last executing test programs:

29.00708316s ago: executing program 1 (id=175):
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x2, 0x7, 0x1})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x0, 0x0, 0x80, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x8, 'syz1\x00', 0x0})

28.710303706s ago: executing program 1 (id=179):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000e40)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="02"], 0x10)
socket$kcm(0xa, 0x2, 0x73)

28.563265944s ago: executing program 1 (id=180):
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x10)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000001200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3", @ANYRES8=r1, @ANYRES64=r0], 0x0)

28.211113853s ago: executing program 1 (id=184):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x4, &(0x7f0000000980)=ANY=[], 0x1, 0x120b, &(0x7f0000002300)="$eJzs3M9rXFUUB/CTNv1hajJRa7UF6UE3unk2WbhyEyQF6YDSNoVWEF7NRIeZzIS8ITBFbHdu/TvEpTtB/AeyceNacJeNyy7EJ84LtglxEcFOWz6fzRzm3i9zH28YeJd7Zu/9bzZ7G1WxUY7ixMxMzG5F5MOMjBNxMhoP4p1bv/z6xo3bd66ttNur1zOvrtxcei8zFy7/+MmX37350+jcre8XfjgTu4uf7v2+/Nvuhd2Le3/e/KJbZbfKwXCUZd4dDkfl3X4n17tVr8j8uN8pq052B1Vn+8D4Rn+4tTXOcrA+P7e13amqLAfj7HXGORrmaHuc5edld5BFUeT8XPDfnY61bx/WdR1R16fidNR1Xb8Qc3EuXoz5WIhWLMZL8XK8Eufj1bgQr8XrcXEya9orBwAAAAAAAAAAAAAAAAAAgOeL/n8AAAAAAAAAAAAAAAAAAACYPv3/AAAAAAAAAAAAAAAAAAAAMH36/wEAAAAAAAAAAAAAAAAAAGD6bty+c22l3V69nnk2YvPrnbWdtea1GV/ZiG70oxNXohV/xKT7v9HUVz9sr17JicV4d/P+fv7+ztrJg/mlyd8JHJlfavJ5MH8m5h7PL0crzh+dXz4yfzbefuuxfBGt+PmzGEY/1uPv7KP8V0uZH3zUPpS/NJkHAAAAz4Mi/3Hk83tR5MxMM/XQePPmv+8P1K1D+wOHnq9n49LsFC+ciWp8r1f2+53tZ6vY/0rGvV55+WlYj+IYxf69e/C0rOcZLU5FxP/4EVP8UeKJeXTTp70SAAAAAAAAAAAAjuMYBwNnm/O2xz9OOO1rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5iB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFcFAAD//78558w=")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
rename(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1e0)
renameat2(0xffffffffffffff9c, &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2)

16.87062787s ago: executing program 1 (id=184):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x4, &(0x7f0000000980)=ANY=[], 0x1, 0x120b, &(0x7f0000002300)="$eJzs3M9rXFUUB/CTNv1hajJRa7UF6UE3unk2WbhyEyQF6YDSNoVWEF7NRIeZzIS8ITBFbHdu/TvEpTtB/AeyceNacJeNyy7EJ84LtglxEcFOWz6fzRzm3i9zH28YeJd7Zu/9bzZ7G1WxUY7ixMxMzG5F5MOMjBNxMhoP4p1bv/z6xo3bd66ttNur1zOvrtxcei8zFy7/+MmX37350+jcre8XfjgTu4uf7v2+/Nvuhd2Le3/e/KJbZbfKwXCUZd4dDkfl3X4n17tVr8j8uN8pq052B1Vn+8D4Rn+4tTXOcrA+P7e13amqLAfj7HXGORrmaHuc5edld5BFUeT8XPDfnY61bx/WdR1R16fidNR1Xb8Qc3EuXoz5WIhWLMZL8XK8Eufj1bgQr8XrcXEya9orBwAAAAAAAAAAAAAAAAAAgOeL/n8AAAAAAAAAAAAAAAAAAACYPv3/AAAAAAAAAAAAAAAAAAAAMH36/wEAAAAAAAAAAAAAAAAAAGD6bty+c22l3V69nnk2YvPrnbWdtea1GV/ZiG70oxNXohV/xKT7v9HUVz9sr17JicV4d/P+fv7+ztrJg/mlyd8JHJlfavJ5MH8m5h7PL0crzh+dXz4yfzbefuuxfBGt+PmzGEY/1uPv7KP8V0uZH3zUPpS/NJkHAAAAz4Mi/3Hk83tR5MxMM/XQePPmv+8P1K1D+wOHnq9n49LsFC+ciWp8r1f2+53tZ6vY/0rGvV55+WlYj+IYxf69e/C0rOcZLU5FxP/4EVP8UeKJeXTTp70SAAAAAAAAAAAAjuMYBwNnm/O2xz9OOO1rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5iB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFcFAAD//78558w=")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
rename(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1e0)
renameat2(0xffffffffffffff9c, &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2)

9.532463962s ago: executing program 4 (id=306):
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_mount_image$bcachefs(&(0x7f0000000000), &(0x7f0000000180)='./file1\x00', 0x10, &(0x7f0000000440)=ANY=[@ANYRESDEC], 0x1, 0x5a98, &(0x7f0000006b40)="$eJzs3X+QHNV9IPDXM7Pa2V39WAkcZDCrRUYJwbG14lf5RyqWc4mdAoeSyynH4mTDglZE9kqo9COATGKRA591YJedci7ByR/EhX1nW3FxZV+MQpmAOYnzLxVnH3VlU2ffYf/hK8KhCqDjXD72amf6zc70Tm/Pzs5KC3w+JW1Pv3nz7W+/ftPT783sTgAAAOBV4fid+05dfe7vfvvPJl746O/9w67bw1C5Vl6NFYbT5S1nKkNOp/7K2toy2y9+7SNf+tnoDb/9rfsHP//ise0X7PjR75x1w4MfuvLoPX/9yPMrvvbSU0VxY3+6eGY9eSYJofqNk3/xsWPfOWe6LFk5/bN0KITVyZpHVieZEGO/CCFsn84xhLA2c+dXX7h0x/Ty9rv6W8pXZerp769u08d5umMdPHXzG8KP37H1ju+t+8rf9R15+tBMlaTa1J9CWHld8+P7QggD6f+Q9sXQ1B9jp90SQhhsetybC/J6fYf5b8xZPy9dLkuXQwVx4v3rM+ulTL3setSXWQ4WbG+h8vLopl65gzrLM+vZk9FC5eUZy1eny6+ny4vnGb+c7kM5CaUkVNL0vx8mk5k+EpqOWxKS2rGsNtZLjWMb0v3PrCeZ9VJmvdyX2a/adtOOVk6S1vJYL1MeT8eVtPyC5nN1G+/NKX9tuqymT9QX43rI3qgbmnWjsV81Ma+Tc+RyOpSazkHtyhv9Nj0YQ2nZULJm1mOm2oj3Hdt694bytm8eH87JI7k/SeMnXcU/+N3Vyz/45cMHsq/rjfjXldL4pa7i/+SqE89ec/hzn82N/6kYv9xV/EseGnzmqkfvXJ/bPidj+1S6ij/+1GOfWHf29Udy8783xq92FX/z0RP9K0499HBu/mOxfQa6iv/k29750y8+8cDTufFDjD/YVfxtR/d8sn/k1EW58R+O7TPUXf957sgVPxwZ+floXvzHY/wVXcX/wqF73nrfqruuzD2+W2L7DHcV/90XPnjH8lMPnJ937kzu7fQVFoB2zkqvsT6ernc1zpzKzlrMX9N44a9GK/VrvuXp/xULjt4kc/E5vZ2VvYwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACGE17zhP7/rf75v+JlKut6f3niyVF/G8mUhJAMhhH37x/fu37n7xtEP3XRg7+7xydHx/aMTu/fvvXX0st8Y3TuxZ3L81ul7x954af1xa0JSXybnz9r2QJiaKg23lsXt/YsLj/x4w5v/1z+FMPaaH4xUcvPfeM+u+85u8zMj2Tz19l0Hrv7B5X+b7tdwmtdwm7ympqamQk5e//v9v7zvz0/+7KIQxn5lrrwee/K3/rEloVrBTJxUqT/UE+pPBtvm0cg6zSe2V2XHzsmJsbnbd/rx5Zz9+JcfefoXO2759C/r7VvN3Y8O23dg89Rk6S+3vvv//eVt9YKivM7UcS9q77gXMb/YftW0vVem+7UyZ78qOft15/cefuIb5x7Ob+iC/epLO0Bf8tqOthv3bjBZ3VJeTevHROLjNu7ftWfjvlsPvnHnrvEbJ26c2P2WTZdtumLs8isu31jb84292f/nD4WxynPrBkPc/q92uP+96E8D2WffrO2u+uNDX48/O+tPrXktm3d7TOdV3B7NGeU9/wbf+7HPvOWeR6+uFxT181i7cT5Jl4PTx3lTaOpvs9uq3X4VHZ8Qwmi7dnj2+SvDOf9t5x1F56HmI9P8MyPZPPWd9f/8t2/+m7W/WS84Lef55oS6PM83sp7Jp9Ze1R07b2+uu9Tatz+U0/0aapvXpu882nf38X/6k0Z+y5aFW8b379+7qf5zeZrp8uS8tnllS+N+rav9LIf08IZGN23TX6f1hXp+2fNnrJ5t1aH0vqFkTdv9yor3Hdt694bytm8ez2vp5P76FgfCivoyeV3TvQNNtyczDyw3Em63/aX6/CvqHyPv+puvve9rf3/ZrP5xSf1n0X4lOfv1lSe+8JnPf/pf/33v9utdv3Vi+J//+x9tqBcs+fNKuZ5II+s0n2TmvDI5cUkIRc+/daH9fjSef/+2HOOmGbXfn6LnX3Y7M/XbxxvNrA+FclfP10seGnzmqkfvXJ/7fD051/O1eWdva3lcueD5ulT6T/b5lVRa81i851dLR0k2T33r42cdeuSjW86tFxS9XjZqt+vXl3Yw/sjZr3+85ocjN43+q//au/PGl37jq9f+aHzzn9YLuj/uMZfeHPdq2r7VnPZtZB3Hnc3t+6YbbprcXi8vauczd/2bLgvGP/FUsu/Wgx8en5yc2Luvs/3q9PU0bifbyt2+nsaz25qC/SrN2q/Fu9FJe3X6fIv5b++6vVqfb0Mh6ep14eB3Vy//4JcPHxie9ah0Q9eV0vilruL/5KoTz15z+HOfzY3/qRi/0lX88lOPfWLd2dcfyY1/b5LGr3YVf/PRE/0rTj30cG78sZj/QFfxn3zbO3/6xSceeDo3fojxh7qKn/p5bvzHk3Q709dIIXz1hUt31NeT0Jc+32IefS15hex6klkvZdbLzeulOIuQbqCcJK3lsV5afkFTLu38YU55vAqrrq0vX4zrIXtj7vKlptR07m9XXnSdCgDwShff/4/XoPH9/4n0Qil/pgFmdDsO+8lzR6744cjIz9fmxI3jsJn5nNb3WNem8ePj4zzgyJvC2PTy9tH6hf5830eIz4fsPGfczkWvb41ROM85Vdv+rHnOovn39Zn1mFd9vrzSNA5NzR7XVEIH8+/rM2GK5t8zu58zP95k9OOz0hptmrfKHr++dMas3ecdQmu7VKYj5PWP7LxY/DzHyMqwpba9DvtH9nM08ThkP0cTt3Nu5sTZ7edo8vrH8Ox2aMkr9o9Yb47+UUu58PiF2ccvzNG+M8evfbTs8ZvH8a6G8B8+F1cW6/3ZHswbtj2ldTJv2N9mC/G+zucNF/f9sG7nJcdfJfOSHcwbvrSq5XGnd94wlsf9qHQ4n/i+nPJezSfG00XM6+QcuZwO5hOBV6o4/o+vEdPj/+kL8P+TqVc0TsleNcZ4uZ/TK7fPp2jcMftzeoNdvY5vO7rnk/0jpy7Kvc55eK7P/TTb07I2WPC5n6J23JBZL2zHnAmaovFedjtF7Z79XMZQWNFVu3/h0D1vvW/VXVfmtvuW+gtpcbt/pmVtRUG7L/bnOV/+nzMwXmgbf4l/jqHT+bMz9jmG9INPizUe+YOc8vmORwZn3WjsV83SHY/MvJD2t07gAQC0Fcf/jffP0vH//4gV0uuIonHrxZn1GC933JpzfZI3bv39dHlLpv5Q+hsV871ufveFD96x/NQD5+eOW+7tdBz671vWhgvHoQsbN+eOI7Ys7PPicZyVO45ojLMWNk7Mzb8xTlzYOD3nbdqmcfrCxtG57dMYR7fOA3zmRGfx4zxAbvzGPEAPx7kvzVQ6fePcgvm6zMbiaqfzdWdkHL2ydT8XZRyd/vrsYo2j35tTPt9x9NCsG439qlm64+jWcuNoAOCVKo7/42VcHP8/mqm30PfZc8cFPbpuz/49kEb8xxdlXDkTv0fv/xaP+xZ73Jo3rk8OtdtKvLfzcf1iz0u83N//Xex5oeHaH/BM429a2WH8TufJztj7y0tlXJxu1LgYAIClLI7/41+ezR//L2x8Mmv81le/hJwZn7z8xufN9c7c+LxX77sbn7eN3+n71jnxl8781+J+TuZVP/6P6+nqlPE/AABLUBz/x197jH//7z+l69m/W7/0xulT6SXpIr2PnraHcfore5zeFxY2Tn97zu97xPs7H6f3eJ4txm/+HIB5gNP7+fimr/UyDwAAwJnQVxspzf49+w+ky+zv2ef9Xv41OfVrOvibqJX08vj6/XsnJq49sGf7+P6Ja3fftH1i37U37925f//E7nq9hY4bc8ctaZJ9oZK2R/t6o/+3dX1VOjGwKufvIWTHeTHsebUbs/8eQnazAwV/R2Dm+OXkm1nPO36lOeq36x95xzsv/h/m1I8ax/+GP7rk2h37rt25e+f+neOTOw9OtEafbojBeXxvZpL+n9f3pT725L85HkL9Vu1bMzNK8//+znh45plHy49ZT6TSdIskucd/Oo8kk8fqNJPVed9/kJP3t//Ln//xhVO//GIIY68pv26+ebeG3Dz1H98/8fv7j/9gz3T+pTnzb9RM8yr6vtJs/bg/lcmb9u1/w46bDuzOfqNkd+J8RqmxvkjzGenTv9zh/MS2nPL5/v5+edaNpanj+Ylp77j+9CUGALDExff/4/VsfP/w0+kFVCzvfJxev3Ds9v3j3HH6WGfj9Oz3khWN07P14/52Ok6vLnCcnt1+/jh9ILd+u3F63rg7L/4f5NSfr877SRe/jxGHn18+fCC3n1yX7ScDbetlv8+gqJ9k68+3nyQL7CfZ7RfN57Sr366f5B33vPjvyamfp6g/VBr9YWG/P5PbHz7V2Xnj1zPrRf0hW3++/aG0wP6Q3X5Rf2hXv11/yDu+efGvzqnfqdb+Md0xav1i4tqbb9r74aZ6i/39F2H2RzI6yW/ZzGMX9/s/utV5+y7u574Wnn8Im2slefkv7ufKFp5/UfvP4/e/VoZZnyvLzf/xnBNIz/Nf3O93ycirPvvxp2u+Nj0TFH3+rGged2tO+XzncZfNurE0zWseF+ipOP6Pb/fE8f9d6bLXbwO9/L8nzfeYtY3fo+8xK7qOedW9nmffcvd6DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDy1x9Cf2Vt7ebxO/eduvrc3/32n0288NHf+4ddt//aR770s9Ebfvtb9w9+/sVj2y/Y8aPfOeuGBz905dF7/vqR51d87aWnCmMP135WLk5XqyEkzyQhVL9x8i8+duw750yXJSGEcjJ8KITVyZpHVieZCGO/CCFsj6lWWu/86guX7phe3n5Xf0v5qkyQ7H6FoXLMpznPEG4p3CNehqppPzt46uY3hB+/Y+sd31v3lb/rO/L0oZkqSbWpP4Ww8rrmx/eFEAbS/6H+lKlZGx+cLreEEAabHvfmgrxe32H+G3PWz0uXy9LlUEGceP/6zHopUy+7HvVlloMF21uovDy6rVdkeWY9ezJaqLw8Y/nqdPn1dHnxPOOX4/8klJJQaaQ/mcz0kdB03JKQ1I5ltbFeahzbkO5/Zj3JrJcy6+W+zH7Vtpt2tHKStJbHepnyeDqupOUXNJ+r23hvTvlr02U1faK+GNdD9kbd0Kwbjf2qiXmdnCOX1L8rrtK9UtM5qF1548CnB2MoLRtK1sx6zFQb8b5jW+/eUN72zePDOXkk9ydp/KSr+Ae/u3r5B798+MDavPjXldL4pa7i/+SqE89ec/hzn82N/6kYv9xV/EseGnzmqkfvXJ/bPidj+1S6ij/+1GOfWHf29Udy8783xq92FX/z0RP9K0499HBu/mOxfQa6iv/k29750y8+8cDTufFDjD/YVfxtR/d8sn/k1EW58R+O7TPUXf957sgVPxwZ+floXvzHY/wVXcX/wqF73nrfqruuzD2+W2L7DHcV/90XPnjH8lMPnJ937kzu7dUrJ8Cr01npNdbH0/Vux5kL1TRe+KvRSv2ab3n6f0UvN5QxvZ2VixgfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBXpu/fdtkH3v/292ytJCEkOXWm2oj3lZdt3jzaxXbHn3rsE+vOvv5Ic9naLuIAAAAAxeI4vNQoqYa14eZkIJzXtn6cIzgvriWt5dlljJOdI+g0TsjEKbWJU+oiTrlH+VR6FKevR3GW9ShOf4/iVAviVENncQbmiFOZ7gEd5jM4Zz6dxxnqUZzlPYqzokdxVvYozqoexRmeM07n/XB1j+Ks6VGcs5oLP9t9nLN7lM9rehTnV3oU55wexcnOKc+3H65Ia56bF6d2o1wYp5KUG3e0m08/J93O+QvcztCc26lOrSh6Pe5wOwMF+xO38/rM40rF2znUXL/a4XZ+df7bad3/Drfz6wvcTqlgO7Hf3pLNL24nrnXY/2/tUZyDPYrzkR7Fua1Hcf5kPnHavEcW4/xpj/L56ALjAHQqjv9nxnvDob/ym2EwPeNkZwHieHdd7efs17u8E1KM97pM+bKieNmBeibeuvnml51AyMRbn4nW1xKv0hiPzBGv2hxvQ+bOufb3bZvb59Yc7+JMef8c8WqyEwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsIi+f9tlH3j/29+zNSRh+l9bU23E+8rLNm8e7WK7x7bevaG87ZvHm8v6K10EAgAAAArFcXhfo6Qa+iubQn+yrKVeNZ0HqKbr5eH6cmRl2DK9TEZLtfXBZPWcj6ukj9u4f9eejftuPfjGnbvGb5y4cWL3WzZdtumKscuvuHzjjp2TE2P1nyH0F8QLIdSmH/bdevDD45OTE3v31Quz+a9NH7e2lmztX+1xI28KY9PL29P81xRsrzRre4t3o6MDCAAAAAAAAP+fXbsNlbQsHwB+PTNzZsaj+3f++DYu7nFYV7GyUjuGlngeCBJ8WTwIMcc6yZIrSUd30V0xm3QhNaUIlIVlww9tmKRJX3xJiXxhwTBL6GwSKuWH+lBoGSp+CGXinJlnzsycGec0iLtuv9+H5+W6r/u+nvv5cOB6zgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfIgWG9Pz9ZnZuckkIhmS0xwgG8sX07Q2Rt2vPLH9B6Wpd07vjpUKYywEAAAAjJT14ROdSDlKhXzk48Tlu43RNRArfT8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPC/Z7ExPV+fmZ07MolIhuQ0B8jG8sU0rY1R99W3HvrsS1NTf+uOVcdYBwAAABgt68NznUg5qnFKTCQnLnX+nWj2bWB93/xW3opsnQ1rzOv/djAs75Q15p22xryPjcjb3D7fFAAAAPDRl/X/hU6kEqXCulX9cNb/j+rrs7yT+/Ly7fPafytQXHMmAAAA8P6y/r/UiVSjVKh2+vW19vsb+/Ky+aP+b5/NP3XI/FH/z7+0ffZ/egAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD46FhsTM/XZ2bn8klEMiSnOUA2li+maW2Mumc/OfmPi/ffvrE7ViqMsRAAAAAwUtaHr7Te5SgVJmMijlzu+6cuvPeRLz3y2HREtNr8YjFu2rJjx/Vnt45Z3lnP75/4/rOvf3tV3lmt40HbIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8IFZbEzP12dm545IIpIhOc0BsrF8MU1rY9R95fNf/MsDLz7+WnesOsY6AAAAwGhZH77S+5ejGsUoxvHLd929/pJc3/xh3wwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAw8cN37z5G1sWFrZe7+LgXDTzEYfAY7hw0XtxsP8yAQAAH7STI4nmf+mEyw72UwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIeCxcb0fH1mdq6cRCRDcprN5q6lQ7dsLF9M09oYddMnXiite+fJp7tj1THWAQAAAEbL+vCV3r8c1ZiIiThu+W7QN4Hl/r/yIT4kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEhZbEzP12dm59YlEcmQnOYA2Vi+mKa1Merev2vv5+47+nsXdcdKhTEWAgAAAEbK+vBiJ1KOUuHjUYqT2vcLvROSfPs8+LvAyrztPdMm1zyv0TWrGPk1z7uzb2eF9m5a88rtaL7SOnfm1Vbm5drzal3zqtEpX+vMW35Zu3uqrRvxnIPePQAAAHxYsv6/1IlUolQodfX/P+3Jr+hzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAhFhvT8/WZ2bkkiUiG5DQHyMbyxTStjVH35t/+/1Ff/dldO7tj1THWAQAAAEbL+vCV3r8c1dgQ/xcblvv+qPTmZ3n/rL973z3/+uvpEWcef2Cq0L/sj7KLX79ywVP9h4hcb3Yu4uh2vWRIvd/8/p4bNzXffSDizOPyJ62qF+9fr3fJtPlofeulO549sH3EywEAAIDDRNb/T3QilSgVrhva/2ed94j+v2O5AT/6xl2/OLZ9bHfkfTNylXa93JB6X9j00J9PPffvry/1/6vrfbJz9em91953bE/BVqRPkjZnrt25+cA5+3LZrlv18331s/fy5W+99u+rb7r73Vb9cpTb8fV9j9KqtvrYVz7S5kJuz9wl7+1p9NYvDNn/7b97+sVfrb/r7aX6b5082al/Wgyq39p5YWj9OCJtTl5+x+7z9u7f3Fs/ImqRX13/jbcvihP+eM1t/fuf7Fu4+813H/tfQNp8fuOb+869t3p+b/1kqX6X7P3//MX7d//k7u8+ltXPfity+ilrrZ/rq//cncfseubWy9b31s/11c/2/9QVL01tq33nD/37v6pn1cLQp1i9/wfPePjKl7ekt/QPAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHF4WG9Pz9ZnZuVwSkQzJaQ6QjeWLaVobo+6rF7/wxhV3/fiH3bHqGOsAAAAAo2V9+ErvX45qFKMYk8t9/6P1rZfuePbA9qi0RpP2ubCw7YYdn7h6287rrjpITw4AAACs1asXJ8v9f6ETqUSpsCkm2v3/zLU7Nx84Z18u6/9zS+ckIq6+ZmHrmdHJe+7OY3Y9c+tl6zvfCSKWfxZQXsr7zErehRe8UHnzT18/dWDe2St5z298c9+591bPz/KiO++s6HyfePCMh698eUt6S+f5uvM+9bVtC+3PE9m6k5ffsfu8vfs357LvGO3zZHvdLG8ht2fukvf2NHKVKC2N59t55fa+AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDVFhvT8/WZ2bnIRyRDcprd2oFsLF9M09oYdS/Z9Mvbjnrn8Q3dsVJhjIUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWF/foLkars4wD+PDOz787u7OquvtBWtK5WFHahFETUTUVFaITQlSFhaV5EQRBR2EVraCRWdBNk3UhUUG0hGOQmiRZr9E+66aKCAusiEGmhdpEuMnbmOePscU6jsxVInw8Mzz7POed7fuc8z5zZAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADnld7KSL09suOR2TsvuvWzp+6fefL2Dx7adsUTb/00tunmT/f2v35yavPyLd/esnTTgQfWTO5+5fBvg+/9caxj8OONZmXqVkOIJ2II1Q+nX3x66vML5sZiCKEch8ZDGI5LDg/HXMLq30MIm5t1zt+4b+aaLXPttl2988YX50Ly1xVq5ayehqH59bY6lQ/jvFNN62zr7GNXhe9vWr/9y2XvvtMzcXz89C5xbp9yWk8hLNrYenxPCKEvfeZkq20kOzi160II/S3HXdehrkvPsv5VBf2LU/u/1NY65GTbV+T6pdx++X6mJ9f2dzjfQhXV0e1+nQzk+vmH0UI161zVfnw4te+nduU55pezTwylGCrN8h+Mp9dIaJm3GGJ9LqvNfimb20pI19/TclwMIeb6pVy/3JO7rvp500Irxzh/PNsvN549jitpfHnrs7qNuwrGL0xtNX1RT2b9kP+joXbGH83rqsvqmv6LWv4NpZZnULvx5sSnyailsVpccsYxp9rItk2tf/by8oaPjgwV1BH3xpQfu8rf+sXwwD1v73x0pCh/Yynll7rK/2Ht0V/u3vnqy4X5L2T55a7yrz7Yf2LtxztWFN6f6ez+VM4qP6Z+tu3eY588t+z/9020m+t6/p4sv9pV/TdOHu0dnD14qLD+1dn96esq/7sbbvvxza/3Hy/MD1l+f1f5GyYffr53dPbKwvxDja9Crb5Cu1g/v05c+83o6M9jRflfZfd/sE1+7Jj/xvju619bvGtN4fpcl92foZTfd07133HZge0Ds/svKXp2xj1/1y8nwH/T0vQ/1jOp3+k9c99Mqe175kK1vC+8NFZp/AINpE+nd8OFmDvPon8wHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/ZgQMSAAAAAEH/X7cjUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//w3eGa0=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r0, 0x0, 0x10000, 0x408)
fallocate(r0, 0x8, 0x0, 0x2000)

