last executing test programs:

13.810589137s ago: executing program 1 (id=335):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000680)="93378efcd17301726272853a9fa88608996042ab60ae09f9a90efedde424f3", 0x1f)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000140)=""/16, 0x10}], 0x1}}], 0x1, 0x40002023, 0x0)

12.835895038s ago: executing program 2 (id=337):
setgroups(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x68, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x54, 0x1, [@m_tunnel_key={0x50, 0x1, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0xe08, 0x0, 0x2, 0x1, 0x80000000}, 0x2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x8000)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
r7 = dup(r6)
ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f00000002c0)=ANY=[@ANYBLOB="820000000000000005010040"])
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000010000100fffffff5000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300)=[0x0], &(0x7f0000000380), 0x0, 0x1})
r9 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r9, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r10=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r9, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r10})
ioctl$DRM_IOCTL_MODE_SETCRTC(r9, 0xc06864a2, &(0x7f0000000340)={&(0x7f0000000240)=[0x0], 0x1, r10, 0x0, 0x1, 0x7, 0xaf, 0x1c, {0x5, 0xfff, 0xd548, 0xf, 0x7ff, 0x28, 0x0, 0x6, 0x1, 0x6, 0xef, 0xd3fe, 0xfffffff9, 0x0, "d90e28458e71631b790dfa1c7ef3cae7bc207bbd729b60c2e6e086dc99dc208e"}})
creat(&(0x7f0000000000)='./file0\x00', 0x108)
r11 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r11, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0xa4901, 0x0)

12.521330051s ago: executing program 3 (id=339):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYRES16=0x0], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3M1rI2UYAPAn/djtfrgW8eBtBxahhU1o+rHoreoufmCXsurBk6ZJGrKbZEqTprUnDx7Fg/+JKHjy6N/gwbM38aB4E5TMTHXrBwhNm+3294PJM++bN888b1gWnpmSAC6s+eTXn0txI65ExHREXI/IzkvFkVnPwwsRcTMiph47SsX8nxOXIuJqRNwYJc9zloq3Pr89vLX201u/fPPd5ZlrX3z9/eR2DUzaixHR3cnP97t5TFt5fFjM14btLHZXh0XM3+g+KsZpHvebW1mG/drRuloWV1r5+nRnrz+K251afRRb7e1sfqeXX7A/bB3lyT7wsLabjRvNrSy2+2kWW4d5XQeH+f9th/1BnqdR5PsoSx+DwVHM55sHzXw/O4+yWO8Nivk8b9poHozisIjF5aKedhpZHVsn+aafbG+3e3sHybC522+nvWStUn2pUr1Tru6mjeaguVqudRt3VpOFVme0rDxo1rrrrTRtdZqVetpdTBZa9Xq5Wk0W7ja32rVeUq1WVipL5bXF4ux28vr995JOI1kYxVfbvb1Bu9NPttPdJP/EYrJcWXl5MblVTd7Z2Ew2H9y7t7H57gd337//ysabrxWL/lFWsrC8tLxcri6Vl6uLF2j/nxRFj3H/cCKlSRcAcP7o/4FJOL3+f/dBxOn3/6H/H4tz1f9e9P7/FPYPJ6L/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4sH6Y/fKN7GQ+H18r5p8ppp4rxqWImIqI3//FdFw6lnO6yDP7H+tn/1bDt6XIMoyucbk4rkbEenH89uxpfwsAAADw9Prq45uf5d16/jI/6YI4S/lNm6nrH44p31xEzM7/OKZsU6OX58eULPv3PRMHY8qW3cCaG1Oy/JbbzLiy/S/Tx8LcY6GUh6kzLQcAADgTxzuBs+1CAAAAOEufTroAJqMUR48yj54FZ395/9cDwSvHRgAAAMA5VJp0AQAAAMCpy/p/v/8HAAAAT7f89/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgD3bu5zZxIIoD8LPBC/tPi1Z731b2BmVsCXvcY0QBaYICciAtpAFqILeUEEGExyEQcYjksa1E3yc5k7HMjzcIDjMjDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KX7ar24vfp93TZnt28nz2gAAACAS7bVelH/M0v9r839782tn02/iIgyIi7N3Ufx6Sxz1ORUL8/fnD5fvarhLqJOOLzHpLm+RMSf5nr80fWnAAAAAB/XZrmap9l6+jMbuiD6lBZtym9/M+UVEVHNHjKllYe8X5nC6u/3OP5nSqsXsKaZwtKS2zhX2pvUP/fjqt30pClSU1582bHIbGMHAAB6NDpr+p2FAAAA0Kd/QxfAMIp43so8bgVOUtNs730+6wEAAADvUDF0AQAAAEDn6vl/T+f/7Z3/BwAAAMNI5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQpW21XmyWq3nbnN2+nTyjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCf25x0FQiAMwmDv+s5k7n9YadDU1KQKhI+/MRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjzu7/8n5gaZ5K518bS80iydmpsnRp758bRH8bXrwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNiflxQIgSCIgjnjfyd9/8NKgp5BhAhoeFRRiwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvuh3v/yfmBpnkrnTxtLxSLJ21di6auw9aBw9GG//BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNi5n9c4qjgA4G9mdra2Kq5R9hARBQ96sdttbe1NPCjBg3+CENJtjd36o83BliLm4k1y7kX0KCIo8db/IecEcom3HPYQwbMyszPZyQ9w/TWzST4fePO+Owzzvm8WQr7zXgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBp9PYkTrJDZxzHxbnNvYdLWb91qM88Xtuez1oWR3UmfTK8WP0QdZtLBAAAgLMjKev7EMJOur6Q9XEnr//T8pqs5v/26XFc1vOH6/6yL2v/rP3y8+7z+wN1xuNkN725PBxcOppK6/+b5Wx75i+vaOVPPn/3kuRfSPze6nOjNH+e0dcbG++08/BcHdkCAP/ExbIvgvL3oazvN5kYAGdGq1J4l/V/0mk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA6jFbDk2UchRDmW5M4s7X3cOm4/vHa9nzZrj16tBa+nNwzu0UaQri5PBxcqnU2s+3e/Qe3F4fDwd36g5dCCE2N/lYx/dsfTHFxCI08H8F/FMTFlz0r+ZyMoMEfSgAAnEpp0bK6fiddX8jORXMh/PHdwfr/1Uocpqz/dz+8tlkdq1r/92ub4ezrrdz5tHfv/oPXl+8s3hrcGnz8xuX+m/0r169evd7L35X0vDEBAADg32kXrVr/x3NH1/8vVOIwZf3/2Tf9L6pjJer/Y00W/ZrOBAAA4Gx79uXff4uOOR+12+HzxZWVu/3xcf/z5fGxgVT/tnNFq9b/yVzTWQEAAAB1GK1GB9b/b1TiMOX6/1Pfv/Bj9Z5JCOF8sf5/cemT4Y36pjPT6vhz4qbnCAAAQLPOF626/p/m+//j/S0PcQjhtVfGcfFvAKeq/5N3v/qhOlZ1//+V+qY4k+Lu+HnkfTeEVrfpjAAAADjNnihaVuz/mq4vfPTThffb9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O3PAAAA//9WwT6Z")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})
link(&(0x7f0000000040)='./file0\x00', &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

11.636572779s ago: executing program 2 (id=341):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

11.363060549s ago: executing program 2 (id=343):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@test_dummy_encryption}, {@init_itable}, {@noload}]}, 0x3, 0x470, &(0x7f0000000dc0)="$eJzs3M1vG0UbAPBn13H65k0hoZSvlo9AQVQIkqYt0AMHQCBxKBISHOBoJaEqTQtqgkSrSKQcygkhJO6II/8CJ7ggxAmJK9xRpQr1QsvJaL27iZ3YTtPYcYt/P8ntM/vhmce7Y8/u2AlgaE1l/yQReyPi94iYyIutG0zl/12/tjJ349rKXBL1+tt/JY3t/r62MlduWu433lyIJA62qXfpwsUztcXFhfNFeWb57EczSxcuPnf6bO3UwqmFc0dPnDh+bPbFF44+35M8xyMtojfe++rNk1+05L8hjx6Z6rbyqXq9x9UN1l1N8cgA28H2VIrjVW30/4moNB29iXj9s7XCpwNqINA39Xq9Pt559Wod+A9LorWsy8OwKD/oy+vfdtfBL/dt9DF4V1/JL4CyvK8Xj3zNyNodg+qG69temoqId1f/+SZ7RH/uQwAAtPghG/88m412Vuayscf6+CON+5u2u7uYG5qMiHsiYl9E3BvnYn9E3BfR2PaBiHhwm/U3TZI0hpmbxz/plVtO7iZk47+Xirmt1vFfOfqLyUqjdCEvRDV5//TiwpHiNTkc1T1ZebZLHT++9tuXndY1j/+yR1Z/ORYs2nFlZE/rPvO15dqtZ9zq6qWIAyPt8k/WZgKSiHgoIg60e4J06zpOP/Pdw53WbZ1/Fz2YaKp/G/F0fvxXY0P+paT7/OTM/2Jx4chMeVZs9suvl9/qVP+O8u+B7Pj/v+35v5b/ZNI8X7u0/Tou//F5x2uaqWoRbOP8X60t10aTdxrxaLHsk9ry8vnZiNHkZN7o5uVH1/cty+X2Wf6HD7Xv//ti/ZU4GBHZSfxIRDwaEY8Vx+7xiHgiIg51yf/nV5/8YOOysTL/2+D4z2/r+K8Ho9G6JG2zTRZUzvz0fUulk+thkf+N7u9/xxvR4WLJzbz/bW5F+2Cnrx8AAADcCdKI2BtJOr0Wp+n0dP4d/v351Hfm43Pz+W8EJqOalne6Jpruh84Wl/V5+VJE5F8tKNcfi7Rx3/jrylijPD334eL8QDMHxjv0/8yflUG3Dug7P9iC4aX/w/Dq2v+ru9cOYPdt6v9d+/yevrYF2F1tPv/HBtEOYPe1G//7ez8wHDb0f9N+METc/4fhpf/D8NL/YSgtjcXWP5LvGpTPdIu7bxVMROy0hYMJonpbNKNvQaR9r2K0v6dW34LkDmzzpmBw70kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99G8AAAD//1KFzjw=")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000240))
chdir(&(0x7f0000000140)='./bus\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
getdents64(0xffffffffffffffff, &(0x7f0000000000)=""/158, 0x9e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getrlimit(0x0, 0x0)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
r3 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600)={'team0\x00', <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0x8c, 0x24, 0xf0b, 0x70bd27, 0x0, {0x0, 0x0, 0x12, r4, {0x0, 0xe}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0xfffc, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb]}}]}}]}, 0x8c}}, 0x0)
socket(0x1d, 0x3, 0x6)

9.834223872s ago: executing program 2 (id=346):
syz_mount_image$ocfs2(&(0x7f00000026c0), &(0x7f0000004780)='./file0\x00', 0x200000, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c6865617274626561743d6e6f6e652c6572726f72733d636f6e74696e75652c6e6f696e74722c67727071756f74612c001796fa694353e3807803df5ea6fd4d6e6a2613d336eb62b863dcd89e37b45f8bd04199a14c48b3e553e035ab300ba3c60c27682a8ab5656969d829535c0862f6e3a35f15fe4d50c0d5c74631344625d6224c436474bb101ff47a14c51e342ca291c09c35d9d31b06b6b86cb9dccae387b5f1e7c5e1d445d52845a3fa4c77234ea9d37c8a277c85e69a85cc6ffeb225bebbca91b569b80ee303c9a21c58db5d96fb87f1713e0e9b896e37becae2e7a978259a0847e9fb08dcb8b9f84f616463da2507db1b3489769e99"], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535equjiOACfGd/7WiCltBFyGRgiojsJC/pFJJXXyJZtWge1SsigKDCMaFkQBEHtooKgVVD5F0QtXLaqNrVoYRBBxehMXu4IN7zQMed5YDgzzL1nvjBw78z5HA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD6cXbHYlfWXtq1eWnr7g+hMz/3fwhhNFne/7y3I/SEEL5+mTkdVmkLPU39v5mcGy9fNfm9t3/84fXRZO31F98trtsdknSo4XhnkqZDQ2vvf6O6M/hsejAJIY1dCFEsjD05UwshdMQuhCh+fpy/mP2+/xe7EKLo/3C3K7v/tdiFEMXW3Z/6avkzHtVzvn5hsPG/v9UjeBuP6KxDb09eeZe6qZX3Mn//T/LN+2A1zJ448v557CKIZnZu6mjsGgAAgL/rXIv8P2xZ3r9/OQk93eXc/1tT/t/b1P/q+f+Ke9tvjM20FUJsK41NZsfD+9rpc+M7NXD19uua8Z6qkv9Xm/y/2uT/1Sb/rzb5f7XJ/8m8kv9X0uObexZfxC6CaOT/AABQPYeOT0zVh0eyl/9NPzrLeX1f3tbzPP3BremBRw3jRvLDf9vhYxMHDg6P5Pe9PCC4sv5DunT2ez7fo7ktTDbNu2i1/kPv04X5a53lT9T/cP5GUV9xXes/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/2J17GgbBKAyj321F1EarogkLPwk+0MCIAKQwowEdTBiAgRBQwEDOWe5NnuUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnu9f5XXx/aUx0muNSFPZZdf+OZ5mP3PfDsv77HHjVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//wTsyzo=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f0000000140)={0x1000, 0x5982, 0x80, 0xb82, 0x1, 0x9, 0x0, 0xfffffffffffffffc, 0x4})

8.879859225s ago: executing program 3 (id=348):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x24000880)

7.509743028s ago: executing program 4 (id=350):
syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f00000001c0)='./bus\x00', 0x804000, &(0x7f00000002c0)=ANY=[], 0x1, 0xabf, &(0x7f0000002340)="$eJzs3U2MW0fhAPCxd73JJuk/Tv8JXdLQJhTa8tFNs7uEjwiSKhESUVMhLpUiLlGalogQJIoEVJVIcuJGqypInPgQp16qgpDoBUU9calEI1VIPRUOHIiCqMQBAonReme89sTusze7fnb8+0mz43kzzzPP+/z8PmcCMLGqzb9LS3OVEC6/8cqxvz3819nlKYdbJerNv9NtqVoIoRLT09n7vTe1Et98/8XT3eJKWGj+Tenw1PXWvFtDCBfC3nAl1MPuy1dffmvhyRMXj1/a9/arh65tzNIDAMBk+eqVQ0u7/vzH+3fceO2BI2FTmrz8orl/Xo8TtsX9/iNxxz/t/1dDZ7rSFtrNZOWmY6jOdpab6lKuvZ5aVm66R/0zWf21HuU2hQ+uf6ptWrflhnGW1uN6qFTnO9LV6vz8yjF5aB7Xz1Tmz5899+zzJTUUWHf/fDCEsLctHL3UmR61cHgE2pCF5r5FH+UaI9DWsQxHhlfXjcaK0pd5SKGxvewtEMCK/HrhbS7kZxbuTOvdpvur//oT1e7zwzoY9vo/UP0zJdcf1P+ri7Y4rJ+7dW1Ky5W+R9tiOr+OkN+/1Pv7l1/p6JyaX4+o9dnOXtcRxuX6Qq92Tg25HWvVq/35enG3+mKM0+fwpSy//fuT/0/H5X8MdPev/Py/IAijHUJHunYn79UoefsDjK78vrlGuj4a5ff15fmbCvI3F+TPFuRvKcjfWpAPk+w33/1xeKmyepyfH9MPej48nWe7J8b/N2B78vORg9af3/c7qDutP7+fGEbZ7049feZzz5y8unL/f6W1/t+K63s63KjH79aVWCCdL8zPq7fu/a931lPtUe7erD33dCnffL2zs1xl5+r7hLbtzG3tmOucb3uvcns6y9WzcrMxbM7am++fbMnmS/sfabuaPq/pbHlr2XLMZO1I25UdMc7bAWuR1sde9/+n9XMu1CrPnj135vGYTuvpH6Zqm5anHxhyu4E71+/zP3Oh8/mfba3ptWr7dmH76vTKynbh9fh+ndMXWvV0Tl+M6fQ7942p2eb0+dPfPvfM+i8+TLTnf/DCN0+dO3fmO6W/WJwNYQSasYYXXx6NZgzyIh22jEp7vBi5FyVvmIANt/+HKzsBj5391qnnzjx35vziwYOLCwsHP7+4tL+5X7+/fe++3YUSWgusp9Uf/bJbAgAAAAAAAAAAAPTre8ePXX3nzc++u/L8/+rzf+n5/3Tnb3r+/0fZ8//5c/LpOfj0HOCOLvnNMlkHqzNZuVoM/5+1d2dWz65svg/FuDWOX3z+P1WX9+ua2nNfNr3WI5l1J3BbfykzWR8k+XiBH43xpRj/MkCJKrPdJ8e4qH/rtK6n/ina+qVo6B94fKT/W1obUj8m6fnvrv06tf2zdwyhjay/YTxOWPYyAt39faL6//7H6oKX3hahd5gebn0/ndx1otFzL73fEWwA1kfZ43+m854pPv/7r2xeDqnY9Sc6t5d5/6UwiD+905ke9fEnN7r+fNy+Yddf9vIPe/zP1vh3fW//shHz6mur998/u/ZuW7Vhd7/158uf+oHeOVj9N2L9aWkeCf3V3/hFVn9+QahP/8nq39Jn/bct/5611f/fWH/62B59qN/6V1pcqXa2Iz9vnK7/5eeNk5vZ8qe+PT+g/q+90G351zhQ461YP0yycRlndlDZfkRrp33t4/9GF9Z3/N9WY7PNWn4fxmdiOm2I030O+Xgng7Y/3V+Rfgd2Ze9fKfh9M/7vePtCjIu+D2n837Q+1uNPflu6+VmmdK3LZ3u3bmtgXL03Udf/1iGc3PA6Npe+jCMfjoxAG1qhMbWG+VrjxJXc/kajsbEntAqUWjmlf/5lHyeUXX/Zn3+RfPzffB8+H/83z8/H/83z8/F/8/zZ+B/qlZ+P/5t/nvn4v3n+fdn75uMDzxXkf7ggf3f3/NZh+/0F8+8pyP9IQf6+Vv7hjhIp/4GC+R8syL+3IP+hgvyPFeR/vCD/4YL8R9vy28eATvmfKJj/bpeeR5nU5YdJlj+f5/sPkyNd/+n1/d9ZkA+Mr5+8duDoyV9/vb7y/P9M63xIuo53JKZr8fjp+zGdX/cObenlvDdj+i9Z/qif74BJkvefkf++P1KQD4yvdJ+X7zdMoMrm7pNjXNRvVa/9fMbLJ2P8qRh/OsaPxXg+xvtjfCDGC0NqHxvj6Ou/PfRSZfV4f3uW3+/95PnzQB39RIUQFvtsT35+YND72fN+/AZ1p/Wv8XEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0lSbf5eW5iohXH7jlWNPnzi7f3nK4VaJevPvdFuq1povhMdjPBXjn8cXN99/8XR7fCvGlbAQKqHSmh6eut6qaWsI4ULYG66Eeth9+erLby08eeLi8Uv73n710LWN+wQAAADg7ve/AAAA//+NnAuo")
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x9}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x80020}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x34000811)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000640)=ANY=[@ANYBLOB="30e01b3981ddca14"], 0x1000f)

7.349287902s ago: executing program 1 (id=351):
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x0, 0x0, 0x0, 0x4007}})

6.923041781s ago: executing program 3 (id=353):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000000)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000002}, 0x0, 0x0, 0x0, 0x1}, [@sec_ctx={0xc, 0x8, {0x8, 0x8, 0x1, 0x3}}]}, 0xc4}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
r3 = epoll_create(0xf)
syz_open_procfs(0x0, &(0x7f0000000040)='net/dev_mcast\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYRESOCT=r3], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0xa20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x10, 0x0)
umount2(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000200)={0x20000012})
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x9d)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000000), 0x2a979d)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r7, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10)

6.837146985s ago: executing program 1 (id=354):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
keyctl$link(0x8, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = openat$vimc0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000040)={0x5, 0x1, 0x2, {0x9, @pix={0xe, 0xb, 0x4745504a, 0x4, 0x9, 0x2, 0x0, 0x0, 0x1, 0x7, 0x0, 0x7}}, 0x401})
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000001c0)={'team0\x00', 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file1\x00', 0x3000c12, &(0x7f00000003c0)={[{@dmode={'dmode', 0x3d, 0xae}}, {@utf8}, {@overriderock}, {@check_relaxed}, {}, {@iocharset={'iocharset', 0x3d, 'macgaelic'}}, {@cruft}, {@nocompress}, {@dmode}, {}, {@overriderock}, {@mode={'mode', 0x3d, 0x1000}}, {}, {@unhide}, {@map_off}]}, 0x1, 0xa2f, &(0x7f00000018c0)="$eJzs3c1vXFdfB/DvHduJH/chydOGUqK2nqQkdVvj2A5NiLooiT1JXPyCbEdqxKIpjYOiGAotSG2F1FRCrFqBBGIBu4oVq0rdUBaoGwQ7umKBhPovVKzCyujOjO2xPeNxjGO76edjzcx9+d1zfnfuy/HM3JkTflxWjm8YW1mp33Y5fvMf9yFjDrGrk99/+dUX5e2zBzmSnrxe/FPSn6Sa9CZ5LumbmJyfm+lS0P3kdpJvkyLJ0TQed+R2ir/Mz9fHv03x92W9HR3Zacl0s8JP2kHvfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcBgVE5Ojo2PFkUzN3ny72pBUt5iYnJ8rsrKydc7qMg3f1Hv9Lr7pWm9SlLf096929f3cyfXZzyapnsnzjbHn6x2Spz+fPPXsiTee6a2sLt8pm/+Xozsv9sOPP7n/7vLy0gdt5xbFHmZ1yDT2keu12amFuamZK9dr1amFuerlixdHz9+4tlC9NjVdW7i1sFibqU7M164szs1XhyZeqY5dvnyhWhu5NXdz9vrkyHRtdeKlXx8fHb1YfWvkd2pX5hfmZs+/NbIwcWNqenpq9no9ppxdxlwqd8TfnlqsLtauzFSrd+8tL13YlFlPNu2/ZdBYt/Upg8a7BY2Pjo+PjY2Pj33W7D17bcLF1y+/fml0tHd0k2yJeEw7LYfLzzpv5r0/icMuVRrtfzKdqczmZt5Ote3fRCYzn7nMdJjftNr+nz1f27batLT/zVa+t2X+qfLuTF5sjvZ3aP875LJ/fx/m43yS+3k3y1nOUj448Iz29+96apnNVBYyl6nM5Ep9SrU5pZrLuZiLGc07uZHBLKQ31zKV6dSykFtZyGJq9T1qIvOp5UoWM5f5VDOUibySasZyOZdzIdXUMpJbmcvNzOZ6JnOlXsrd3Ks/7xe2yXEtaGwnQePbBG1pzB+5/a9t/ueEJ1Bl2638GM7isDsrzfb/SPfQoYn9SAgAAADYc7/67zl28ul/+++kyAv1z+WvTU3XRg86LQAAAGAP1S/Xe7586CuHXkjh9T8AAAA8aYr6d+yKJAMZbAytfhPKmwAAAADwhKh//v9iisH1CV7/AwAAwBOm+2/sd40ohld//rd6p/F4pxnRGCsGrk1N10Ym5qbfGMu5+q8M1L9psKW0nqToq3/94NWcbkSdHmg8DqyXWNbZX0aNjbwxlldzprkiQy+VDy8NtYkcb0S+3Ih8uTWyJxsiL5SRAPCkO7NNe7zT9v/VDDcihk/Vm/zeUxva4J56yzqqZQWAw2Ktj53/bXZp1qb9b0a82Kn9/41tXv+XEU/n7mDjkoKRvJf3s5w7GU7zioPBdqWu9kbQuAxhuMu7AQPNSxa+u1TJ8Jb3A/rX1rU1dinjGW77jkBLucVqDhcacT2PZxsAwH47s207vNb+927X/g9v//q/pc11SSEAHAZrPdg/6sDgzoMPeh0BgI200gAAAAAAAAAAAAAAAAAAAAAAAAAAALD3dvQD/v9xLlleXkp221lAm4Hv/vWff6ljzOdPJf2PkuH2A5XsTc6Hf6AnyUHV/mYeealyGx+Wp87AxoEDPjEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwL4qkp930SnI0yWiS8/uf1ePz4KAT2CvV3S1WPMzDfJRje50OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBPXfP3/ytpPD7VmJTeSnI2ye0kv3vQOT6K/i7zH+5THofPH9TvW37/v5L0ZaVIb2Ozp+ibmJyfmyl3heJoOf/7L7/6orx1LPLT1YGtvSqUBZQ1bOhcollDy5S+jUv9or7UwOTSh/f/5P0/qk5ere+YVxevTU/OXJ//rfXAZ4uvG10gtHaDsJrvn539l79qmXykWfnX5Zq2t7nea/V6J7fW+yvtlu5Q7w7cW14aL2tarL29+Kd/WGmd9XROJy8NJUMba/r98tahptObn8+Nih+KvyiO5W9zu779y2ejWCnKTXS8vv4/u3tveWnkvfeX76zl9Om9j1oKOJHBJHc2HmVdchqsn0/aqu91lb6y1tF6UHl3skt522opcWz9ed2wDr+o7zIDj7QO1c7rUNfleW9mdGFzRivlQfLXf/xMzm27pY+2KfFclxrbKn4o/qu4kf/Mn7f0/1Ept//ZtD062xRRj2zZU1rnbTi8KmfX13y8dcY7m8vseFTyGHye38tvrm3/Ssv5v7mtOhw3a+ejN1smdjhuVg+tbY6Llhq3HBdN3Y6LrUfqPxzf0qKsqx9GJze1SM2zT6dlmnmebER1yPOX81rSe+qRziivdTmjdFt+t8f/3xVD+Z880P8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+BVJT7vpleRskhNJjpfj1WRlc8yDXdRXGSh2k+ae2U3OPz5FxxUtHuZhPsqx/c4IAAAAAAAAgMfj6uT3X371RXmrfx7fk1+rNOdUk94kJ4q/6ZuYnJ+b6VJQX3J79SP9/vYhHSbndnn38/Xxb8ux57rUd7CXDwDAj9r/BQAA//+CGm1g")
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="8580f83288e1", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x1, 0x5, 0x1c, 0x67, 0x0, 0x0, 0x2, 0x0, @private=0xa010102, @multicast1}, {0x11, 0x81, 0x0, @multicast1}}}}}, 0x0)
r5 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r5, 0x0, 0x23, &(0x7f0000004b00)=ANY=[@ANYBLOB="e0000808ac1414aa"], 0x10)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0xa00, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
mount$overlay(0x0, &(0x7f00000007c0)='./file0\x00', &(0x7f0000000800), 0x4120000, &(0x7f0000000b00)={[{@verity_require}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_off}, {@redirect_dir_follow}, {@uuid_off}, {@metacopy_on}, {@default_permissions}, {@uuid_off}]})
sendmmsg(r7, &(0x7f0000000000), 0x4000000000001f2, 0x0)

