31]  watchdog+0x102d/0x1030
[  768.558803][   T31]  ? watchdog+0x1de/0x1030
[  768.563218][   T31]  kthread+0x70e/0x8a0
[  768.567279][   T31]  ? __pfx_watchdog+0x10/0x10
[  768.571950][   T31]  ? __pfx_kthread+0x10/0x10
[  768.576528][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  768.581720][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  768.586904][   T31]  ? __pfx_kthread+0x10/0x10
[  768.591493][   T31]  ret_from_fork+0x3fc/0x770
[  768.596074][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  768.601183][   T31]  ? __switch_to_asm+0x39/0x70
[  768.605930][   T31]  ? __switch_to_asm+0x33/0x70
[  768.610676][   T31]  ? __pfx_kthread+0x10/0x10
[  768.615250][   T31]  ret_from_fork_asm+0x1a/0x30
[  768.620008][   T31]  </TASK>
[  768.623256][   T31] Kernel Offset: disabled
[  768.627563][   T31] Rebooting in 86400 seconds..