7.105523141s ago: executing program 4 (id=315):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newlink={0x3c, 0x10, 0x3, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TTL_INHERIT={0x5, 0xc, 0x1}]}}}]}, 0x3c}, 0x1, 0x2}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210057ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48)

5.53074174s ago: executing program 1 (id=184):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x4, &(0x7f0000000980)=ANY=[], 0x1, 0x120b, &(0x7f0000002300)="$eJzs3M9rXFUUB/CTNv1hajJRa7UF6UE3unk2WbhyEyQF6YDSNoVWEF7NRIeZzIS8ITBFbHdu/TvEpTtB/AeyceNacJeNyy7EJ84LtglxEcFOWz6fzRzm3i9zH28YeJd7Zu/9bzZ7G1WxUY7ixMxMzG5F5MOMjBNxMhoP4p1bv/z6xo3bd66ttNur1zOvrtxcei8zFy7/+MmX37350+jcre8XfjgTu4uf7v2+/Nvuhd2Le3/e/KJbZbfKwXCUZd4dDkfl3X4n17tVr8j8uN8pq052B1Vn+8D4Rn+4tTXOcrA+P7e13amqLAfj7HXGORrmaHuc5edld5BFUeT8XPDfnY61bx/WdR1R16fidNR1Xb8Qc3EuXoz5WIhWLMZL8XK8Eufj1bgQr8XrcXEya9orBwAAAAAAAAAAAAAAAAAAgOeL/n8AAAAAAAAAAAAAAAAAAACYPv3/AAAAAAAAAAAAAAAAAAAAMH36/wEAAAAAAAAAAAAAAAAAAGD6bty+c22l3V69nnk2YvPrnbWdtea1GV/ZiG70oxNXohV/xKT7v9HUVz9sr17JicV4d/P+fv7+ztrJg/mlyd8JHJlfavJ5MH8m5h7PL0crzh+dXz4yfzbefuuxfBGt+PmzGEY/1uPv7KP8V0uZH3zUPpS/NJkHAAAAz4Mi/3Hk83tR5MxMM/XQePPmv+8P1K1D+wOHnq9n49LsFC+ciWp8r1f2+53tZ6vY/0rGvV55+WlYj+IYxf69e/C0rOcZLU5FxP/4EVP8UeKJeXTTp70SAAAAAAAAAAAAjuMYBwNnm/O2xz9OOO1rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5iB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFcFAAD//78558w=")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
rename(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1e0)
renameat2(0xffffffffffffff9c, &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2)

3.366791337s ago: executing program 3 (id=336):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000e00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = fsopen(&(0x7f0000000100)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='user\x00', &(0x7f0000000140)='\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='user\x00', &(0x7f0000000040), 0x0)

3.25260302s ago: executing program 3 (id=338):
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sndpcmp(&(0x7f0000000040), 0x0, 0x0)
r0 = syz_io_uring_setup(0xd3, &(0x7f0000000480)={0x0, 0x6776, 0x10000, 0x22, 0x335}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x47b7, 0x8000, 0x0, 0x0, 0x0)

3.171392486s ago: executing program 3 (id=339):
r0 = syz_io_uring_setup(0xa0, &(0x7f00000002c0)={0x0, 0x89b8, 0x8, 0x0, 0x207}, &(0x7f0000000040)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_SYMLINKAT={0x26, 0x11, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r3}})
io_uring_enter(r0, 0x847ba, 0x0, 0x28, 0x0, 0x0)

3.086416543s ago: executing program 0 (id=340):
socket$nl_netfilter(0x10, 0x3, 0xc)
write$tun(0xffffffffffffffff, 0x0, 0x16e)
syz_usb_connect(0x2, 0x4a, 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, 0x0, 0x20040000)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040ed5000410"], 0x11)

3.00313729s ago: executing program 3 (id=341):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000007, 0x31, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
recvmmsg(r0, &(0x7f0000001580)=[{{0x0, 0x0, &(0x7f0000001440)=[{0x0}, {&(0x7f0000003ec0)=""/4096, 0x1000}], 0x2}, 0x7}], 0x1, 0x0, 0x0)

2.979236215s ago: executing program 4 (id=342):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
sendmmsg$inet(r0, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000180)="580000001400192340834b80040d8c561e067f0202ff000000020000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000c0c100000000000000003a0", 0x58}], 0x1)

2.865701426s ago: executing program 2 (id=343):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000180)=0x7, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x24000800, &(0x7f00000002c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f00000066c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001fc0)=""/148, 0x94}, 0x2}], 0x1, 0x2000, 0x0)

2.791648757s ago: executing program 3 (id=344):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @remote, 0x9}, 0x1c)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000200)=@raw={'raw\x00', 0x8, 0x3, 0x448, 0xf0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x378, 0xffffffff, 0xffffffff, 0x378, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [0x0, 0x0, 0x0, 0xff], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x6000, 0x50000000, 0xfff, 'snmp\x00', {0xffffffffffff4d26}}}}, {{@ipv6={@mcast2, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x4a8)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x953a, &(0x7f0000000100)=[{&(0x7f0000000000)="3a10", 0xffd0}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

2.744400023s ago: executing program 2 (id=345):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x328000, 0x800}, 0x20)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

2.555141616s ago: executing program 3 (id=346):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x64, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x3311, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x64}}, 0x0)

2.408353468s ago: executing program 0 (id=347):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x400, 0x1, 0xbfdffffc}, &(0x7f0000000000)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x3, r0, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r1, 0x47f6, 0x20000, 0x0, 0x0, 0x0)

2.364216506s ago: executing program 2 (id=348):
r0 = socket$netlink(0x10, 0x3, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, <r2=>0x0}, &(0x7f0000000280)=0x5)
setuid(r2)
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000300)="4800000014001d1009074beafd0d8c560a84606080ffe020590000a2bc5603ca00000f7f8907000020008d42188fedc22e47ad8f75edc6d100000101ff0000000309ff5b00000000", 0x48}], 0x1)

2.211205364s ago: executing program 2 (id=349):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000880)='./file1\x00', 0x4896, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@commit={'commit', 0x3d, 0x5}}, {@acl}, {@errors_remount}, {@grpquota}]}, 0x3, 0x43b, &(0x7f00000008c0)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJ287sjjPzeXbsmR05gL41kv2TROyJiN8jYqieXV1gpP7fzaXL038vXZ5Oolp966+kVu7G0uXpomjxut15ZjSNSD9L4lCLeucvXjo7VanMXsjz4wvn3h+fv3jp2TPnpk7Pnp49P3nixPFjEy88P/lcR+LM2nTj4Edzhw+89s7VN6ZPXn3352+TIv6mODpkZL2LT1SrHa6ut/Y2pJOBHjaETSlFRNZd5dr4H4pSrHTeULz6aU8bB3RVtVqt7m5/ebEK3MGS2GjJs/nnBXBnKL7os/VvcWzT1OO2cP2l+gIoi/tmftSvDESalyk3rW87aSQiTi7+81V2RHeeQwAArPJ9Nv95ptX8L437G8rdne8NDUfEPRGxLyLujYj9EXFfRK3sAxHx4Cbrb94kWTv/Sa9tKbANyuZ/L+Z7W6vnf8XsL4ZLeW5vLf5ycupMZfZo/p6MRnlHlp9Yp44fXvnti3bXGud/2ZHVX8wF83ZcG9ix+jUzUwtT/yXmRtc/iTg40Cr+ZHknIImIAxFxcIt1nHnqm8PtrrWLv7yRP9yBfabq1xFP1vt/MZriLyTr70+O3xWV2aPjxV2x1i+/XnmzXf237v/uyvp/V8v7fzn+4aRxv3Z+83Vc+ePztmuard7/g8nbtfRgfu7DqYWFCxMRg8nr9UY3np9ceW2RL8pn8Y8eaT3+98XKO3EoIrKb+KGIeDgiHsnb/mhEPBYRR9aJ/6eXH39v6/F3Vxb/zKb6fyUxGM1nWidKZ3/8blWlw5uJP+v/47XUaH5mI59/G2nX1u5mAAAA+P9JI2JPJOnYcjpd3ureH7vSytz8wtOn5j44P1P/jcBwlNPiSddQw/PQiXxZX+Qnm/LH8ufGX5Z21vJj03OVmd6GDn1v99rxn46N1a/9Wep164Cu83st6F/GP/Qv4x/6l/EP/avF+N/Zi3YA26/V9//HPWgHsP2axr9tP+gj1v/Qv4x/6F/GP/Sl+Z1x6x/JS0isSUR6WzRDokuJXn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//90X+Ln")
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4, 0x1)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1.990957774s ago: executing program 4 (id=350):
ptrace$getregset(0x4204, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r0, 0x80083313, &(0x7f0000001300))

1.606858908s ago: executing program 2 (id=351):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a34000000000a4f1c0000000000000000020000000900010073797a300000000008000240000000020900010073797a310000000014000000110001"], 0x5c}}, 0x0)
sendmsg$NFT_MSG_GETSET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="200000000a0a0102"], 0x20}}, 0x0)