6.836732558s ago: executing program 4 (id=355):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x29, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000000c0))
syz_open_dev$tty20(0xc, 0x4, 0x0)
fstat(0xffffffffffffffff, 0x0)
syz_open_dev$evdev(0x0, 0x7, 0x410800)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000800)={0x0, 0xffffffffffffffff, 0x1})
r2 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40186f04, &(0x7f00000004c0)={0x0, 0x2, 0x800003ffffe, 0x9, 0x0, 0x0, 0x2401})
r3 = socket(0x1, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, 0x0, &(0x7f0000cab000))
sendmsg$netlink(r0, 0x0, 0x800)
openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x302)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000003e000701fefffffffcffffff017c000008004280040008000c00018006000600800a00001000028009000c"], 0x38}, 0x1, 0x0, 0x0, 0x4000c000}, 0xc000)

5.385224991s ago: executing program 2 (id=356):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x9)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000000480)='./file1\x00', 0x2000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r1, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0)
unlink(&(0x7f0000000280)='./file1\x00')
link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file1\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r2, &(0x7f0000000200)=""/179, 0xb3)

4.762904926s ago: executing program 3 (id=357):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@test_dummy_encryption}, {@init_itable}, {@noload}]}, 0x3, 0x470, &(0x7f0000000dc0)="$eJzs3M1vG0UbAPBn13H65k0hoZSvlo9AQVQIkqYt0AMHQCBxKBISHOBoJaEqTQtqgkSrSKQcygkhJO6II/8CJ7ggxAmJK9xRpQr1QsvJaL27iZ3YTtPYcYt/P8ntM/vhmce7Y8/u2AlgaE1l/yQReyPi94iYyIutG0zl/12/tjJ349rKXBL1+tt/JY3t/r62MlduWu433lyIJA62qXfpwsUztcXFhfNFeWb57EczSxcuPnf6bO3UwqmFc0dPnDh+bPbFF44+35M8xyMtojfe++rNk1+05L8hjx6Z6rbyqXq9x9UN1l1N8cgA28H2VIrjVW30/4moNB29iXj9s7XCpwNqINA39Xq9Pt559Wod+A9LorWsy8OwKD/oy+vfdtfBL/dt9DF4V1/JL4CyvK8Xj3zNyNodg+qG69temoqId1f/+SZ7RH/uQwAAtPghG/88m412Vuayscf6+CON+5u2u7uYG5qMiHsiYl9E3BvnYn9E3BfR2PaBiHhwm/U3TZI0hpmbxz/plVtO7iZk47+Xirmt1vFfOfqLyUqjdCEvRDV5//TiwpHiNTkc1T1ZebZLHT++9tuXndY1j/+yR1Z/ORYs2nFlZE/rPvO15dqtZ9zq6qWIAyPt8k/WZgKSiHgoIg60e4J06zpOP/Pdw53WbZ1/Fz2YaKp/G/F0fvxXY0P+paT7/OTM/2Jx4chMeVZs9suvl9/qVP+O8u+B7Pj/v+35v5b/ZNI8X7u0/Tou//F5x2uaqWoRbOP8X60t10aTdxrxaLHsk9ry8vnZiNHkZN7o5uVH1/cty+X2Wf6HD7Xv//ti/ZU4GBHZSfxIRDwaEY8Vx+7xiHgiIg51yf/nV5/8YOOysTL/2+D4z2/r+K8Ho9G6JG2zTRZUzvz0fUulk+thkf+N7u9/xxvR4WLJzbz/bW5F+2Cnrx8AAADcCdKI2BtJOr0Wp+n0dP4d/v351Hfm43Pz+W8EJqOalne6Jpruh84Wl/V5+VJE5F8tKNcfi7Rx3/jrylijPD334eL8QDMHxjv0/8yflUG3Dug7P9iC4aX/w/Dq2v+ru9cOYPdt6v9d+/yevrYF2F1tPv/HBtEOYPe1G//7ez8wHDb0f9N+METc/4fhpf/D8NL/YSgtjcXWP5LvGpTPdIu7bxVMROy0hYMJonpbNKNvQaR9r2K0v6dW34LkDmzzpmBw70kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99G8AAAD//1KFzjw=")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000240))
chdir(&(0x7f0000000140)='./bus\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
getdents64(0xffffffffffffffff, &(0x7f0000000000)=""/158, 0x9e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getrlimit(0x0, 0x0)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
r4 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000600)={'team0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0x8c, 0x24, 0xf0b, 0x70bd27, 0x0, {0x0, 0x0, 0x12, r5, {0x0, 0xe}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0xfffc, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb]}}]}}]}, 0x8c}}, 0x0)
socket(0x1d, 0x3, 0x6)

4.101828269s ago: executing program 0 (id=358):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="2800000014001901000000000000000228"], 0x28}}, 0x48c0)

4.05719615s ago: executing program 4 (id=359):
r0 = syz_open_dev$sndctrl(&(0x7f0000002800), 0x1f, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$sndctrl(0x0, 0x8, 0x800)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f0000002880)={{0x7, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 'syz0\x00', 0x0})

2.32036296s ago: executing program 4 (id=360):
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_LE_SET_SCAN_PARAM={{0xf2}, 0x4}}}, 0x7)

2.284225773s ago: executing program 0 (id=361):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000680)="93378efcd17301726272853a9fa88608996042ab60ae09f9a90efedde424f3", 0x1f)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000140)=""/16, 0x10}], 0x1}}], 0x1, 0x40002023, 0x0)

2.083113791s ago: executing program 1 (id=362):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000300)=0x68a0, 0x4)

2.009289828s ago: executing program 0 (id=363):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x24000880)

1.822853826s ago: executing program 1 (id=364):
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41}}], 0x1, 0x44800)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000780)="e1e62499f5bbff0fb5d14fa14c243abec59f1a9a0b9313fdedf99b4435ae823fa5615d6b415fe526edfc9c9ef73ea0846607fdebd5a5069ac96154b23956715f68fea647c446d7324a677c22695d365075ce06792cb79473a2bf1a0c293ec21130b20d0d68aafc337b74a96cd4b23c34e8bd294962205dde627f7a9fe0508a5b2c06025e123b11167fc697449fa6339d4a29558b318b8daddf44131cf69394d57a1faecc38ba86377d26afbf63eb2bdabdbbcd0795423cb14cf163d3acf0c704d44c356813466bd96be3e8c4149e771c96d3790961cd5ddaf4f249b7417f56cb7d344b37e2659e4eb60f20a621c9901b5ce6af2f5c6d8775c16e4f1eba1313d4cb32af436c2a6d947525a9695be06e4660ae288e0ff2280848b70c5f480931c7dce160d9b4d5921dd067b4003ec80932be2cdb24624e8f460ff5224cc1344dd76763e22f4a6750aa03e3ce23fc2f6a69fdae9be4f4a8c973a195575ee1b1f34fdfda17820bbbef734dff833a6b4c5460071deace35b2a03edb22eac10eb0c3f262b23bfa1ecbe2bd51b418d8167ef8f1a6b8f463b0557b6670357d66251b19e367c66c1f150c95d15db0c23563d99b02504cf0070133792fed28e2d63b95d091224396b17d4314d603bc24de0a28f2d146765d4260225fdcf486db8e6ce16cdaae1a1f06b228e858c7bdf1d71a15c07e23a42b1d43c9c2599c62945d980444e9b70b8a8405e8b61e9df9514860bc8cafe70d8deb32d39ac07b8e6d43efa28b330a8f4f988407f1b3185713a6dac5320aba4b0a142c5b5f00b83d0f455d316f40a6a35df6e93965cd9d26649aaf7b80e9875e10136e7c0d7a18ca946133046e4b4f224890a0f4b77e45f036a3831c70b9eff97523151eb9dc6ce844b8e9ee8bfac165892b2e1bd88d3b77c1e200af342af9609d10a02466ab1fa667512f88dd61f04c00b9a98887c6cdec58e6c45c6c8eb16e3f99d6a980389078bdec7426eacbb45e5958b1fd66f4a49795b68977c9b84f4b8cf8d1db2277557d5c042e94841ed848d4707e7138dea28ccb7b349f7fb70403a650913fd6c89ddadae76baeeb3b9dd27063d7c900407f4b22f749c4df02a4851320c74199030f01ccfd3827c061fc1c75a0329dad06a4645381e266be21078398b165e1e1e5a5610f55263190b03f0582ec79caa91510d9e3300fed4ccb2756d2b96471af273cec441fadc3504b1c36a17d3edc11839fc134ef42a14acefa77b05782c8fcff36514f7fadb4e44c9a50d329f9a73c894421e98280f3214a269c89eb79be62e7825dc383164e869c8ddc8fe877f0cf698feeca638099f1db108b31f46173fb285b254b3998b7ab4b68c9f04a54c61dce3714b22838c886f2e99f2c8f0b523b41178f58a3674c692b6a8a46abc4b498742c6d56738227862bd6cdac85c5f9d8a91420f2f0974e82e77d7023bb5d2611337960103dc006b03c878ed9719651f9ed6862225d8c195501453a369063dc179dbf34dfd7262bf907d8595fd5c29179a28c7ff2c0634f416d3c26894ad94e3aa9a39638296be7b0b4546a23c6b53c234678a5377c3554d604d7b1dad7a21a904c208d35a5db3a723759a921d450d99d8d120c052391cdd5555d4a10355f747c15574af72a44e0be9e97a564ff8559a8f5c6536646b4ef34c7ed84937324df8bff0ee7f872ff96380dfb9ef0fe65856ae734234ffd68eee540fd581cd2e818f2401992c8ce5608709a45dded05690da38ab77ccc9c16c4c2475772ca5aaae4df77b8d97159539c76638b089be6cf2a5fb81a93bf86fb60887678d786550d4cc0a5956c07b64c03dc3455bd0afa65dd5fa2ab364c8463abd1659ae1e78b6ffd459e85fd19acd555d2a54dd233086c86536d1b1c380e6cab49d24faccadd47fb701c2e57fa275fe3064571e2761a8ab016d7837d7ea4d757224e86c5cefb90b67ca3929b9c804014567a89ead2a1193c1da04dec8b6ecc9b9c6e54ce495471fedf41f1658ee78950efdcd8f5fb751740592176679f1e5cd590fda31a91dec92f6eb9cfaa84753301bb5b1dbf3df7e4d407c7ec5207a53650e254449d1b2edb760909a96813929fb3bde0b8adb09e9ae5182892691276833a540bea1807e6ada697e8aba0fe4d8f380ee9e4e05d44190ccc62d57c5c87a7d93804401bf013d79f94efa6e4f7401fec3b9802a9cce8c909751ccbe1a69f6ef84e45fe46085ec182ac96b65e5f844ce99dbb04c770f2ddaa3f5d2ddea180f83f813c30937df7bc05fa7fdb728fbb35f2d7209ffc318fd71fa4843d20489175e2ca84b6949ed4419be38f3794bb3eaa8893aadd6037654c8aa4e405b5f9299996169cb5c07b357e31d9ddd42cc4b299c6a274c8b3a40ce5eba06bc0e325f237cbbe2c026140d5c451eafcb8af900b050d8ae568c7e1471aed75e75e0626bac90a05920df896e0127520275521f7e2e0a8883bfe66716c0778041b16ae8ba56074081a2ac8e30f1316fb70728994565642d8ecb04f178d3f569b5d3c12e7b33dc3fffb6d78548224a40cda4acdee5c1ee0e733a3301955994186c812f6e25f2e052d38f11e7bb501bb4a8eae93affca8df939423eb4c726c640c631283fa75480f31f42dcf221ad7bd22f8369f37f41c6fa20d44cb7a4d211cbd15139bf88a1bbe694ff726513fdc97c539f144d6959552172042c08f03b2a03e8fc583181ee97cee2d8bc4eba662922829e21e61ce7f6b3b636fe8c8e7bcd19ff5fa0d3b305ee298f2219391eb075508cec3bb0b85d53d102f0f797cca85db286d7a36536862275c10aa36c272fd96900782fb8666cf20858f7ddf9ab01c30156e14e190c47e7c17dc0948bae26ae7baf580a59615f64f50e00f263efa506c3871d712a7f02ce6407c07422de1bcae106a07c1881ab4f81e1dbbab7039562b6cf92c517324ac00352bd0be5ff4cca24b2f3026888213ebe5e5e6a2bd169b1ae3dcf7c0093336fcea7eac2bd2f918034db80311d18aad56f916d58b133b27a320f7749327dfce5574e32935de51edb50b64fa0adb187757576bf9c40f1b4851b3901b97e4458de49816664a1f50865e37f4ed240765088737f2f5fbb7c851a1ef5607849f590e01a86bf7ede085ecb6517b678ac87022350338ee5222690babda46ee0c4c80689fc2c7c4ad4dbe66696a60013575fdf1f5d23971e19b0ffca27b96bc7c2520fce5bd3a50f81518e1f60eea9bd893298b21f1e090ad54a0ce0a537ad9a697cde0b47c52424ffb024b3a69f021681dacfeb7cca843e88a48ce31966e702d7b5125b98b2c15528b83ae7752c21b243454cd343b3392412b676dd0bd62debbcbe8f61b060faecab1d02d968a56668b175f750fe99bcdc4b81250b36189caeac40e4dad52668e2a0e37e0347d6ac563ef45bfb5881714428a7893747d1e5bdc6a0a1da4904889757910d693e06224cb948c242078bb02b2bd8cb592c14a78e89a50753a7c65c217168e86739a26f53e78bcc9b10fed36723b02a1aacb65166015e42f8b84fb5e4092ff01d0e5cb8ac5a1e1d37fbf048853b1ff5fa4f830e31a545f7ae0235dfe5c87fea124cb5eb51d4aa48b37492c2319e0d1ea80eb08f8d609f20c2414127322995bf5d7d81736e42b6c0bf1e48cccbf1a81dd74a8e42774d17fd45bc776df065a88de5e38196af6944a72aa49090baf02a7b3c4e567a4abe8b2d1e411457b4c24954f27c63e0774d0c23847fc1635ecc4023c660862680d7c4446b58bf0defaa574c1601d684a520579076cca0d11ff6364624c2daabb39889b46f4e158d57437561adfa4ae44e35e7df6038a77ea468b142aba6fd8232dfeca890f9f24e6d4acd590024bc45c497248a76e5052f0d5523e31a66b0eb91d1e47113d94382215c328b7ad0fc570f1798c3c86f67dbf6d5cdb51b46100636e0b2ec56b95264fa7a4375d9799e555eb7f5de6b1d31859b525d9a0917bd2e2547758a634a24119039ecd873bfb5392c0472b270f5c0365958ba507d01dc7238365930cceb8a93a197d81ea48d4aa1a9c72c375a69439587a15562a5af5f5958f1690302fe4990220c8e39ec2af804038d574d4c2c4a1f3d0ecf3a0a2a29fe49e42b176b5993e6631ef103da65729ca86ba7bfb135ecfd8684273a657cf8e96c6a42a329398e05f9d8211dcb50f48ceef8d55cf8128749a00dba427d841826910cc5599fc1338419c16b9abb511d6633a8d74d972aa6ce89fe7fd89f18c16af2158bff6fad4df7cfe0d3272ae103172a863defc9954a97bac8d579c35cb6aa2dafc9731cccf80f2397e326e311785cbf7fb2f4f3e2698d80c3359ca1ee212cef03cf597621795307043ab4c3ab771115a11400ab521d9b35405407852a012b4a7a576b7ab0bbb44f7958c75ec9ba88dc4643913cbd240fdeb18dd25e379b8c46ffceda399049295e078b77bf5b8aa12df34a2c77a5c08b2e2f1b26489caa757492ae198e9d437c38c2be2ca78b9d884100b4ea25b4165fd80b3cd84e68a7e9e9b058fd6c3893dd532f121d2df7039852a1117d57c9ca390624535d6c21db3f4b7a25e3ae0c6a4c0be962acbed1749f73ad2049c95124925059f5320b31779e4e07fd429656289678e14a85da75ad668b49a602cc107e6dedf63707fa058cc6bfa43a9d3def22a1db203a83640e30f4e0158f29abb43b9c67e4ea9edde093ab3cac1843eee620d6c85e2c35b15e33e5c4039e363e8b4086a83ae7551b849708e30a1227e9eee43ef777dbded881810042d34e1fcae29ca29a0d3e641d6edff1698f32aa4a8f222e8a1227675bfc9cfa344cce39f76b25e48bab91848f7c89afe8a38dad66abc750b51b078ed60dd5d689e7551f1f4ec3acd4f3133b2e840dc5beaa3171c5b047b7f7b019e155990a51b115e7b366bfce2b8eb891b7cc7d405c89cbb4146b9169ec35845e3f785435debc92b7721ff82b974adb136cd6d8dfce739eb49ba36d3787b1515ddf977dce1ff9e5b7ae788343af2aa01ba002c35f09d0ddfcdf4c4a1678460f140268fe927bcf84f132afb528d2bf9572b8177c34d201a56f1eeadf48456dd38f95efeb46d75403e9bf6e95b4bac54826bb5e72b925fb50030dd38c7310678b5202362e9bb18f10e9ebcd34769f07dce19f3b8f3baeb00c465adcc2e1c03a7d34118585cb9f612c74369cb40cb2f1cfaed9457d297c0df396446b60be2ce8b660653ff68daf50fcb4290f8446fca109129cb8e7291050d142cfdfcb0303263dba7204e90cda1c023b6e3ee9c0267975927818f11551418fe02143afe91c331a205113471e7e5fc3f83bca3c1c981b50aaa6dc22d9aa715abc360f6374646a0907caf8645120cf3888ea4fc9cd1f92ee29ac384f57b7d052e323e71c6096de3ccd4997166ba1bae24b449906831c9c996c7024342ddde5e578af4f1a0134bc224221898c0ba87f21ff28601f61a8af63058ac7578984ef51568005972c2d9c1fddf120fbe9447f9152cf1e51fa5106ae835c17c2e55b55c9be17daffe641cf326045ad7c841bb44f25e20f186f59b5150c02022930f83b8960632cbd8ad5011e0560278952ed8f9c39d4cfbbe76657c01b7bf9c6ff70a973249e17f3b34e748ce7fb1e49f76be3aef11da26c7dad1054a1c7e0d4da76694ebc85fd51185a38a0dcee74a5eb49ae1fb9d78c799464c7c49eafcdacf70711ed716ed7819cd1a312ef80a4a2095381c679db84c30049578d34364ef63a1fdaf0aa4eaa9771b4dfbcdf8f4542a118ddc81649d3a537ef5f7ff489c6e772e57d6ef6b6e5f2f2c8a0fad8e4d46a12ea70ad5798977ab14c1fdf8f190a694a8f4733cda285a7a712fa0d32acf89567837aa6ffcf03493656cdb7bfd0c47005ba126c70af1924ca30601ab0fc4aaa4ea4d0570c5ddd03c2a5e731fa77c1d24e85c1235e10c1575dcd2d34bafbed490094fc2538df08d178502d27c953d2e0af5e3d829a0d5132cc5ee1b9d2519a95787e91836ef1d29e92bb1b662c138a49f8a77829f9dde0943ca82a4466275dac744b92dd75493a0a040a19e77a225b9e21e94d445415483aa67d2b2839de965b4c4803c61680e32e7e4deac5afa877ddc26a34d486499697d6268701ff391f4bd04612066ed9386abdfb3a6234f8705aa3e298bde969f9bcc16af97fc107d0e565d2b9659ab0e3029b1e195ba1a517ae0484352ce366fc0bdf1b5517aa878d6b8a09b7c01e0d6c52c74a0113a97afc505d47d65dcae6db63e014838af156e72021b09c6db109a59c4166c9cc8ad5207878348a58f65b77de388ec8296373f3dd8acdb7c04bce3032fffd3032cf724376ddefe642a54e6624ff147ffb28fa4fcc351eef9051a86f4b93c30d7515ea247fe0ce484f9b39e1b8e051fd7babc9800e55bce6ae1c08e64fede1cd264678509e94bfc4f3409206c4ef05181f47a1abae8ba185772913c13fa0fe4d36a4239595cbe5cb38643e74966cf2cac2c0cde26f49a60925f238b60434f67b28d9e01df9c23984ce8c6c3a40b4f69c1750a99e6ba451f2429565d38e21993f982f9eb4c7ec77b03ac472327fd43e30f8ec565710f1964aaef8683a0c5526a8994de98db77b550a620ec894ee07a706d092eebd9d692b0feca7ae8c13434f947814c84e5a159f2f9314970ca864f261a2a16f3f3352f8d1e1f19dc6292a586e57326ded4e5cc1f17562d175e755e9fa62dfc817bafa4896e611b897ac7bcccc2fcbfd7a5576478b503f7add397c03ddbe6150846324b12544ad783da46ec793e7f37dabde9426d044cedd50440d1b26782233b1612390d4fdd249737f250c3ce1731a825b0cb9341f847a568d8e82b81f883eb90e146d792a2a46cd07518858e6d64b07db16c1d002f3d2cce2bc5f3ae150379c923555170a07c6663e4adede0649ac47c044f1a65657eda07a0b5cb16966b5e9f11ff04dd6bba7a0b0bdcf03e0a15424198b267ac0f89ef01022ec38a7d26d355e0d8d6b794b472352d932093bc91349618ff1e8f956916b5d8e4cbf658fe5ada42cdef4ca5407a997b67e4e1347b90d43c78825b558eda995447f6008eebfc9775814921f72cf243d3156fda3dddc1874f2c0a651ccfd1c77b10f57cd86b32d9c1612b53c69e5172e9045c0689391c90c97bf1a1b902546763336e0f76be74b269c4bf72c030f1040413d4de5fa65ba9f4109e37a3c387e729394f765dbc2e6b769fc5995c7e3c5fa509c07cdf9acbe99dc5cad14640bffad695f0404b066496d87fd6ffc0bea12bad489858169a0c63141fa5857ac1e8b454362fe15a7e55ac371da68cf6a291d41784883658d0c5bb5e6db28b205204e0db38881c4ae83b37dcf945c6d09aea33506ae051287e066f787925bf7d57587e849655969e5677eedc372448e6f2a2f8ce6bdd4def434bd9a2bed09c93c96877dd5e7773a699ed9feda02372e2d82ea0ecbed08ade26c7744dc5276a0e817bd3bd4383790929b79719002bd4df059006fb755877c85d51d433b35b5d9c3769d7c1101e871c7d2d51bf579a10bb9664e60ce918e23655935a7f89db15a0d88e6663a3ba02dae1210a4d7d7eff522c3d4fa3f5fc4c36346185d0ef55c8910a52d41fe3e4a792e8e1fe35af1a15a8c91b06e64fd36f7725c34dd8468422ed96c2e2fc5faf1a7c51b01e9c216f82aa11f8da041804461303a40578cb5f9fd49c0b6abd420581ba4461a6013500552f8d2379f960c6f680fa66eca3faf97504fc6916f84319f554a24829c4cae9c63be3bb3d2c7176b93063d37c3df69c8ac6c0fa43ad9a8274b94ee35dd8a69c3b560dd57353ce9c8188e9db8652544d32fbd2d931ceb0484eb1b27ba74c237dbc1e81b6a867ded6400b3dc0cf973790c03ef6bb69ebc76bb175233793a123ff009d16d1e43fa6f15303ad5169ca42b3ef9f9630b92e03e9a6cd32ec08dbc8abd342931b617bd37ef8e09b68713757e39bcf24f4b95f9972d5b7680e22e7fc421b67e27d3cd97cea6ee1ae78ab792751d317fc317e39545e4a2eebd72c1298b84452de9bc6f6d13d0ec0d7faa52e3b59134531f82214548e6202416f1aa43d65bc1e10fbb1737ebfe51c862dfe6bcc064695ef87f90eeaa011fce5903f6c7af9ba34a627165e909c2f9060055c496a506487249810745b53d137860f0a9ae482932c579511c736d0db447e0941cb8b32bc8e5aeeb0abdcebe66ac420b77f981b1dcde605299caf0171cdb722f42072e3fa1376ff3b3ebc747597822c9c07bb7f76b3e1ef89d4c8155af4c1fcd95272bf93ca058eae43b71997edf14d3f09edb495c7ce361c78ff8dc8cc95a639ce0332b955bd66d9a4ff4c882297338172622cc3a05f2bf02eb8103b32083c42d64259df53d0ba3e4cf80307eb0e00380213370d6a7ce33e685237949fc14657b6eead581de144fe6ab1d318efe2e14823ad3bac3f83819c1810a0c49664c7400af906f6c670e41b94582551cefd8462ae86e1ae10b1f56e48e2591737c0336985f09ce751f68924760daa1881417ea27db9ecfa7580ff9c2879a267d5db8b88d6f984563038c25254cdb88a1fa5240b76cbe0614ab1d4e81072d26ce1d0b1c4b1780e201937fcfd6db6a4561315e1e6be0a381fdecfb42cacb575a5d86aff6a92a4454637ad249d24573ccea9d71ed580eeae16a09f79e27ddf38a281c8779f945720b067a10005cdc04d3f7b483df35d4bc0503a0c66cdb87b3f58c6e367cbb902236ab95cc817b79969865e6a9cde65d543f6f624b5f9e53e4b07b43d77ca7bb503d7a39a35114152f804c78bc9211f61c2f0eb3842c0d1e9a9b3b4585318a007490ad0343ce1368ae5582da587af3c4c156ed943acbd977ec6060047a8fd89005af9ab41302ec3a72c88030fec45013d35efc5ecbd7ff5b41c6bef7ce7adddd7cc322c6ea213f1b7dba5a844f630c63bb5a3662be935d013b3d4104da390d87c127651d1abe3d2b183cf51720f1d3eab3342c6414d5b8d09e635b618712b510e6fbf4376df28870087ad2be875994e1538729dccbeebd3f532814db319e961b3ab3c718f5025bf68c6a366a180f638b074ee966ccb9db4cf321af69d3c5e654146d3c73a47a48a2df1d6dbf27f6e863978d64ba8e59ddfcdf45e485b44ef5025690dfc85d3f8b0fed638f8017d81b82f4bcaa6dab7ad10ce1ac59a6ec59725521b17ae5212e7bf1e71cc4be8d9c57bcccaea6afc256b9947c618616ae75df1952b683e9382f9b69a86b214007fab11c10dc4758e809880fa3ccc4a4966a333af9652d10aeb2830c9cc0c4dd1c50b5b19830cb5ad0bba23927c72097084002acc317c134b467e8ef66481d295af5216ba2b2227463ff4c52cc8ba8f84dc940edb9384394f66c3683821677635baefe43d09e53f421307a22a675c89b7704b93d26b68aa601f12b98c80522672be8fb44114f5ee4577609792d4a8731765316f46d08e25936a38535925462fd884fb699e6024a27c66f45a00d2c941da5c1213cc7fb08470450af51c9b9e366630c4deff3b0aad756750d8e9a0570170a111d8d9dfb26ca6df846e5e0e960dd76223e3e5a356241420cb63fe7638afb2b393c89f3784463313dd0502ce2582fe494c33358b228df38d673801a13aef8ccbfb601499b05eab9fc1ea79ff0457136b8505f5a0828b14cabc11da7d8064a1ea6512a5235440f18e424509eaa917901fc04d403a0ac0c009ddfd54fc64c87b93395271b3d6645775029bf2b5ccc97ccaded244ca5970f6cf5c7885a411e45de398c6b06f3553e25604bf7dcf10a080e836864875d2949496f0256c60919fca02970cc6b866c799284a111b61251a8335a4dda28997cf73eef8423a8edc5ea103d50ad85da49a82a5eef5e1adfeb2b674ab274b3e1d7c425b19ff279de9514f4f9178893bad99fd9b27b99e8d07f98166d9c24cc7761f37449354a07904334a36c86429b96b906bb9aaf854d5512a2f2139cc4076832d2cd1f3aafa601680c6ed9a729c4388a760ec3e660e3a9a3b6c0e842aacdf3f8a1558b090053f99721dab91d8200d4fd49efb89db83a7c8683e666632dd8f8e50665d27890b214c14feee115579a9799d42babf78830611654826a4fb5f352964e4f0f6fcd8beff16301ffd8e69979c635b1e00254492f1e2a9683eb14abd24e25f9c7a973befd88024811203b8c5891edb1224e68aed33264f1c195137e9dfac078dee77dad6f1aaf618447f7126c2e63637573163a104111991e81213bd9de6ae8a47185c3d37b52202077e93b4e97d9b5514a58079c45b10de04d38d7f2af2115e33b98d46011e5fb3d52092daed0a8a6f98ec79e6a9ddb7469f66c44d5ce7f76013aacb1e162c874134064bf0faf37236c6104598967cb18bcb99aea6f0fe0fb1c42706663b0adc7ee75d0a5f4be66a9ac60f9e9b4d71d4408e777b763163f5695f8852bb567b1cd12e056a61d5c16443622a5730a34a5d4b2146e19b366d2aaaf2c11abdf69e304387b9951093d404a5da6ffcdc161282b625f32eec22b02e1830daa3c5f692cd0e7be3d59efe1671a1e28381e506699fe5cf533ec2854a27b91079e3efb6aeb9886f8a040e4d37210929e02ca7a06d74d4ea884aca97b9b592afdcd5758662f4b258988248117f3db349c5e76cdeb89e598950f465497d138b7b810611198e5ea7ebcb8bf347c41b5c704e1ab3618454039177a929aa60f882b1d27a55454ae08c5077c468e8de8de555f558c9d0cda133698044686d3d4f8c36edae2ee9e6cc430355d45b40ee99366a63b50d5fbd71b6403324807e822afdee6788a3ce97a79da4b730e6079d1d9f62b35ea4e6859c569e6f7ced8e029358ed5c8b6db16a37f7bdbe8969429759681001fbb5f963acb46d3398d59ba92cb435e0ae954f33be138e45007dc1c1acb8f4b3816b2e35f93341587364ef6473992aeda5cef90557b13a48fcb760c704e732937ff455fed55e84cfbf2d7232271706029e2bbdd08d7262541fe62df2d8b6b8f36ec6582fcb3364a256a72b701cb74a85b4c0ed0339b05c41157d8324903772066e393868aa77f923b46b9f4e5109d34a250c5e579c9882029e6c10e19750b315747f665fdcc89f6335614f9668d4fdb233907ff2d0a9b1fc342ee609926431b667728afac5d01690d4fe4d514ccceff7a9b62cbe7046d6d20e128a09f2c2ea684e318086dd470369058dcefefe314a2dd275d06dc7d05ce96076e10139596833f522e962f503906b647a6852481d90176737c0d5e193127792e3bb0543f3c3d37bfc0724744d8b0abc32e1b62a0b40466ed8e74a072838abba492654a7d6c4821e4918575079f71ce332258b72f7a84c51769386415c1719df530277d7028703deb53e3f86b266914042965c0b08905bb96559253e46173a4054bd9d12fe3bcc6abb2a8de808039b039bc8abdea0b055f525e8f1f11a02fd3102a3c1587beafff1c57ad32c8721cccc3525c673472d898bfae25b12346121ac46e18c4ab29ae51e11481d4c59f9a5627dacf9940ee538c88100e8a2b09ca2831cc269adbc1b0aab0b3a80c101be80fcb972838ba49465bd947c60122ebfc7d1ed6c5ce35426a3f7", 0x2000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x8, 0x7, 0x4000000000000e51, 0x1, 0x5479, 0x103d, 0x200000000006, 0x0, 0x32a, 0xfffffffffffffffe, 0xffffffff, 0x1, 0x40000000009, 0x8000000000005, 0x800000068], 0x2000, 0x80cd4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.423451416s ago: executing program 2 (id=365):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x16)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, 0x0, &(0x7f0000000080)='pipefs\x00', 0x2, &(0x7f00000000c0)='${^!%!^-\x06(\xdb&\x94}\\\x00')
msgget$private(0x0, 0x181)
syz_open_procfs(0x0, &(0x7f0000001200)='attr\x00')
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000a2f000/0x1000)=nil, 0x1000, 0x300000f, 0x6, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f0000000180)=0x1, 0x86, 0x2, 0x0, 0x0, 0x1)
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x3201}], 0x1, 0x10000)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x20000000})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x4, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
inotify_init1(0x800)

