last executing test programs:

3.238647475s ago: executing program 4 (id=888):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYRES32=0x0], 0x138}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file2\x00', 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
clock_settime(0xfffffffb, &(0x7f0000000140)={0x77359400})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000380)='./file0\x00', 0x0, 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r4, &(0x7f00000000c0)='./file1\x00', 0x0)

2.087157329s ago: executing program 4 (id=899):
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x20, 0x0, 0x0, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x4}]}, 0x20}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000001d00070f00020000000000000700", @ANYRES32=r1, @ANYBLOB='\x00\x00g\x00\b\x00\b'], 0x24}}, 0x0)

2.010835045s ago: executing program 4 (id=902):
io_uring_setup(0x253d, &(0x7f0000000080))
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x1, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000009a65d0860040800dec30102030109021b050000000000090400000178eaf50009058402"], &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
syz_open_dev$evdev(&(0x7f0000000500), 0x4, 0x0)

1.21728069s ago: executing program 3 (id=928):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_DISASSOCIATE(r0, &(0x7f0000000240)={0x0, 0x4400, &(0x7f0000000200)={&(0x7f0000000000)={0x30, r1, 0x11, 0x30, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_REASON_CODE={0x6}]}, 0x30}}, 0x0)

1.197383002s ago: executing program 0 (id=929):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000080000000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000700)='signal_generate\x00', r0}, 0x10)