1.285243942s ago: executing program 2 (id=352):
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c736d61636b66737472616e736d7574653dcd5e592e282c646566636f6e746578743d756e636f6e66696e65645f752c7569643e", @ANYRESHEX=0x0, @ANYBLOB="2c636fffffffff743d757365725f7541646f6e745f686173682c646f6e745f686173682c61707072616973655f747970653d696d617369672c00b86ec18811b5d60d87b74737d64c79ca4bfcea4a89708a457bfe6adcdf0828867f61d5c53efffb710f1689ac27bd22df6219d6a233e63feffad6574e14ab3053363940a9a2a34038125d702635545396b3bd3d14f8fee23ad3a96254bebfac61cbc1662a1b754ce3610e581ad7372b7a90a74508a8d220572a80792cf81944c40549d4ade83156c25d297bcf740825b0980daccd1c90b6000000000000000000000000348332ed1d8039160eb60a0605e494f55879ed00012a5437b5d76f43e8bf0ca316f0f84795f9c738c2d430d05eb400253c41befd9d27d41b96a51f26fedad2e2f9b2a43aab363b816b8fe74f5d50005f412c28671de4f940e4388f59529d278da45da3183cbbee542158c9fca04ff5abb46c5c9480e3658aab5f33b1266c5a8c36d47dbbc3aee553381f2a1fda9a1353f2542740dbe3d1089aa566e2a16528b291f473e3049337c90000000000"], 0x1, 0x1a0, &(0x7f0000006940)="$eJzs0E9rE0EYx/HvMzv5U6FKVDxUMAGLcUM12a148BQ8ReiCBy+CQUMam2KippuDLS30IgWp9i3oqR5F0JOIgufiQfCg66U36R6KB/Egkd1MBV+D84Hd3z4/2JlhuuEgzAG/91fb1Ek5HOYjggaKMu6UGudrM383uTUOLpt50+Rzk1Ph8sqdVq/XWSpdKlH4pwB+pN3fKixyQhELdeTz/mq7JbcCRnX6aj6gMEflMU6TgfuEKT3J8Zs4jMqbXFEMJAMcqQ7796vh8sq5xX5robPQuev7sxdrF2o5/OrtxV6n9gpxH4niKWu4AbmACXeNTJOHO/oQM4K4XRU5UonJNtnacc6enolR7h4jhHflmNxX3S2pa5whfyM5fINjwjOcgOk5JhSadKMGclW9FE9/0j8zivy645xv3+vNb1xX8iu7XZe9vHi7ZMoefsVjNrkajvKejYjpiEbEdsTuN4ryJtnl4F71evJ+YaaTnIIsD1rD4ZKXhQ9SDvCTpwCT6XIqPVcB3pp/TPDl4MOyLMuyLMuyLMv6D/wJAAD//7EYYro=")
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000106a05310300000000000109022400010000800009040002010300010009210000000122f80409058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
write$binfmt_register(0xffffffffffffffff, &(0x7f0000000200)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x1, 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, './file1'}, 0x237)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)

1.255750803s ago: executing program 0 (id=353):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000280)={&(0x7f0000000780)={{@my=0x0}, {@my=0x0, 0x800000}, 0x400, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f329fd45ffa640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411d5f0e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e61d9c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c9"}, 0x418})
poll(&(0x7f0000000340)=[{r0, 0x700a}], 0x1, 0x7)

1.114761578s ago: executing program 0 (id=354):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @broadcast}, 0x10)
sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000000740)=[{{&(0x7f0000000100)=@in6={0xa, 0x4e23, 0x9, @mcast2, 0x6}, 0x80, 0x0}}], 0x1, 0x6004010)

723.647568ms ago: executing program 4 (id=355):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000"], 0x48)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000140)={r2, 0x4}, 0x8)

535.243009ms ago: executing program 4 (id=356):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)={0x80, r1, 0x5, 0x0, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x2d, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @random=0x7fff, 0x1, @void, @void, @void, @void, @void, @val={0x5, 0x3, {0x6, 0x3c, 0x3}}, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_TX_RATES={0x1c, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xf, 0x4, 0x101, 0x6, 0x3, 0x2, 0x3, 0x80]}}]}]}]}, 0x80}}, 0x0)

158.392904ms ago: executing program 0 (id=357):
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000001400))
timer_create(0xfffffffc, 0x0, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 0 (id=358):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000480)={[{@shortname_winnt}, {@uni_xlate}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@fat=@codepage={'codepage', 0x3d, '1250'}}, {@utf8}, {@uni_xlate}, {@utf8}]}, 0x11, 0x221, &(0x7f0000000680)="$eJzs2j+LXFUcBuDfXSOJGzYz4j8SEA9aqM0lM7VFFklAHFA0I0RBcuPe0WGuM8vcYWFEzFba+hGsxdJOkJQ22/gJLOy22TKFeCWZaHbDWISwO2Kep5kXzrzccziXwynu/hvffj4a1PmgmMValsXapdiN21m0Yy3+thuvv3rtlxffv/bh25u93uX3UrqyebXTTSmde+nnj7784eVbs7Mf/Hjup9Ox1/54/6D7+97ze+f3/7z62bBOwzqNJ7NUpBuTyay4UZVpa1iP8pTercqiLtNwXJfTI+ODarK9PU/FeGtjfXta1nUqxvM0KudpNkmz6TwVnxbDccrzPG2sB4+i//3tpomD5snr0TTNU9/F2Vux8Vu0Ins6Zc9cyp67nr2wm50/aJrWqqfKsbD/j7dDh/qZiOqbnf5Of/G7GN8cxDCqKONitOKPuPOa3LPIV97qXb6Y7mrH19XNe/2bO/0njvY70Yr28n5n0U9H+6dj/XC/G614dnm/u7R/Jl575VA/j1b8+klMooqtuNO93/+qk9Kb7/Qe6F+4+z8AgP+bPP1j6f0tz/9tfNF/iPvhA/erU3Hh1GrXTkQ9/2JUVFU5PfawfoLPEgTh0cKqTyZOwv1NX/VMAAAAAAAAAAAAeBgn8TnhqtcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8t/0VAAD//88U1PU=")
renameat2(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0xffffffffffffff9c, 0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x8000)
rmdir(&(0x7f0000000100)='./file0\x00')