1.389265109s ago: executing program 4 (id=366):
r0 = syz_open_dev$vbi(&(0x7f00000002c0), 0x3, 0x2)
ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f00000000c0)=0x1)
ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x94f7, 0x7c5, 0x1, 0x0, 0xd59f80, 0x4, 0x5, 0x7, 0x3, 0x5, 0x6, 0xffffffff, 0x80000004, 0x7, 0x2b, 0xc, {0xffff945a}, 0x9, 0xf1}})

1.337195839s ago: executing program 0 (id=367):
r0 = socket(0x40000000015, 0x5, 0x0)
r1 = fsopen(&(0x7f0000000580)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100088}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x7ffc, 0x0, r2, 0x0, '\x00', 0x0, r2}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0x7, &(0x7f0000000700)=ANY=[@ANYBLOB="1808000000000000000000000000000018100000", @ANYRES32=r4, @ANYBLOB="000000000000000018100000", @ANYRES32=r5, @ANYBLOB="0000000000000000950000000000000002e983dd3bbc690437ed091a89eb59c6a015108721be84d13a67230adf1dcf5ca09eba60c8d2b3655c77d0c9b0eb986fba4728ccb132b8a809b6ca0b31c0739ed33c36fd0789c9bb019bc68a2e784b7c58a5ea4c0ff09b512538365d024dd803d45cd2f6604bae34071a78dc4ebbbd0ca443f82bed44352a3b746a8b7612bfa430008fb6eec0049398d364cd62846588286e898ac0d3188479c5"], &(0x7f0000000040)='GPL\x00'}, 0x80)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x690000, 0x0)
sendmsg$DEVLINK_CMD_PORT_GET(0xffffffffffffffff, 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x10, 0x0)
mount$fuseblk(&(0x7f0000002440), &(0x7f0000002480)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000000140)={{}, 0x2c, {'rootmode', 0x3d, 0x2000}})
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r9, &(0x7f0000000c40)={0x2020}, 0x2020)
openat$cgroup_int(r2, &(0x7f0000000080)='cgroup.max.descendants\x00', 0x2, 0x0)
getsockopt(r0, 0x200000000114, 0x271c, 0x0, &(0x7f0000000040))

1.200584811s ago: executing program 3 (id=368):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000400)='percpu_alloc_percpu\x00', r1}, 0x10)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0)
r2 = syz_io_uring_setup(0x816, &(0x7f0000000200)={0x0, 0xca0c, 0x10100, 0xfffffffe, 0xfffffffd}, &(0x7f0000000100)=<r3=>0x0, &(0x7f00000004c0)=<r4=>0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000040)=ANY=[@ANYRES8=r2], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x31, 0x0, r0, 0x0})
io_uring_enter(r2, 0x1c64, 0xfffffffe, 0x60, 0x0, 0x0)

1.175609153s ago: executing program 4 (id=369):
r0 = socket(0x2, 0x5, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000002600), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f00000027c0)={0x0, 0x0, &(0x7f0000002780)={&(0x7f0000000700)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd7000fbdbdf25010000000c000200d6400000000000001c0007800c00018008000100", @ANYRES32=r0, @ANYBLOB="0c00018008000100", @ANYRES32=r0, @ANYBLOB="0c000500cb01"], 0x48}, 0x1, 0x0, 0x0, 0x4000004}, 0x2000c000)

500.6034ms ago: executing program 1 (id=370):
setgroups(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x68, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x54, 0x1, [@m_tunnel_key={0x50, 0x1, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0xe08, 0x0, 0x2, 0x1, 0x80000000}, 0x2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x8000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r5 = dup(r4)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f00000002c0)=ANY=[@ANYBLOB="820000000000000005010040"])

269.137427ms ago: executing program 0 (id=371):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x24004000)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

184.486255ms ago: executing program 0 (id=372):
r0 = syz_open_dev$sndctrl(&(0x7f0000002800), 0x1f, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$sndctrl(0x0, 0x8, 0x800)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4008000, &(0x7f0000000280)={0xa, 0x4e1f, 0x80000, @loopback, 0x7}, 0x1c)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f0000002880)={{0x7, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 'syz0\x00', 0x0})

0s ago: executing program 3 (id=373):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000680)="93378efcd17301726272853a9fa88608996042ab60ae09f9a90efedde424f36d", 0x20)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, 0x0, 0x0, 0x40002023, 0x0)

kernel console output (not intermixed with test programs):

Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.115777][ T5855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   81.130177][ T5851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.139508][ T5850] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.146654][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.154642][ T5850] bridge_slave_0: entered allmulticast mode
[   81.161896][ T5850] bridge_slave_0: entered promiscuous mode
[   81.189141][ T5855] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.196111][ T5855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.222469][ T5855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.255932][ T5850] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.265355][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.272755][ T5850] bridge_slave_1: entered allmulticast mode
[   81.280904][ T5850] bridge_slave_1: entered promiscuous mode
[   81.305266][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.318352][ T5859] Bluetooth: hci0: command tx timeout
[   81.331534][ T5851] team0: Port device team_slave_0 added
[   81.353940][ T5850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.367342][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.390365][ T5851] team0: Port device team_slave_1 added
[   81.401121][ T5846] Bluetooth: hci1: command tx timeout
[   81.406854][ T5846] Bluetooth: hci3: command tx timeout
[   81.410971][ T5859] Bluetooth: hci4: command tx timeout
[   81.413711][ T5844] Bluetooth: hci2: command tx timeout
[   81.426395][ T5850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.503781][ T5855] hsr_slave_0: entered promiscuous mode
[   81.512186][ T5855] hsr_slave_1: entered promiscuous mode
[   81.574637][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_0
[   81.581772][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.608213][ T5851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   81.621114][ T5850] team0: Port device team_slave_0 added
[   81.632874][ T5840] hsr_slave_0: entered promiscuous mode
[   81.639125][ T5840] hsr_slave_1: entered promiscuous mode
[   81.645126][ T5840] debugfs: 'hsr0' already exists in 'hsr'
[   81.651166][ T5840] Cannot create hsr debugfs directory
[   81.659078][ T5845] team0: Port device team_slave_0 added
[   81.683713][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.691180][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.718647][ T5851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.744323][ T5850] team0: Port device team_slave_1 added
[   81.782079][ T5845] team0: Port device team_slave_1 added
[   81.944679][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_0
[   81.954855][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.985838][ T5850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.005778][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.020463][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.048268][ T5850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.090496][ T5851] hsr_slave_0: entered promiscuous mode
[   82.096988][ T5851] hsr_slave_1: entered promiscuous mode
[   82.103858][ T5851] debugfs: 'hsr0' already exists in 'hsr'
[   82.109672][ T5851] Cannot create hsr debugfs directory
[   82.132911][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.140352][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.167366][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.220927][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.228594][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.254686][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.373604][ T5850] hsr_slave_0: entered promiscuous mode
[   82.380647][ T5850] hsr_slave_1: entered promiscuous mode
[   82.386651][ T5850] debugfs: 'hsr0' already exists in 'hsr'
[   82.392498][ T5850] Cannot create hsr debugfs directory
[   82.473352][ T5845] hsr_slave_0: entered promiscuous mode
[   82.480419][ T5845] hsr_slave_1: entered promiscuous mode
[   82.486432][ T5845] debugfs: 'hsr0' already exists in 'hsr'
[   82.492374][ T5845] Cannot create hsr debugfs directory
[   82.839583][ T5855] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   82.877680][ T5855] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   82.889932][ T5855] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   82.906784][ T5855] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   82.999547][ T5851] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   83.012552][ T5851] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   83.026095][ T5851] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   83.037518][ T5851] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   83.121914][ T5840] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   83.135929][ T5840] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   83.162841][ T5840] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   83.174248][ T5840] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   83.282758][ T5845] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   83.294554][ T5845] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   83.318294][ T5845] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   83.330994][ T5845] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   83.398566][ T5844] Bluetooth: hci0: command tx timeout
[   83.462453][ T5850] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   83.472605][ T5850] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   83.478198][ T5844] Bluetooth: hci3: command tx timeout
[   83.480849][ T5846] Bluetooth: hci4: command tx timeout
[   83.484732][ T5860] Bluetooth: hci2: command tx timeout
[   83.498901][ T5859] Bluetooth: hci1: command tx timeout
[   83.514780][ T5850] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   83.524868][ T5850] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   83.579382][ T5855] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.602648][ T5851] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.616373][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.673262][ T5840] 8021q: adding VLAN 0 to HW filter on device team0
[   83.688033][ T5855] 8021q: adding VLAN 0 to HW filter on device team0
[   83.706503][ T5851] 8021q: adding VLAN 0 to HW filter on device team0
[   83.735524][  T153] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.742750][  T153] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.754975][  T153] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.762099][  T153] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.772159][  T153] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.779285][  T153] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.814094][ T3429] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.821247][ T3429] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.835029][ T3429] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.842193][ T3429] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.881840][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.892072][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.899262][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.996316][ T5840] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   84.012708][ T5845] 8021q: adding VLAN 0 to HW filter on device team0
[   84.110501][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.117705][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.143503][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.150702][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.329766][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.458283][ T5850] 8021q: adding VLAN 0 to HW filter on device team0
[   84.522580][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.571563][ T3429] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.578751][ T3429] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.624915][ T3429] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.632365][ T3429] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.691077][ T5855] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.761949][ T5851] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.901627][ T5840] veth0_vlan: entered promiscuous mode
[   84.960800][ T5855] veth0_vlan: entered promiscuous mode
[   84.982027][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.004836][ T5840] veth1_vlan: entered promiscuous mode
[   85.053042][ T5855] veth1_vlan: entered promiscuous mode
[   85.153077][ T5840] veth0_macvtap: entered promiscuous mode
[   85.186454][ T5840] veth1_macvtap: entered promiscuous mode
[   85.269481][ T5845] veth0_vlan: entered promiscuous mode
[   85.279393][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.302352][ T5855] veth0_macvtap: entered promiscuous mode
[   85.320362][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.338612][ T5855] veth1_macvtap: entered promiscuous mode
[   85.351011][ T5845] veth1_vlan: entered promiscuous mode
[   85.358148][   T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.383601][   T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.393207][   T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.410883][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.422748][   T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.433510][ T5851] veth0_vlan: entered promiscuous mode
[   85.461809][ T5851] veth1_vlan: entered promiscuous mode
[   85.478684][ T5859] Bluetooth: hci0: command tx timeout
[   85.500350][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.534297][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.559861][ T5859] Bluetooth: hci1: command tx timeout
[   85.565313][ T5844] Bluetooth: hci3: command tx timeout
[   85.571002][ T5860] Bluetooth: hci2: command tx timeout
[   85.571172][ T5846] Bluetooth: hci4: command tx timeout
[   85.603440][   T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.613560][   T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.644564][   T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.653436][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.676153][ T5845] veth0_macvtap: entered promiscuous mode
[   85.692061][ T3429] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.700242][ T3429] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.721975][ T5851] veth0_macvtap: entered promiscuous mode
[   85.731045][ T5845] veth1_macvtap: entered promiscuous mode
[   85.760758][ T5851] veth1_macvtap: entered promiscuous mode
[   85.769447][ T5850] veth0_vlan: entered promiscuous mode
[   85.813000][  T153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.832633][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.844020][  T153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.874595][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.889872][ T5850] veth1_vlan: entered promiscuous mode
[   85.923057][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.942212][   T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.973154][ T5840] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   85.976079][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.002426][   T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.013377][   T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.030716][   T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.047690][   T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.056457][   T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.066301][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.095921][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.141483][   T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.156222][   T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.215297][ T5850] veth0_macvtap: entered promiscuous mode
[   86.225969][ T5850] veth1_macvtap: entered promiscuous mode
[   86.260010][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.333247][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.364499][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.420583][   T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.433162][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.442762][   T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.466320][ T5964] loop0: detected capacity change from 0 to 40427
[   86.514204][ T5964] F2FS-fs (loop0): invalid crc value
[   86.522069][   T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.533319][   T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.620687][ T5964] F2FS-fs (loop0): Start checkpoint disabled!
[   86.643039][ T5964] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   86.684731][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   86.693646][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   86.702293][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   86.711302][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   86.719870][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   86.728422][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   86.736885][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   86.745536][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   86.944489][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   87.071174][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   87.213502][  T891] cfg80211: failed to load regulatory.db
[   87.573973][ T5846] Bluetooth: hci0: command tx timeout
[   87.637453][ T5846] Bluetooth: hci4: command tx timeout
[   87.643453][ T5859] Bluetooth: hci1: command tx timeout
[   87.649229][ T5860] Bluetooth: hci2: command tx timeout
[   87.655347][ T5844] Bluetooth: hci3: command tx timeout
[   87.985844][ T1329] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.999296][ T1329] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.044736][   T36] kworker/u8:2: attempt to access beyond end of device
[   88.044736][   T36] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   88.095590][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[   88.095631][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   88.095645][   T36] Workqueue: writeback wb_workfn (flush-7:0)
[   88.095698][   T36] Call Trace:
[   88.095705][   T36]  <TASK>
[   88.095714][   T36]  dump_stack_lvl+0x189/0x250
[   88.095744][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[   88.095763][   T36]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[   88.095788][   T36]  ? __pfx_queue_work_on+0x10/0x10
[   88.095811][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   88.095834][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   88.095858][   T36]  ? f2fs_hw_is_readonly+0x39b/0x470
[   88.095895][   T36]  f2fs_handle_critical_error+0x37c/0x540
[   88.095934][   T36]  f2fs_write_end_io+0x495/0x810
[   88.095954][   T36]  ? blkg_put+0x22/0x240
[   88.095992][   T36]  __submit_merged_bio+0x27a/0x6a0
[   88.096031][   T36]  __submit_merged_write_cond+0x255/0x530
[   88.096070][   T36]  f2fs_write_data_pages+0x261d/0x3000
[   88.096135][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   88.096260][   T36]  ? f2fs_write_meta_pages+0x357/0x450
[   88.096292][   T36]  ? __lock_acquire+0xab9/0xd20
[   88.096328][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   88.096350][   T36]  do_writepages+0x32e/0x550
[   88.096380][   T36]  ? reacquire_held_locks+0x127/0x1d0
[   88.096400][   T36]  ? writeback_sb_inodes+0x384/0x1010
[   88.096433][   T36]  __writeback_single_inode+0x145/0xff0
[   88.096456][   T36]  ? do_raw_spin_unlock+0x122/0x240
[   88.096486][   T36]  writeback_sb_inodes+0x6c7/0x1010
[   88.096542][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   88.096624][   T36]  ? rcu_is_watching+0x15/0xb0
[   88.096657][   T36]  wb_writeback+0x43b/0xaf0
[   88.096690][   T36]  ? queue_io+0x3d1/0x590
[   88.096715][   T36]  ? __pfx_wb_writeback+0x10/0x10
[   88.096748][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[   88.096778][   T36]  wb_workfn+0x409/0xef0
[   88.096827][   T36]  ? __pfx_wb_workfn+0x10/0x10
[   88.096862][   T36]  ? __lock_acquire+0xab9/0xd20
[   88.096905][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[   88.096933][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[   88.096954][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[   88.096972][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[   88.096994][   T36]  process_scheduled_works+0xae1/0x17b0
[   88.097055][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[   88.097089][   T36]  worker_thread+0x8a0/0xda0
[   88.097137][   T36]  kthread+0x70e/0x8a0
[   88.097162][   T36]  ? __pfx_worker_thread+0x10/0x10
[   88.097181][   T36]  ? __pfx_kthread+0x10/0x10
[   88.097206][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[   88.097228][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[   88.097249][   T36]  ? __pfx_kthread+0x10/0x10
[   88.097274][   T36]  ret_from_fork+0x3fc/0x770
[   88.097297][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[   88.097325][   T36]  ? __switch_to_asm+0x39/0x70
[   88.097347][   T36]  ? __switch_to_asm+0x33/0x70
[   88.097369][   T36]  ? __pfx_kthread+0x10/0x10
[   88.097393][   T36]  ret_from_fork_asm+0x1a/0x30
[   88.097436][   T36]  </TASK>
[   88.189189][   T36] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[   88.206485][  T153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.244655][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[   88.244684][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   88.244696][   T36] Workqueue: writeback wb_workfn (flush-7:0)
[   88.244734][   T36] Call Trace:
[   88.244741][   T36]  <TASK>
[   88.244750][   T36]  dump_stack_lvl+0x189/0x250
[   88.244779][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[   88.244798][   T36]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[   88.244831][   T36]  ? __pfx_queue_work_on+0x10/0x10
[   88.244853][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   88.244875][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   88.244900][   T36]  ? f2fs_hw_is_readonly+0x39b/0x470
[   88.244936][   T36]  f2fs_handle_critical_error+0x37c/0x540
[   88.244974][   T36]  f2fs_write_end_io+0x495/0x810
[   88.244992][   T36]  ? blkg_put+0x22/0x240
[   88.245030][   T36]  __submit_merged_bio+0x27a/0x6a0
[   88.245068][   T36]  __submit_merged_write_cond+0x255/0x530
[   88.245105][   T36]  f2fs_write_data_pages+0x261d/0x3000
[   88.245167][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   88.245284][   T36]  ? f2fs_write_meta_pages+0x357/0x450
[   88.245315][   T36]  ? __lock_acquire+0xab9/0xd20
[   88.245350][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   88.245371][   T36]  do_writepages+0x32e/0x550
[   88.245400][   T36]  ? reacquire_held_locks+0x127/0x1d0
[   88.245418][   T36]  ? writeback_sb_inodes+0x384/0x1010
[   88.245450][   T36]  __writeback_single_inode+0x145/0xff0
[   88.245471][   T36]  ? do_raw_spin_unlock+0x122/0x240
[   88.245500][   T36]  writeback_sb_inodes+0x6c7/0x1010
[   88.245553][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   88.245625][   T36]  ? rcu_is_watching+0x15/0xb0
[   88.245656][   T36]  wb_writeback+0x43b/0xaf0
[   88.245687][   T36]  ? queue_io+0x3d1/0x590
[   88.245711][   T36]  ? __pfx_wb_writeback+0x10/0x10
[   88.245743][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[   88.245771][   T36]  wb_workfn+0x409/0xef0
[   88.245823][   T36]  ? __pfx_wb_workfn+0x10/0x10
[   88.245857][   T36]  ? __lock_acquire+0xab9/0xd20
[   88.245898][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[   88.245925][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[   88.245946][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[   88.245962][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[   88.245982][   T36]  process_scheduled_works+0xae1/0x17b0
[   88.246038][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[   88.246079][   T36]  worker_thread+0x8a0/0xda0
[   88.246132][   T36]  kthread+0x70e/0x8a0
[   88.246159][   T36]  ? __pfx_worker_thread+0x10/0x10
[   88.246177][   T36]  ? __pfx_kthread+0x10/0x10
[   88.246203][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[   88.246225][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[   88.246246][   T36]  ? __pfx_kthread+0x10/0x10
[   88.246271][   T36]  ret_from_fork+0x3fc/0x770
[   88.246294][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[   88.246320][   T36]  ? __switch_to_asm+0x39/0x70
[   88.246342][   T36]  ? __switch_to_asm+0x33/0x70
[   88.246364][   T36]  ? __pfx_kthread+0x10/0x10
[   88.246388][   T36]  ret_from_fork_asm+0x1a/0x30
[   88.246432][   T36]  </TASK>
[   88.246440][   T36] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[   88.329967][  T153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.823899][ T5978] ufs: You didn't specify the type of your ufs filesystem
[   88.823899][ T5978] 
[   88.823899][ T5978] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[   88.823899][ T5978] 
[   88.823899][ T5978] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[   88.860268][ T3429] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.871441][ T3429] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.918506][ T5978] ufs: ufstype=old is supported read-only
[   88.962403][ T5978] syz.1.7: attempt to access beyond end of device
[   88.962403][ T5978] nbd1: rw=0, sector=16, nr_sectors = 2 limit=0
[   88.982644][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.020996][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.081034][ T1329] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.111417][ T1329] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.272713][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.299855][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.764934][ T5993] loop2: detected capacity change from 0 to 64
[   90.775396][ T5997] loop3: detected capacity change from 0 to 128
[   91.857409][ T5988] loop1: detected capacity change from 0 to 40427
[   91.910007][ T5988] F2FS-fs (loop1): invalid crc value
[   92.151393][ T6011] loop2: detected capacity change from 0 to 40427
[   92.170336][ T6011] F2FS-fs (loop2): invalid crc value
[   92.255346][ T6011] F2FS-fs (loop2): Start checkpoint disabled!
[   92.264231][ T6011] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   94.166262][ T1329] kworker/u8:6: attempt to access beyond end of device
[   94.166262][ T1329] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   94.233714][ T1329] CPU: 1 UID: 0 PID: 1329 Comm: kworker/u8:6 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[   94.233744][ T1329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.233757][ T1329] Workqueue: writeback wb_workfn (flush-7:2)
[   94.233794][ T1329] Call Trace:
[   94.233802][ T1329]  <TASK>
[   94.233811][ T1329]  dump_stack_lvl+0x189/0x250
[   94.233840][ T1329]  ? __pfx_dump_stack_lvl+0x10/0x10
[   94.233860][ T1329]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[   94.233884][ T1329]  ? __pfx_queue_work_on+0x10/0x10
[   94.233907][ T1329]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   94.233931][ T1329]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   94.233962][ T1329]  ? f2fs_hw_is_readonly+0x39b/0x470
[   94.234000][ T1329]  f2fs_handle_critical_error+0x37c/0x540
[   94.234039][ T1329]  f2fs_write_end_io+0x495/0x810
[   94.234059][ T1329]  ? blkg_put+0x22/0x240
[   94.234099][ T1329]  __submit_merged_bio+0x27a/0x6a0
[   94.234138][ T1329]  __submit_merged_write_cond+0x255/0x530
[   94.234178][ T1329]  f2fs_write_data_pages+0x261d/0x3000
[   94.234241][ T1329]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   94.234365][ T1329]  ? f2fs_write_meta_pages+0x357/0x450
[   94.234398][ T1329]  ? __lock_acquire+0xab9/0xd20
[   94.234433][ T1329]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   94.234456][ T1329]  do_writepages+0x32e/0x550
[   94.234486][ T1329]  ? reacquire_held_locks+0x127/0x1d0
[   94.234506][ T1329]  ? writeback_sb_inodes+0x384/0x1010
[   94.234539][ T1329]  __writeback_single_inode+0x145/0xff0
[   94.234562][ T1329]  ? do_raw_spin_unlock+0x122/0x240
[   94.234592][ T1329]  writeback_sb_inodes+0x6c7/0x1010
[   94.234648][ T1329]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   94.234725][ T1329]  ? rcu_is_watching+0x15/0xb0
[   94.234758][ T1329]  wb_writeback+0x43b/0xaf0
[   94.234790][ T1329]  ? queue_io+0x3d1/0x590
[   94.234817][ T1329]  ? __pfx_wb_writeback+0x10/0x10
[   94.234850][ T1329]  ? _raw_spin_unlock_irq+0x23/0x50
[   94.234880][ T1329]  wb_workfn+0x409/0xef0
[   94.234929][ T1329]  ? __pfx_wb_workfn+0x10/0x10
[   94.234970][ T1329]  ? __lock_acquire+0xab9/0xd20
[   94.235013][ T1329]  ? process_scheduled_works+0x9ef/0x17b0
[   94.235041][ T1329]  ? _raw_spin_unlock_irq+0x23/0x50
[   94.235063][ T1329]  ? process_scheduled_works+0x9ef/0x17b0
[   94.235081][ T1329]  ? process_scheduled_works+0x9ef/0x17b0
[   94.235103][ T1329]  process_scheduled_works+0xae1/0x17b0
[   94.235161][ T1329]  ? __pfx_process_scheduled_works+0x10/0x10
[   94.235203][ T1329]  worker_thread+0x8a0/0xda0
[   94.235227][ T1329]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   94.235262][ T1329]  ? __kthread_parkme+0x7b/0x200
[   94.235297][ T1329]  kthread+0x70e/0x8a0
[   94.235325][ T1329]  ? __pfx_worker_thread+0x10/0x10
[   94.235345][ T1329]  ? __pfx_kthread+0x10/0x10
[   94.235372][ T1329]  ? _raw_spin_unlock_irq+0x23/0x50
[   94.235394][ T1329]  ? lockdep_hardirqs_on+0x9c/0x150
[   94.235416][ T1329]  ? __pfx_kthread+0x10/0x10
[   94.235443][ T1329]  ret_from_fork+0x3fc/0x770
[   94.235466][ T1329]  ? __pfx_ret_from_fork+0x10/0x10
[   94.235493][ T1329]  ? __switch_to_asm+0x39/0x70
[   94.235516][ T1329]  ? __switch_to_asm+0x33/0x70
[   94.235539][ T1329]  ? __pfx_kthread+0x10/0x10
[   94.235565][ T1329]  ret_from_fork_asm+0x1a/0x30
[   94.235611][ T1329]  </TASK>
[   94.235619][ T1329] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   94.777282][ T1329] CPU: 0 UID: 0 PID: 1329 Comm: kworker/u8:6 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[   94.777310][ T1329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.777323][ T1329] Workqueue: writeback wb_workfn (flush-7:2)
[   94.777360][ T1329] Call Trace:
[   94.777368][ T1329]  <TASK>
[   94.777376][ T1329]  dump_stack_lvl+0x189/0x250
[   94.777404][ T1329]  ? __pfx_dump_stack_lvl+0x10/0x10
[   94.777424][ T1329]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[   94.777448][ T1329]  ? __pfx_queue_work_on+0x10/0x10
[   94.777471][ T1329]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   94.777494][ T1329]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   94.777519][ T1329]  ? f2fs_hw_is_readonly+0x39b/0x470