1.134705287s ago: executing program 3 (id=930):
sendmmsg(0xffffffffffffffff, &(0x7f0000002d80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=[{0xd0, 0x0, 0x0, "9300ad9755ef09b0fc29ac07b434a68573d213ae8d8090f7984b3ca7db1a98ae8be51334a788b8f38c0a842e962df00fdb569aeb5d592e8a0d3f7c1d98d482ddb9578a3a2964c1462cee7d59a8027a322b53d165ece58f7c80ee81ad91e43f116f95a4663386be884a51f264396468e7fe4dee1a1045550ef81651456c9f44c07325653ebc7e4b8225b009d5e5fb918d9c3a0835149835a8577cb2b39afae1191da193c82a1b6e541ad7d58ac1915a0a87b8647e6df02958ee"}, {0xcb8, 0x0, 0x0, "6c4455da0a2a4b0ed0d7d902c85a759699b8e245fc461ece658982b2a8610b837034135de5f95250930d35e04aaa424b0bf7fc9a54aa7831873ccc98dc79fff1262e2e71b8308133266a1f81e357abef9139ad8ad674dc749c2b3d0a3d68f1455664913fdb45f709b49b19885966e2a59e5af4708076b658555b34f94e54e8929d5cad8fde554e16db1314da75603c28a4c7b693ee3108cb6361379376c1a71f0fe001290bbc4b1dd6a21e316e9776263c8c876f2c03748fc30de749fb226901a1124a7d07ee6d7c715df25da7b0e265dd9dde965bb39acf06aa8d19ad7b1e398d0a5db9aa34eb94230937b3bfcc9528533b32aa6a0a7e1101ed6818c29db75e25b81e5918cea3941d0163efe651cf6c1721e097c00f1f64b16f1c33e98edf9faae6108f0817366a5ae263821ee20d02c2944304624178e841a476b68ab699a03cc8e635f2247dcb1bd0cd0ee1641f659a0f4b48befcd805b25c7bb65548c0fde990d369d28b3bdd3648fc55e4d125bb76d10a59a654ebeb689af54e84e8ce93986fa7417f83725f885ab59dfd1e8d3389e3e46a22df03e66ccb1cc5d69f0c43dcd86d3b06c044b758e4f22e2cc2fd4efa2a78b0b5f1cf80c55f5b11bd791ba5bd697d974b829d60ec1c3b72573b9f8799769428365e78a8a6d51e388a962d3c0ddf1710c1af8500bcec3a0a9a9bfccbca714a6e2840d951c7a9c8c0fe10bff962b8a31aa9b7f9982146437711d9effdcac5fddecc3e33e1509c4de614975aa55213b36d33fb1755784aa5c58a65409339a5c82aacaaabfe957650b89df6b797c453ee4e8b1aa5f75531cecfa4944e9301dd108da486f65e7ef7f5621f55e88ca9f0ea5572090aa9dc8b5e4310cbde5ab5ccd5cfaff059a167b8fba5b7f05595ef8a2ff053f8a47ef89d7b3ff9c633da8b9509fbebf8b4fa9c54f29116fd10b361b7549d9ba41229508b4d001c818f9e7d8a6243b0e335e1e296ee2f971d0753b38b6953f6acfb831bdee7b4779f1fbaffb1dafe0d02dbf2bb21168ac740ce3ce34606727d857554bcbab09499c6bed103c3720641ca7ae961f37fb1cb41ba0cabcc9a552a745eaff4e6da37587537fb86ea28d01d1d46bca609903f997bda910f144204cd3abba53e43f9f596f7fd384231aa0f21ceca1e0006635240a89ecd9e965e725e973fcf08cd290f85321f0bd3f6fe58590a2ca7e5bd49906d5bf3734c2036295c471a145fe2e6dcb4efc200ad8a87aa64926ebc18f9be47d1f06a8941c65bdee6e55bb483cb3b1a87c4f3182a328f9132cbe1e5226f5306f692676fa272cafb2068c4cfca6a63d4f63563aac3acff129973a9c585cb41a349dd7f782f50f335cfecc16b29deebd300bcd87e25bde50fa8e198631e102d6b9c4533b729a6f25a817f61634d70be14a85473571fc8b12851806be120d9808633a6099baa71ff79c78681d2cd5322ac73c88fb536237d4f47faf4230e4ff798b0741af46503817352ba7d33d9e27be87b38027408a33d796345e2617a5d7b838bc3340b175a416cbea6ce870a3a10fdee3d73693fe80586b337e90678d08d2720442c82c37710a71052a24dee28355b6a5c58bd3849ff036790296bb0adc8fb730f95151360f7baa57ce8e706bebe49ac1284a42e09f1078992e3f02ad383d8103e5cb76b19811bacd8c23617f03ef79a4426684db2ff6f8217c742c6c0cd832adfc10c9aad02721ca41d8650e30f526e28373544041fa225298d28242584a2c45652c70955ae38084c5f90009a502631d020be4d33a1dd523679feb84002d411b808d50f74654dcc64aabc6c6dda9c08c24486250db5b05dfc676468bc82bac97b1c4241a07773fc427e0f02f6036f37cf2e19a640018f752eac3854ef6c42284975e6bb0e16baffd89a9e1c2af1144a499537cf8a618336388f307b8aebdc3ea9491e36d93e30fa11e7ddec5307e59d5740b26ceb472ec4560f49577f68ced644ed67d27b4ecc3d223568aeaaa25ff37047d846be6f1989709ae8ed6a10fff24bdf223b8d7c4f9fc861ebbd54e3090b2f4a2fae6971da25d87fa7f46181ab538eb8728984db5cb79c2b2624ad9d8173ecdf6f96225866058a60367f0f2be042