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.162' (ED25519) to the list of known hosts.
[   83.660313][ T5819] cgroup: Unknown subsys name 'net'
[   83.817664][ T5819] cgroup: Unknown subsys name 'cpuset'
[   83.827409][ T5819] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   85.525043][ T5819] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   89.775385][ T5151] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   89.786305][ T5837] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   89.794680][ T5837] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   89.802733][ T5837] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   89.816986][ T5837] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   89.824933][ T5837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   89.838361][ T5151] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   89.848428][ T5832] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   89.856823][ T5832] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   89.865542][ T5832] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   89.892261][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   89.905095][ T5151] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   89.912917][ T5151] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   89.921918][ T5151] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   89.932080][ T5835] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   89.942952][ T5835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   89.952081][ T5846] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   89.952155][ T5835] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   89.962619][ T5846] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   89.969870][ T5835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   89.976048][ T5846] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   89.989271][ T5835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   89.997129][ T5835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   90.025457][ T5835] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   90.035772][ T5835] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   90.692020][ T5829] chnl_net:caif_netlink_parms(): no params data found
[   90.775791][ T5833] chnl_net:caif_netlink_parms(): no params data found
[   90.907711][ T5840] chnl_net:caif_netlink_parms(): no params data found
[   90.919055][ T5842] chnl_net:caif_netlink_parms(): no params data found
[   90.974919][ T5834] chnl_net:caif_netlink_parms(): no params data found
[   91.108941][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.117217][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.125403][ T5829] bridge_slave_0: entered allmulticast mode
[   91.134895][ T5829] bridge_slave_0: entered promiscuous mode
[   91.186593][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.196444][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.204148][ T5829] bridge_slave_1: entered allmulticast mode
[   91.211460][ T5829] bridge_slave_1: entered promiscuous mode
[   91.245445][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.252666][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.260395][ T5833] bridge_slave_0: entered allmulticast mode
[   91.268486][ T5833] bridge_slave_0: entered promiscuous mode
[   91.339848][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.347617][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.354926][ T5833] bridge_slave_1: entered allmulticast mode
[   91.362182][ T5833] bridge_slave_1: entered promiscuous mode
[   91.397972][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.405329][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.412537][ T5842] bridge_slave_0: entered allmulticast mode
[   91.420103][ T5842] bridge_slave_0: entered promiscuous mode
[   91.471430][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.479524][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.486945][ T5834] bridge_slave_0: entered allmulticast mode
[   91.496588][ T5834] bridge_slave_0: entered promiscuous mode
[   91.505200][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.512344][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.519643][ T5834] bridge_slave_1: entered allmulticast mode
[   91.527259][ T5834] bridge_slave_1: entered promiscuous mode
[   91.534414][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.541587][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.549775][ T5842] bridge_slave_1: entered allmulticast mode
[   91.557763][ T5842] bridge_slave_1: entered promiscuous mode
[   91.581459][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.632547][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.672988][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.682833][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.690325][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.697695][ T5840] bridge_slave_0: entered allmulticast mode
[   91.706383][ T5840] bridge_slave_0: entered promiscuous mode
[   91.717528][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.745643][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.768256][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.776191][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.783427][ T5840] bridge_slave_1: entered allmulticast mode
[   91.791628][ T5840] bridge_slave_1: entered promiscuous mode
[   91.816012][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.828078][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.876426][ T5832] Bluetooth: hci1: command tx timeout
[   91.888517][ T5833] team0: Port device team_slave_0 added
[   91.897444][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.936932][ T5829] team0: Port device team_slave_0 added
[   91.954189][ T5832] Bluetooth: hci0: command tx timeout
[   91.980457][ T5833] team0: Port device team_slave_1 added
[   92.016739][ T5834] team0: Port device team_slave_0 added
[   92.025972][ T5834] team0: Port device team_slave_1 added
[   92.033465][ T5829] team0: Port device team_slave_1 added
[   92.052598][ T5842] team0: Port device team_slave_0 added
[   92.062339][ T5842] team0: Port device team_slave_1 added
[   92.071735][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.095915][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.102904][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.129453][ T5835] Bluetooth: hci3: command tx timeout
[   92.130365][  T978] cfg80211: failed to load regulatory.db
[   92.135170][ T5151] Bluetooth: hci2: command tx timeout
[   92.135726][ T5832] Bluetooth: hci4: command tx timeout
[   92.151893][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.209144][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.220582][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.228610][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.254800][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.289379][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.296516][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.322803][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.335689][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.342679][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.368865][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.397023][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.404264][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.430277][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.474783][ T5840] team0: Port device team_slave_0 added
[   92.481512][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.489056][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.515169][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.534775][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.541771][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.567886][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.579765][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.586870][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.612968][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.626520][ T5840] team0: Port device team_slave_1 added
[   92.720432][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.728668][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.755292][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.791263][ T5833] hsr_slave_0: entered promiscuous mode
[   92.799304][ T5833] hsr_slave_1: entered promiscuous mode
[   92.851620][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.859121][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.885658][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.929839][ T5834] hsr_slave_0: entered promiscuous mode
[   92.936799][ T5834] hsr_slave_1: entered promiscuous mode
[   92.942952][ T5834] debugfs: 'hsr0' already exists in 'hsr'
[   92.948868][ T5834] Cannot create hsr debugfs directory
[   93.016293][ T5842] hsr_slave_0: entered promiscuous mode
[   93.022744][ T5842] hsr_slave_1: entered promiscuous mode
[   93.029705][ T5842] debugfs: 'hsr0' already exists in 'hsr'
[   93.035528][ T5842] Cannot create hsr debugfs directory
[   93.087814][ T5829] hsr_slave_0: entered promiscuous mode
[   93.094586][ T5829] hsr_slave_1: entered promiscuous mode
[   93.100691][ T5829] debugfs: 'hsr0' already exists in 'hsr'
[   93.106680][ T5829] Cannot create hsr debugfs directory
[   93.183251][ T5840] hsr_slave_0: entered promiscuous mode
[   93.190996][ T5840] hsr_slave_1: entered promiscuous mode
[   93.197621][ T5840] debugfs: 'hsr0' already exists in 'hsr'
[   93.203389][ T5840] Cannot create hsr debugfs directory
[   93.740711][ T5834] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   93.764475][ T5834] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   93.787378][ T5834] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   93.799846][ T5834] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   93.867667][ T5833] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   93.890877][ T5833] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   93.914795][ T5833] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   93.948329][ T5833] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   93.955484][ T5832] Bluetooth: hci1: command tx timeout
[   94.015992][ T5829] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   94.034074][ T5832] Bluetooth: hci0: command tx timeout
[   94.053092][ T5829] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   94.081040][ T5829] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   94.093280][ T5829] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   94.156275][ T5842] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   94.168683][ T5842] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   94.194234][ T5835] Bluetooth: hci3: command tx timeout
[   94.199693][ T5835] Bluetooth: hci2: command tx timeout
[   94.205638][ T5832] Bluetooth: hci4: command tx timeout
[   94.225985][ T5842] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   94.238872][ T5842] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   94.328323][ T5840] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   94.343015][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.364903][ T5840] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   94.392787][ T5840] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   94.406284][ T5840] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   94.471976][ T5834] 8021q: adding VLAN 0 to HW filter on device team0
[   94.523762][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.531155][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.576055][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.597153][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.604349][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.649740][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   94.687551][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.713262][  T800] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.720450][  T800] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.771352][ T5829] 8021q: adding VLAN 0 to HW filter on device team0
[   94.789990][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.801098][ T1160] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.808274][ T1160] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.870291][ T1160] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.877509][ T1160] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.889891][ T1160] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.897060][ T1160] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.914276][ T5842] 8021q: adding VLAN 0 to HW filter on device team0
[   94.949145][  T800] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.956377][  T800] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.978340][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.985556][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.073043][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.209751][ T5840] 8021q: adding VLAN 0 to HW filter on device team0
[   95.278530][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.285784][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.343327][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.351053][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.416920][ T5840] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   95.428267][ T5840] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   95.589155][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.701556][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.883083][ T5833] veth0_vlan: entered promiscuous mode
[   96.002882][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.030685][ T5833] veth1_vlan: entered promiscuous mode
[   96.039800][ T5832] Bluetooth: hci1: command tx timeout
[   96.088661][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.119814][ T5832] Bluetooth: hci0: command tx timeout
[   96.144760][ T5833] veth0_macvtap: entered promiscuous mode
[   96.199253][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.210079][ T5833] veth1_macvtap: entered promiscuous mode
[   96.262652][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.278229][ T5832] Bluetooth: hci4: command tx timeout
[   96.284423][ T5151] Bluetooth: hci3: command tx timeout
[   96.289944][ T5835] Bluetooth: hci2: command tx timeout
[   96.311117][ T5829] veth0_vlan: entered promiscuous mode
[   96.323256][ T5834] veth0_vlan: entered promiscuous mode
[   96.333047][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.349292][ T5829] veth1_vlan: entered promiscuous mode
[   96.395144][ T5834] veth1_vlan: entered promiscuous mode
[   96.401749][   T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.415377][   T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.434756][   T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.458702][ T1160] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.487012][ T5842] veth0_vlan: entered promiscuous mode
[   96.587748][ T5840] veth0_vlan: entered promiscuous mode
[   96.611760][ T5829] veth0_macvtap: entered promiscuous mode
[   96.619787][ T5842] veth1_vlan: entered promiscuous mode
[   96.635578][ T5834] veth0_macvtap: entered promiscuous mode
[   96.645964][ T5834] veth1_macvtap: entered promiscuous mode
[   96.657834][ T5829] veth1_macvtap: entered promiscuous mode
[   96.667133][ T1160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.680924][ T1160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.710963][ T5840] veth1_vlan: entered promiscuous mode
[   96.762241][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.780461][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.815428][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.825310][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.828304][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.851357][   T49] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.871143][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.879377][   T49] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.890877][   T49] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.901598][ T5842] veth0_macvtap: entered promiscuous mode
[   96.924460][ T5842] veth1_macvtap: entered promiscuous mode
[   96.942531][ T5840] veth0_macvtap: entered promiscuous mode
[   96.966439][   T49] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.000995][ T5833] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   97.042392][ T5840] veth1_macvtap: entered promiscuous mode
[   97.050881][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.117127][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.137117][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.160992][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.177981][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.188279][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.238856][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.255964][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.281497][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.299388][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.352461][   T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.369317][   T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.420269][   T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.453145][ T1160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.468377][   T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.479328][ T1160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.514470][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.523272][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.569816][ T1160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.594482][ T1160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.604041][   T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.643002][   T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.688277][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.719152][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.815900][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.863719][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.957291][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.981808][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.071674][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.104099][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.118296][ T5832] Bluetooth: hci1: command tx timeout
[   98.198398][ T5832] Bluetooth: hci0: command tx timeout
[   98.211107][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.225639][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.355273][ T5832] Bluetooth: hci4: command tx timeout
[   98.360765][ T5832] Bluetooth: hci2: command tx timeout
[   98.366879][ T5835] Bluetooth: hci3: command tx timeout
[   98.521639][   T24] IPVS: starting estimator thread 0...
[   98.655027][ T5959] IPVS: using max 28 ests per chain, 67200 per kthread
[   98.714261][ T5961] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   98.869869][ T5963] loop2: detected capacity change from 0 to 1024
[   98.874230][ T5968] Bluetooth: MGMT ver 1.23
[   98.988474][ T5963] hfsplus: failed to load root directory
[   99.175715][ T5974] loop1: detected capacity change from 0 to 128
[   99.183091][ T5974] EXT4-fs: Ignoring removed nobh option
[   99.275835][ T5974] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   99.447262][ T5974] ext4 filesystem being mounted at /2/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   99.702413][ T5840] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   99.802933][ T5970] loop0: detected capacity change from 0 to 32768
[  100.166281][ T5970] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=lz4,no_splitbrain_check,journal_flush_disabled,norecovery,reconstruct_alloc,version_upgrade=none,no_data_io
[  100.166311][ T5970]   allowing incompatible features above 0.0: (unknown version)
[  100.166324][ T5970]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  100.209052][ T1209] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  100.334258][ T5970] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  100.342555][ T5970] bcachefs (loop0): Version upgrade required:
[  100.342555][ T5970] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  100.342555][ T5970] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  100.342555][ T5970]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  100.440895][ T1209] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  100.452250][ T1209] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  100.463511][ T1209] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  100.478170][ T5970] bcachefs (loop0): dropping and reconstructing all alloc info
[  100.490031][ T1209] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  100.509998][ T1209] usb 2-1: SerialNumber: syz
[  100.582490][ T5970] bcachefs (loop0): accounting_read... done
[  100.619252][ T5970] bcachefs (loop0): alloc_read... done
[  100.640754][ T5970] bcachefs (loop0): snapshots_read... done
[  100.688325][ T5978] loop3: detected capacity change from 0 to 40427
[  100.696452][ T5970] bcachefs (loop0): done starting filesystem
[  100.727739][ T5978] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  100.758619][ T5978] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  100.815825][ T1209] usb 2-1: 0:2 : does not exist
[  100.838990][ T5978] F2FS-fs (loop3): invalid crc value
[  100.910955][ T1209] usb 2-1: USB disconnect, device number 2
[  101.259332][ T5833] bcachefs (loop0): shutting down
[  101.277500][ T5999] vlan2: entered allmulticast mode
[  101.283283][ T5999] hsr0: entered allmulticast mode
[  101.323680][ T5999] hsr_slave_0: entered allmulticast mode
[  101.336742][ T5999] hsr_slave_1: entered allmulticast mode
[  101.384411][ T5833] bcachefs (loop0): shutdown complete
[  101.392841][ T5978] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  101.439573][ T5978] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  101.686647][ T5842] syz-executor: attempt to access beyond end of device
[  101.686647][ T5842] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  101.746829][ T5842] CPU: 0 UID: 0 PID: 5842 Comm: syz-executor Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  101.746868][ T5842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.746889][ T5842] Call Trace:
[  101.746898][ T5842]  <TASK>
[  101.746908][ T5842]  dump_stack_lvl+0x189/0x250
[  101.746951][ T5842]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.746978][ T5842]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  101.747009][ T5842]  ? __pfx_queue_work_on+0x10/0x10