[   94.777555][ T1329]  f2fs_handle_critical_error+0x37c/0x540
[   94.777592][ T1329]  f2fs_write_end_io+0x495/0x810
[   94.777612][ T1329]  ? blkg_put+0x22/0x240
[   94.777646][ T1329]  __submit_merged_bio+0x27a/0x6a0
[   94.777682][ T1329]  __submit_merged_write_cond+0x255/0x530
[   94.777719][ T1329]  f2fs_write_data_pages+0x261d/0x3000
[   94.777776][ T1329]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   94.777882][ T1329]  ? f2fs_write_meta_pages+0x357/0x450
[   94.777919][ T1329]  ? __lock_acquire+0xab9/0xd20
[   94.777952][ T1329]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   94.777974][ T1329]  do_writepages+0x32e/0x550
[   94.778003][ T1329]  ? reacquire_held_locks+0x127/0x1d0
[   94.778022][ T1329]  ? writeback_sb_inodes+0x384/0x1010
[   94.778054][ T1329]  __writeback_single_inode+0x145/0xff0
[   94.778076][ T1329]  ? do_raw_spin_unlock+0x122/0x240
[   94.778105][ T1329]  writeback_sb_inodes+0x6c7/0x1010
[   94.778154][ T1329]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   94.778222][ T1329]  ? rcu_is_watching+0x15/0xb0
[   94.778256][ T1329]  wb_writeback+0x43b/0xaf0
[   94.778287][ T1329]  ? queue_io+0x3d1/0x590
[   94.778311][ T1329]  ? __pfx_wb_writeback+0x10/0x10
[   94.778342][ T1329]  ? _raw_spin_unlock_irq+0x23/0x50
[   94.778370][ T1329]  wb_workfn+0x409/0xef0
[   94.778415][ T1329]  ? __pfx_wb_workfn+0x10/0x10
[   94.778448][ T1329]  ? __lock_acquire+0xab9/0xd20
[   94.778488][ T1329]  ? process_scheduled_works+0x9ef/0x17b0
[   94.778514][ T1329]  ? _raw_spin_unlock_irq+0x23/0x50
[   94.778535][ T1329]  ? process_scheduled_works+0x9ef/0x17b0
[   94.778552][ T1329]  ? process_scheduled_works+0x9ef/0x17b0
[   94.778573][ T1329]  process_scheduled_works+0xae1/0x17b0
[   94.778625][ T1329]  ? __pfx_process_scheduled_works+0x10/0x10
[   94.778663][ T1329]  worker_thread+0x8a0/0xda0
[   94.778686][ T1329]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   94.778718][ T1329]  ? __kthread_parkme+0x7b/0x200
[   94.778750][ T1329]  kthread+0x70e/0x8a0
[   94.778778][ T1329]  ? __pfx_worker_thread+0x10/0x10
[   94.778796][ T1329]  ? __pfx_kthread+0x10/0x10
[   94.778823][ T1329]  ? _raw_spin_unlock_irq+0x23/0x50
[   94.778845][ T1329]  ? lockdep_hardirqs_on+0x9c/0x150
[   94.778867][ T1329]  ? __pfx_kthread+0x10/0x10
[   94.778897][ T1329]  ret_from_fork+0x3fc/0x770
[   94.778919][ T1329]  ? __pfx_ret_from_fork+0x10/0x10
[   94.778945][ T1329]  ? __switch_to_asm+0x39/0x70
[   94.778967][ T1329]  ? __switch_to_asm+0x33/0x70
[   94.778990][ T1329]  ? __pfx_kthread+0x10/0x10
[   94.779015][ T1329]  ret_from_fork_asm+0x1a/0x30
[   94.779058][ T1329]  </TASK>
[   94.784533][ T1329] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   95.386545][ T6017] loop4: detected capacity change from 0 to 32768
[   95.815850][ T6024] Zero length message leads to an empty skb
[   97.623857][ T6031] loop0: detected capacity change from 0 to 128
[   97.669913][ T6030] loop1: detected capacity change from 0 to 1024
[   97.697701][ T6031] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[   97.770260][ T6030] hfsplus: bad catalog entry type
[   98.717834][ T6037] loop2: detected capacity change from 0 to 1024
[   98.875286][ T6037] EXT4-fs: Ignoring removed nobh option
[  100.571389][ T6037] EXT4-fs: Ignoring removed oldalloc option
[  100.587256][ T6037] EXT4-fs: Ignoring removed bh option
[  101.156304][ T6037] EXT4-fs warning (device loop2): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop2.
[  101.860553][ T1329] hfsplus: b-tree write err: -5, ino 4
[  104.377225][ T6051] overlayfs: failed to resolve './file1': -2
[  105.772714][ T6070] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  106.678900][ T6079] process 'syz.3.35' launched './file0' with NULL argv: empty string added
[  107.559945][ T6077] Bluetooth: MGMT ver 1.23
[  110.980333][ T6087] trusted_key: syz.4.38 sent an empty control message without MSG_MORE.
[  112.166702][ T6098] fuseblk: Bad value for 'fd'
[  113.268564][ T6082] loop2: detected capacity change from 0 to 32768
[  113.738340][ T6082] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.37 (6082)
[  113.844380][ T6103] loop1: detected capacity change from 0 to 32768
[  114.144997][ T6103] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow
[  114.145015][ T6103]   allowing incompatible features above 0.0: (unknown version)
[  114.145021][ T6103]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  114.448491][ T6135] netlink: 'syz.4.51': attribute type 3 has an invalid length.
[  115.303065][ T6103] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  115.347421][ T6103] bcachefs (loop1): recovering from clean shutdown, journal seq 10
[  115.355502][ T6103] bcachefs (loop1): Version upgrade required:
[  115.355502][ T6103] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  115.355502][ T6103] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  115.355502][ T6103]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  115.499402][ T6103] bcachefs (loop1): dropping and reconstructing all alloc info
[  115.645382][ T6103] bcachefs (loop1): accounting_read... done
[  115.700884][ T6103] bcachefs (loop1): alloc_read... done
[  115.719500][ T6113] loop0: detected capacity change from 0 to 32768
[  115.728417][ T6103] bcachefs (loop1): snapshots_read... done
[  115.763761][ T6144] loop3: detected capacity change from 0 to 4096
[  115.771035][ T6113] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.46 (6113)
[  115.785910][ T6103] bcachefs (loop1): done starting filesystem
[  115.798631][ T6144] =======================================================
[  115.798631][ T6144] WARNING: The mand mount option has been deprecated and
[  115.798631][ T6144]          and is ignored by this kernel. Remove the mand
[  115.798631][ T6144]          option from the mount to silence this warning.
[  115.798631][ T6144] =======================================================
[  115.833472][    C0] vkms_vblank_simulate: vblank timer overrun
[  115.906906][ T6113] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  115.920718][ T6153] loop2: detected capacity change from 0 to 4096
[  115.972926][ T5855] bcachefs (loop1): shutting down
[  115.984332][ T6113] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  116.052782][ T6113] BTRFS info (device loop0): using free-space-tree
[  116.091788][ T6154] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  116.098696][ T6113] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  116.120255][ T5855] bcachefs (loop1): shutdown complete
[  116.155710][ T6113] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  116.156178][ T6113] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  116.203564][ T6113] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  116.257677][ T6113] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  116.328359][ T6113] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  116.365850][ T6113] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  116.379236][ T6113] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  116.390999][ T6113] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  116.402755][ T6113] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  116.413520][ T6113] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  116.432603][ T6113] BTRFS error (device loop0): open_ctree failed: -12
[  116.908704][ T6178] loop3: detected capacity change from 0 to 4096
[  117.206613][ T6178] NILFS error (device loop3): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[  117.223565][ T6181] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  117.259860][ T6178] NILFS (loop3): mounting fs with errors
[  118.164948][ T6188] netlink: 'syz.0.64': attribute type 3 has an invalid length.
[  119.957477][ T6209] fuseblk: Bad value for 'fd'
[  120.448694][ T6215] loop3: detected capacity change from 0 to 128
[  120.465587][ T6215] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  120.841444][ T6218] loop2: detected capacity change from 0 to 4096
[  121.526390][ T6218] NILFS error (device loop2): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[  121.541970][ T6218] NILFS (loop2): mounting fs with errors
[  121.550871][ T6219] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  122.569822][ T6213] loop0: detected capacity change from 0 to 32768
[  122.618121][ T6213] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.72 (6213)
[  122.728464][ T6230] overlayfs: failed to resolve './file0': -2
[  122.757973][ T6213] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  122.792460][ T6213] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  122.897284][ T6213] BTRFS info (device loop0): using free-space-tree
[  123.057992][ T6233] loop4: detected capacity change from 0 to 32768
[  123.375073][ T6213] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  123.452648][ T6233] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  123.452675][ T6233]   allowing incompatible features above 0.0: (unknown version)
[  123.452688][ T6233]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  123.498737][ T6233] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  123.506925][ T6233] bcachefs (loop4): initializing new filesystem
[  123.522167][ T6233] bcachefs (loop4): going read-write
[  123.562173][ T6213] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  123.600149][ T6213] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  123.617495][ T6233] bcachefs (loop4): marking superblocks
[  123.639258][ T6213] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  123.639552][ T6213] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  123.644872][ T6233] bcachefs (loop4): initializing freespace
[  123.669899][ T6233] bcachefs (loop4): done initializing freespace
[  123.679037][ T6233] bcachefs (loop4): reading snapshots table
[  123.685020][ T6233] bcachefs (loop4): reading snapshots done
[  123.723855][ T6233] bcachefs (loop4): done starting filesystem
[  123.729574][ T6213] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  123.730134][ T6213] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  123.827898][ T6213] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  123.896948][ T6213] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  124.183545][ T6213] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  124.194385][ T5956] usb 2-1: new low-speed USB device number 2 using dummy_hcd
[  124.778118][ T6233] syz.4.80 (6233) used greatest stack depth: 17704 bytes left
[  124.968445][ T6213] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  124.968750][ T6213] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  125.175991][ T6213] BTRFS error (device loop0): open_ctree failed: -12
[  125.214968][ T5851] bcachefs (loop4): shutting down
[  125.227273][ T5851] bcachefs (loop4): going read-only
[  125.238116][ T5851] bcachefs (loop4): finished waiting for writes to stop
[  125.468274][ T5851] bcachefs (loop4): flushing journal and stopping allocators, journal seq 4
[  125.578452][ T5956] usb 2-1: config 0 has no interfaces?
[  125.605047][ T6278] lo speed is unknown, defaulting to 1000
[  125.613597][ T6278] lo speed is unknown, defaulting to 1000
[  125.621318][ T6278] lo speed is unknown, defaulting to 1000
[  125.825564][ T6278] infiniband syz0: set active
[  125.830495][ T6278] infiniband syz0: added lo
[  126.122620][ T5966] lo speed is unknown, defaulting to 1000
[  126.132097][ T6278] RDS/IB: syz0: added
[  126.136685][ T6278] smc: adding ib device syz0 with port count 1
[  126.143242][ T6278] smc:    ib device syz0 port 1 has pnetid 
[  126.161496][ T5956] usb 2-1: string descriptor 0 read error: -22
[  126.170785][ T6278] lo speed is unknown, defaulting to 1000
[  126.184361][ T5956] usb 2-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  126.232188][ T5956] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.246553][ T5920] lo speed is unknown, defaulting to 1000
[  126.336997][ T5956] usb 2-1: config 0 descriptor??
[  126.349857][ T5851] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 4
[  126.475124][ T6278] lo speed is unknown, defaulting to 1000
[  126.480876][ T5851] bcachefs (loop4): clean shutdown complete, journal seq 5
[  126.481931][ T5851] bcachefs (loop4): marking filesystem clean
[  126.501121][ T5956] usb 2-1: USB disconnect, device number 2
[  126.597548][ T6286] loop2: detected capacity change from 0 to 128
[  126.650194][ T6286] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  126.910261][ T6278] lo speed is unknown, defaulting to 1000
[  127.046745][ T6278] lo speed is unknown, defaulting to 1000
[  127.179047][ T6278] lo speed is unknown, defaulting to 1000
[  127.801641][ T5851] bcachefs (loop4): shutdown complete
[  128.066701][ T6302] netlink: 'syz.3.92': attribute type 3 has an invalid length.
[  128.312010][ T6308] loop1: detected capacity change from 0 to 64
[  128.814786][ T6313] netlink: 'syz.2.93': attribute type 1 has an invalid length.
[  129.002129][   T30] audit: type=1800 audit(1751802101.472:2): pid=6308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.95" name="bus" dev="loop1" ino=21 res=0 errno=0
[  129.406406][ T6322] loop2: detected capacity change from 0 to 8
[  129.646047][ T6329] ALSA: mixer_oss: invalid OSS volume ''
[  129.810324][ T6332] loop3: detected capacity change from 0 to 128
[  130.154885][ T6332] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  130.175335][ T6335] loop2: detected capacity change from 0 to 4096
[  130.668245][ T6335] NILFS error (device loop2): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[  130.692364][ T6338] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  130.732267][ T6335] NILFS (loop2): mounting fs with errors
[  131.500418][ T6340] loop1: detected capacity change from 0 to 32768
[  132.124378][ T6323] loop0: detected capacity change from 0 to 32768
[  132.200904][ T6323] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.98 (6323)
[  132.292716][ T6323] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  132.324989][ T6323] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  132.332316][ T6348] loop2: detected capacity change from 0 to 2048
[  132.345682][ T6323] BTRFS info (device loop0): using free-space-tree
[  132.849704][ T6323] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  132.856962][   T30] audit: type=1800 audit(1751802105.112:3): pid=6348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.109" name="file1" dev="loop2" ino=1048639 res=0 errno=0
[  132.962117][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  132.972012][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  133.035759][ T6323] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  133.036136][ T6323] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  133.064121][ T6340] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  133.064140][ T6340]   allowing incompatible features above 0.0: (unknown version)
[  133.064146][ T6340]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  133.096218][    C0] vkms_vblank_simulate: vblank timer overrun
[  133.124512][ T6340] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  133.132827][ T6340] bcachefs (loop1): initializing new filesystem
[  133.147854][ T6340] bcachefs (loop1): going read-write
[  133.191925][ T6323] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  133.192254][ T6323] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  133.242999][ T6323] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  133.253588][ T6323] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  133.263453][ T6323] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  133.272657][ T6323] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  133.285822][ T6323] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  133.292515][ T6340] bcachefs (loop1): marking superblocks
[  133.296736][ T6323] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  133.312324][ T6340] bcachefs (loop1): initializing freespace
[  133.337319][ T6340] bcachefs (loop1): done initializing freespace
[  133.346158][ T6340] bcachefs (loop1): reading snapshots table
[  133.352211][ T6340] bcachefs (loop1): reading snapshots done
[  133.378164][ T6340] bcachefs (loop1): done starting filesystem
[  133.433905][ T6323] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  133.439398][ T6323] BTRFS error (device loop0): open_ctree failed: -12
[  134.453082][ T6392] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  135.004334][ T5855] bcachefs (loop1): shutting down
[  135.117199][ T5855] bcachefs (loop1): going read-only
[  135.147344][ T5855] bcachefs (loop1): finished waiting for writes to stop
[  135.171194][ T5855] bcachefs (loop1): flushing journal and stopping allocators, journal seq 3
[  135.246471][ T5855] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[  135.269898][ T5855] bcachefs (loop1): clean shutdown complete, journal seq 4
[  135.300520][ T5855] bcachefs (loop1): marking filesystem clean
[  135.374106][ T5855] bcachefs (loop1): shutdown complete
[  135.639107][ T6390] loop4: detected capacity change from 0 to 32768
[  135.672341][ T6390] bcachefs (/dev/loop4): error validating superblock: Invalid superblock layout: too many superblocks
[  135.684677][ T6390] bcachefs: bch2_fs_get_tree() error: invalid_sb_layout_nr_superblocks
[  135.961053][ T6409] netlink: 8 bytes leftover after parsing attributes in process `syz.4.122'.
[  136.044119][ T6404] loop3: detected capacity change from 0 to 32768
[  136.129213][ T6404] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.120 (6404)
[  136.214607][ T6404] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  136.282609][ T6404] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  136.315741][ T6404] BTRFS info (device loop3): using free-space-tree
[  136.839491][   T30] audit: type=1800 audit(1751802109.292:4): pid=6404 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.120" name="file1" dev="loop3" ino=260 res=0 errno=0
[  137.061374][ T5850] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  137.637709][ T6431] fuse: Unknown parameter './file0'
[  137.884876][ T6438] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  138.726813][ T6440] overlayfs: failed to resolve './file0': -2
[  143.057577][ T5920] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  143.229529][ T5920] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  143.247111][ T5920] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  143.276462][ T5920] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  143.303618][ T5920] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.347321][ T5920] usb 2-1: config 0 descriptor??
[  143.401087][ T5920] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  143.437498][ T5920] dvb-usb: bulk message failed: -22 (3/0)
[  143.484949][ T5920] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  143.509913][ T6452] loop0: detected capacity change from 0 to 32768
[  143.525974][ T5920] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  143.551989][ T6452] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.129 (6452)
[  143.684982][ T6456] loop3: detected capacity change from 0 to 32768
[  143.756346][ T5920] usb 2-1: media controller created
[  143.771270][ T5920] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  143.780715][ T6452] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  143.804134][ T6451] loop4: detected capacity change from 0 to 32768
[  143.815342][ T5920] dvb-usb: bulk message failed: -22 (6/0)
[  143.827332][ T6461] dvb-usb: bulk message failed: -22 (2/0)
[  143.836209][ T5920] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  143.838507][ T6452] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  143.863526][ T5920] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input5
[  143.886327][ T6452] BTRFS info (device loop0): disk space caching is enabled
[  143.919961][ T5920] dvb-usb: schedule remote query interval to 150 msecs.
[  143.927766][ T6456] JBD2: Ignoring recovery information on journal
[  143.936267][ T5920] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  143.978906][ T6452] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  144.045261][ T6460] loop2: detected capacity change from 0 to 32768
[  144.088862][ T5966] dvb-usb: bulk message failed: -22 (1/0)
[  144.095551][ T5966] dvb-usb: error while querying for an remote control event.
[  144.107396][ T6460] BTRFS info: device /dev/loop2 (7:2) using temp-fsid 9168adbf-3579-41fe-8a10-92e69dd53bd6
[  144.174609][ T6460] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.134 (6460)
[  144.271847][ T6456] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  144.282257][   T24] dvb-usb: bulk message failed: -22 (1/0)
[  144.298882][   T24] dvb-usb: error while querying for an remote control event.
[  144.397547][ T6460] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  144.468867][ T6452] BTRFS info (device loop0): rebuilding free space tree
[  144.476047][ T6460] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  144.488416][ T5966] dvb-usb: bulk message failed: -22 (1/0)
[  144.494185][ T5966] dvb-usb: error while querying for an remote control event.
[  144.534828][ T6460] BTRFS info (device loop2): using free-space-tree
[  144.650086][ T6452] BTRFS info (device loop0): disabling free space tree
[  144.732308][ T6452] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  144.740124][ T5966] dvb-usb: bulk message failed: -22 (1/0)
[  144.766495][ T5966] dvb-usb: error while querying for an remote control event.
[  144.806736][ T6452] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  144.876702][   T30] audit: type=1800 audit(1751802117.342:5): pid=6460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.134" name="file1" dev="loop2" ino=260 res=0 errno=0
[  144.890808][ T5850] ocfs2: Unmounting device (7,3) on (node local)
[  144.977313][ T5966] dvb-usb: bulk message failed: -22 (1/0)
[  145.003415][ T5966] dvb-usb: error while querying for an remote control event.
[  145.197307][ T5966] dvb-usb: bulk message failed: -22 (1/0)
[  145.240338][ T5966] dvb-usb: error while querying for an remote control event.
[  145.264361][ T5845] BTRFS info (device loop2): last unmount of filesystem 9168adbf-3579-41fe-8a10-92e69dd53bd6
[  145.437387][ T5966] dvb-usb: bulk message failed: -22 (1/0)
[  145.443170][ T5966] dvb-usb: error while querying for an remote control event.
[  145.468456][ T5840] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  145.580982][ T6500] fuse: Unknown parameter './file0'
[  145.647850][ T5966] dvb-usb: bulk message failed: -22 (1/0)
[  145.653625][ T5966] dvb-usb: error while querying for an remote control event.
[  145.812913][   T10] usb 2-1: USB disconnect, device number 3
[  146.062205][   T10] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  146.523817][ T6511] loop0: detected capacity change from 0 to 32768
[  146.647841][ T6511] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  146.647859][ T6511]   allowing incompatible features above 0.0: (unknown version)
[  146.647867][ T6511]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  146.692879][ T6511] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  146.701080][ T6511] bcachefs (loop0): initializing new filesystem
[  146.712668][ T6511] bcachefs (loop0): going read-write
[  146.781544][ T6511] bcachefs (loop0): marking superblocks
[  146.793858][ T6511] bcachefs (loop0): initializing freespace
[  146.801490][ T6511] bcachefs (loop0): done initializing freespace
[  146.809193][ T6511] bcachefs (loop0): reading snapshots table
[  146.815132][ T6511] bcachefs (loop0): reading snapshots done
[  146.865595][ T6511] bcachefs (loop0): done starting filesystem
[  147.415810][ T6502] loop3: detected capacity change from 0 to 32768
[  147.426763][ T6502] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.135 (6502)
[  147.577252][ T6502] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  147.596278][ T5840] bcachefs (loop0): shutting down
[  147.627162][ T5840] bcachefs (loop0): going read-only
[  147.632418][ T5840] bcachefs (loop0): finished waiting for writes to stop
[  147.659172][ T6502] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  147.697579][ T6502] BTRFS info (device loop3): using free-space-tree
[  147.740771][ T5840] bcachefs (loop0): flushing journal and stopping allocators, journal seq 3
[  147.848759][ T5840] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3
[  147.915401][ T5840] bcachefs (loop0): clean shutdown complete, journal seq 4
[  147.952306][ T5840] bcachefs (loop0): marking filesystem clean
[  148.057268][ T5840] bcachefs (loop0): shutdown complete
[  148.177708][ T6514] loop1: detected capacity change from 0 to 32768
[  148.197571][ T5934] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  148.372256][ T5934] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  148.410600][ T5934] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  148.427627][ T5934] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  148.455358][ T5934] usb 5-1: New USB device found, idVendor=1532, idProduct=011d, bcdDevice= 0.00
[  148.477717][ T5934] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.499688][ T5934] usb 5-1: config 0 descriptor??
[  148.511629][ T6542] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  148.596132][ T5850] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  148.967180][ T5934] hid-rmi 0003:1532:011D.0001: unknown main item tag 0x3
[  148.974515][ T5934] hid-rmi 0003:1532:011D.0001: item fetching failed at offset 4/5
[  148.993317][ T5934] hid-rmi 0003:1532:011D.0001: parse failed
[  149.012984][ T5934] hid-rmi 0003:1532:011D.0001: probe with driver hid-rmi failed with error -22
[  149.058682][ T6514] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow
[  149.058710][ T6514]   allowing incompatible features above 0.0: (unknown version)
[  149.058723][ T6514]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  149.104071][ T6514] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  149.120169][ T6514] bcachefs (loop1): recovering from clean shutdown, journal seq 10
[  149.129971][ T6514] bcachefs (loop1): Version upgrade required:
[  149.129971][ T6514] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  149.129971][ T6514] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  149.129971][ T6514]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  149.248609][ T6514] bcachefs (loop1): dropping and reconstructing all alloc info
[  149.348924][ T6514] bcachefs (loop1): accounting_read... done