d9b178fb9fe3068881dd11f35f3f0b66b76e7cfa98e6e003e93282ff54a046b99940c230172fc246160644681c14f80a7463cb820e87fec176293088ad11237a883b73d71842849c1f68914354908377a2fa420026b01f5594a59d202f61a0b56a8758bf999a830ed792faa9120315979ca194ae6c36683b6ab9bb779cb125ba54e440a9ce042809b80b5d839d365fa5ce5e8042b429852aef35f62ce4ebb759b74ca5b6ee5f9ae8428ae82bd367e307d9b8f50b0ff5b2122084b0c52a2e2d23277c5f33882a2ec057f7a523fe67ff3c65b51e0b4113308789cfdabc4b7c034e38b10da6bf11822dc7266ed029bceb07ac4cf0bb888742ede008dcd4eda911910902f3d08eddfde2ed7267f43d58d7f3c77ee082eca76d986b7208e577384f4ac36fda957cb393b8c62049733e4b3b8adf018e743087b1d90d58cd0535a03ed7cc81fe788481a3a3defc7a1497007f4bb1bd8078f6bb68ad2a478db6c7f654daca6a0397af5eb86cb525a63771569371d529d48b6177ecba88d64a3aabe715ce9f71b00914b903cce52726295139bae8ffdb0a4d5e7f6125711c74190657ffdbc2119f20b92825c8a9ff37ec3054228788d0f3e6b87dd5c8957aded798158f2d7cbf730421caf48badbea1dbb73f7877b95e4be9940c60674f87722f0fdba5a88684ecf849710e416e66bc2dc331195a8eea1ef9ededd5d83c117ded39f89330f5141e6c0a55c5652348b787764c9c82d9e149b140a7666e7dd660d1043d4b23d2e9ba6dff3c4736fa572f5cc881447f94f21d440756d86c386e14aaf5e99fc943528b124f8d3e4e05347d7ba3b7142bb73b1820d0eb862e04147b893f784359fd2ab81f5cfc43e98a3c3bedf6d25d0c4847649b7e8f62a29f3725fad7b7102cb19759ecba24be02c0cd3f674ea4f18a316af4bf90137a79f615afd43a75b3422373b22290e21c808e0260c8a98acfa2d50412c5d0d97dba6e461f674ed1098d0ee0908c803b8cad5a8f24f1dbadad2bce116ee03b8a055f4568363d8cdcf9cc5cf9081aedbd161972ad0b10666e80740606c7a021cf9cfe766493a1187b8ad0a734a10c5987d51763243d50541c006ce9eb1f2e61bc67e5ead30ee1b5a46fc3fe3814d1db6e67be6622f95e390479b0d9f1f4fb812fc4d006d4137bd8cbcf7c31a298dd558983a093a63f3e67e0f14b15340e139a927a1f56e1096a24b4491d2daa0ca7fecece73a06b08b9e2176b0ad8ddada5c7ca95af5b9221b326451c217c22dde04e124829c2e9ab63461342f02e400c89736bfdcc5b8ed375078c7bbe0b30e2784034b65975712a47d4bac065ffa3eba8ddf89047c81bb927bffe64990cd89cc124884532df147e90bee242deb7e36bf2046df61483a5c9cfd8f07b4c9d7e1a829a3e56eb866b91887747c5f9a7664766994fe28736e6c6116866494285a62680c8479745fdae51c4f53b0312a19a1a598a2f506b9242fcd566e44a7d2c5def41f9554714a48bafc5202e1b28224922a9de3cd5b745d9520839dfacff35c5ea3e6c90713236c201d7acf2265d67509b86ca2b62c0b111947836fa11e75f34a018695ff89d670d687fb7c13622fe775b4c4e653c4b49013d0df62d3b3ef3924aace20e008f068befe9346ac5b1139a67e437267e8098d794a04de5dc8542ba525c16b2b90200d909762d1bb732fa2451b363c762ba6df1fb69c01714be90b8c348a521e21b830408affa1d0bade070731b50872be56a050f5648ce0ef47610cf2616c270b6e2c30c1873ca7aadb6913daa9615b84d01363fcbfd2a89e86c5a88d849b6d0708a96af709c37081e47976cf6594602068c1c169f95fec812f331279b9516dcaafab633d7831310188e9b3d2acbfeb48c7ddac93ba21afb77222a630f66f455486551e9b877ba53b305fc650c0e098ee897ca64195337c3ce92085df50e9f42c5e5ef62e9953766fbd27f6302d5d045e27175ef1e242784355b134937bbb623a36e435f771170de1430e88dccdca6de06631a07c8b504e7f753ac77bc6ebbc71227d715fb813e30f1b950cdecee91d110e409442d2b7639e5dd06cb4f81323b032676aade812b22ec9b3d5e8a123ad03dada4b82ef5173e88d0bd51c22d98b0edce156955698abf3d34829a4392148ecb45b63814a4ef8886dd990a7ede4c6e2dbe2b7d1486be90898c570266d0d9fd988c44bd6f6f01d114f7e458917f9f78e21a0badd481d7dd80f55f242b088b2b604fc4860cc8ff60ad96a81ed86922ea3bf80e6240836713a3dd6a91fd5e497b8b2f2b62521fc1fdd9592c7d2e53a64e8b96e98e5954564a6468ac61e7245e0bd507e1c4c8cddfb49358c2c05c571de5e96e203b0f4c3f50a77e7dbd2773916e697cc14c9956be6f14d91b27fa5c4dd915c964f2b3badb614f47ef3341e7d17b7823bb504cf5922590265a6836"}], 0xd88}}], 0x1, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x20001439)
close(r1)