[  101.747040][ T5842]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  101.747069][ T5842]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  101.747100][ T5842]  ? f2fs_hw_is_readonly+0x39b/0x470
[  101.747132][ T5842]  f2fs_handle_critical_error+0x37c/0x540
[  101.747171][ T5842]  f2fs_write_end_io+0x495/0x810
[  101.747198][ T5842]  ? blkg_put+0x22/0x240
[  101.747265][ T5842]  __submit_merged_bio+0x27a/0x6a0
[  101.747288][ T5842]  ? up_write+0x1c4/0x420
[  101.747327][ T5842]  __submit_merged_write_cond+0x44c/0x530
[  101.747363][ T5842]  f2fs_sync_node_pages+0x1869/0x1a00
[  101.747419][ T5842]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  101.747498][ T5842]  ? f2fs_write_checkpoint+0xe43/0x1df0
[  101.747545][ T5842]  ? up_write+0x1c4/0x420
[  101.747571][ T5842]  ? do_raw_spin_unlock+0x122/0x240
[  101.747598][ T5842]  f2fs_write_checkpoint+0xe6f/0x1df0
[  101.747660][ T5842]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  101.747742][ T5842]  ? try_to_wake_up+0x81b/0x1290
[  101.747769][ T5842]  ? kill_f2fs_super+0x298/0x6c0
[  101.747803][ T5842]  kill_f2fs_super+0x2c3/0x6c0
[  101.747841][ T5842]  ? __pfx_kill_f2fs_super+0x10/0x10
[  101.747867][ T5842]  ? radix_tree_delete_item+0x2b6/0x400
[  101.747908][ T5842]  ? shrinker_free+0x2ce/0x3e0
[  101.747937][ T5842]  deactivate_locked_super+0xb9/0x130
[  101.747969][ T5842]  cleanup_mnt+0x425/0x4c0
[  101.747997][ T5842]  ? lockdep_hardirqs_on+0x9c/0x150
[  101.748033][ T5842]  task_work_run+0x1d1/0x260
[  101.748060][ T5842]  ? __pfx_task_work_run+0x10/0x10
[  101.748079][ T5842]  ? __x64_sys_umount+0x122/0x160
[  101.748117][ T5842]  ? exit_to_user_mode_loop+0x40/0x110
[  101.748148][ T5842]  exit_to_user_mode_loop+0xec/0x110
[  101.748173][ T5842]  do_syscall_64+0x2bd/0x3b0
[  101.748193][ T5842]  ? lockdep_hardirqs_on+0x9c/0x150
[  101.748224][ T5842]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.748245][ T5842]  ? clear_bhb_loop+0x60/0xb0
[  101.748271][ T5842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.748291][ T5842] RIP: 0033:0x7faaf278fc57
[  101.748319][ T5842] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  101.748336][ T5842] RSP: 002b:00007fff54257138 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  101.748361][ T5842] RAX: 0000000000000000 RBX: 00007faaf2810925 RCX: 00007faaf278fc57
[  101.748375][ T5842] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff542571f0
[  101.748400][ T5842] RBP: 00007fff542571f0 R08: 0000000000000000 R09: 0000000000000000
[  101.748412][ T5842] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff54258280
[  101.748425][ T5842] R13: 00007faaf2810925 R14: 0000000000018cac R15: 00007fff542582c0
[  101.748472][ T5842]  </TASK>
[  101.820885][ T5842] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  102.409857][ T6011] loop4: detected capacity change from 0 to 1024
[  102.449358][ T6005] loop1: detected capacity change from 0 to 40427
[  102.455475][ T6011] =======================================================
[  102.455475][ T6011] WARNING: The mand mount option has been deprecated and
[  102.455475][ T6011]          and is ignored by this kernel. Remove the mand
[  102.455475][ T6011]          option from the mount to silence this warning.
[  102.455475][ T6011] =======================================================
[  102.507676][ T6005] F2FS-fs (loop1): invalid crc value
[  102.535902][ T6011] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.685615][ T6005] F2FS-fs (loop1): Start checkpoint disabled!
[  102.732924][ T6005] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  102.771864][   T30] audit: type=1800 audit(1751464330.660:2): pid=6011 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.23" name="bus" dev="loop4" ino=18 res=0 errno=0
[  102.827681][ T6011] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  103.053084][ T5834] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.131139][ T6020] loop3: detected capacity change from 0 to 4096
[  103.257693][ T3513] kworker/u8:7: attempt to access beyond end of device
[  103.257693][ T3513] loop1: rw=1, sector=77824, nr_sectors = 1504 limit=40427
[  103.288414][ T3513] kworker/u8:7: attempt to access beyond end of device
[  103.288414][ T3513] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  103.348241][ T3513] CPU: 0 UID: 0 PID: 3513 Comm: kworker/u8:7 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  103.348273][ T3513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.348289][ T3513] Workqueue: writeback wb_workfn (flush-7:1)
[  103.348344][ T3513] Call Trace:
[  103.348353][ T3513]  <TASK>
[  103.348363][ T3513]  dump_stack_lvl+0x189/0x250
[  103.348408][ T3513]  ? __pfx_dump_stack_lvl+0x10/0x10
[  103.348437][ T3513]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  103.348472][ T3513]  ? __pfx_queue_work_on+0x10/0x10
[  103.348507][ T3513]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  103.348539][ T3513]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  103.348573][ T3513]  ? f2fs_hw_is_readonly+0x39b/0x470
[  103.348610][ T3513]  f2fs_handle_critical_error+0x37c/0x540
[  103.348648][ T3513]  f2fs_write_end_io+0x495/0x810
[  103.348677][ T3513]  ? blkg_put+0x22/0x240
[  103.348727][ T3513]  __submit_merged_bio+0x27a/0x6a0
[  103.348774][ T3513]  __submit_merged_write_cond+0x255/0x530
[  103.348813][ T3513]  f2fs_write_data_pages+0x261d/0x3000
[  103.348893][ T3513]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  103.348943][ T3513]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  103.349027][ T3513]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  103.349075][ T3513]  ? trace_f2fs_writepages+0x7f/0x200
[  103.349106][ T3513]  ? f2fs_write_node_pages+0x478/0x6e0
[  103.349153][ T3513]  ? sched_clock+0x3f/0x60
[  103.349178][ T3513]  ? sched_clock_cpu+0x74/0x430
[  103.349206][ T3513]  ? psi_task_switch+0x16a/0x6d0
[  103.349241][ T3513]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  103.349273][ T3513]  do_writepages+0x32e/0x550
[  103.349314][ T3513]  ? reacquire_held_locks+0x127/0x1d0
[  103.349344][ T3513]  ? writeback_sb_inodes+0x384/0x1010
[  103.349388][ T3513]  __writeback_single_inode+0x145/0xff0
[  103.349421][ T3513]  ? do_raw_spin_unlock+0x122/0x240
[  103.349451][ T3513]  writeback_sb_inodes+0x6c7/0x1010
[  103.349481][ T3513]  ? lockdep_hardirqs_on+0x9c/0x150
[  103.349523][ T3513]  ? rcu_is_watching+0x15/0xb0
[  103.349577][ T3513]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  103.349669][ T3513]  ? rcu_is_watching+0x15/0xb0
[  103.349713][ T3513]  wb_writeback+0x43b/0xaf0
[  103.349761][ T3513]  ? queue_io+0x3d1/0x590
[  103.349797][ T3513]  ? __pfx_wb_writeback+0x10/0x10
[  103.349840][ T3513]  ? _raw_spin_unlock_irq+0x23/0x50
[  103.349880][ T3513]  wb_workfn+0x409/0xef0
[  103.349930][ T3513]  ? __pfx_wb_workfn+0x10/0x10
[  103.349964][ T3513]  ? __lock_acquire+0xab9/0xd20
[  103.350008][ T3513]  ? process_scheduled_works+0x9ef/0x17b0
[  103.350047][ T3513]  ? _raw_spin_unlock_irq+0x23/0x50
[  103.350077][ T3513]  ? process_scheduled_works+0x9ef/0x17b0
[  103.350104][ T3513]  ? process_scheduled_works+0x9ef/0x17b0
[  103.350136][ T3513]  process_scheduled_works+0xae1/0x17b0
[  103.350209][ T3513]  ? __pfx_process_scheduled_works+0x10/0x10
[  103.350265][ T3513]  worker_thread+0x8a0/0xda0
[  103.350300][ T3513]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  103.350345][ T3513]  ? __kthread_parkme+0x7b/0x200
[  103.350391][ T3513]  kthread+0x70e/0x8a0
[  103.350418][ T3513]  ? __pfx_worker_thread+0x10/0x10
[  103.350447][ T3513]  ? __pfx_kthread+0x10/0x10
[  103.350472][ T3513]  ? _raw_spin_unlock_irq+0x23/0x50
[  103.350502][ T3513]  ? lockdep_hardirqs_on+0x9c/0x150
[  103.350534][ T3513]  ? __pfx_kthread+0x10/0x10
[  103.350557][ T3513]  ret_from_fork+0x3fc/0x770
[  103.350591][ T3513]  ? __pfx_ret_from_fork+0x10/0x10
[  103.350629][ T3513]  ? __switch_to_asm+0x39/0x70
[  103.350650][ T3513]  ? __switch_to_asm+0x33/0x70
[  103.350670][ T3513]  ? __pfx_kthread+0x10/0x10
[  103.350693][ T3513]  ret_from_fork_asm+0x1a/0x30
[  103.350739][ T3513]  </TASK>
[  103.350760][ T3513] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  103.765824][ T6020] ntfs3(loop3): ino=1a, mi_enum_attr
[  103.771588][ T6020] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  104.707928][ T6028] debugfs: 'ttyS3' already exists in 'caif_serial'
[  105.232961][ T6045] loop0: detected capacity change from 0 to 1024
[  105.330145][ T6045] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.359326][ T6045] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.402211][ T6045] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  105.433634][ T6045] EXT4-fs (loop0): Remounting filesystem read-only
[  105.610342][ T5833] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.894355][ T6067] loop0: detected capacity change from 0 to 1024
[  106.169849][ T6071] loop3: detected capacity change from 0 to 2048
[  106.339517][ T6076] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  106.429446][ T6058] loop1: detected capacity change from 0 to 32768
[  106.449079][ T6071] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12
[  106.475898][ T6071] Remounting filesystem read-only
[  106.524649][ T6058] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.34 (6058)
[  106.621383][ T6071] syz.3.37 (6071) used greatest stack depth: 18744 bytes left
[  106.671901][ T6058] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  106.716076][ T6058] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  106.759017][ T6058] BTRFS info (device loop1): disk space caching is enabled
[  106.792398][ T5842] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer
[  106.810865][ T6058] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  107.101241][ T6065] loop2: detected capacity change from 0 to 32768
[  107.134007][ T6058] BTRFS info (device loop1): rebuilding free space tree
[  107.364509][ T6058] BTRFS info (device loop1): disabling free space tree
[  107.371539][ T6058] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  107.478108][ T6058] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  107.673166][ T6065] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  107.673196][ T6065]   allowing incompatible features above 0.0: (unknown version)
[  107.673209][ T6065]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  107.822860][ T6065] bcachefs (loop2): initializing new filesystem
[  107.830107][ T6086] loop0: detected capacity change from 0 to 32768
[  107.884770][ T5840] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  107.901773][ T6065] bcachefs (loop2): going read-write
[  107.923437][   T30] audit: type=1800 audit(1751464335.810:3): pid=6086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.40" name="file1" dev="loop0" ino=4 res=0 errno=0
[  107.985687][ T6065] bcachefs (loop2): marking superblocks
[  108.218970][ T6065] bcachefs (loop2): initializing freespace
[  108.257889][ T6065] bcachefs (loop2): done initializing freespace
[  108.328110][ T6065] bcachefs (loop2): reading snapshots table
[  108.389096][ T6065] bcachefs (loop2): reading snapshots done
[  108.541912][ T6065] bcachefs (loop2):  loop2: Superblock write was silently dropped! (seq 0 expected 42)
[  108.578848][ T6065] bcachefs (loop2): done starting filesystem
[  108.784864][ T6065] syz.2.36 (6065) used greatest stack depth: 16968 bytes left
[  108.935837][ T5829] bcachefs (loop2): shutting down
[  108.941124][ T5829] bcachefs (loop2): going read-only
[  108.973873][ T5829] bcachefs (loop2): finished waiting for writes to stop
[  109.026075][ T5829] bcachefs (loop2): flushing journal and stopping allocators, journal seq 3
[  109.104166][ T6143] syz.3.49 uses obsolete (PF_INET,SOCK_PACKET)
[  109.214161][ T5829] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[  109.283942][ T5829] bcachefs (loop2): clean shutdown complete, journal seq 4
[  109.319672][ T5829] bcachefs (loop2): marking filesystem clean
[  109.412138][ T6151] netlink: 12 bytes leftover after parsing attributes in process `syz.4.54'.
[  109.527490][ T5829] bcachefs (loop2): shutdown complete
[  109.798669][ T6163] loop6: detected capacity change from 0 to 524287999
[  109.814837][ T6161] mmap: syz.4.59 (6161) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  110.554141][ T6177] Zero length message leads to an empty skb
[  110.961353][ T6174] loop3: detected capacity change from 0 to 32768
[  111.166929][ T6174] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  111.233940][ T5835] Bluetooth: hci0: command 0x0401 tx timeout
[  111.241149][ T5151] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  111.340323][ T6174] XFS (loop3): Ending clean mount
[  111.360969][ T6194] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  111.371264][ T6174] XFS (loop3): Quotacheck needed: Please wait.
[  111.544220][ T6174] XFS (loop3): Quotacheck: Done.
[  111.649674][ T6174] XFS (loop3): User initiated shutdown received.
[  111.659860][ T6198] loop0: detected capacity change from 0 to 256
[  111.690234][ T6174] XFS (loop3): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:476).  Shutting down filesystem.
[  111.737593][ T6174] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  111.870968][ T6198] FAT-fs (loop0): Directory bread(block 64) failed
[  111.897675][ T6198] FAT-fs (loop0): Directory bread(block 65) failed
[  111.906404][ T5842] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  111.928846][ T6198] FAT-fs (loop0): Directory bread(block 66) failed
[  111.958794][ T6198] FAT-fs (loop0): Directory bread(block 67) failed
[  111.990757][ T6198] FAT-fs (loop0): Directory bread(block 68) failed
[  112.013815][ T6198] FAT-fs (loop0): Directory bread(block 69) failed
[  112.031008][ T6198] FAT-fs (loop0): Directory bread(block 70) failed
[  112.048533][ T6198] FAT-fs (loop0): Directory bread(block 71) failed
[  112.074339][ T6198] FAT-fs (loop0): Directory bread(block 72) failed
[  112.091531][ T6198] FAT-fs (loop0): Directory bread(block 73) failed
[  112.213710][   T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  112.362635][ T6196] loop1: detected capacity change from 0 to 32768
[  112.395396][   T10] usb 3-1: Using ep0 maxpacket: 8
[  112.401244][ T6196] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.71 (6196)
[  112.425122][   T10] usb 3-1: New USB device found, idVendor=046d, idProduct=0900, bcdDevice=66.9e
[  112.456941][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.471696][ T6189] loop4: detected capacity change from 0 to 40427
[  112.483081][   T10] usb 3-1: Product: syz
[  112.489461][   T10] usb 3-1: Manufacturer: syz
[  112.497272][   T10] usb 3-1: SerialNumber: syz
[  112.505262][ T6189] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  112.526126][ T6196] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  112.545690][   T10] usb 3-1: config 0 descriptor??
[  112.557051][ T6189] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  112.559726][ T6196] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  112.605442][   T10] gspca_main: spca500-2.14.0 probing 046d:0900
[  112.626654][ T6196] BTRFS info (device loop1): disk space caching is enabled
[  112.636831][ T6189] F2FS-fs (loop4): invalid crc value
[  112.669951][ T6196] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  112.932536][ T6196] BTRFS info (device loop1): rebuilding free space tree
[  113.018883][ T6196] BTRFS info (device loop1): disabling free space tree
[  113.020189][ T6189] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  113.049263][ T6196] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  113.057654][ T6189] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  113.085014][ T6196] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  113.244586][   T10] gspca_spca500: reg write: error -71
[  113.250496][   T10] gspca_spca500: reg write: error -71
[  113.263778][   T10] gspca_spca500: reg write: error -71
[  113.279722][   T10] gspca_spca500: reg write: error -71
[  113.290186][   T10] gspca_spca500: reg write: error -71
[  113.310530][   T10] gspca_spca500: reg write: error -71
[  113.320764][   T10] gspca_spca500: reg write: error -71
[  113.334008][   T10] gspca_spca500: reg write: error -71
[  113.334992][ T5834] syz-executor: attempt to access beyond end of device
[  113.334992][ T5834] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  113.350145][   T10] gspca_spca500: reg write: error -71
[  113.389947][   T10] gspca_spca500: reg write: error -71
[  113.398807][ T5834] CPU: 1 UID: 0 PID: 5834 Comm: syz-executor Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  113.398837][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  113.398850][ T5834] Call Trace:
[  113.398859][ T5834]  <TASK>
[  113.398868][ T5834]  dump_stack_lvl+0x189/0x250
[  113.398909][ T5834]  ? __pfx_dump_stack_lvl+0x10/0x10
[  113.398937][ T5834]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  113.398968][ T5834]  ? __pfx_queue_work_on+0x10/0x10
[  113.398999][ T5834]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  113.399028][ T5834]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  113.399059][ T5834]  ? f2fs_hw_is_readonly+0x39b/0x470
[  113.399093][ T5834]  f2fs_handle_critical_error+0x37c/0x540
[  113.399129][ T5834]  f2fs_write_end_io+0x495/0x810
[  113.399155][ T5834]  ? blkg_put+0x22/0x240
[  113.399201][ T5834]  __submit_merged_bio+0x27a/0x6a0
[  113.399224][ T5834]  ? up_write+0x1c4/0x420
[  113.399262][ T5834]  __submit_merged_write_cond+0x44c/0x530
[  113.399298][ T5834]  f2fs_sync_node_pages+0x1869/0x1a00
[  113.399370][ T5834]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  113.399435][ T5834]  ? f2fs_write_checkpoint+0xe43/0x1df0
[  113.399474][ T5834]  ? up_write+0x1c4/0x420
[  113.399501][ T5834]  ? do_raw_spin_unlock+0x122/0x240
[  113.399529][ T5834]  f2fs_write_checkpoint+0xe6f/0x1df0
[  113.399592][ T5834]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  113.399675][ T5834]  ? try_to_wake_up+0x7e5/0x1290
[  113.399715][ T5834]  ? kill_f2fs_super+0x298/0x6c0
[  113.399755][ T5834]  kill_f2fs_super+0x2c3/0x6c0
[  113.399796][ T5834]  ? __pfx_kill_f2fs_super+0x10/0x10
[  113.399824][ T5834]  ? radix_tree_delete_item+0x2b6/0x400
[  113.399867][ T5834]  ? shrinker_free+0x2ce/0x3e0
[  113.399898][ T5834]  deactivate_locked_super+0xb9/0x130
[  113.399931][ T5834]  cleanup_mnt+0x425/0x4c0
[  113.399960][ T5834]  ? lockdep_hardirqs_on+0x9c/0x150
[  113.399997][ T5834]  task_work_run+0x1d1/0x260
[  113.400026][ T5834]  ? __pfx_task_work_run+0x10/0x10
[  113.400045][ T5834]  ? __x64_sys_umount+0x122/0x160
[  113.400085][ T5834]  ? exit_to_user_mode_loop+0x40/0x110
[  113.400115][ T5834]  exit_to_user_mode_loop+0xec/0x110
[  113.400140][ T5834]  do_syscall_64+0x2bd/0x3b0
[  113.400161][ T5834]  ? lockdep_hardirqs_on+0x9c/0x150
[  113.400193][ T5834]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.400215][ T5834]  ? clear_bhb_loop+0x60/0xb0
[  113.400242][ T5834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.400262][ T5834] RIP: 0033:0x7f07ce98fc57
[  113.400281][ T5834] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  113.400298][ T5834] RSP: 002b:00007ffd50d4f878 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  113.400321][ T5834] RAX: 0000000000000000 RBX: 00007f07cea10925 RCX: 00007f07ce98fc57
[  113.400335][ T5834] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd50d4f930
[  113.400346][ T5834] RBP: 00007ffd50d4f930 R08: 0000000000000000 R09: 0000000000000000
[  113.400358][ T5834] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd50d509c0
[  113.400371][ T5834] R13: 00007f07cea10925 R14: 000000000001ba27 R15: 00007ffd50d50a00
[  113.400407][ T5834]  </TASK>
[  113.400416][ T5834] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  113.416828][   T10] gspca_spca500: reg write: error -71
[  113.468376][ T5151] Bluetooth: hci0: command tx timeout
[  113.607880][ T6196] BTRFS info (device loop1): balance: start -d -m
[  113.768451][   T10] gspca_spca500: reg write: error -71
[  113.792344][ T6196] BTRFS info (device loop1): relocating block group 6881280 flags data|metadata
[  113.806921][   T10] usb 3-1: USB disconnect, device number 2
[  114.059436][ T6196] BTRFS info (device loop1): relocating block group 5242880 flags data|metadata
[  114.088459][ T6205] loop0: detected capacity change from 0 to 32768
[  114.136394][ T6205] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.74 (6205)
[  114.248201][ T6205] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  114.304624][ T6205] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  114.354283][ T6205] BTRFS info (device loop0): disk space caching is enabled
[  114.361576][ T6205] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  114.441637][ T6196] BTRFS info (device loop1): balance: canceled
[  114.671495][ T6227] loop3: detected capacity change from 0 to 32768
[  114.685383][ T6227] XFS: attr2 mount option is deprecated.
[  114.711205][ T5840] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  114.736743][ T6205] BTRFS info (device loop0): rebuilding free space tree
[  114.821754][ T6227] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  114.882419][ T6205] BTRFS info (device loop0): disabling free space tree
[  114.893905][ T6205] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  114.973830][ T6205] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  115.181165][ T6227] XFS (loop3): Ending clean mount
[  115.217716][ T6227] XFS (loop3): Quotacheck needed: Please wait.
[  115.249960][ T6263] netlink: 4 bytes leftover after parsing attributes in process `syz.1.79'.
[  115.362133][ T6227] XFS (loop3): Quotacheck: Done.
[  115.470408][ T5833] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  115.604972][ T6268] loop4: detected capacity change from 0 to 256
[  115.646622][ T6268] exfat: Deprecated parameter 'namecase'
[  115.797843][ T6268] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0x7683d6d3, utbl_chksum : 0xe619d30d)
[  115.824816][ T5842] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  116.605730][ T6286] loop4: detected capacity change from 0 to 256
[  116.788508][ T6286] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  116.847634][ T6292] loop0: detected capacity change from 0 to 1024
[  116.849979][ T6290] netlink: 428 bytes leftover after parsing attributes in process `syz.3.86'.
[  116.875656][ T6290] netlink: 56 bytes leftover after parsing attributes in process `syz.3.86'.
[  116.925083][ T6292] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  117.034402][ T6292] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #11: comm syz.0.90: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  117.053637][ T5918] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  117.148463][ T6292] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.90: couldn't read orphan inode 11 (err -117)