[  149.378408][ T6514] bcachefs (loop1): alloc_read... done
[  149.384310][ T6514] bcachefs (loop1): snapshots_read... done
[  149.408329][ T6514] bcachefs (loop1): done starting filesystem
[  149.665763][ T5855] bcachefs (loop1): shutting down
[  150.376036][ T5855] bcachefs (loop1): shutdown complete
[  150.439616][ T6567] loop2: detected capacity change from 0 to 128
[  150.475113][ T6567] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  150.736221][ T6555] loop3: detected capacity change from 0 to 32768
[  150.844993][ T6555] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  150.947527][ T5956] usb 5-1: USB disconnect, device number 2
[  151.006166][ T6555] XFS (loop3): Ending clean mount
[  151.048307][ T6565] loop0: detected capacity change from 0 to 32768
[  151.054301][ T6555] XFS (loop3): Quotacheck needed: Please wait.
[  151.093430][ T6565] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.143 (6565)
[  151.185964][ T6555] XFS (loop3): Quotacheck: Done.
[  151.238380][ T6565] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  151.269430][ T6565] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  151.327152][ T6565] BTRFS info (device loop0): using free-space-tree
[  151.349945][   T30] audit: type=1800 audit(1751802123.822:6): pid=6555 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.146" name="file1" dev="loop3" ino=9286 res=0 errno=0
[  151.572754][ T5850] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  151.588065][ T6565] BTRFS info (device loop0): rebuilding free space tree
[  152.532621][ T5840] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  153.634347][ T6620] overlayfs: failed to resolve './file0': -2
[  154.105087][ T6623] fuse: Bad value for 'group_id'
[  154.115534][ T6623] fuse: Bad value for 'group_id'
[  154.690810][ T6632] fuseblk: Bad value for 'fd'
[  155.437367][ T6640] netlink: 'syz.4.161': attribute type 3 has an invalid length.
[  155.473165][ T6637] loop0: detected capacity change from 0 to 32768
[  155.482925][ T6637] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.164 (6637)
[  155.510170][ T6637] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  155.520435][ T6637] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  155.529112][ T6637] BTRFS info (device loop0): using free-space-tree
[  155.787267][   T24] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  155.842188][ T6637] fs-verity: sha512 using implementation "sha512-lib"
[  155.850904][ T6637] BTRFS info (device loop0): setting compat-ro feature flag for VERITY (0x4)
[  155.976018][   T24] usb 3-1: Using ep0 maxpacket: 16
[  156.002415][   T24] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  156.079898][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  156.148902][   T24] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  156.159545][ T5840] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  156.172844][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.204998][   T24] usb 3-1: Product: syz
[  156.222935][   T24] usb 3-1: Manufacturer: syz
[  156.245053][   T24] usb 3-1: SerialNumber: syz
[  156.289599][   T24] usb 3-1: config 0 descriptor??
[  156.358453][   T24] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  156.402779][   T24] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[  156.759471][ T6668] loop3: detected capacity change from 0 to 128
[  156.805370][ T6668] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  156.961854][   T24] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  156.998231][   T24] em28xx 3-1:0.0: Config register raw data: 0x6e
[  157.004715][   T24] em28xx 3-1:0.0: I2S Audio (1 sample rate(s))
[  157.082394][   T24] em28xx 3-1:0.0: No AC97 audio processor
[  157.141322][ T6670] loop0: detected capacity change from 0 to 40427
[  157.371821][ T6670] F2FS-fs (loop0): invalid crc value
[  157.389095][ T6672] loop4: detected capacity change from 0 to 2048
[  157.510974][ T6670] F2FS-fs (loop0): Start checkpoint disabled!
[  157.533255][ T6670] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  157.994272][   T24] usb 3-1: USB disconnect, device number 2
[  158.438960][   T30] audit: type=1800 audit(1751802130.912:7): pid=6672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.170" name="file1" dev="loop4" ino=1048666 res=0 errno=0
[  158.543142][ T6634] kworker/u8:10: attempt to access beyond end of device
[  158.543142][ T6634] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  158.580710][ T6634] CPU: 0 UID: 0 PID: 6634 Comm: kworker/u8:10 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  158.580738][ T6634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  158.580751][ T6634] Workqueue: writeback wb_workfn (flush-7:0)
[  158.580792][ T6634] Call Trace:
[  158.580800][ T6634]  <TASK>
[  158.580808][ T6634]  dump_stack_lvl+0x189/0x250
[  158.580836][ T6634]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.580856][ T6634]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  158.580880][ T6634]  ? __pfx_queue_work_on+0x10/0x10
[  158.580902][ T6634]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  158.580924][ T6634]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  158.580949][ T6634]  ? f2fs_hw_is_readonly+0x39b/0x470
[  158.580984][ T6634]  f2fs_handle_critical_error+0x37c/0x540
[  158.581019][ T6634]  f2fs_write_end_io+0x495/0x810
[  158.581038][ T6634]  ? blkg_put+0x22/0x240
[  158.581074][ T6634]  __submit_merged_bio+0x27a/0x6a0
[  158.581108][ T6634]  __submit_merged_write_cond+0x255/0x530
[  158.581145][ T6634]  f2fs_write_data_pages+0x261d/0x3000
[  158.581201][ T6634]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  158.581306][ T6634]  ? f2fs_write_meta_pages+0x357/0x450
[  158.581337][ T6634]  ? __lock_acquire+0xab9/0xd20
[  158.581370][ T6634]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  158.581392][ T6634]  do_writepages+0x32e/0x550
[  158.581426][ T6634]  ? reacquire_held_locks+0x127/0x1d0
[  158.581446][ T6634]  ? writeback_sb_inodes+0x384/0x1010
[  158.581476][ T6634]  __writeback_single_inode+0x145/0xff0
[  158.581498][ T6634]  ? do_raw_spin_unlock+0x122/0x240
[  158.581527][ T6634]  writeback_sb_inodes+0x6c7/0x1010
[  158.581576][ T6634]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  158.581642][ T6634]  ? rcu_is_watching+0x15/0xb0
[  158.581671][ T6634]  wb_writeback+0x43b/0xaf0
[  158.581701][ T6634]  ? queue_io+0x3d1/0x590
[  158.581725][ T6634]  ? __pfx_wb_writeback+0x10/0x10
[  158.581755][ T6634]  ? _raw_spin_unlock_irq+0x23/0x50
[  158.581783][ T6634]  wb_workfn+0x409/0xef0
[  158.581828][ T6634]  ? __pfx_wb_workfn+0x10/0x10
[  158.581861][ T6634]  ? __lock_acquire+0xab9/0xd20
[  158.581900][ T6634]  ? process_scheduled_works+0x9ef/0x17b0
[  158.581926][ T6634]  ? _raw_spin_unlock_irq+0x23/0x50
[  158.581947][ T6634]  ? process_scheduled_works+0x9ef/0x17b0
[  158.581964][ T6634]  ? process_scheduled_works+0x9ef/0x17b0
[  158.581985][ T6634]  process_scheduled_works+0xae1/0x17b0
[  158.582035][ T6634]  ? __pfx_process_scheduled_works+0x10/0x10
[  158.582073][ T6634]  worker_thread+0x8a0/0xda0
[  158.582095][ T6634]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  158.582127][ T6634]  ? __kthread_parkme+0x7b/0x200
[  158.582157][ T6634]  kthread+0x70e/0x8a0
[  158.582184][ T6634]  ? __pfx_worker_thread+0x10/0x10
[  158.582202][ T6634]  ? __pfx_kthread+0x10/0x10
[  158.582227][ T6634]  ? _raw_spin_unlock_irq+0x23/0x50
[  158.582248][ T6634]  ? lockdep_hardirqs_on+0x9c/0x150
[  158.582270][ T6634]  ? __pfx_kthread+0x10/0x10
[  158.582295][ T6634]  ret_from_fork+0x3fc/0x770
[  158.582317][ T6634]  ? __pfx_ret_from_fork+0x10/0x10
[  158.582342][ T6634]  ? __switch_to_asm+0x39/0x70
[  158.582365][ T6634]  ? __switch_to_asm+0x33/0x70
[  158.582387][ T6634]  ? __pfx_kthread+0x10/0x10
[  158.582417][ T6634]  ret_from_fork_asm+0x1a/0x30
[  158.582459][ T6634]  </TASK>
[  158.582467][ T6634] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  158.927656][ T6634] CPU: 0 UID: 0 PID: 6634 Comm: kworker/u8:10 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  158.927685][ T6634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  158.927698][ T6634] Workqueue: writeback wb_workfn (flush-7:0)
[  158.927735][ T6634] Call Trace:
[  158.927743][ T6634]  <TASK>
[  158.927751][ T6634]  dump_stack_lvl+0x189/0x250
[  158.927780][ T6634]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.927800][ T6634]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  158.927824][ T6634]  ? __pfx_queue_work_on+0x10/0x10
[  158.927847][ T6634]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  158.927870][ T6634]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  158.927895][ T6634]  ? f2fs_hw_is_readonly+0x39b/0x470
[  158.927933][ T6634]  f2fs_handle_critical_error+0x37c/0x540
[  158.927971][ T6634]  f2fs_write_end_io+0x495/0x810
[  158.927991][ T6634]  ? blkg_put+0x22/0x240
[  158.928030][ T6634]  __submit_merged_bio+0x27a/0x6a0
[  158.928068][ T6634]  __submit_merged_write_cond+0x255/0x530
[  158.928107][ T6634]  f2fs_write_data_pages+0x261d/0x3000
[  158.928171][ T6634]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  158.928294][ T6634]  ? f2fs_write_meta_pages+0x357/0x450
[  158.928334][ T6634]  ? __lock_acquire+0xab9/0xd20
[  158.928368][ T6634]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  158.928391][ T6634]  do_writepages+0x32e/0x550
[  158.928420][ T6634]  ? reacquire_held_locks+0x127/0x1d0
[  158.928439][ T6634]  ? writeback_sb_inodes+0x384/0x1010
[  158.928472][ T6634]  __writeback_single_inode+0x145/0xff0
[  158.928495][ T6634]  ? do_raw_spin_unlock+0x122/0x240
[  158.928525][ T6634]  writeback_sb_inodes+0x6c7/0x1010
[  158.928580][ T6634]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  158.928656][ T6634]  ? rcu_is_watching+0x15/0xb0
[  158.928688][ T6634]  wb_writeback+0x43b/0xaf0
[  158.928720][ T6634]  ? queue_io+0x3d1/0x590
[  158.928746][ T6634]  ? __pfx_wb_writeback+0x10/0x10
[  158.928779][ T6634]  ? _raw_spin_unlock_irq+0x23/0x50
[  158.928808][ T6634]  wb_workfn+0x409/0xef0
[  158.928857][ T6634]  ? __pfx_wb_workfn+0x10/0x10
[  158.928892][ T6634]  ? __lock_acquire+0xab9/0xd20
[  158.928934][ T6634]  ? process_scheduled_works+0x9ef/0x17b0
[  158.928960][ T6634]  ? _raw_spin_unlock_irq+0x23/0x50
[  158.928981][ T6634]  ? process_scheduled_works+0x9ef/0x17b0
[  158.928998][ T6634]  ? process_scheduled_works+0x9ef/0x17b0
[  158.929020][ T6634]  process_scheduled_works+0xae1/0x17b0
[  158.929077][ T6634]  ? __pfx_process_scheduled_works+0x10/0x10
[  158.929119][ T6634]  worker_thread+0x8a0/0xda0
[  158.929142][ T6634]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  158.929177][ T6634]  ? __kthread_parkme+0x7b/0x200
[  158.929210][ T6634]  kthread+0x70e/0x8a0
[  158.929238][ T6634]  ? __pfx_worker_thread+0x10/0x10
[  158.929257][ T6634]  ? __pfx_kthread+0x10/0x10
[  158.929283][ T6634]  ? _raw_spin_unlock_irq+0x23/0x50
[  158.929304][ T6634]  ? lockdep_hardirqs_on+0x9c/0x150
[  158.929330][ T6634]  ? __pfx_kthread+0x10/0x10
[  158.929356][ T6634]  ret_from_fork+0x3fc/0x770
[  158.929379][ T6634]  ? __pfx_ret_from_fork+0x10/0x10
[  158.929406][ T6634]  ? __switch_to_asm+0x39/0x70
[  158.929428][ T6634]  ? __switch_to_asm+0x33/0x70
[  158.929450][ T6634]  ? __pfx_kthread+0x10/0x10
[  158.929474][ T6634]  ret_from_fork_asm+0x1a/0x30
[  158.929520][ T6634]  </TASK>
[  158.929528][ T6634] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  159.372327][ T6685] loop2: detected capacity change from 0 to 32768
[  159.565956][ T6685] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  159.565985][ T6685]   allowing incompatible features above 0.0: (unknown version)
[  159.565997][ T6685]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  159.613084][ T6685] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  159.621440][ T6685] bcachefs (loop2): initializing new filesystem
[  159.636433][ T6685] bcachefs (loop2): going read-write
[  159.644777][ T6697] loop4: detected capacity change from 0 to 4096
[  159.666789][ T6697] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  159.721388][ T6697] ntfs3(loop4): $UpCase is corrupted.
[  159.767243][ T6685] bcachefs (loop2): marking superblocks
[  159.781111][ T6685] bcachefs (loop2): initializing freespace
[  159.790000][ T6685] bcachefs (loop2): done initializing freespace
[  159.802303][ T6685] bcachefs (loop2): reading snapshots table
[  159.808323][ T6685] bcachefs (loop2): reading snapshots done
[  159.898123][ T6685] bcachefs (loop2): done starting filesystem
[  161.913748][ T6706] loop1: detected capacity change from 0 to 32768
[  161.931090][ T6706] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.176 (6706)
[  162.147515][ T5845] bcachefs (loop2): shutting down
[  162.152586][ T5845] bcachefs (loop2): going read-only
[  162.222873][ T5845] bcachefs (loop2): finished waiting for writes to stop
[  162.231390][ T6708] loop3: detected capacity change from 0 to 256
[  162.243469][ T6708] vfat: Unknown parameter 'rodiò'
[  162.256441][ T6706] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  162.308332][ T6706] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  162.316940][ T6706] BTRFS info (device loop1): using free-space-tree
[  162.341435][ T5845] bcachefs (loop2): flushing journal and stopping allocators, journal seq 4
[  162.399874][ T5845] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 4
[  162.513764][ T5845] bcachefs (loop2): clean shutdown complete, journal seq 5
[  162.531638][ T5845] bcachefs (loop2): marking filesystem clean
[  163.201555][ T5845] bcachefs (loop2): shutdown complete
[  163.642129][ T6740] netlink: 'syz.3.180': attribute type 3 has an invalid length.
[  163.738526][ T6741] overlayfs: failed to resolve './file0': -2
[  165.705197][ T6749] loop0: detected capacity change from 0 to 2048
[  166.033569][ T6752] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  166.982513][ T6758] overlayfs: upper fs does not support tmpfile.
[  166.990380][ T6758] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  166.997423][ T6758] overlayfs: failed to set xattr on upper
[  167.003123][ T6758] overlayfs: ...falling back to redirect_dir=nofollow.
[  167.011369][ T6758] overlayfs: ...falling back to index=off.
[  167.018751][ T6758] overlayfs: ...falling back to uuid=null.
[  167.024637][ T6758] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  167.424406][ T6763] loop4: detected capacity change from 0 to 2048
[  168.958727][ T5840] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 8796093022222
[  168.987840][ T5840] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=16)
[  169.061079][ T5840] Remounting filesystem read-only
[  169.081288][ T5840] NILFS (loop0): error -5 truncating bmap (ino=16)
[  169.105109][ T6763] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.138352][ T5840] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer
[  169.229953][ T6762] EXT4-fs (loop4): Online resizing not supported with bigalloc
[  169.434158][ T5851] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.783670][ T5855] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  171.277175][ T5966] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  171.421411][ T6777] loop0: detected capacity change from 0 to 32768
[  171.477348][ T5920] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  171.495335][ T6777] btrfs: Unknown parameter 'inode_cache'
[  171.504331][ T5966] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  171.529228][ T5966] usb 5-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  171.612424][ T5966] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.753541][ T5920] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  172.074722][ T5920] usb 2-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  172.109159][ T5920] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.127961][ T5920] usb 2-1: Product: syz
[  172.132169][ T5920] usb 2-1: Manufacturer: syz
[  172.136765][ T5920] usb 2-1: SerialNumber: syz
[  172.230559][ T5966] gspca_main: stv0680-2.14.0 probing 041e:4007
[  172.244952][ T6780] loop2: detected capacity change from 0 to 40427
[  172.256320][ T6777] sp0: Synchronizing with TNC
[  172.288702][ T5920] usb 2-1: config 0 descriptor??
[  172.317043][ T5920] ums-isd200 2-1:0.0: USB Mass Storage device detected
[  172.332281][ T6780] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  172.364718][ T6780] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  172.399552][ T6780] F2FS-fs (loop2): build fault injection rate: 17008
[  172.407629][ T6780] F2FS-fs (loop2): build fault injection type: 0x6
[  172.435780][ T6780] F2FS-fs (loop2): build fault injection type: 0x5
[  172.467486][ T6780] F2FS-fs (loop2): invalid crc value
[  172.812621][ T6780] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  172.822632][ T6792] loop1: detected capacity change from 0 to 32768
[  172.830095][ T6792] XFS: ikeep mount option is deprecated.
[  172.830143][ T6780] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  172.957860][ T6792] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  172.990568][ T6780] syz.2.178: attempt to access beyond end of device
[  172.990568][ T6780] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  173.074552][ T6780] CPU: 0 UID: 0 PID: 6780 Comm: syz.2.178 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  173.074583][ T6780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  173.074595][ T6780] Call Trace:
[  173.074602][ T6780]  <TASK>
[  173.074611][ T6780]  dump_stack_lvl+0x189/0x250
[  173.074643][ T6780]  ? __pfx_dump_stack_lvl+0x10/0x10
[  173.074663][ T6780]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  173.074687][ T6780]  ? __pfx_queue_work_on+0x10/0x10
[  173.074709][ T6780]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  173.074736][ T6780]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  173.074762][ T6780]  ? f2fs_hw_is_readonly+0x39b/0x470
[  173.074799][ T6780]  f2fs_handle_critical_error+0x37c/0x540
[  173.074838][ T6780]  f2fs_write_end_io+0x495/0x810
[  173.074858][ T6780]  ? blkg_put+0x22/0x240
[  173.074891][ T6780]  __submit_merged_bio+0x27a/0x6a0
[  173.074925][ T6780]  __submit_merged_write_cond+0x255/0x530
[  173.074960][ T6780]  f2fs_write_data_pages+0x261d/0x3000
[  173.075013][ T6780]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  173.075082][ T6780]  ? check_path+0x21/0x40
[  173.075101][ T6780]  ? check_noncircular+0xe0/0x160
[  173.075181][ T6780]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  173.075203][ T6780]  do_writepages+0x32e/0x550
[  173.075238][ T6780]  ? do_raw_spin_unlock+0x122/0x240
[  173.075268][ T6780]  filemap_fdatawrite+0x199/0x240
[  173.075293][ T6780]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  173.075367][ T6780]  ? do_raw_spin_unlock+0x122/0x240
[  173.075394][ T6780]  f2fs_sync_dirty_inodes+0x31f/0x830
[  173.075432][ T6780]  f2fs_write_checkpoint+0x95a/0x1df0
[  173.075480][ T6780]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  173.075547][ T6780]  ? down_write+0x162/0x1f0
[  173.075575][ T6780]  ? __pfx_down_write+0x10/0x10
[  173.075615][ T6780]  f2fs_issue_checkpoint+0x3ac/0x570
[  173.075642][ T6780]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  173.075665][ T6780]  ? __lock_acquire+0xab9/0xd20
[  173.075714][ T6780]  ? __up_read+0x280/0x680
[  173.075746][ T6780]  ? f2fs_sync_fs+0x200/0x3d0
[  173.075778][ T6780]  f2fs_do_sync_file+0x869/0x1860
[  173.075812][ T6780]  ? __pfx_f2fs_do_sync_file+0x10/0x10
[  173.075875][ T6780]  ? __mark_inode_dirty+0x3ab/0xdf0
[  173.075911][ T6780]  ? vfs_fsync_range+0x149/0x1c0
[  173.075938][ T6780]  ? f2fs_sync_file+0xe9/0x160
[  173.075965][ T6780]  f2fs_file_write_iter+0x74d/0x2410
[  173.076016][ T6780]  ? __pfx_f2fs_file_write_iter+0x10/0x10
[  173.076039][ T6780]  ? rcu_read_lock_any_held+0xb3/0x120
[  173.076081][ T6780]  vfs_write+0x548/0xa90
[  173.076110][ T6780]  ? __pfx_f2fs_file_write_iter+0x10/0x10
[  173.076144][ T6780]  ? __pfx_vfs_write+0x10/0x10
[  173.076179][ T6780]  ? __fget_files+0x2a/0x420
[  173.076217][ T6780]  ksys_write+0x145/0x250
[  173.076240][ T6780]  ? __pfx_ksys_write+0x10/0x10
[  173.076257][ T6780]  ? rcu_is_watching+0x15/0xb0
[  173.076283][ T6780]  ? do_syscall_64+0xbe/0x3b0
[  173.076316][ T6780]  do_syscall_64+0xfa/0x3b0
[  173.076339][ T6780]  ? lockdep_hardirqs_on+0x9c/0x150
[  173.076364][ T6780]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.076384][ T6780]  ? clear_bhb_loop+0x60/0xb0
[  173.076409][ T6780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.076428][ T6780] RIP: 0033:0x7f2e7b38e929
[  173.076462][ T6780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.076479][ T6780] RSP: 002b:00007f2e7c2b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  173.076499][ T6780] RAX: ffffffffffffffda RBX: 00007f2e7b5b5fa0 RCX: 00007f2e7b38e929
[  173.076512][ T6780] RDX: 0000000000000010 RSI: 0000200000000200 RDI: 0000000000000004
[  173.076523][ T6780] RBP: 00007f2e7b410b39 R08: 0000000000000000 R09: 0000000000000000
[  173.076533][ T6780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  173.076544][ T6780] R13: 0000000000000000 R14: 00007f2e7b5b5fa0 R15: 00007ffc1ba2ea78
[  173.076574][ T6780]  </TASK>
[  173.453924][ T6780] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  173.507328][ T5966] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -32
[  173.515558][ T5966] stv0680 5-1:4.0: STV(e): camera ping failed!!
[  173.577361][ T5966] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  173.585585][ T5966] stv0680 5-1:4.0: last error: 0,  command = 0x0
[  173.653683][ T5966] usb 5-1: USB disconnect, device number 3
[  173.723443][ T6792] XFS (loop1): Ending clean mount
[  173.737979][ T6792] XFS (loop1): Quotacheck needed: Please wait.
[  173.784974][ T6792] XFS (loop1): Quotacheck: Done.
[  175.142652][   T30] audit: type=1800 audit(1751802147.602:8): pid=6823 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.189" name="file1" dev="loop1" ino=9286 res=0 errno=0
[  175.376036][ T5934] usb 2-1: USB disconnect, device number 4
[  175.433704][ T5855] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  176.170609][ T6843] netlink: 'syz.2.196': attribute type 1 has an invalid length.
[  177.159066][ T6836] loop0: detected capacity change from 0 to 32768
[  177.404042][ T6836] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow
[  177.404070][ T6836]   allowing incompatible features above 0.0: (unknown version)
[  177.404082][ T6836]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  177.509107][ T6836] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  177.559733][ T6836] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  177.599997][ T6836] bcachefs (loop0): Version upgrade required:
[  177.599997][ T6836] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  177.599997][ T6836] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  177.599997][ T6836]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  177.707853][ T6836] bcachefs (loop0): dropping and reconstructing all alloc info
[  177.761707][ T6836] bcachefs (loop0): accounting_read... done
[  177.783936][ T6836] bcachefs (loop0): alloc_read... done
[  177.802465][ T6836] bcachefs (loop0): snapshots_read... done
[  177.831735][ T6878] bridge_slave_0: left allmulticast mode
[  177.838417][ T6836] bcachefs (loop0): done starting filesystem
[  177.878933][ T6878] bridge_slave_0: left promiscuous mode
[  177.886418][ T6878] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.977500][ T6880] netlink: 'syz.3.212': attribute type 10 has an invalid length.
[  178.042934][ T5840] bcachefs (loop0): shutting down
[  178.063985][ T6878] bridge_slave_1: left allmulticast mode
[  178.104022][ T6878] bridge_slave_1: left promiscuous mode
[  178.137396][ T6878] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.181770][ T5840] bcachefs (loop0): shutdown complete
[  178.258617][ T6878] bond0: (slave bond_slave_0): Releasing backup interface
[  178.308248][ T6878] bond0: (slave bond_slave_1): Releasing backup interface
[  178.464778][ T6878] team0: Port device team_slave_0 removed
[  178.478389][ T6874] loop1: detected capacity change from 0 to 40427
[  178.563297][ T6878] team0: Port device team_slave_1 removed
[  178.574346][ T6876] loop4: detected capacity change from 0 to 32768
[  178.589154][ T6878] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  178.600922][   T10] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  178.612267][ T6876] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.214 (6876)
[  178.627471][ T6878] batman_adv: batadv0: Removing interface: batadv_slave_0
[  178.636411][ T6874] F2FS-fs (loop1): invalid crc value
[  178.679933][ T6878] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  178.691853][ T6876] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  178.711808][ T6878] batman_adv: batadv0: Removing interface: batadv_slave_1
[  178.732772][ T6876] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  178.775320][ T6876] BTRFS info (device loop4): using free-space-tree
[  178.778493][   T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  178.822997][ T5966] lo speed is unknown, defaulting to 1000
[  178.827112][   T10] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  178.860865][   T10] usb 3-1: New USB device found, idVendor=03f0, idProduct=2101, bcdDevice=80.cc
[  178.877144][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.895936][   T10] usb 3-1: Product: syz
[  178.904936][   T10] usb 3-1: Manufacturer: syz
[  178.921304][   T10] usb 3-1: SerialNumber: syz
[  178.932413][   T10] usb 3-1: config 0 descriptor??
[  179.015005][ T6876] BTRFS info (device loop4): rebuilding free space tree
[  179.047653][ T6874] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  179.182278][ T5956] usb 3-1: USB disconnect, device number 3
[  179.194732][ T6905] F2FS-fs (loop1): Inconsistent segment (8) type [1, 0] in SSA and SIT
[  179.212408][ T6880] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  179.303121][ T6905] CPU: 1 UID: 0 PID: 6905 Comm: syz.1.213 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  179.303150][ T6905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  179.303162][ T6905] Call Trace:
[  179.303170][ T6905]  <TASK>
[  179.303178][ T6905]  dump_stack_lvl+0x189/0x250
[  179.303212][ T6905]  ? __pfx_dump_stack_lvl+0x10/0x10
[  179.303235][ T6905]  ? __pfx_queue_work_on+0x10/0x10
[  179.303255][ T6905]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  179.303280][ T6905]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  179.303318][ T6905]  ? f2fs_hw_is_readonly+0x39b/0x470