[  117.189634][ T6292] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.225655][ T5918] usb 2-1: Using ep0 maxpacket: 32
[  117.242871][ T6271] loop2: detected capacity change from 0 to 40427
[  117.260207][ T5918] usb 2-1: config 0 has no interfaces?
[  117.276030][ T5918] usb 2-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a
[  117.296590][ T5918] usb 2-1: New USB device strings: Mfr=1, Product=66, SerialNumber=3
[  117.325151][ T5918] usb 2-1: Product: syz
[  117.331685][ T5918] usb 2-1: Manufacturer: syz
[  117.346908][ T5918] usb 2-1: SerialNumber: syz
[  117.369707][ T5833] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.375265][ T5918] usb 2-1: config 0 descriptor??
[  117.634338][ T6271] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  117.651099][ T6306] loop3: detected capacity change from 0 to 4096
[  117.730391][ T6306] NILFS (loop3): invalid segment: Checksum error in segment payload
[  117.749777][ T5918] usb 2-1: USB disconnect, device number 3
[  117.784005][ T6306] NILFS (loop3): trying rollback from an earlier position
[  117.847473][ T6306] NILFS (loop3): recovery complete
[  117.878185][ T6313] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  117.899444][   T30] audit: type=1326 audit(1751464345.770:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6309 comm="syz.0.97" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff72798e929 code=0x0
[  117.928575][ T5829] syz-executor: attempt to access beyond end of device
[  117.928575][ T5829] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  117.955681][ T5829] CPU: 0 UID: 0 PID: 5829 Comm: syz-executor Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  117.955708][ T5829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  117.955720][ T5829] Call Trace:
[  117.955728][ T5829]  <TASK>
[  117.955737][ T5829]  dump_stack_lvl+0x189/0x250
[  117.955774][ T5829]  ? __pfx_dump_stack_lvl+0x10/0x10
[  117.955797][ T5829]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  117.955826][ T5829]  ? __pfx_queue_work_on+0x10/0x10
[  117.955854][ T5829]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  117.955879][ T5829]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  117.955910][ T5829]  ? f2fs_hw_is_readonly+0x39b/0x470
[  117.955940][ T5829]  f2fs_handle_critical_error+0x37c/0x540
[  117.955971][ T5829]  f2fs_write_end_io+0x495/0x810
[  117.955999][ T5829]  ? blkg_put+0x22/0x240
[  117.956040][ T5829]  __submit_merged_bio+0x27a/0x6a0
[  117.956071][ T5829]  __submit_merged_write_cond+0x255/0x530
[  117.956103][ T5829]  f2fs_write_data_pages+0x261d/0x3000
[  117.956129][ T5829]  ? __lock_acquire+0xab9/0xd20
[  117.956185][ T5829]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  117.956256][ T5829]  ? __mod_zone_page_state+0xd7/0x140
[  117.956295][ T5829]  ? unwind_next_frame+0xa5/0x2390
[  117.956321][ T5829]  ? rcu_is_watching+0x15/0xb0
[  117.956343][ T5829]  ? __kasan_check_byte+0x12/0x40
[  117.956395][ T5829]  ? __lock_acquire+0xab9/0xd20
[  117.956428][ T5829]  ? do_raw_spin_lock+0x121/0x290
[  117.956461][ T5829]  ? do_raw_spin_unlock+0x122/0x240
[  117.956481][ T5829]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  117.956510][ T5829]  do_writepages+0x32e/0x550
[  117.956550][ T5829]  ? do_raw_spin_unlock+0x122/0x240
[  117.956574][ T5829]  filemap_fdatawrite+0x199/0x240
[  117.956604][ T5829]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  117.956684][ T5829]  ? do_raw_spin_unlock+0x122/0x240
[  117.956709][ T5829]  f2fs_sync_dirty_inodes+0x31f/0x830
[  117.956754][ T5829]  f2fs_write_checkpoint+0x95a/0x1df0
[  117.956809][ T5829]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  117.956878][ T5829]  ? try_to_wake_up+0x7e5/0x1290
[  117.956905][ T5829]  ? kill_f2fs_super+0x298/0x6c0
[  117.956939][ T5829]  kill_f2fs_super+0x2c3/0x6c0
[  117.956975][ T5829]  ? __pfx_kill_f2fs_super+0x10/0x10
[  117.957001][ T5829]  ? radix_tree_delete_item+0x2b6/0x400
[  117.957039][ T5829]  ? shrinker_free+0x2ce/0x3e0
[  117.957065][ T5829]  deactivate_locked_super+0xb9/0x130
[  117.957093][ T5829]  cleanup_mnt+0x425/0x4c0
[  117.957117][ T5829]  ? lockdep_hardirqs_on+0x9c/0x150
[  117.957151][ T5829]  task_work_run+0x1d1/0x260
[  117.957175][ T5829]  ? __pfx_task_work_run+0x10/0x10
[  117.957191][ T5829]  ? __x64_sys_umount+0x122/0x160
[  117.957226][ T5829]  ? exit_to_user_mode_loop+0x40/0x110
[  117.957253][ T5829]  exit_to_user_mode_loop+0xec/0x110
[  117.957277][ T5829]  do_syscall_64+0x2bd/0x3b0
[  117.957293][ T5829]  ? lockdep_hardirqs_on+0x9c/0x150
[  117.957319][ T5829]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.957336][ T5829]  ? clear_bhb_loop+0x60/0xb0
[  117.957357][ T5829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.957381][ T5829] RIP: 0033:0x7fb955f8fc57
[  117.957398][ T5829] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  117.957412][ T5829] RSP: 002b:00007ffdb07ffc58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  117.957433][ T5829] RAX: 0000000000000000 RBX: 00007fb956010925 RCX: 00007fb955f8fc57
[  117.957445][ T5829] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdb07ffd10
[  117.957456][ T5829] RBP: 00007ffdb07ffd10 R08: 0000000000000000 R09: 0000000000000000
[  117.957466][ T5829] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdb0800da0
[  117.957477][ T5829] R13: 00007fb956010925 R14: 000000000001cbe5 R15: 00007ffdb0800de0
[  117.957506][ T5829]  </TASK>
[  117.957514][ T5829] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  118.240138][ T6298] loop4: detected capacity change from 0 to 32768
[  118.524825][   T30] audit: type=1800 audit(1751464346.410:5): pid=6298 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.92" name="file1" dev="loop4" ino=4 res=0 errno=0
[  119.828810][ T5918] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  120.043778][ T5918] usb 2-1: Using ep0 maxpacket: 16
[  120.081203][ T5918] usb 2-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  120.095842][ T5918] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.109939][ T5918] usb 2-1: Product: syz
[  120.116445][ T5918] usb 2-1: Manufacturer: syz
[  120.121222][ T5918] usb 2-1: SerialNumber: syz
[  120.130489][ T5918] usb 2-1: config 0 descriptor??
[  120.550927][ T5918] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  120.652125][ T5918] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  120.696199][ T5918] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  120.733176][ T6342] loop4: detected capacity change from 0 to 164
[  120.739904][ T5918] usb 2-1: media controller created
[  120.755214][ T6328] dtv5100: wlen = 0, aborting.
[  120.871916][ T6331] loop2: detected capacity change from 0 to 32768
[  120.932874][ T5918] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  120.948585][ T6338] loop0: detected capacity change from 0 to 65536
[  120.957964][ T6331] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.105 (6331)
[  120.976628][ T6342]  nullb0: [CUMANA/ADFS] p1
[  120.976865][ T6342] nullb0: p1 size 3074847350 extends beyond EOD, truncated
[  121.008507][ T6331] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  121.019715][ T6331] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  121.033281][ T6331] BTRFS info (device loop2): disk space caching is enabled
[  121.049027][ T6338] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  121.061662][ T6338] XFS (loop0): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  121.089814][ T6331] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  121.177737][ T5918] zl10353_read_register: readreg error (reg=127, ret==0)
[  121.195275][ T6338] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x40.
[  121.215359][ T6338] XFS (loop0): Starting recovery (logdev: internal)
[  121.248452][ T5918] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  121.266299][ T6338] XFS (loop0): Ending recovery (logdev: internal)
[  121.285702][ T5918] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  121.322680][ T6338] XFS (loop0): Quotacheck needed: Please wait.
[  121.388087][ T5918] usb 2-1: USB disconnect, device number 4
[  121.464209][ T6338] XFS (loop0): Quotacheck: Done.
[  121.532078][ T6331] BTRFS info (device loop2): rebuilding free space tree
[  121.622806][ T5833] XFS (loop0): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  121.655696][ T6331] BTRFS info (device loop2): disabling free space tree
[  121.683282][ T6331] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  121.748611][ T6331] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  121.759391][ T6378] netlink: 4 bytes leftover after parsing attributes in process `syz.3.115'.
[  121.764158][ T5918] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  122.059842][ T6382] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  122.310592][ T5829] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  123.495360][ T6409] netlink: 8 bytes leftover after parsing attributes in process `syz.2.127'.
[  123.618628][ T6384] loop1: detected capacity change from 0 to 32768
[  123.709543][ T6384] (syz.1.118,6384,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  123.779023][ T6384] (syz.1.118,6384,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  123.817387][ T6386] loop3: detected capacity change from 0 to 40427
[  123.948193][ T6384] JBD2: Ignoring recovery information on journal
[  124.207407][ T6384] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  124.366374][ T6386] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  124.402762][ T6386] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  124.514417][ T6386] syz.3.119: attempt to access beyond end of device
[  124.514417][ T6386] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  124.701530][ T5842] syz-executor: attempt to access beyond end of device
[  124.701530][ T5842] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  124.753445][ T5842] CPU: 1 UID: 0 PID: 5842 Comm: syz-executor Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  124.753473][ T5842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  124.753485][ T5842] Call Trace:
[  124.753493][ T5842]  <TASK>
[  124.753501][ T5842]  dump_stack_lvl+0x189/0x250
[  124.753542][ T5842]  ? __pfx_dump_stack_lvl+0x10/0x10
[  124.753569][ T5842]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  124.753598][ T5842]  ? __pfx_queue_work_on+0x10/0x10
[  124.753627][ T5842]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  124.753655][ T5842]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  124.753685][ T5842]  ? f2fs_hw_is_readonly+0x39b/0x470
[  124.753714][ T5842]  f2fs_handle_critical_error+0x37c/0x540
[  124.753746][ T5842]  f2fs_write_end_io+0x495/0x810
[  124.753770][ T5842]  ? blkg_put+0x22/0x240
[  124.753814][ T5842]  __submit_merged_bio+0x27a/0x6a0
[  124.753847][ T5842]  __submit_merged_write_cond+0x255/0x530
[  124.753881][ T5842]  f2fs_write_data_pages+0x261d/0x3000
[  124.753967][ T5842]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  124.754069][ T5842]  ? folios_put_refs+0x559/0x640
[  124.754115][ T5842]  ? __pfx_folios_put_refs+0x10/0x10
[  124.754137][ T5842]  ? rcu_is_watching+0x15/0xb0
[  124.754177][ T5842]  ? __lock_acquire+0xab9/0xd20
[  124.754223][ T5842]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  124.754252][ T5842]  do_writepages+0x32e/0x550
[  124.754296][ T5842]  ? do_raw_spin_unlock+0x122/0x240
[  124.754323][ T5842]  filemap_fdatawrite+0x199/0x240
[  124.754354][ T5842]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  124.754446][ T5842]  ? do_raw_spin_unlock+0x122/0x240
[  124.754472][ T5842]  f2fs_sync_dirty_inodes+0x31f/0x830
[  124.754522][ T5842]  f2fs_write_checkpoint+0x95a/0x1df0
[  124.754582][ T5842]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  124.754662][ T5842]  ? try_to_wake_up+0x7e5/0x1290
[  124.754690][ T5842]  ? kill_f2fs_super+0x298/0x6c0
[  124.754727][ T5842]  kill_f2fs_super+0x2c3/0x6c0
[  124.754766][ T5842]  ? __pfx_kill_f2fs_super+0x10/0x10
[  124.754792][ T5842]  ? radix_tree_delete_item+0x2b6/0x400
[  124.754832][ T5842]  ? shrinker_free+0x2ce/0x3e0
[  124.754872][ T5842]  deactivate_locked_super+0xb9/0x130
[  124.754903][ T5842]  cleanup_mnt+0x425/0x4c0
[  124.754929][ T5842]  ? lockdep_hardirqs_on+0x9c/0x150
[  124.754975][ T5842]  task_work_run+0x1d1/0x260
[  124.755001][ T5842]  ? __pfx_task_work_run+0x10/0x10
[  124.755127][ T5842]  ? __x64_sys_umount+0x122/0x160
[  124.755163][ T5842]  ? exit_to_user_mode_loop+0x40/0x110
[  124.755191][ T5842]  exit_to_user_mode_loop+0xec/0x110
[  124.755215][ T5842]  do_syscall_64+0x2bd/0x3b0
[  124.755256][ T5842]  ? lockdep_hardirqs_on+0x9c/0x150
[  124.755286][ T5842]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.755306][ T5842]  ? clear_bhb_loop+0x60/0xb0
[  124.755331][ T5842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.755350][ T5842] RIP: 0033:0x7faaf278fc57
[  124.755368][ T5842] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  124.755384][ T5842] RSP: 002b:00007fff54257138 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  124.755406][ T5842] RAX: 0000000000000000 RBX: 00007faaf2810925 RCX: 00007faaf278fc57
[  124.755420][ T5842] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff542571f0
[  124.755432][ T5842] RBP: 00007fff542571f0 R08: 0000000000000000 R09: 0000000000000000
[  124.755443][ T5842] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff54258280
[  124.755455][ T5842] R13: 00007faaf2810925 R14: 000000000001e690 R15: 00007fff542582c0
[  124.755491][ T5842]  </TASK>
[  125.182925][ T5842] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  125.290075][ T5840] ocfs2: Unmounting device (7,1) on (node local)
[  125.525512][ T6450] loop4: detected capacity change from 0 to 256
[  125.615907][ T6450] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xcab3d314, utbl_chksum : 0xe619d30d)
[  125.703761][ T5947] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  125.741398][   T30] audit: type=1800 audit(1751464353.620:6): pid=6450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.140" name="file1" dev="loop4" ino=1048603 res=0 errno=0
[  125.888059][ T6458] Illegal XDP return value 2699099936 on prog  (id 19) dev syz_tun, expect packet loss!
[  125.997225][ T6462] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  126.081873][ T6464] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  126.182667][ T6470] loop1: detected capacity change from 0 to 512
[  126.230954][ T6470] EXT4-fs error (device loop1): ext4_orphan_get:1419: comm syz.1.148: bad orphan inode 11
[  126.245040][ T6470] ext4_test_bit(bit=10, block=4) = 1
[  126.250394][ T6470] is_bad_inode(inode)=0
[  126.255090][ T6470] NEXT_ORPHAN(inode)=2080374784
[  126.260013][ T6470] max_ino=32
[  126.263247][ T6470] i_nlink=0
[  126.266916][ T6470] EXT4-fs (loop1): 1 truncate cleaned up
[  126.274443][ T6470] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.348289][ T5840] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.804530][ T6493] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.158'.
[  126.848466][ T6496] loop4: detected capacity change from 0 to 8
[  126.888356][ T6496] unable to read id index table
[  127.264252][ T6506] process 'syz.4.163' launched './file2' with NULL argv: empty string added
[  127.493226][ T6490] loop2: detected capacity change from 0 to 32768
[  127.662779][ T6490] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  127.662806][ T6490]   allowing incompatible features above 0.0: (unknown version)
[  127.662819][ T6490]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  127.683725][ T1209] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  127.692446][ T6490] bcachefs (loop2): initializing new filesystem
[  127.728936][ T6490] bcachefs (loop2): going read-write
[  127.748017][ T6490] bcachefs (loop2): marking superblocks
[  127.771782][ T6490] bcachefs (loop2): initializing freespace
[  127.787834][ T6490] bcachefs (loop2): done initializing freespace
[  127.802351][ T6490] bcachefs (loop2): reading snapshots table
[  127.808568][ T6490] bcachefs (loop2): reading snapshots done
[  127.875293][ T6490] bcachefs (loop2): done starting filesystem
[  127.913302][ T1209] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  127.935437][ T1209] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  127.972962][ T1209] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  127.982788][ T1209] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.996453][ T1209] usb 5-1: Product: syz
[  128.000688][ T1209] usb 5-1: Manufacturer: syz
[  128.013660][ T1209] usb 5-1: SerialNumber: syz
[  128.111997][ T6490] bcachefs (loop2): requested incompat feature 1.16: reflink_p_may_update_opts currently not enabled, allowed up to 1.16: reflink_p_may_update_opts
[  128.111997][ T6490]   set version_upgrade=incompat to enable
[  128.182988][ T6490] syz.2.156 (6490) used greatest stack depth: 16776 bytes left
[  128.187469][ T6529] loop0: detected capacity change from 0 to 2048
[  128.236689][ T5829] bcachefs (loop2): shutting down
[  128.239464][ T6529] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  128.258578][ T5829] bcachefs (loop2): going read-only
[  128.268260][ T1209] usb 5-1: 0:2 : does not exist
[  128.281862][ T5829] bcachefs (loop2): finished waiting for writes to stop
[  128.308778][ T1209] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  128.329602][ T5829] bcachefs (loop2): flushing journal and stopping allocators, journal seq 4
[  128.420278][ T1209] usb 5-1: USB disconnect, device number 2
[  128.480580][ T5829] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 4
[  128.597852][ T5829] bcachefs (loop2): clean shutdown complete, journal seq 5
[  128.638144][ T5829] bcachefs (loop2): marking filesystem clean
[  128.724392][ T6537] loop0: detected capacity change from 0 to 2048
[  128.756198][ T5829] bcachefs (loop2): shutdown complete
[  128.759021][ T5918] kernel write not supported for file /76/oom_adj (pid: 5918 comm: kworker/1:5)
[  128.869976][ T6537] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.080336][ T5833] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.199460][ T6553] netlink: 4 bytes leftover after parsing attributes in process `syz.0.181'.
[  129.548410][ T1160] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.724066][ T1160] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.005170][ T1160] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.121031][ T6573] loop0: detected capacity change from 0 to 1024
[  130.142447][ T1160] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.169415][ T6573] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.281924][ T5151] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  130.301127][ T5151] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  130.314610][ T5151] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  130.349345][ T5151] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  130.358795][ T5151] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  130.418672][ T6564] loop3: detected capacity change from 0 to 32768
[  130.438789][ T1160] bridge_slave_1: left allmulticast mode
[  130.449086][ T1160] bridge_slave_1: left promiscuous mode
[  130.457935][ T1160] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.458420][ T5833] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.481953][ T1160] bridge_slave_0: left allmulticast mode
[  130.487878][ T1160] bridge_slave_0: left promiscuous mode
[  130.495112][ T1160] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.521772][ T6564] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  130.621615][ T6564] XFS (loop3): Ending clean mount
[  130.640829][ T6564] XFS (loop3): Quotacheck needed: Please wait.
[  130.784227][ T6564] XFS (loop3): Quotacheck: Done.
[  130.837006][   T30] audit: type=1800 audit(1751464358.730:7): pid=6564 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.186" name="file1" dev="loop3" ino=9286 res=0 errno=0
[  130.954685][   T30] audit: type=1326 audit(1751464358.850:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6592 comm="syz.4.193" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f07ce98e929 code=0x0
[  131.182106][ T5842] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  131.393946][ T6599] vivid-000: disconnect
[  131.431065][ T6598] vivid-000: reconnect
[  131.480370][ T6601] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  131.572754][ T1160] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  131.587538][ T1160] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  131.598624][ T1160] bond0 (unregistering): Released all slaves
[  132.300665][ T6577] chnl_net:caif_netlink_parms(): no params data found
[  132.368208][ T6630] loop0: detected capacity change from 0 to 2048
[  132.371010][ T6633] netlink: 256 bytes leftover after parsing attributes in process `syz.2.208'.
[  132.421588][ T6630] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  132.433887][ T5835] Bluetooth: hci3: command tx timeout
[  132.488262][ T1160] hsr_slave_0: left promiscuous mode
[  132.508693][ T1160] hsr_slave_1: left promiscuous mode
[  132.516303][ T1160] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  132.527131][ T1160] batman_adv: batadv0: Removing interface: batadv_slave_0
[  132.536704][ T1160] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  132.544726][ T1160] batman_adv: batadv0: Removing interface: batadv_slave_1
[  132.584437][ T1160] veth1_macvtap: left promiscuous mode
[  132.590727][ T1160] veth0_macvtap: left promiscuous mode
[  132.597235][ T1160] veth1_vlan: left promiscuous mode
[  132.603082][ T1160] veth0_vlan: left promiscuous mode
[  133.026895][ T6636] loop4: detected capacity change from 0 to 32768
[  133.086395][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  133.093133][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  133.153870][ T6636] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  133.198032][   T30] audit: type=1800 audit(1751464361.090:9): pid=6636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.209" name="file1" dev="loop4" ino=17058 res=0 errno=0
[  133.317598][ T6652] loop3: detected capacity change from 0 to 1764
[  133.445614][ T5834] ocfs2: Unmounting device (7,4) on (node local)
[  133.708647][  T978] hid-generic 0000:0000:0000.0001: unknown main item tag 0x7
[  133.717936][  T978] hid-generic 0000:0000:0000.0001: ignoring exceeding usage max
[  133.727628][  T978] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  133.735631][  T978] hid-generic 0000:0000:0000.0001: unknown main item tag 0x6
[  133.749904][  T978] hid-generic 0000:0000:0000.0001: reserved main item tag 0xd
[  133.788815][  T978] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  133.828626][ T1160] team0 (unregistering): Port device team_slave_1 removed
[  133.896645][ T1160] team0 (unregistering): Port device team_slave_0 removed
[  134.520083][ T5835] Bluetooth: hci3: command tx timeout
[  134.851664][ T6577] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.875941][ T6577] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.883318][ T6577] bridge_slave_0: entered allmulticast mode
[  134.893441][ T6577] bridge_slave_0: entered promiscuous mode
[  134.939814][ T6577] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.945626][ T6686] loop0: detected capacity change from 0 to 64
[  134.972941][ T6577] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.982396][ T6577] bridge_slave_1: entered allmulticast mode
[  134.992848][ T6577] bridge_slave_1: entered promiscuous mode
[  135.076018][ T6684] Trying to free block not in datazone
[  135.219934][ T6577] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  135.340581][ T6577] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  135.366148][ T6697] loop4: detected capacity change from 0 to 64
[  135.467674][ T5905] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  135.503195][ T6577] team0: Port device team_slave_0 added
[  135.524753][ T6577] team0: Port device team_slave_1 added
[  135.563964][ T6699] kvm: kvm [6698]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x200000000200
[  135.672691][ T5905] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  135.686793][ T1160] IPVS: stop unused estimator thread 0...
[  135.694651][ T5905] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  135.713874][ T5905] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  135.730110][ T5905] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  135.744779][ T6577] batman_adv: batadv0: Adding interface: batadv_slave_0
[  135.764547][ T5905] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.773953][ T6577] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  135.814068][ T6577] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  135.829703][ T5905] usb 4-1: config 0 descriptor??
[  135.860681][ T6577] batman_adv: batadv0: Adding interface: batadv_slave_1
[  135.869657][ T6577] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  135.900305][ T6577] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  136.214484][ T6577] hsr_slave_0: entered promiscuous mode
[  136.225876][ T6577] hsr_slave_1: entered promiscuous mode
[  136.242907][ T6577] debugfs: 'hsr0' already exists in 'hsr'
[  136.253665][ T6577] Cannot create hsr debugfs directory
[  136.306419][ T5905] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  136.421303][   T30] audit: type=1326 audit(1751464364.310:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6714 comm="syz.0.238" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff72798e929 code=0x0
[  136.453696][ T1209] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  136.594024][ T5835] Bluetooth: hci3: command tx timeout
[  136.626892][ T1209] usb 5-1: config 1 has an invalid descriptor of length 119, skipping remainder of the config
[  136.658419][ T1209] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  136.672685][ T1209] usb 5-1: config 1 has no interface number 0
[  136.695850][ T1209] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  136.726161][ T1209] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  136.738255][ T6709] loop2: detected capacity change from 0 to 40427
[  136.740978][ T1209] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.755479][ T1209] usb 5-1: Product: syz
[  136.762693][ T1209] usb 5-1: Manufacturer: syz
[  136.774486][ T1209] usb 5-1: SerialNumber: syz
[  136.780333][ T6709] F2FS-fs (loop2): invalid crc value
[  136.798304][ T1209] cdc_ncm 5-1:1.1: skipping garbage
[  136.807928][ T1209] usb 5-1: selecting invalid altsetting 1
[  136.939256][ T6709] F2FS-fs (loop2): Start checkpoint disabled!
[  136.958651][ T6709] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  136.982765][ T6577] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  136.997905][ T6577] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  137.026162][ T6577] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  137.040884][ T6577] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  137.138373][ T6709] F2FS-fs (loop2): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  137.190972][ T6577] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.241834][ T6577] 8021q: adding VLAN 0 to HW filter on device team0
[  137.282169][   T13] kworker/u8:1: attempt to access beyond end of device
[  137.282169][   T13] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  137.304820][   T13] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  137.304854][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  137.304872][   T13] Workqueue: writeback wb_workfn (flush-7:2)
[  137.304908][   T13] Call Trace:
[  137.304925][   T13]  <TASK>
[  137.304934][   T13]  dump_stack_lvl+0x189/0x250
[  137.304975][   T13]  ? __pfx_dump_stack_lvl+0x10/0x10
[  137.305004][   T13]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  137.305020][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.305036][   T13]  ? __pfx_queue_work_on+0x10/0x10
[  137.305066][   T13]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  137.305091][   T13]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  137.305126][   T13]  ? f2fs_hw_is_readonly+0x39b/0x470
[  137.305165][   T13]  f2fs_handle_critical_error+0x37c/0x540
[  137.305203][   T13]  f2fs_write_end_io+0x495/0x810
[  137.305235][   T13]  ? blkg_put+0x22/0x240
[  137.305292][   T13]  __submit_merged_bio+0x27a/0x6a0
[  137.305332][   T13]  __submit_merged_write_cond+0x255/0x530
[  137.305373][   T13]  f2fs_write_data_pages+0x261d/0x3000
[  137.305462][   T13]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  137.305621][   T13]  ? f2fs_write_meta_pages+0x357/0x450
[  137.305666][   T13]  ? __lock_acquire+0xab9/0xd20
[  137.305699][   T13]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  137.305733][   T13]  do_writepages+0x32e/0x550
[  137.305777][   T13]  ? reacquire_held_locks+0x127/0x1d0
[  137.305808][   T13]  ? writeback_sb_inodes+0x384/0x1010
[  137.305857][   T13]  __writeback_single_inode+0x145/0xff0
[  137.305892][   T13]  ? do_raw_spin_unlock+0x122/0x240
[  137.305930][   T13]  writeback_sb_inodes+0x6c7/0x1010
[  137.306006][   T13]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  137.306108][   T13]  ? rcu_is_watching+0x15/0xb0
[  137.306156][   T13]  wb_writeback+0x43b/0xaf0
[  137.306201][   T13]  ? queue_io+0x3d1/0x590
[  137.306240][   T13]  ? __pfx_wb_writeback+0x10/0x10
[  137.306287][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  137.306331][   T13]  wb_workfn+0x409/0xef0
[  137.306385][   T13]  ? __pfx_wb_workfn+0x10/0x10
[  137.306422][   T13]  ? __lock_acquire+0xab9/0xd20
[  137.306468][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  137.306511][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  137.306542][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  137.306573][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  137.306608][   T13]  process_scheduled_works+0xae1/0x17b0
[  137.306691][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  137.306751][   T13]  worker_thread+0x8a0/0xda0
[  137.306827][   T13]  kthread+0x70e/0x8a0
[  137.306857][   T13]  ? __pfx_worker_thread+0x10/0x10
[  137.306888][   T13]  ? __pfx_kthread+0x10/0x10
[  137.306921][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  137.306955][   T13]  ? lockdep_hardirqs_on+0x9c/0x150
[  137.306988][   T13]  ? __pfx_kthread+0x10/0x10
[  137.307014][   T13]  ret_from_fork+0x3fc/0x770
[  137.307050][   T13]  ? __pfx_ret_from_fork+0x10/0x10
[  137.307091][   T13]  ? __switch_to_asm+0x39/0x70
[  137.307112][   T13]  ? __switch_to_asm+0x33/0x70
[  137.307133][   T13]  ? __pfx_kthread+0x10/0x10
[  137.307159][   T13]  ret_from_fork_asm+0x1a/0x30
[  137.307209][   T13]  </TASK>
[  137.307773][   T13] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  137.316745][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.327055][   T13] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  137.327088][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  137.327102][   T13] Workqueue: writeback wb_workfn (flush-7:2)
[  137.327147][   T13] Call Trace:
[  137.327156][   T13]  <TASK>
[  137.327167][   T13]  dump_stack_lvl+0x189/0x250
[  137.327208][   T13]  ? __pfx_dump_stack_lvl+0x10/0x10
[  137.327244][   T13]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  137.327279][   T13]  ? __pfx_queue_work_on+0x10/0x10
[  137.327314][   T13]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  137.327346][   T13]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  137.327380][   T13]  ? f2fs_hw_is_readonly+0x39b/0x470
[  137.327416][   T13]  f2fs_handle_critical_error+0x37c/0x540
[  137.327453][   T13]  f2fs_write_end_io+0x495/0x810
[  137.327483][   T13]  ? blkg_put+0x22/0x240
[  137.327531][   T13]  __submit_merged_bio+0x27a/0x6a0
[  137.327566][   T13]  __submit_merged_write_cond+0x255/0x530
[  137.327603][   T13]  f2fs_write_data_pages+0x261d/0x3000
[  137.327676][   T13]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  137.327807][   T13]  ? f2fs_write_meta_pages+0x357/0x450
[  137.327849][   T13]  ? __lock_acquire+0xab9/0xd20
[  137.327883][   T13]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  137.327922][   T13]  do_writepages+0x32e/0x550
[  137.327963][   T13]  ? reacquire_held_locks+0x127/0x1d0
[  137.327992][   T13]  ? writeback_sb_inodes+0x384/0x1010
[  137.328035][   T13]  __writeback_single_inode+0x145/0xff0
[  137.328066][   T13]  ? do_raw_spin_unlock+0x122/0x240
[  137.328094][   T13]  writeback_sb_inodes+0x6c7/0x1010
[  137.328159][   T13]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  137.328243][   T13]  ? rcu_is_watching+0x15/0xb0
[  137.328289][   T13]  wb_writeback+0x43b/0xaf0
[  137.328332][   T13]  ? queue_io+0x3d1/0x590
[  137.328369][   T13]  ? __pfx_wb_writeback+0x10/0x10
[  137.328410][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  137.328450][   T13]  wb_workfn+0x409/0xef0
[  137.328497][   T13]  ? __pfx_wb_workfn+0x10/0x10
[  137.328529][   T13]  ? __lock_acquire+0xab9/0xd20
[  137.328571][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  137.328608][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  137.328638][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  137.328666][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  137.328698][   T13]  process_scheduled_works+0xae1/0x17b0
[  137.328765][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  137.328818][   T13]  worker_thread+0x8a0/0xda0
[  137.328883][   T13]  kthread+0x70e/0x8a0
[  137.328909][   T13]  ? __pfx_worker_thread+0x10/0x10
[  137.328946][   T13]  ? __pfx_kthread+0x10/0x10
[  137.328970][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  137.329002][   T13]  ? lockdep_hardirqs_on+0x9c/0x150
[  137.329033][   T13]  ? __pfx_kthread+0x10/0x10
[  137.329057][   T13]  ret_from_fork+0x3fc/0x770
[  137.329089][   T13]  ? __pfx_ret_from_fork+0x10/0x10
[  137.329127][   T13]  ? __switch_to_asm+0x39/0x70
[  137.329149][   T13]  ? __switch_to_asm+0x33/0x70
[  137.329167][   T13]  ? __pfx_kthread+0x10/0x10
[  137.329191][   T13]  ret_from_fork_asm+0x1a/0x30
[  137.329235][   T13]  </TASK>
[  137.329338][   T13] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  137.417369][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.654081][ T1209] cdc_ncm 5-1:1.1: SET_NTB_FORMAT failed
[  137.657207][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.677049][ T1209] usb 5-1: selecting invalid altsetting 1
[  137.701445][ T6727] loop0: detected capacity change from 0 to 256
[  137.748120][ T5947] usb 4-1: USB disconnect, device number 2
[  137.754033][ T6727] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  137.800781][ T1209] cdc_ncm 5-1:1.1: bind() failure
[  137.804572][ T6727] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  137.842538][ T6727] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  137.964446][ T1209] usb 5-1: USB disconnect, device number 3
[  138.383181][ T6737] warning: `syz.4.242' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  138.392026][ T6739] netlink: 28 bytes leftover after parsing attributes in process `syz.3.243'.
[  138.417074][ T6739] netlink: 28 bytes leftover after parsing attributes in process `syz.3.243'.
[  138.518551][ T6577] 8021q: adding VLAN 0 to HW filter on device batadv0
[  138.608304][ T6577] veth0_vlan: entered promiscuous mode
[  138.628344][ T6577] veth1_vlan: entered promiscuous mode
[  138.672182][ T6577] veth0_macvtap: entered promiscuous mode
[  138.674422][ T5835] Bluetooth: hci3: command tx timeout
[  138.692911][ T6577] veth1_macvtap: entered promiscuous mode
[  138.730175][ T6577] batman_adv: batadv0: Interface activated: batadv_slave_0
[  138.749756][ T6577] batman_adv: batadv0: Interface activated: batadv_slave_1
[  138.785398][ T6749] loop4: detected capacity change from 0 to 512
[  138.803994][ T6749] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  138.804600][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  138.835082][   T36] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  138.859326][ T6752] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.248'.
[  138.863993][ T6749] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.247: invalid block
[  138.887961][ T6749] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.247: invalid indirect mapped block 4294967295 (level 1)
[  138.908549][   T36] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.919603][ T6749] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.247: invalid indirect mapped block 4294967295 (level 1)
[  138.946908][ T6749] EXT4-fs (loop4): 2 truncates cleaned up
[  138.949746][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.955252][ T6749] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.975559][ T6748] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.248'.
[  139.078048][ T6749] EXT4-fs (loop4): shut down requested (2)
[  139.178340][ T5834] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.213686][ T3513] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.221770][ T3513] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.276120][ T6759] loop0: detected capacity change from 0 to 512
[  139.295543][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.303429][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.321901][ T6759] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  139.363158][ T6759] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  139.399145][ T6759] EXT4-fs (loop0): 1 truncate cleaned up
[  139.415654][ T6759] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.533014][ T6759] syz.0.251 (pid 6759) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  139.639727][ T5833] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.825164][ T6754] loop3: detected capacity change from 0 to 40427
[  139.851161][ T6754] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  139.862672][ T6754] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  139.941870][ T6754] F2FS-fs (loop3): invalid crc value
[  140.120406][ T6754] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  140.144092][ T6754] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  140.411008][ T5947] IPVS: starting estimator thread 0...
[  140.418092][ T6786] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  140.514333][ T6790] IPVS: using max 28 ests per chain, 67200 per kthread
[  140.915270][   T36] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.029702][ T6789] loop4: detected capacity change from 0 to 32768
[  141.079816][ T6789] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  141.190150][ T6789] XFS (loop4): Ending clean mount
[  141.217816][ T6789] XFS (loop4): Quotacheck needed: Please wait.
[  141.299080][ T6789] XFS (loop4): Quotacheck: Done.
[  141.408815][ T5834] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  141.451533][ T6795] loop3: detected capacity change from 0 to 32768
[  141.479711][ T6795] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.260 (6795)
[  141.571672][ T6795] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  141.606985][ T6795] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  141.628651][ T6795] BTRFS info (device loop3): disk space caching is enabled
[  141.652866][ T6795] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  141.727549][   T36] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.780115][ T6795] BTRFS info (device loop3): rebuilding free space tree
[  141.831247][ T6795] BTRFS info (device loop3): disabling free space tree
[  141.862083][ T6795] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  141.885816][ T6795] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  141.907175][ T5151] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  141.920304][ T5151] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  141.932191][   T36] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.943701][ T5151] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  141.952888][ T5151] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  141.962311][ T5151] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  141.998907][ T6795] BTRFS info (device loop3): balance: start -d -m
[  142.008847][ T6795] BTRFS info (device loop3): relocating block group 6881280 flags data|metadata
[  142.070640][   T36] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.160876][ T6795] BTRFS info (device loop3): relocating block group 5242880 flags data|metadata
[  142.356863][   T36] bridge_slave_1: left allmulticast mode
[  142.362603][   T36] bridge_slave_1: left promiscuous mode
[  142.368979][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.398395][   T36] bridge_slave_0: left allmulticast mode
[  142.404256][   T36] bridge_slave_0: left promiscuous mode
[  142.410095][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.507970][ T6795] BTRFS info (device loop3): found 9 extents, stage: move data extents
[  142.653423][ T6795] BTRFS info (device loop3): found 1 extents, stage: update data pointers
[  142.759313][ T6795] BTRFS info (device loop3): balance: ended with status: 0
[  142.912790][ T5842] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  142.950442][   T24] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  143.144860][   T24] usb 5-1: Using ep0 maxpacket: 16
[  143.157729][ T6835] loop2: detected capacity change from 0 to 32768
[  143.175381][   T24] usb 5-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  143.203950][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.240962][   T24] usb 5-1: config 0 descriptor??
[  143.264493][   T30] audit: type=1800 audit(1751464371.150:11): pid=6835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.265" name="file1" dev="loop2" ino=4 res=0 errno=0
[  143.278483][   T24] gspca_main: sonixj-2.14.0 probing 0471:0327
[  143.410916][ T6842] Cannot find add_set index 1 as target
[  143.471507][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  143.531010][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  143.549741][   T36] bond0 (unregistering): Released all slaves
[  143.620579][ T6823] chnl_net:caif_netlink_parms(): no params data found
[  143.854529][ T5905] kernel read not supported for file /vga_arbiter (pid: 5905 comm: kworker/1:4)
[  143.924899][ T6823] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.932273][ T6823] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.941211][ T6823] bridge_slave_0: entered allmulticast mode
[  143.950216][ T6823] bridge_slave_0: entered promiscuous mode
[  143.981515][ T6823] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.990030][ T6823] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.997551][ T6823] bridge_slave_1: entered allmulticast mode
[  144.009714][ T6823] bridge_slave_1: entered promiscuous mode
[  144.034110][ T5835] Bluetooth: hci3: command tx timeout
[  144.190513][ T6823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  144.211436][   T36] hsr_slave_0: left promiscuous mode
[  144.218303][   T36] hsr_slave_1: left promiscuous mode
[  144.227270][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  144.235423][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  144.244005][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  144.251489][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  144.274960][   T36] veth1_macvtap: left promiscuous mode
[  144.280668][   T36] veth0_macvtap: left promiscuous mode
[  144.286574][   T36] veth1_vlan: left promiscuous mode
[  144.292078][   T36] veth0_vlan: left promiscuous mode
[  144.316330][   T24] usb 5-1: USB disconnect, device number 4
[  144.444163][ T1209] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  144.613672][ T1209] usb 4-1: Using ep0 maxpacket: 8
[  144.620987][ T1209] usb 4-1: config index 0 descriptor too short (expected 30482, got 18)
[  144.646466][ T1209] usb 4-1: config 0 has too many interfaces: 101, using maximum allowed: 32
[  144.656377][ T1209] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 101
[  144.690148][ T1209] usb 4-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice= 5.00
[  144.700518][ T1209] usb 4-1: New USB device strings: Mfr=253, Product=255, SerialNumber=0
[  144.727555][ T1209] usb 4-1: Product: syz
[  144.731806][ T1209] usb 4-1: Manufacturer: syz
[  144.741905][ T1209] usb 4-1: config 0 descriptor??
[  144.765376][ T1209] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  144.782981][ T1209] usb 4-1: Detected FT2232C/D
[  144.991300][ T6862] loop0: detected capacity change from 0 to 40427
[  145.002903][ T6862] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  145.011743][ T6862] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  145.026935][ T6862] F2FS-fs (loop0): invalid crc value
[  145.156165][ T6862] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  145.163380][ T6862] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  145.183080][ T1209] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  145.205344][ T1209] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  145.228199][ T1209] usb 4-1: USB disconnect, device number 3
[  145.235122][   T30] audit: type=1804 audit(1751464373.120:12): pid=6862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.275" name="/newroot/65/bus/file0" dev="loop0" ino=10 res=1 errno=0
[  145.261791][   T36] team0 (unregistering): Port device team_slave_1 removed
[  145.276433][ T1209] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  145.301049][ T1209] ftdi_sio 4-1:0.0: device disconnected
[  145.368593][   T36] team0 (unregistering): Port device team_slave_0 removed
[  145.819670][ T6873] loop3: detected capacity change from 0 to 2048