[  179.303352][ T6905]  f2fs_handle_critical_error+0x37c/0x540
[  179.303390][ T6905]  do_garbage_collect+0xec8/0x64b0
[  179.303418][ T6905]  ? __pfx___mutex_trylock_common+0x10/0x10
[  179.303444][ T6905]  ? rcu_is_watching+0x15/0xb0
[  179.303513][ T6905]  ? __pfx_do_garbage_collect+0x10/0x10
[  179.303535][ T6905]  ? f2fs_get_victim+0x504b/0x56e0
[  179.303620][ T6905]  ? up_write+0x1c4/0x420
[  179.303646][ T6905]  f2fs_gc+0xc87/0x2590
[  179.303698][ T6905]  ? __pfx_f2fs_gc+0x10/0x10
[  179.303747][ T6905]  f2fs_expand_inode_data+0x53d/0xa60
[  179.303792][ T6905]  ? __pfx_f2fs_expand_inode_data+0x10/0x10
[  179.303825][ T6905]  ? do_raw_spin_unlock+0x122/0x240
[  179.303854][ T6905]  ? file_modified_flags+0x4bb/0x560
[  179.303880][ T6905]  f2fs_fallocate+0x4f5/0x990
[  179.303911][ T6905]  vfs_fallocate+0x6a0/0x830
[  179.303936][ T6905]  ? __pfx_vfs_fallocate+0x10/0x10
[  179.303965][ T6905]  file_ioctl+0x611/0x780
[  179.303983][ T6905]  ? finish_task_switch+0x266/0x950
[  179.304008][ T6905]  ? __pfx_file_ioctl+0x10/0x10
[  179.304030][ T6905]  ? rcu_is_watching+0x15/0xb0
[  179.304049][ T6905]  ? trace_sched_exit_tp+0x38/0x120
[  179.304072][ T6905]  ? __schedule+0x1713/0x4d00
[  179.304106][ T6905]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  179.304137][ T6905]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  179.304161][ T6905]  ? preempt_schedule_irq+0xb5/0x150
[  179.304186][ T6905]  do_vfs_ioctl+0xb33/0x1430
[  179.304207][ T6905]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  179.304244][ T6905]  ? rcu_is_watching+0x15/0xb0
[  179.304264][ T6905]  ? trace_irq_disable+0x37/0x110
[  179.304289][ T6905]  ? preempt_schedule_irq+0xde/0x150
[  179.304322][ T6905]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  179.304355][ T6905]  ? irqentry_exit+0x74/0x90
[  179.304374][ T6905]  ? lockdep_hardirqs_on+0x9c/0x150
[  179.304404][ T6905]  ? __se_sys_ioctl+0x52/0x170
[  179.304426][ T6905]  __se_sys_ioctl+0x82/0x170
[  179.304448][ T6905]  do_syscall_64+0xfa/0x3b0
[  179.304472][ T6905]  ? lockdep_hardirqs_on+0x9c/0x150
[  179.304494][ T6905]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.304512][ T6905]  ? clear_bhb_loop+0x60/0xb0
[  179.304535][ T6905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.304552][ T6905] RIP: 0033:0x7f5639d8e929
[  179.304569][ T6905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  179.304584][ T6905] RSP: 002b:00007f563ac6d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  179.304603][ T6905] RAX: ffffffffffffffda RBX: 00007f5639fb6080 RCX: 00007f5639d8e929
[  179.304617][ T6905] RDX: 00002000000000c0 RSI: 0000000040305828 RDI: 0000000000000004
[  179.304629][ T6905] RBP: 00007f5639e10b39 R08: 0000000000000000 R09: 0000000000000000
[  179.304640][ T6905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  179.304650][ T6905] R13: 0000000000000000 R14: 00007f5639fb6080 R15: 00007ffd7c16bd08
[  179.304680][ T6905]  </TASK>
[  179.304717][ T6905] F2FS-fs (loop1): Stopped filesystem due to reason: 4
[  179.853869][ T6876] BTRFS info (device loop4): balance: start -s
[  179.861003][ T6876] BTRFS info (device loop4): left=0, need=98304, flags=2
[  179.869529][ T6876] BTRFS info (device loop4): space_info SYSTEM (sub-group id 0) has 0 free, is not full
[  179.879613][ T6876] BTRFS info (device loop4): space_info total=4194304, used=4096, pinned=0, reserved=0, may_use=0, readonly=4190208 zone_unusable=0
[  179.893298][ T6876] BTRFS info (device loop4): global_block_rsv: size 1441792 reserved 1441792
[  179.902390][ T6876] BTRFS info (device loop4): trans_block_rsv: size 0 reserved 0
[  179.910084][ T6876] BTRFS info (device loop4): chunk_block_rsv: size 0 reserved 0
[  179.917771][ T6876] BTRFS info (device loop4): delayed_block_rsv: size 0 reserved 0
[  179.925597][ T6876] BTRFS info (device loop4): delayed_refs_rsv: size 0 reserved 0
[  179.940520][ T6876] BTRFS info (device loop4): relocating block group 1048576 flags system
[  180.012436][ T6876] BTRFS info (device loop4): balance: ended with status: 0
[  180.132686][ T5851] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  181.458687][ T5844] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  181.474501][ T5844] Bluetooth: hci2: Injecting HCI hardware error event
[  181.488372][ T5859] Bluetooth: hci2: hardware error 0x00
[  182.413650][ T6938] loop1: detected capacity change from 0 to 32768
[  182.457017][ T6938] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  182.465488][ T6938] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  182.494678][ T6938] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  182.506264][   T24] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  182.523674][   T24] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  182.643319][ T6942] netlink: 'syz.4.228': attribute type 3 has an invalid length.
[  182.669961][   T24] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 146ms
[  182.687805][   T24] gfs2: fsid=syz:syz.0: jid=0: Done
[  182.695686][ T6938] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  183.807137][ T5859] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  184.808111][ T6946] loop3: detected capacity change from 0 to 40427
[  184.879022][ T6946] F2FS-fs (loop3): invalid crc value
[  184.917231][   T24] usb 3-1: new low-speed USB device number 4 using dummy_hcd
[  185.093244][   T24] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  185.112000][   T24] usb 3-1: config 179 has no interface number 0
[  185.123407][ T6954] loop0: detected capacity change from 0 to 32768
[  185.134138][   T24] usb 3-1: config 179 interface 65 altsetting 0 has an endpoint descriptor with address 0xF7, changing to 0x87
[  185.155599][ T6954] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.216 (6954)
[  185.160471][   T24] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  185.183821][   T24] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x87 has invalid maxpacket 65535, setting to 8
[  185.265375][   T24] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 is Bulk; changing to Interrupt
[  185.323944][ T6946] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  185.327255][   T24] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  185.346153][ T6954] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  185.361162][ T6954] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  185.387309][   T24] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  185.394578][ T6954] BTRFS info (device loop0): disk space caching is enabled
[  185.396640][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.427380][ T6954] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  185.477431][ T6960] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  185.542788][ T6971] F2FS-fs (loop3): Inconsistent segment (8) type [1, 0] in SSA and SIT
[  185.553022][ T6960] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  185.654923][ T6971] CPU: 1 UID: 0 PID: 6971 Comm: syz.3.229 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  185.654954][ T6971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  185.654967][ T6971] Call Trace:
[  185.654976][ T6971]  <TASK>
[  185.654985][ T6971]  dump_stack_lvl+0x189/0x250
[  185.655020][ T6971]  ? __pfx_dump_stack_lvl+0x10/0x10
[  185.655044][ T6971]  ? __pfx_queue_work_on+0x10/0x10
[  185.655065][ T6971]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  185.655090][ T6971]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  185.655119][ T6971]  ? f2fs_hw_is_readonly+0x39b/0x470
[  185.655155][ T6971]  f2fs_handle_critical_error+0x37c/0x540
[  185.655194][ T6971]  do_garbage_collect+0xec8/0x64b0
[  185.655225][ T6971]  ? __pfx___mutex_trylock_common+0x10/0x10
[  185.655257][ T6971]  ? rcu_is_watching+0x15/0xb0
[  185.655340][ T6971]  ? __pfx_do_garbage_collect+0x10/0x10
[  185.655362][ T6971]  ? f2fs_get_victim+0x504b/0x56e0
[  185.655476][ T6971]  ? up_write+0x1c4/0x420
[  185.655506][ T6971]  f2fs_gc+0xc87/0x2590
[  185.655574][ T6971]  ? __pfx_f2fs_gc+0x10/0x10
[  185.655633][ T6971]  f2fs_expand_inode_data+0x53d/0xa60
[  185.655687][ T6971]  ? __pfx_f2fs_expand_inode_data+0x10/0x10
[  185.655723][ T6971]  ? do_raw_spin_unlock+0x122/0x240
[  185.655755][ T6971]  ? file_modified_flags+0x4bb/0x560
[  185.655785][ T6971]  f2fs_fallocate+0x4f5/0x990
[  185.655821][ T6971]  vfs_fallocate+0x6a0/0x830
[  185.655854][ T6971]  ? __pfx_vfs_fallocate+0x10/0x10
[  185.655903][ T6971]  file_ioctl+0x611/0x780
[  185.655929][ T6971]  ? __pfx_file_ioctl+0x10/0x10
[  185.655968][ T6971]  ? kasan_quarantine_put+0xdd/0x220
[  185.656005][ T6971]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  185.656038][ T6971]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  185.656072][ T6971]  do_vfs_ioctl+0xb33/0x1430
[  185.656096][ T6971]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  185.656136][ T6971]  ? __lock_acquire+0xab9/0xd20
[  185.656196][ T6971]  ? __fget_files+0x2a/0x420
[  185.656227][ T6971]  ? __fget_files+0x2a/0x420
[  185.656251][ T6971]  ? __fget_files+0x3a0/0x420
[  185.656276][ T6971]  ? __fget_files+0x2a/0x420
[  185.656306][ T6971]  ? bpf_lsm_file_ioctl+0x9/0x20
[  185.656333][ T6971]  __se_sys_ioctl+0x82/0x170
[  185.656359][ T6971]  do_syscall_64+0xfa/0x3b0
[  185.656386][ T6971]  ? lockdep_hardirqs_on+0x9c/0x150
[  185.656412][ T6971]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.656432][ T6971]  ? clear_bhb_loop+0x60/0xb0
[  185.656457][ T6971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.656473][ T6971] RIP: 0033:0x7fdea598e929
[  185.656490][ T6971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.656505][ T6971] RSP: 002b:00007fdea37d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  185.656524][ T6971] RAX: ffffffffffffffda RBX: 00007fdea5bb6080 RCX: 00007fdea598e929
[  185.656538][ T6971] RDX: 00002000000000c0 RSI: 0000000040305828 RDI: 0000000000000004
[  185.656552][ T6971] RBP: 00007fdea5a10b39 R08: 0000000000000000 R09: 0000000000000000
[  185.656564][ T6971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  185.656576][ T6971] R13: 0000000000000000 R14: 00007fdea5bb6080 R15: 00007ffdd31d93a8
[  185.656611][ T6971]  </TASK>
[  185.656619][ T6971] F2FS-fs (loop3): Stopped filesystem due to reason: 4
[  185.846002][   T10] usb 3-1: USB disconnect, device number 4
[  186.042830][ T6954] BTRFS info (device loop0): rebuilding free space tree
[  186.067519][ T6954] BTRFS info (device loop0): disabling free space tree
[  186.074786][ T6954] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  186.089002][ T6954] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  186.214649][   T30] audit: type=1800 audit(1751802158.682:9): pid=6954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.216" name="bus" dev="loop0" ino=265 res=0 errno=0
[  186.503624][ T5840] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  187.152983][ T6997] loop4: detected capacity change from 0 to 4096
[  187.240621][ T6997] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  188.946978][ T7000] loop1: detected capacity change from 0 to 40427
[  188.971185][ T7000] F2FS-fs (loop1): Invalid SB checksum offset: 0
[  188.999279][ T7000] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  189.198399][ T7000] F2FS-fs (loop1): invalid crc value
[  189.305381][ T7009] loop2: detected capacity change from 0 to 32768
[  189.418968][ T7037] loop3: detected capacity change from 0 to 16
[  189.441259][ T7037] 
: renamed from bond0 (while UP)
[  190.300170][ T7000] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  190.327176][ T7000] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  191.068308][ T7051] loop3: detected capacity change from 0 to 4096
[  191.097187][ T7051] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[  191.190562][ T7053] loop4: detected capacity change from 0 to 2048
[  191.911988][ T7056] loop1: detected capacity change from 0 to 4096
[  192.270537][ T7056] NILFS error (device loop1): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[  192.288804][ T7057] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  192.339396][ T7056] NILFS (loop1): mounting fs with errors
[  193.053030][   T30] audit: type=1800 audit(1751802165.522:10): pid=7064 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.259" name="file1" dev="loop4" ino=1048667 res=0 errno=0
[  193.561232][ T7067] loop0: detected capacity change from 0 to 32768
[  193.714602][ T7067] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  193.714631][ T7067]   allowing incompatible features above 0.0: (unknown version)
[  193.714652][ T7067]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  193.759516][ T7067] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  193.767758][ T7067] bcachefs (loop0): initializing new filesystem
[  193.782406][ T7067] bcachefs (loop0): going read-write
[  193.841421][ T7067] bcachefs (loop0): marking superblocks
[  193.855288][ T7067] bcachefs (loop0): initializing freespace
[  193.864145][ T7067] bcachefs (loop0): done initializing freespace
[  193.872958][ T7067] bcachefs (loop0): reading snapshots table
[  193.879153][ T7067] bcachefs (loop0): reading snapshots done
[  194.072541][ T7067] bcachefs (loop0): done starting filesystem
[  194.347536][ T7062] loop1: detected capacity change from 0 to 32768
[  194.372887][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  194.379644][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  194.426002][ T7062] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.261 (7062)
[  194.502572][ T7062] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  194.529284][ T7062] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  194.539108][ T7062] BTRFS info (device loop1): using free-space-tree
[  194.906907][ T5840] bcachefs (loop0): shutting down
[  194.941938][ T5840] bcachefs (loop0): going read-only
[  195.017278][ T5840] bcachefs (loop0): finished waiting for writes to stop
[  195.143510][ T5840] bcachefs (loop0): flushing journal and stopping allocators, journal seq 3
[  195.189704][ T7062] BTRFS info (device loop1): rebuilding free space tree
[  195.712097][ T5840] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3
[  195.800438][ T5840] bcachefs (loop0): clean shutdown complete, journal seq 4
[  195.812662][ T5840] bcachefs (loop0): marking filesystem clean
[  195.920452][ T5840] bcachefs (loop0): shutdown complete
[  195.982380][ T7062] BTRFS info (device loop1): balance: start -s
[  195.988714][ T7062] BTRFS info (device loop1): left=0, need=98304, flags=2
[  195.995738][ T7062] BTRFS info (device loop1): space_info SYSTEM (sub-group id 0) has 0 free, is not full
[  196.005567][ T7062] BTRFS info (device loop1): space_info total=4194304, used=4096, pinned=0, reserved=0, may_use=0, readonly=4190208 zone_unusable=0
[  196.019209][ T7062] BTRFS info (device loop1): global_block_rsv: size 1441792 reserved 1441792
[  196.027995][ T7062] BTRFS info (device loop1): trans_block_rsv: size 0 reserved 0
[  196.035627][ T7062] BTRFS info (device loop1): chunk_block_rsv: size 0 reserved 0
[  196.043295][ T7062] BTRFS info (device loop1): delayed_block_rsv: size 0 reserved 0
[  196.051521][ T7062] BTRFS info (device loop1): delayed_refs_rsv: size 0 reserved 0
[  196.064221][ T7062] BTRFS info (device loop1): relocating block group 1048576 flags system
[  196.171654][ T7062] BTRFS info (device loop1): balance: ended with status: 0
[  196.268236][ T5855] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  196.423103][ T7112] netlink: 'syz.4.273': attribute type 3 has an invalid length.
[  197.860612][ T7133] loop1: detected capacity change from 0 to 16
[  197.870077][ T7133] erofs: Unknown parameter '/dev/ppp'
[  198.254870][ T7132] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  198.269024][ T7120] loop3: detected capacity change from 0 to 32768
[  198.368787][ T7140] fuseblk: Bad value for 'fd'
[  198.403081][ T7120] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.275 (7120)
[  198.806549][ T7120] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  198.857303][ T7120] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  198.879142][ T7120] BTRFS info (device loop3): using free-space-tree
[  198.983357][ T7142] loop4: detected capacity change from 0 to 512
[  199.019879][ T7146] loop2: detected capacity change from 0 to 64
[  199.068762][ T7142] EXT4-fs (loop4): Test dummy encryption mode enabled
[  199.075577][ T7142] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  199.159591][ T7142] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  199.266816][ T7142] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.281: bad orphan inode 131083
[  199.337391][ T7142] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.351060][ T7166] netlink: 'syz.1.283': attribute type 1 has an invalid length.
[  199.453668][ T7142] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  199.783590][ T5850] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  200.493546][ T5851] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.639720][ T5860] Bluetooth: hci4: command 0x0406 tx timeout
[  201.667640][ T5849] Bluetooth: hci1: command 0x0406 tx timeout
[  201.685652][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  201.763830][ T7173] loop1: detected capacity change from 0 to 32768
[  201.802228][ T7173] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.287 (7173)
[  201.932830][ T7173] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  201.961244][ T7173] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  201.991848][ T7173] BTRFS info (device loop1): disk space caching is enabled
[  202.018426][ T7173] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  202.155664][ T7205] loop4: detected capacity change from 0 to 256
[  202.169669][ T7173] BTRFS info (device loop1): rebuilding free space tree
[  202.210762][ T7205] exfat: Deprecated parameter 'namecase'
[  202.238983][ T7173] BTRFS info (device loop1): disabling free space tree
[  202.245952][ T7173] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  202.251841][ T7205] exfat: Deprecated parameter 'utf8'
[  202.287703][ T7173] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  202.338149][ T7205] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  203.832564][ T7178] loop2: detected capacity change from 0 to 32768
[  203.912074][ T5855] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  203.955867][ T7178] workqueue: Failed to create a rescuer kthread for wq "gfs2-glock/syz:syz": -EINTR
[  204.927999][ T7233] warning: `syz.2.300' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  205.970326][ T7243] loop3: detected capacity change from 0 to 2048
[  206.165273][ T7249] loop1: detected capacity change from 0 to 1024
[  206.218183][ T7249] EXT4-fs: Ignoring removed i_version option
[  206.224228][ T7249] EXT4-fs: inline encryption not supported
[  206.338439][ T7249] EXT4-fs (loop1): Test dummy encryption mode enabled
[  206.431605][ T7249] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.524154][ T7249] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx"
[  206.661343][ T5855] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.053029][   T30] audit: type=1800 audit(1751802179.522:11): pid=7263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.302" name="file1" dev="loop3" ino=1048668 res=0 errno=0
[  207.354676][ T7247] loop4: detected capacity change from 0 to 32768
[  207.391231][ T7247] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.303 (7247)
[  207.444793][ T7267] loop1: detected capacity change from 0 to 16
[  207.504180][ T7267] erofs: Unknown parameter '0xffffffffffffffff'
[  207.565766][ T7247] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  207.592882][ T6263] udevd[6263]: incorrect erofs checksum on /dev/loop1
[  207.606565][ T7267] ubi0: attaching mtd0
[  207.615493][ T7267] ubi0: scanning is finished
[  207.628922][ T7267] ubi0: empty MTD device detected
[  207.637870][ T7269] netlink: 12 bytes leftover after parsing attributes in process `syz.3.311'.
[  207.675675][ T7247] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  207.714608][ T7247] BTRFS info (device loop4): disk space caching is enabled
[  207.762133][ T7247] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  207.856693][ T7267] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  207.877244][ T7267] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  207.917235][ T7267] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  207.955264][ T7262] loop0: detected capacity change from 0 to 32768
[  207.980359][ T7267] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  208.001137][ T7262] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.309 (7262)
[  208.006958][ T7267] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  208.041252][ T7271] bridge1: port 1(veth3) entered blocking state
[  208.107285][ T7267] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  208.115640][ T7271] bridge1: port 1(veth3) entered disabled state
[  208.161622][ T7271] veth3: entered allmulticast mode
[  208.166914][ T7267] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2662450931
[  208.189752][ T7271] veth3: entered promiscuous mode
[  208.215254][ T7267] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  208.312908][ T7262] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  208.331333][ T7272] ubi0: background thread "ubi_bgt0d" started, PID 7272
[  208.344698][ T7247] BTRFS info (device loop4): rebuilding free space tree
[  208.403340][ T7269] bridge1: port 2(veth0_to_bond) entered blocking state
[  208.407410][ T7262] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  208.428998][ T7247] BTRFS info (device loop4): disabling free space tree
[  208.435944][ T7247] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  208.441686][ T7269] bridge1: port 2(veth0_to_bond) entered disabled state
[  208.493309][ T7262] BTRFS info (device loop0): using free-space-tree
[  208.500582][ T7269] veth0_to_bond: entered allmulticast mode
[  208.517179][ T7247] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  208.569456][ T7269] veth0_to_bond: entered promiscuous mode
[  209.707442][ T5840] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  210.787958][ T5851] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  211.256974][ T7328] use of bytesused == 0 is deprecated and will be removed in the future,
[  211.275204][ T7328] use the actual size instead.
[  211.495797][ T7325] loop1: detected capacity change from 0 to 256
[  211.537766][ T7325] FAT-fs (loop1): Directory bread(block 64) failed
[  211.544519][ T7325] FAT-fs (loop1): Directory bread(block 65) failed
[  211.551133][ T7325] FAT-fs (loop1): Directory bread(block 66) failed
[  211.557700][ T7325] FAT-fs (loop1): Directory bread(block 67) failed
[  211.564235][ T7325] FAT-fs (loop1): Directory bread(block 68) failed
[  211.570770][ T7325] FAT-fs (loop1): Directory bread(block 69) failed
[  211.577350][ T7325] FAT-fs (loop1): Directory bread(block 70) failed
[  211.583836][ T7325] FAT-fs (loop1): Directory bread(block 71) failed
[  211.590426][ T7325] FAT-fs (loop1): Directory bread(block 72) failed
[  211.596910][ T7325] FAT-fs (loop1): Directory bread(block 73) failed
[  212.095358][ T7341] loop0: detected capacity change from 0 to 2048
[  212.370580][ T7341] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  212.555181][ T7341] UDF-fs: Scanning with blocksize 512 failed
[  212.862984][ T7341] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  213.277854][ T7349] loop1: detected capacity change from 0 to 32768
[  213.634517][ T7349] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  213.634547][ T7349]   allowing incompatible features above 0.0: (unknown version)
[  213.634559][ T7349]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  213.680635][ T7349] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  213.688884][ T7349] bcachefs (loop1): initializing new filesystem
[  213.704137][ T7349] bcachefs (loop1): going read-write
[  213.845118][ T7349] bcachefs (loop1): marking superblocks
[  213.858251][ T7349] bcachefs (loop1): initializing freespace
[  213.869164][ T7349] bcachefs (loop1): done initializing freespace
[  213.878393][ T7349] bcachefs (loop1): reading snapshots table
[  213.884361][ T7349] bcachefs (loop1): reading snapshots done
[  213.931640][ T7349] bcachefs (loop1): done starting filesystem
[  214.118047][ T7351] loop3: detected capacity change from 0 to 32768
[  214.214692][ T5934] libceph: connect (1)[c::]:6789 error -101
[  214.269840][ T5934] libceph: mon0 (1)[c::]:6789 connect error
[  214.677530][ T5934] libceph: connect (1)[c::]:6789 error -101
[  214.697277][ T7372] ceph: No mds server is up or the cluster is laggy
[  214.710017][ T5934] libceph: mon0 (1)[c::]:6789 connect error
[  214.736096][ T5855] bcachefs (loop1): shutting down
[  215.024778][ T5934] libceph: connect (1)[c::]:6789 error -101
[  215.030795][ T5855] bcachefs (loop1): going read-only
[  215.035987][ T5855] bcachefs (loop1): finished waiting for writes to stop
[  215.188185][ T5855] bcachefs (loop1): flushing journal and stopping allocators, journal seq 3
[  215.188496][ T5934] libceph: mon0 (1)[c::]:6789 connect error
[  215.433010][ T7347] loop4: detected capacity change from 0 to 32768
[  215.462550][ T7370] sch_tbf: burst 0 is lower than device veth1 mtu (1514) !
[  215.516908][ T7347] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  215.550428][ T7347] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  215.571788][ T5855] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[  215.645508][ T5855] bcachefs (loop1): clean shutdown complete, journal seq 4
[  215.693560][ T5855] bcachefs (loop1): marking filesystem clean
[  215.890697][ T5855] bcachefs (loop1): shutdown complete
[  215.962506][ T7390] loop0: detected capacity change from 0 to 1024
[  215.978562][ T7347] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  216.031091][   T24] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  216.038104][   T24] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  216.534423][ T7390] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  216.763654][   T24] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 725ms
[  216.775547][   T24] gfs2: fsid=syz:syz.0: jid=0: Done
[  216.781364][ T7347] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  216.805227][ T7347] gfs2: fsid=syz:syz.0: can't create logd thread: -4
[  216.877571][ T5840] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.955144][ T7406] loop2: detected capacity change from 0 to 512