[  145.867534][ T6873] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.999685][ T5842] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.032546][ T6858] netlink: 'syz.2.273': attribute type 12 has an invalid length.
[  146.040912][ T6858] netlink: 'syz.2.273': attribute type 29 has an invalid length.
[  146.056353][ T6858] netlink: 148 bytes leftover after parsing attributes in process `syz.2.273'.
[  146.072834][ T6858] netlink: 'syz.2.273': attribute type 1 has an invalid length.
[  146.097529][ T6823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  146.114371][ T5835] Bluetooth: hci3: command tx timeout
[  146.140850][ T6864] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  146.322817][ T6823] team0: Port device team_slave_0 added
[  146.365405][ T6823] team0: Port device team_slave_1 added
[  146.522617][ T6890] loop4: detected capacity change from 0 to 256
[  146.537187][ T6823] batman_adv: batadv0: Adding interface: batadv_slave_0
[  146.555143][ T6823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.601893][ T6890] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  146.626120][ T1209] hid-generic 0000:0000:0000.0003: unknown main item tag 0x7
[  146.636487][ T1209] hid-generic 0000:0000:0000.0003: ignoring exceeding usage max
[  146.640244][ T6823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  146.655136][ T1209] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  146.656148][ T1209] hid-generic 0000:0000:0000.0003: unknown main item tag 0x6
[  146.676076][ T6823] batman_adv: batadv0: Adding interface: batadv_slave_1
[  146.689434][ T1209] hid-generic 0000:0000:0000.0003: reserved main item tag 0xd
[  146.706782][ T1209] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  146.716168][ T6823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.766997][ T6823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  147.069669][ T6823] hsr_slave_0: entered promiscuous mode
[  147.095045][ T6823] hsr_slave_1: entered promiscuous mode
[  147.104850][ T6823] debugfs: 'hsr0' already exists in 'hsr'
[  147.110652][ T6823] Cannot create hsr debugfs directory
[  147.371258][ T6884] loop0: detected capacity change from 0 to 32768
[  147.393135][ T6884] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  147.509841][ T6884] XFS (loop0): Ending clean mount
[  147.534526][ T6884] XFS (loop0): Quotacheck needed: Please wait.
[  147.612559][ T6884] XFS (loop0): Quotacheck: Done.
[  147.759249][ T5833] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  148.194677][ T5835] Bluetooth: hci3: command tx timeout
[  148.383276][ T6823] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  148.429107][ T6823] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  148.472429][ T6823] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  148.508269][ T6823] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  148.538682][ T6927] loop2: detected capacity change from 0 to 32768
[  148.663963][ T6927] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  148.916328][ T6823] 8021q: adding VLAN 0 to HW filter on device bond0
[  148.919367][ T6927] XFS (loop2): Ending clean mount
[  148.957864][ T6927] XFS (loop2): Quotacheck needed: Please wait.
[  149.016226][ T6823] 8021q: adding VLAN 0 to HW filter on device team0
[  149.071157][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.078571][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.111942][ T6927] XFS (loop2): Quotacheck: Done.
[  149.138437][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.145794][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.361534][ T6942] loop4: detected capacity change from 0 to 32768
[  149.382113][ T5829] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  149.455326][ T6966] loop3: detected capacity change from 0 to 32768
[  149.482805][ T6966] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.310 (6966)
[  149.527678][ T6966] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  149.554771][ T6966] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  149.575070][ T6966] BTRFS info (device loop3): using free-space-tree
[  149.579872][ T6942] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  149.597776][ T6942]   allowing incompatible features above 0.0: (unknown version)
[  149.606149][ T6942]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  149.621600][ T6942] bcachefs (loop4): initializing new filesystem
[  149.638842][ T6942] bcachefs (loop4): going read-write
[  149.655147][ T6942] bcachefs (loop4): marking superblocks
[  149.709796][ T6942] bcachefs (loop4): initializing freespace
[  149.744478][ T6942] bcachefs (loop4): done initializing freespace
[  149.772682][ T6942] bcachefs (loop4): reading snapshots table
[  149.784722][ T6942] bcachefs (loop4): reading snapshots done
[  149.905931][ T6942] bcachefs (loop4): done starting filesystem
[  149.915998][   T30] audit: type=1800 audit(1751464377.810:13): pid=6966 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.310" name="file1" dev="loop3" ino=260 res=0 errno=0
[  149.999739][ T6823] 8021q: adding VLAN 0 to HW filter on device batadv0
[  150.079986][ T6962] loop0: detected capacity change from 0 to 32768
[  150.116549][ T6823] veth0_vlan: entered promiscuous mode
[  150.178178][ T6823] veth1_vlan: entered promiscuous mode
[  150.190851][ T5842] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  150.197244][ T6962] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  150.275743][ T5151] Bluetooth: hci3: command tx timeout
[  150.342112][ T6823] veth0_macvtap: entered promiscuous mode
[  150.396250][ T6823] veth1_macvtap: entered promiscuous mode
[  150.450644][ T6823] batman_adv: batadv0: Interface activated: batadv_slave_0
[  150.503007][ T5834] bcachefs (loop4): shutting down
[  150.522734][ T5834] bcachefs (loop4): going read-only
[  150.537353][ T5833] ocfs2: Unmounting device (7,0) on (node local)
[  150.543639][ T5834] bcachefs (loop4): finished waiting for writes to stop
[  150.549055][ T6823] batman_adv: batadv0: Interface activated: batadv_slave_1
[  150.599647][ T5834] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[  150.613803][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  150.682534][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  150.706174][   T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  150.766847][   T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  150.817985][ T5834] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  150.858146][ T5834] bcachefs (loop4): clean shutdown complete, journal seq 4
[  150.913155][ T5834] bcachefs (loop4): marking filesystem clean
[  150.944060][ T3513] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  150.951960][ T3513] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.038945][ T7009] loop2: detected capacity change from 0 to 64
[  151.069903][ T5834] bcachefs (loop4): shutdown complete
[  151.085984][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.117904][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.222049][   T30] audit: type=1800 audit(1751464379.110:14): pid=7009 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.317" name="file1" dev="loop2" ino=18 res=0 errno=0
[  151.674138][ T7013] loop3: detected capacity change from 0 to 32768
[  151.699242][ T7013] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  151.708725][   T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  151.789808][ T7013] XFS (loop3): Ending clean mount
[  151.863686][   T24] usb 1-1: Using ep0 maxpacket: 8
[  151.872742][   T24] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  151.885013][   T24] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  151.891650][ T1160] XFS (loop3): Metadata CRC error detected at xfs_agfl_read_verify+0x126/0x1f0, xfs_agfl block 0x3 
[  151.897332][   T24] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  151.918037][   T24] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  151.933151][   T24] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  151.942655][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.959264][ T1160] XFS (loop3): Unmount and run xfs_repair
[  151.983786][ T1160] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  151.991246][ T1160] 00000000: 58 41 46 ff 07 00 00 00 bf dc 47 fc 10 d8 4e ed  XAF.......G...N.
[  152.022008][ T1160] 00000010: a5 62 11 a8 31 b3 f7 91 00 00 00 00 00 00 00 00  .b..1...........
[  152.031060][ T1160] 00000020: a5 3b c8 8a ff ff ff ff 00 00 00 07 00 00 00 08  .;..............
[  152.066059][ T1160] 00000030: 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 0c  ................
[  152.086065][ T1160] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  152.123771][ T1160] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  152.126009][   T49] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.132694][ T1160] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  152.132713][ T1160] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  152.133015][ T1160] XFS (loop3): metadata I/O error in "xfs_alloc_read_agfl+0x202/0x410" at daddr 0x3 len 1 error 74
[  152.215426][   T24] usb 1-1: GET_CAPABILITIES returned 0
[  152.221231][   T24] usbtmc 1-1:16.0: can't read capabilities
[  152.234234][ T1160] XFS (loop3): page discard on page ffffea0001a99780, inode 0x2449, pos 0.
[  152.257676][ T1160] XFS (loop3): Metadata CRC error detected at xfs_agfl_read_verify+0x126/0x1f0, xfs_agfl block 0x3 
[  152.293933][ T1160] XFS (loop3): Unmount and run xfs_repair
[  152.299738][ T1160] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  152.323796][ T1160] 00000000: 58 41 46 ff 07 00 00 00 bf dc 47 fc 10 d8 4e ed  XAF.......G...N.
[  152.332734][ T1160] 00000010: a5 62 11 a8 31 b3 f7 91 00 00 00 00 00 00 00 00  .b..1...........
[  152.348804][ T1160] 00000020: a5 3b c8 8a ff ff ff ff 00 00 00 07 00 00 00 08  .;..............
[  152.360030][ T1160] 00000030: 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 0c  ................
[  152.369931][ T1160] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  152.379523][ T1160] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  152.389098][ T1160] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  152.399716][ T1160] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  152.409178][ T1160] XFS (loop3): metadata I/O error in "xfs_alloc_read_agfl+0x202/0x410" at daddr 0x3 len 1 error 74
[  152.478190][ T5891] usb 1-1: USB disconnect, device number 2
[  152.483721][ T1160] XFS (loop3): page discard on page ffffea00018a5700, inode 0x2449, pos 49152.
[  152.506221][   T49] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.532293][ T5842] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  152.627176][ T5842] XFS (loop3): Uncorrected metadata errors detected; please run xfs_repair.
[  152.725321][   T49] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.937402][   T49] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.140606][ T5835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  153.151452][ T5835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  153.159171][ T7045] loop0: detected capacity change from 0 to 128
[  153.180851][ T5835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  153.194316][ T5835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  153.211393][ T5835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  153.233908][ T7045] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  153.316916][ T7045] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  153.332577][ T7048] capability: warning: `syz.2.329' uses 32-bit capabilities (legacy support in use)
[  153.352649][ T7048] program syz.2.329 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  153.424467][   T49] bridge_slave_1: left allmulticast mode
[  153.430284][   T49] bridge_slave_1: left promiscuous mode
[  153.464624][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.513167][   T49] bridge_slave_0: left allmulticast mode
[  153.536637][   T49] bridge_slave_0: left promiscuous mode
[  153.555792][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.113255][ T7064] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.334'.
[  154.451912][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  154.478245][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  154.492792][   T49] bond0 (unregistering): Released all slaves
[  155.120807][   T49] hsr_slave_0: left promiscuous mode
[  155.135791][   T49] hsr_slave_1: left promiscuous mode
[  155.142285][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  155.151694][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  155.194489][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  155.201977][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  155.251778][   T49] veth1_macvtap: left promiscuous mode
[  155.258502][   T49] veth0_macvtap: left promiscuous mode
[  155.264731][   T49] veth1_vlan: left promiscuous mode
[  155.270267][   T49] veth0_vlan: left promiscuous mode
[  155.324170][ T5151] Bluetooth: hci3: command tx timeout
[  155.620425][ T7102] loop2: detected capacity change from 0 to 512
[  155.653623][ T7102] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  155.685636][ T7102] EXT4-fs (loop2): 1 truncate cleaned up
[  155.763840][ T7102] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.853036][ T7102] EXT4-fs error (device loop2): ext4_check_dx_root:2203: inode #2: comm syz.2.349: Corrupt dir, invalid name for '..', running e2fsck is recommended
[  155.887168][ T7102] EXT4-fs (loop2): Remounting filesystem read-only
[  156.001874][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.227043][ T7108] netlink: 12 bytes leftover after parsing attributes in process `syz.2.351'.
[  156.419907][ T7113] loop2: detected capacity change from 0 to 8
[  156.441283][ T7113] squashfs: Unknown parameter 'smackfstransmute'
[  156.491676][ T7106] random: crng reseeded on system resumption
[  156.793681][ T5891] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  156.951402][   T49] team0 (unregistering): Port device team_slave_1 removed
[  156.987257][ T5891] usb 3-1: Using ep0 maxpacket: 16
[  157.004099][ T5891] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  157.019385][ T5891] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  157.044827][ T5891] usb 3-1: config 0 interface 0 has no altsetting 0
[  157.051534][ T5891] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  157.065926][ T5891] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.082388][   T49] team0 (unregistering): Port device team_slave_0 removed
[  157.091636][ T5891] usb 3-1: config 0 descriptor??
[  157.394779][ T5151] Bluetooth: hci3: command tx timeout
[  157.516661][ T5891] hid (null): unknown global tag 0xbd
[  157.522111][ T5891] hid (null): report_id 0 is invalid
[  157.543695][ T5891] hid (null): global environment stack underflow
[  157.562486][ T5891] hid (null): unknown global tag 0xc
[  157.573904][ T5891] hid (null): invalid report_count -1591138943
[  157.590259][ T5891] hid (null): unknown global tag 0xc
[  157.602213][ T5891] hid (null): unknown global tag 0xe
[  157.608594][ T5891] hid (null): unknown global tag 0xe
[  157.618590][ T5891] hid (null): report_id 24959 is invalid
[  157.627455][ T5891] hid (null): unknown global tag 0xd
[  157.640098][ T7127] loop0: detected capacity change from 0 to 128
[  157.756537][ T5946] usb 3-1: USB disconnect, device number 4
[  157.777625][ T7128] ------------[ cut here ]------------
[  157.783368][ T7128] WARNING: fs/buffer.c:1125 at bdev_getblk+0x580/0x660, CPU#1: syz.0.358/7128
[  157.792657][ T7128] Modules linked in:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  157.797060][ T7128] CPU: 1 UID: 0 PID: 7128 Comm: syz.0.358 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  157.808692][ T7128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  157.818864][ T7128] RIP: 0010:bdev_getblk+0x580/0x660
[  157.824203][ T7128] Code: 26 fb ff ff e8 b1 60 79 ff 48 c7 c7 60 f0 99 8b 48 c7 c6 b1 59 9e 8d 4c 89 fa 4c 89 e9 e8 18 1b e1 fe eb bd e8 91 60 79 ff 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 41 80 3c 07 00 74 08 48 89
[  157.844871][ T7128] RSP: 0018:ffffc900032279b8 EFLAGS: 00010283
[  157.851005][ T7128] RAX: ffffffff8246744f RBX: ffff888022c14518 RCX: 0000000000080000
[  157.859601][ T7128] RDX: ffffc9000d9be000 RSI: 0000000000000496 RDI: 0000000000000497
[  157.867980][ T7128] RBP: 0000000000000200 R08: ffffc90003227720 R09: 0000000000000020
[  157.876464][ T7128] R10: 0000000000000406 R11: ffffffff819e0900 R12: ffff888022c14e68
[  157.884852][ T7128] R13: ffff888022c14500 R14: 0000000000000200 R15: 1ffff110045828a3
[  157.892877][ T7128] FS:  00007ff7287626c0(0000) GS:ffff888125d1d000(0000) knlGS:0000000000000000
[  157.902270][ T7128] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  157.910853][ T7128] CR2: 00007ff728761f98 CR3: 0000000077b88000 CR4: 00000000003526f0
[  157.919265][ T7128] Call Trace:
[  157.922592][ T7128]  <TASK>
[  157.926006][ T7128]  ? fat_get_mapped_cluster+0x1e9/0x3f0
[  157.931622][ T7128]  __bread_gfp+0x89/0x3c0
[  157.936485][ T7128]  fat_get_entry+0x785/0xa90
[  157.941158][ T7128]  ? vfat_rmdir+0x10f/0x360
[  157.946459][ T7128]  ? __pfx_fat_get_entry+0x10/0x10
[  157.951629][ T7128]  ? __pfx___mutex_lock+0x10/0x10
[  157.957991][ T7128]  fat_dir_empty+0x56/0x260
[  157.962577][ T7128]  vfat_rmdir+0x119/0x360
[  157.967499][ T7128]  ? __pfx_vfat_rmdir+0x10/0x10
[  157.972410][ T7128]  ? __pfx_down_write+0x10/0x10
[  157.977525][ T7128]  ? do_raw_spin_unlock+0x122/0x240
[  157.982775][ T7128]  ? bpf_lsm_inode_rmdir+0x9/0x20
[  157.987937][ T7128]  vfs_rmdir+0x3b7/0x520
[  157.992246][ T7128]  do_rmdir+0x25f/0x550
[  157.996499][ T7128]  ? __pfx_do_rmdir+0x10/0x10
[  158.001240][ T7128]  ? getname_flags+0x1e5/0x540
[  158.006114][ T7128]  __x64_sys_rmdir+0x47/0x50
[  158.010759][ T7128]  do_syscall_64+0xfa/0x3b0
[  158.015360][ T7128]  ? lockdep_hardirqs_on+0x9c/0x150
[  158.020616][ T7128]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.026789][ T7128]  ? clear_bhb_loop+0x60/0xb0
[  158.031524][ T7128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.038761][ T7128] RIP: 0033:0x7ff72798e929
[  158.043252][ T7128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.063158][ T7128] RSP: 002b:00007ff728762038 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[  158.072200][ T7128] RAX: ffffffffffffffda RBX: 00007ff727bb6080 RCX: 00007ff72798e929
[  158.080699][ T7128] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100
[  158.088767][ T7128] RBP: 00007ff727a10b39 R08: 0000000000000000 R09: 0000000000000000
[  158.096847][ T7128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  158.104914][ T7128] R13: 0000000000000001 R14: 00007ff727bb6080 R15: 00007fff1dd9d8a8
[  158.112954][ T7128]  </TASK>
[  158.116112][ T7128] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  158.123434][ T7128] CPU: 1 UID: 0 PID: 7128 Comm: syz.0.358 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  158.134844][ T7128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  158.144928][ T7128] Call Trace:
[  158.148227][ T7128]  <TASK>
[  158.151173][ T7128]  dump_stack_lvl+0x99/0x250
[  158.155797][ T7128]  ? __asan_memcpy+0x40/0x70
[  158.160421][ T7128]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.165665][ T7128]  ? __pfx__printk+0x10/0x10
[  158.170298][ T7128]  panic+0x2db/0x790
[  158.174233][ T7128]  ? __pfx_panic+0x10/0x10
[  158.178692][ T7128]  __warn+0x334/0x4c0
[  158.182702][ T7128]  ? bdev_getblk+0x580/0x660
[  158.187323][ T7128]  ? bdev_getblk+0x580/0x660
[  158.191935][ T7128]  report_bug+0x2be/0x4f0
[  158.196292][ T7128]  ? bdev_getblk+0x580/0x660
[  158.200905][ T7128]  ? bdev_getblk+0x580/0x660
[  158.205863][ T7128]  ? bdev_getblk+0x582/0x660
[  158.210478][ T7128]  handle_bug+0x84/0x160
[  158.214750][ T7128]  exc_invalid_op+0x1a/0x50
[  158.219291][ T7128]  asm_exc_invalid_op+0x1a/0x20
[  158.224160][ T7128] RIP: 0010:bdev_getblk+0x580/0x660
[  158.229481][ T7128] Code: 26 fb ff ff e8 b1 60 79 ff 48 c7 c7 60 f0 99 8b 48 c7 c6 b1 59 9e 8d 4c 89 fa 4c 89 e9 e8 18 1b e1 fe eb bd e8 91 60 79 ff 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 41 80 3c 07 00 74 08 48 89
[  158.249289][ T7128] RSP: 0018:ffffc900032279b8 EFLAGS: 00010283
[  158.255402][ T7128] RAX: ffffffff8246744f RBX: ffff888022c14518 RCX: 0000000000080000
[  158.263399][ T7128] RDX: ffffc9000d9be000 RSI: 0000000000000496 RDI: 0000000000000497
[  158.271392][ T7128] RBP: 0000000000000200 R08: ffffc90003227720 R09: 0000000000000020
[  158.279383][ T7128] R10: 0000000000000406 R11: ffffffff819e0900 R12: ffff888022c14e68
[  158.287378][ T7128] R13: ffff888022c14500 R14: 0000000000000200 R15: 1ffff110045828a3
[  158.295385][ T7128]  ? __pfx_hlock_conflict+0x10/0x10
[  158.300617][ T7128]  ? bdev_getblk+0x57f/0x660
[  158.305238][ T7128]  ? bdev_getblk+0x57f/0x660
[  158.309857][ T7128]  ? fat_get_mapped_cluster+0x1e9/0x3f0
[  158.315427][ T7128]  __bread_gfp+0x89/0x3c0
[  158.319782][ T7128]  fat_get_entry+0x785/0xa90
[  158.324406][ T7128]  ? vfat_rmdir+0x10f/0x360
[  158.328928][ T7128]  ? __pfx_fat_get_entry+0x10/0x10
[  158.334065][ T7128]  ? __pfx___mutex_lock+0x10/0x10
[  158.339121][ T7128]  fat_dir_empty+0x56/0x260
[  158.343658][ T7128]  vfat_rmdir+0x119/0x360
[  158.348015][ T7128]  ? __pfx_vfat_rmdir+0x10/0x10
[  158.352894][ T7128]  ? __pfx_down_write+0x10/0x10
[  158.357775][ T7128]  ? do_raw_spin_unlock+0x122/0x240
[  158.363084][ T7128]  ? bpf_lsm_inode_rmdir+0x9/0x20
[  158.368140][ T7128]  vfs_rmdir+0x3b7/0x520
[  158.372417][ T7128]  do_rmdir+0x25f/0x550
[  158.376600][ T7128]  ? __pfx_do_rmdir+0x10/0x10
[  158.381323][ T7128]  ? getname_flags+0x1e5/0x540
[  158.386112][ T7128]  __x64_sys_rmdir+0x47/0x50
[  158.390725][ T7128]  do_syscall_64+0xfa/0x3b0
[  158.395250][ T7128]  ? lockdep_hardirqs_on+0x9c/0x150
[  158.400477][ T7128]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.406568][ T7128]  ? clear_bhb_loop+0x60/0xb0
[  158.411271][ T7128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.417289][ T7128] RIP: 0033:0x7ff72798e929
[  158.421747][ T7128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.441376][ T7128] RSP: 002b:00007ff728762038 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[  158.449825][ T7128] RAX: ffffffffffffffda RBX: 00007ff727bb6080 RCX: 00007ff72798e929
[  158.457824][ T7128] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100
[  158.465818][ T7128] RBP: 00007ff727a10b39 R08: 0000000000000000 R09: 0000000000000000
[  158.473809][ T7128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  158.481800][ T7128] R13: 0000000000000001 R14: 00007ff727bb6080 R15: 00007fff1dd9d8a8
[  158.489813][ T7128]  </TASK>
[  158.493186][ T7128] Kernel Offset: disabled
[  158.497524][ T7128] Rebooting in 86400 seconds..