[  217.968652][ T7406] EXT4-fs (loop2): Test dummy encryption mode enabled
[  217.992747][ T7406] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  218.059937][ T7397] loop3: detected capacity change from 0 to 40427
[  218.108586][ T7406] EXT4-fs error (device loop2): ext4_orphan_get:1419: comm syz.2.343: bad orphan inode 131083
[  218.159772][ T7397] F2FS-fs (loop3): invalid crc value
[  218.196523][ T7406] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  218.714966][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.884245][ T7397] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  219.040702][ T7425] F2FS-fs (loop3): Inconsistent segment (8) type [1, 0] in SSA and SIT
[  219.052844][ T7425] CPU: 0 UID: 0 PID: 7425 Comm: syz.3.339 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  219.052871][ T7425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  219.052883][ T7425] Call Trace:
[  219.052890][ T7425]  <TASK>
[  219.052898][ T7425]  dump_stack_lvl+0x189/0x250
[  219.052929][ T7425]  ? __pfx_dump_stack_lvl+0x10/0x10
[  219.052943][ T7425]  ? __pfx_queue_work_on+0x10/0x10
[  219.052955][ T7425]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  219.052970][ T7425]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  219.052985][ T7425]  ? f2fs_hw_is_readonly+0x39b/0x470
[  219.053006][ T7425]  f2fs_handle_critical_error+0x37c/0x540
[  219.053026][ T7425]  do_garbage_collect+0xec8/0x64b0
[  219.053041][ T7425]  ? __pfx___mutex_trylock_common+0x10/0x10
[  219.053057][ T7425]  ? rcu_is_watching+0x15/0xb0
[  219.053094][ T7425]  ? __pfx_do_garbage_collect+0x10/0x10
[  219.053105][ T7425]  ? f2fs_get_victim+0x504b/0x56e0
[  219.053154][ T7425]  ? up_write+0x1c4/0x420
[  219.053169][ T7425]  f2fs_gc+0xc87/0x2590
[  219.053203][ T7425]  ? __pfx_f2fs_gc+0x10/0x10
[  219.053231][ T7425]  f2fs_expand_inode_data+0x53d/0xa60
[  219.053413][ T7425]  ? __pfx_f2fs_expand_inode_data+0x10/0x10
[  219.053447][ T7425]  ? do_raw_spin_unlock+0x122/0x240
[  219.053464][ T7425]  ? file_modified_flags+0x4bb/0x560
[  219.053479][ T7425]  f2fs_fallocate+0x4f5/0x990
[  219.053499][ T7425]  vfs_fallocate+0x6a0/0x830
[  219.053516][ T7425]  ? __pfx_vfs_fallocate+0x10/0x10
[  219.053535][ T7425]  file_ioctl+0x611/0x780
[  219.053549][ T7425]  ? __pfx_file_ioctl+0x10/0x10
[  219.053568][ T7425]  ? kasan_quarantine_put+0xdd/0x220
[  219.053586][ T7425]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  219.053603][ T7425]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  219.053620][ T7425]  do_vfs_ioctl+0xb33/0x1430
[  219.053632][ T7425]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  219.053651][ T7425]  ? __lock_acquire+0xab9/0xd20
[  219.053678][ T7425]  ? __fget_files+0x2a/0x420
[  219.053693][ T7425]  ? __fget_files+0x2a/0x420
[  219.053706][ T7425]  ? __fget_files+0x3a0/0x420
[  219.053718][ T7425]  ? __fget_files+0x2a/0x420
[  219.053734][ T7425]  ? bpf_lsm_file_ioctl+0x9/0x20
[  219.053747][ T7425]  __se_sys_ioctl+0x82/0x170
[  219.053759][ T7425]  do_syscall_64+0xfa/0x3b0
[  219.053774][ T7425]  ? lockdep_hardirqs_on+0x9c/0x150
[  219.053787][ T7425]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.053797][ T7425]  ? clear_bhb_loop+0x60/0xb0
[  219.053810][ T7425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.053821][ T7425] RIP: 0033:0x7fdea598e929
[  219.053832][ T7425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.053842][ T7425] RSP: 002b:00007fdea37d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  219.053854][ T7425] RAX: ffffffffffffffda RBX: 00007fdea5bb6080 RCX: 00007fdea598e929
[  219.053862][ T7425] RDX: 00002000000000c0 RSI: 0000000040305828 RDI: 0000000000000004
[  219.053869][ T7425] RBP: 00007fdea5a10b39 R08: 0000000000000000 R09: 0000000000000000
[  219.053876][ T7425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  219.053882][ T7425] R13: 0000000000000000 R14: 00007fdea5bb6080 R15: 00007ffdd31d93a8
[  219.053904][ T7425]  </TASK>
[  219.053949][ T7425] F2FS-fs (loop3): Stopped filesystem due to reason: 4
[  219.844925][ T7424] loop4: detected capacity change from 0 to 32768
[  220.823531][ T7419] loop0: detected capacity change from 0 to 32768
[  220.876793][ T7423] loop2: detected capacity change from 0 to 32768
[  220.889587][ T7419] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  220.937244][ T7419] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  221.015603][ T7423] (syz.2.346,7423,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  221.082527][ T7419] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  221.092851][ T7423] (syz.2.346,7423,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  221.133980][ T5956] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  221.158651][ T5956] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  221.245648][ T7423] JBD2: Ignoring recovery information on journal
[  221.285684][ T5956] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 127ms
[  221.294331][ T5956] gfs2: fsid=syz:syz.0: jid=0: Done
[  221.300426][ T7419] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  221.311358][ T7436] loop4: detected capacity change from 0 to 2048
[  221.318316][ T7419] gfs2: fsid=syz:syz.0: can't find local "qc" file: -2
[  221.455195][ T7423] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  221.478716][ T7443] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  223.293452][ T7458] loop1: detected capacity change from 0 to 1764
[  224.511625][ T7458] iso9660: Corrupted directory entry in block 2 of inode 1920
[  224.553619][ T7458] netlink: 'syz.1.354': attribute type 10 has an invalid length.
[  224.655286][ T7458] syz_tun: entered promiscuous mode
[  224.724843][ T7458] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  225.145554][ T5845] ocfs2: Unmounting device (7,2) on (node local)
[  225.248716][ T7467] loop3: detected capacity change from 0 to 512
[  225.527842][ T7467] EXT4-fs (loop3): Test dummy encryption mode enabled
[  225.534679][ T7467] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  226.035039][ T7467] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.357: bad orphan inode 131083
[  226.223124][ T7467] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.427147][ T7496] mmap: syz.2.365 (7496) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  227.471929][ T5850] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.578361][ T7500] fuseblk: Bad value for 'fd'
[  228.388233][ T5849] block nbd0: Receive control failed (result -107)
[  228.395205][   T51] block nbd0: Receive control failed (result -107)
[  228.490926][ T7499] nbd0: detected capacity change from 0 to 32
[  228.549072][ T6083] 
[  228.551437][ T6083] ======================================================
[  228.558450][ T6083] WARNING: possible circular locking dependency detected
[  228.565475][ T6083] 6.16.0-rc4-next-20250704-syzkaller #0 Not tainted
[  228.572056][ T6083] ------------------------------------------------------
[  228.579067][ T6083] udevd/6083 is trying to acquire lock:
[  228.584600][ T6083] ffff88807b837870 (&nsock->tx_lock){+.+.}-{4:4}, at: nbd_queue_rq+0x257/0xf10
[  228.593553][ T6083] 
[  228.593553][ T6083] but task is already holding lock:
[  228.600895][ T6083] ffff8880597ee178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  228.609320][ T6083] 
[  228.609320][ T6083] which lock already depends on the new lock.
[  228.609320][ T6083] 
[  228.619706][ T6083] 
[  228.619706][ T6083] the existing dependency chain (in reverse order) is:
[  228.628705][ T6083] 
[  228.628705][ T6083] -> #6 (&cmd->lock){+.+.}-{4:4}:
[  228.635904][ T6083]        lock_acquire+0x120/0x360
[  228.640921][ T6083]        __mutex_lock+0x182/0xe80
[  228.645932][ T6083]        nbd_queue_rq+0xc8/0xf10
[  228.650853][ T6083]        blk_mq_dispatch_rq_list+0x4c0/0x1900
[  228.656908][ T6083]        __blk_mq_sched_dispatch_requests+0xda4/0x1570
[  228.663743][ T6083]        blk_mq_sched_dispatch_requests+0xd7/0x190
[  228.670233][ T6083]        blk_mq_run_hw_queue+0x348/0x4f0
[  228.675857][ T6083]        blk_mq_dispatch_list+0xd0c/0xe00
[  228.681565][ T6083]        blk_mq_flush_plug_list+0x469/0x550
[  228.687445][ T6083]        __blk_flush_plug+0x3d3/0x4b0
[  228.692802][ T6083]        __submit_bio+0x2d3/0x5a0
[  228.697814][ T6083]        submit_bio_noacct_nocheck+0x4ab/0xb50
[  228.703953][ T6083]        block_read_full_folio+0x7b7/0x830
[  228.709745][ T6083]        filemap_read_folio+0x117/0x380
[  228.715283][ T6083]        do_read_cache_folio+0x350/0x590
[  228.720899][ T6083]        read_part_sector+0xb6/0x2b0
[  228.726172][ T6083]        adfspart_check_ICS+0xa4/0xa50
[  228.731616][ T6083]        bdev_disk_changed+0x75c/0x14b0
[  228.737146][ T6083]        blkdev_get_whole+0x380/0x510
[  228.742510][ T6083]        bdev_open+0x31e/0xd30
[  228.747270][ T6083]        blkdev_open+0x3a8/0x510
[  228.752190][ T6083]        do_dentry_open+0xdf0/0x1970
[  228.757464][ T6083]        vfs_open+0x3b/0x340
[  228.762046][ T6083]        path_openat+0x2ee5/0x3830
[  228.767139][ T6083]        do_filp_open+0x1fa/0x410
[  228.772149][ T6083]        do_sys_openat2+0x121/0x1c0
[  228.777335][ T6083]        __x64_sys_openat+0x138/0x170
[  228.782685][ T6083]        do_syscall_64+0xfa/0x3b0
[  228.787697][ T6083]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.794092][ T6083] 
[  228.794092][ T6083] -> #5 (set->srcu){.+.+}-{0:0}:
[  228.801199][ T6083]        lock_sync+0xba/0x160
[  228.805865][ T6083]        __synchronize_srcu+0x96/0x3a0
[  228.811315][ T6083]        elevator_switch+0x12b/0x5f0
[  228.816588][ T6083]        elevator_change+0x21b/0x320
[  228.821862][ T6083]        elevator_set_default+0x144/0x210
[  228.827573][ T6083]        blk_register_queue+0x35d/0x400
[  228.833109][ T6083]        __add_disk+0x677/0xd50
[  228.837938][ T6083]        add_disk_fwnode+0xfc/0x480
[  228.843118][ T6083]        nbd_dev_add+0x70e/0xb00
[  228.848048][ T6083]        nbd_init+0x21a/0x2d0
[  228.852725][ T6083]        do_one_initcall+0x233/0x820
[  228.858006][ T6083]        do_initcall_level+0x137/0x1f0
[  228.863459][ T6083]        do_initcalls+0x69/0xd0
[  228.868301][ T6083]        kernel_init_freeable+0x3d9/0x570
[  228.874009][ T6083]        kernel_init+0x1d/0x1d0
[  228.878843][ T6083]        ret_from_fork+0x3fc/0x770
[  228.883935][ T6083]        ret_from_fork_asm+0x1a/0x30
[  228.889213][ T6083] 
[  228.889213][ T6083] -> #4 (&q->elevator_lock){+.+.}-{4:4}:
[  228.897017][ T6083]        lock_acquire+0x120/0x360
[  228.902031][ T6083]        __mutex_lock+0x182/0xe80
[  228.907040][ T6083]        elv_update_nr_hw_queues+0x87/0x2a0
[  228.912927][ T6083]        blk_mq_update_nr_hw_queues+0xd54/0x14c0
[  228.919244][ T6083]        nbd_start_device+0x16c/0xac0
[  228.924604][ T6083]        nbd_genl_connect+0x1250/0x1930
[  228.930133][ T6083]        genl_family_rcv_msg_doit+0x212/0x300
[  228.936187][ T6083]        genl_rcv_msg+0x60e/0x790
[  228.941196][ T6083]        netlink_rcv_skb+0x208/0x470
[  228.946477][ T6083]        genl_rcv+0x28/0x40
[  228.950963][ T6083]        netlink_unicast+0x75b/0x8d0
[  228.956234][ T6083]        netlink_sendmsg+0x805/0xb30
[  228.961509][ T6083]        __sock_sendmsg+0x219/0x270
[  228.966695][ T6083]        ____sys_sendmsg+0x505/0x830
[  228.971961][ T6083]        ___sys_sendmsg+0x21f/0x2a0
[  228.977141][ T6083]        __x64_sys_sendmsg+0x19b/0x260
[  228.982578][ T6083]        do_syscall_64+0xfa/0x3b0
[  228.987591][ T6083]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.993989][ T6083] 
[  228.993989][ T6083] -> #3 (&q->q_usage_counter(io)#49){++++}-{0:0}:
[  229.002581][ T6083]        lock_acquire+0x120/0x360
[  229.007596][ T6083]        blk_alloc_queue+0x538/0x620
[  229.012868][ T6083]        __blk_mq_alloc_disk+0x162/0x340
[  229.018488][ T6083]        nbd_dev_add+0x476/0xb00
[  229.023411][ T6083]        nbd_init+0x21a/0x2d0
[  229.028074][ T6083]        do_one_initcall+0x233/0x820
[  229.033347][ T6083]        do_initcall_level+0x137/0x1f0
[  229.038795][ T6083]        do_initcalls+0x69/0xd0
[  229.043635][ T6083]        kernel_init_freeable+0x3d9/0x570
[  229.049341][ T6083]        kernel_init+0x1d/0x1d0
[  229.054171][ T6083]        ret_from_fork+0x3fc/0x770
[  229.059267][ T6083]        ret_from_fork_asm+0x1a/0x30
[  229.064539][ T6083] 
[  229.064539][ T6083] -> #2 (fs_reclaim){+.+.}-{0:0}:
[  229.071733][ T6083]        lock_acquire+0x120/0x360
[  229.076750][ T6083]        fs_reclaim_acquire+0x72/0x100
[  229.082199][ T6083]        kmem_cache_alloc_node_noprof+0x47/0x3c0
[  229.088514][ T6083]        __alloc_skb+0x112/0x2d0
[  229.093438][ T6083]        tcp_stream_alloc_skb+0x3d/0x340
[  229.099056][ T6083]        tcp_sendmsg_locked+0x1f46/0x5630
[  229.104763][ T6083]        tcp_sendmsg+0x2f/0x50
[  229.109510][ T6083]        __sock_sendmsg+0x19c/0x270
[  229.114692][ T6083]        sock_write_iter+0x258/0x330
[  229.119963][ T6083]        vfs_write+0x548/0xa90
[  229.124713][ T6083]        ksys_write+0x145/0x250
[  229.129546][ T6083]        do_syscall_64+0xfa/0x3b0
[  229.134560][ T6083]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.140955][ T6083] 
[  229.140955][ T6083] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}:
[  229.148587][ T6083]        lock_acquire+0x120/0x360
[  229.153600][ T6083]        lock_sock_nested+0x48/0x100
[  229.158872][ T6083]        inet_shutdown+0x6a/0x390
[  229.163883][ T6083]        nbd_mark_nsock_dead+0x2e9/0x560
[  229.169498][ T6083]        recv_work+0x2138/0x24f0
[  229.174418][ T6083]        process_scheduled_works+0xae1/0x17b0
[  229.180468][ T6083]        worker_thread+0x8a0/0xda0
[  229.185562][ T6083]        kthread+0x70e/0x8a0
[  229.190138][ T6083]        ret_from_fork+0x3fc/0x770
[  229.195234][ T6083]        ret_from_fork_asm+0x1a/0x30
[  229.200507][ T6083] 
[  229.200507][ T6083] -> #0 (&nsock->tx_lock){+.+.}-{4:4}:
[  229.208139][ T6083]        validate_chain+0xb9b/0x2140
[  229.213410][ T6083]        __lock_acquire+0xab9/0xd20
[  229.218597][ T6083]        lock_acquire+0x120/0x360
[  229.223610][ T6083]        __mutex_lock+0x182/0xe80
[  229.228622][ T6083]        nbd_queue_rq+0x257/0xf10
[  229.233631][ T6083]        blk_mq_dispatch_rq_list+0x4c0/0x1900
[  229.239686][ T6083]        __blk_mq_sched_dispatch_requests+0xda4/0x1570
[  229.246524][ T6083]        blk_mq_sched_dispatch_requests+0xd7/0x190
[  229.253014][ T6083]        blk_mq_run_hw_queue+0x348/0x4f0
[  229.258634][ T6083]        blk_mq_dispatch_list+0xd0c/0xe00
[  229.264343][ T6083]        blk_mq_flush_plug_list+0x469/0x550
[  229.270222][ T6083]        __blk_flush_plug+0x3d3/0x4b0
[  229.275582][ T6083]        __submit_bio+0x2d3/0x5a0
[  229.280597][ T6083]        submit_bio_noacct_nocheck+0x4ab/0xb50
[  229.286741][ T6083]        block_read_full_folio+0x7b7/0x830
[  229.292528][ T6083]        filemap_read_folio+0x117/0x380
[  229.298064][ T6083]        do_read_cache_folio+0x350/0x590
[  229.303673][ T6083]        read_part_sector+0xb6/0x2b0
[  229.308940][ T6083]        adfspart_check_ICS+0xa4/0xa50
[  229.314386][ T6083]        bdev_disk_changed+0x75c/0x14b0
[  229.319919][ T6083]        blkdev_get_whole+0x380/0x510
[  229.325279][ T6083]        bdev_open+0x31e/0xd30
[  229.330033][ T6083]        blkdev_open+0x3a8/0x510
[  229.334952][ T6083]        do_dentry_open+0xdf0/0x1970
[  229.340229][ T6083]        vfs_open+0x3b/0x340
[  229.344811][ T6083]        path_openat+0x2ee5/0x3830
[  229.349902][ T6083]        do_filp_open+0x1fa/0x410
[  229.354909][ T6083]        do_sys_openat2+0x121/0x1c0
[  229.360095][ T6083]        __x64_sys_openat+0x138/0x170
[  229.365446][ T6083]        do_syscall_64+0xfa/0x3b0
[  229.370459][ T6083]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.376855][ T6083] 
[  229.376855][ T6083] other info that might help us debug this:
[  229.376855][ T6083] 
[  229.387061][ T6083] Chain exists of:
[  229.387061][ T6083]   &nsock->tx_lock --> set->srcu --> &cmd->lock
[  229.387061][ T6083] 
[  229.399131][ T6083]  Possible unsafe locking scenario:
[  229.399131][ T6083] 
[  229.406561][ T6083]        CPU0                    CPU1
[  229.411905][ T6083]        ----                    ----
[  229.417249][ T6083]   lock(&cmd->lock);
[  229.421216][ T6083]                                lock(set->srcu);
[  229.427617][ T6083]                                lock(&cmd->lock);
[  229.434100][ T6083]   lock(&nsock->tx_lock);
[  229.438505][ T6083] 
[  229.438505][ T6083]  *** DEADLOCK ***
[  229.438505][ T6083] 
[  229.446629][ T6083] 3 locks held by udevd/6083:
[  229.451285][ T6083]  #0: ffff888024ed8358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  229.460509][ T6083]  #1: ffff888024d36f90 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  229.469991][ T6083]  #2: ffff8880597ee178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  229.478876][ T6083] 
[  229.478876][ T6083] stack backtrace:
[  229.484757][ T6083] CPU: 0 UID: 0 PID: 6083 Comm: udevd Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  229.484777][ T6083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  229.484787][ T6083] Call Trace:
[  229.484795][ T6083]  <TASK>
[  229.484803][ T6083]  dump_stack_lvl+0x189/0x250
[  229.484826][ T6083]  ? __pfx_dump_stack_lvl+0x10/0x10
[  229.484843][ T6083]  ? __pfx__printk+0x10/0x10
[  229.484864][ T6083]  ? print_lock_name+0xde/0x100
[  229.484885][ T6083]  print_circular_bug+0x2ee/0x310
[  229.484904][ T6083]  check_noncircular+0x134/0x160
[  229.484923][ T6083]  validate_chain+0xb9b/0x2140
[  229.484947][ T6083]  __lock_acquire+0xab9/0xd20
[  229.484971][ T6083]  ? nbd_queue_rq+0x257/0xf10
[  229.484986][ T6083]  lock_acquire+0x120/0x360
[  229.485007][ T6083]  ? nbd_queue_rq+0x257/0xf10
[  229.485024][ T6083]  ? is_bpf_text_address+0x292/0x2b0
[  229.485050][ T6083]  __mutex_lock+0x182/0xe80
[  229.485071][ T6083]  ? nbd_queue_rq+0x257/0xf10
[  229.485085][ T6083]  ? unwind_get_return_address+0x4d/0x90
[  229.485103][ T6083]  ? arch_stack_walk+0xfc/0x150
[  229.485128][ T6083]  ? nbd_queue_rq+0x257/0xf10
[  229.485144][ T6083]  ? __pfx___mutex_lock+0x10/0x10
[  229.485165][ T6083]  ? nbd_get_config_unlocked+0x152/0x210
[  229.485183][ T6083]  ? __pfx_nbd_get_config_unlocked+0x10/0x10
[  229.485203][ T6083]  nbd_queue_rq+0x257/0xf10
[  229.485224][ T6083]  ? __pfx_nbd_queue_rq+0x10/0x10
[  229.485245][ T6083]  blk_mq_dispatch_rq_list+0x4c0/0x1900
[  229.485267][ T6083]  ? sbitmap_find_bit+0x3ff/0x490
[  229.485296][ T6083]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  229.485316][ T6083]  ? __blk_mq_alloc_driver_tag+0x2e7/0x6e0
[  229.485339][ T6083]  __blk_mq_sched_dispatch_requests+0xda4/0x1570
[  229.485369][ T6083]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  229.485395][ T6083]  ? blk_mq_run_hw_queue+0x31f/0x4f0
[  229.485416][ T6083]  blk_mq_sched_dispatch_requests+0xd7/0x190
[  229.485438][ T6083]  ? blk_mq_run_hw_queue+0x31f/0x4f0
[  229.485456][ T6083]  blk_mq_run_hw_queue+0x348/0x4f0
[  229.485476][ T6083]  blk_mq_dispatch_list+0xd0c/0xe00
[  229.485498][ T6083]  ? blk_mq_dispatch_list+0x1c0/0xe00
[  229.485520][ T6083]  ? __pfx_blk_mq_dispatch_list+0x10/0x10
[  229.485542][ T6083]  ? blk_add_trace_plug+0x1c/0x240
[  229.485563][ T6083]  ? blk_add_trace_plug+0x1c/0x240
[  229.485585][ T6083]  blk_mq_flush_plug_list+0x469/0x550
[  229.485606][ T6083]  ? trace_block_plug+0x7a/0x1f0
[  229.485619][ T6083]  ? blk_add_rq_to_plug+0x300/0x450
[  229.485638][ T6083]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  229.485659][ T6083]  ? blk_mq_submit_bio+0xbcb/0x2520
[  229.485682][ T6083]  __blk_flush_plug+0x3d3/0x4b0
[  229.485706][ T6083]  ? __pfx___blk_flush_plug+0x10/0x10
[  229.485731][ T6083]  __submit_bio+0x2d3/0x5a0
[  229.485751][ T6083]  ? blk_add_trace_bio+0x2c/0x2e0
[  229.485773][ T6083]  ? __pfx___submit_bio+0x10/0x10
[  229.485799][ T6083]  ? blk_add_trace_bio+0x2c/0x2e0
[  229.485822][ T6083]  submit_bio_noacct_nocheck+0x4ab/0xb50
[  229.485842][ T6083]  ? bio_associate_blkg+0x6d/0x230
[  229.485865][ T6083]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  229.485887][ T6083]  ? submit_bio_noacct+0xd65/0x1a70
[  229.485912][ T6083]  block_read_full_folio+0x7b7/0x830
[  229.485928][ T6083]  ? __pfx_blkdev_get_block+0x10/0x10
[  229.485949][ T6083]  filemap_read_folio+0x117/0x380
[  229.485974][ T6083]  ? __pfx_blkdev_read_folio+0x10/0x10
[  229.485988][ T6083]  ? __pfx_filemap_read_folio+0x10/0x10
[  229.486014][ T6083]  do_read_cache_folio+0x350/0x590
[  229.486028][ T6083]  ? __pfx_blkdev_read_folio+0x10/0x10
[  229.486044][ T6083]  read_part_sector+0xb6/0x2b0
[  229.486064][ T6083]  adfspart_check_ICS+0xa4/0xa50
[  229.486084][ T6083]  ? snprintf+0xda/0x120
[  229.486102][ T6083]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  229.486133][ T6083]  bdev_disk_changed+0x75c/0x14b0
[  229.486159][ T6083]  ? __pfx_bdev_disk_changed+0x10/0x10
[  229.486177][ T6083]  ? wait_on_inode+0xc0/0x230
[  229.486205][ T6083]  blkdev_get_whole+0x380/0x510
[  229.486230][ T6083]  bdev_open+0x31e/0xd30
[  229.486255][ T6083]  blkdev_open+0x3a8/0x510
[  229.486270][ T6083]  ? __pfx_blkdev_open+0x10/0x10
[  229.486288][ T6083]  do_dentry_open+0xdf0/0x1970
[  229.486316][ T6083]  vfs_open+0x3b/0x340
[  229.486336][ T6083]  ? path_openat+0x2ecd/0x3830
[  229.486353][ T6083]  path_openat+0x2ee5/0x3830
[  229.486367][ T6083]  ? arch_stack_walk+0xfc/0x150
[  229.486396][ T6083]  ? __pfx_path_openat+0x10/0x10
[  229.486410][ T6083]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.486432][ T6083]  do_filp_open+0x1fa/0x410
[  229.486447][ T6083]  ? __lock_acquire+0xab9/0xd20
[  229.486469][ T6083]  ? __pfx_do_filp_open+0x10/0x10
[  229.486492][ T6083]  ? _raw_spin_unlock+0x28/0x50
[  229.486508][ T6083]  ? alloc_fd+0x64c/0x6c0
[  229.486530][ T6083]  do_sys_openat2+0x121/0x1c0
[  229.486552][ T6083]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  229.486569][ T6083]  ? __pfx_do_sys_openat2+0x10/0x10
[  229.486594][ T6083]  ? rcu_is_watching+0x15/0xb0
[  229.486611][ T6083]  __x64_sys_openat+0x138/0x170
[  229.486626][ T6083]  do_syscall_64+0xfa/0x3b0
[  229.486647][ T6083]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.486661][ T6083]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  229.486677][ T6083]  ? clear_bhb_loop+0x60/0xb0
[  229.486694][ T6083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.486709][ T6083] RIP: 0033:0x7f674caa7407
[  229.486724][ T6083] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  229.486738][ T6083] RSP: 002b:00007fff79271070 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  229.486753][ T6083] RAX: ffffffffffffffda RBX: 00007f674d25e880 RCX: 00007f674caa7407
[  229.486765][ T6083] RDX: 00000000000a0800 RSI: 000055ad17c52fe0 RDI: ffffffffffffff9c
[  229.486776][ T6083] RBP: 000055ad17c52910 R08: 0000000000000000 R09: 0000000000000000
[  229.486787][ T6083] R10: 0000000000000000 R11: 0000000000000202 R12: 000055ad17c53000
[  229.486797][ T6083] R13: 000055ad17c6a430 R14: 0000000000000000 R15: 000055ad17c53000
[  229.486814][ T6083]  </TASK>
[  230.074582][ T6083] block nbd0: Dead connection, failed to find a fallback
[  230.081777][ T6083] block nbd0: shutting down sockets
[  230.087346][ T6083] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  230.096395][ T6083] Buffer I/O error on dev nbd0, logical block 0, async page read
[  230.104368][ T6083] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  230.113451][ T6083] Buffer I/O error on dev nbd0, logical block 0, async page read
[  230.448181][ T6083] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  230.458757][ T6083] Buffer I/O error on dev nbd0, logical block 0, async page read
[  230.466651][ T6083] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  230.480246][ T6083] Buffer I/O error on dev nbd0, logical block 0, async page read
[  230.488268][ T6083] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  230.497456][ T6083] Buffer I/O error on dev nbd0, logical block 0, async page read
[  230.505328][ T6083] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  230.514474][ T6083] Buffer I/O error on dev nbd0, logical block 0, async page read
[  230.522421][ T6083] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  230.531732][ T6083] Buffer I/O error on dev nbd0, logical block 0, async page read
[  230.539712][ T6083] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  230.549233][ T6083] Buffer I/O error on dev nbd0, logical block 0, async page read
[  230.557488][ T6083] ldm_validate_partition_table(): Disk read failed.
[  230.564170][ T6083] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  230.573305][ T6083] Buffer I/O error on dev nbd0, logical block 0, async page read
[  230.581281][ T6083] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  230.590414][ T6083] Buffer I/O error on dev nbd0, logical block 0, async page read
[  230.598499][ T6083] Dev nbd0: unable to read RDB block 0
[  230.604544][ T6083]  nbd0: unable to read partition table
[  230.612673][ T6083] ldm_validate_partition_table(): Disk read failed.
[  230.619876][ T6083] Dev nbd0: unable to read RDB block 0
[  230.625709][ T6083]  nbd0: unable to read partition table
[  230.735433][ T7520] loop2: detected capacity change from 0 to 32768
[  230.792968][ T7520] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  230.792985][ T7520]   allowing incompatible features above 0.0: (unknown version)
[  230.792992][ T7520]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  230.838962][ T7520] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  230.848552][ T7520] bcachefs (loop2): initializing new filesystem
[  230.861787][ T7520] bcachefs (loop2): going read-write
[  230.872452][ T7520] bcachefs (loop2): marking superblocks
[  230.881365][ T7520] bcachefs (loop2): initializing freespace
[  230.889576][ T7520] bcachefs (loop2): done initializing freespace
[  230.896813][ T7520] bcachefs (loop2): reading snapshots table
[  230.902799][ T7520] bcachefs (loop2): reading snapshots done
[  230.915331][ T7520] bcachefs (loop2): done starting filesystem
[  231.545771][ T5845] bcachefs (loop2): shutting down
[  231.551071][ T5845] bcachefs (loop2): going read-only
[  231.556269][ T5845] bcachefs (loop2): finished waiting for writes to stop
[  231.564020][ T5845] bcachefs (loop2): flushing journal and stopping allocators, journal seq 2
[  231.581776][ T5845] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[  231.592403][ T5845] bcachefs (loop2): clean shutdown complete, journal seq 4
[  231.600073][ T5845] bcachefs (loop2): marking filesystem clean
[  231.613828][ T5845] bcachefs (loop2): shutdown complete