1.134490047s ago: executing program 0 (id=931):
syz_open_procfs$namespace(0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x0, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000840))
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), 0xffffffffffffffff)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3)
syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(0xffffffffffffffff)
syz_open_procfs(r1, &(0x7f0000000240)='fd/3\x00')
mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, 0x0)
unshare(0x0)

1.030606336s ago: executing program 3 (id=938):
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f00000003c0)=[{0x6, 0x0, 0x0, 0x5}]}, 0x10)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x3a8)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @local}, 0x10)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

980.028589ms ago: executing program 2 (id=941):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000180), 0x12)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

935.133693ms ago: executing program 2 (id=942):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x24, 0x0, 0x0)
socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x40}]}, 0x28}}, 0x0)

935.044353ms ago: executing program 1 (id=943):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
unshare(0x20000400)
bind$can_raw(r0, &(0x7f00000005c0), 0x10)

934.997493ms ago: executing program 1 (id=944):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0)
r1 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='blkio.throttle.write_bps_device\x00', 0x2, 0x0)
sendfile(r1, r0, 0x0, 0x100000001)
r2 = socket$netlink(0x10, 0x3, 0x15)
writev(r2, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200040010000800014004000000", 0x58}], 0x1)

934.943533ms ago: executing program 2 (id=945):
open$dir(0x0, 0x0, 0x0)
request_key(&(0x7f0000000100)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x2}, &(0x7f0000001fee)='R\x10rust\xe3c*ex:Dd', 0x0)

934.789103ms ago: executing program 2 (id=946):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x1c, 0x2, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x0)

890.824027ms ago: executing program 1 (id=947):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
unshare(0x20000400)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4000004, 0x32, 0xffffffffffffffff, 0x0)
bind$can_raw(r0, &(0x7f00000005c0), 0x10)

890.693177ms ago: executing program 1 (id=948):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x4, &(0x7f0000000280)={[{@errors_remount}, {@noquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@block_validity}, {@quota}]}, 0x3, 0x46a, &(0x7f00000007c0)="$eJzs28tvG8UfAPDvruP218ePmFIefQCBgoh4JE1aoAcOgEDiABISl3IMSVqVpg1qgkSrCgJC5YgqcUcckfgLOMEFASckrnBHlSrUC4WT0dq7ie06btI63RB/PtLGMzuznhnPjj27kw1gYI1kf5KI3RHxW0QMN6PtGUaaL9evXZz++9rF6STq9bf+TBr5/rp2cbrIWhy3K4+MphHpp0kc6FLuwvkLp6fm5mbP5fHxxTPvjS+cv/DMqTNTJ2dPzp6dPHbs6JGJ55+bfLYv7bw7q+v+D+cP7nvt7ctvTB+//M5P3yRF+zva0ScjvRIfr9f7XFx50oj4f0s8GSqxMqxLJSKy7qo2xv9wVGKl84bj1U9KrRywoeq5VZKX6sAWlkTZNQDKUfzQZ9e/xXbnZh/lu/pS8wIoa/f1fGumDDWua7MLo2rH9W0/jUTE8aV/vsy22Jj7EAAAbb7L5j9Pd5v/pXFfS7678rWhWr6Wsici7omIvRFxb0Qj7/0R8UDLMUtrKL9zkeTG+U965ZYbtwbZ/O+FfG2rff6XFllqlZY1jlqlmpw4NTd7OP9MRqO6PYtP9Cjj+1d+/Xy1tNb5X7Zl5RdzwbweV4a2tx8zM7U4dTttbnX144j9Q93anyyvBCQRsS8i9t9iGaee/Prgammd7a8nvd7pxfZoH9aZ6l9FPNHs/6XoaH8h6b0+Of6/mJs9PF6cFTf6+ZdLb65W/s37f2Nl/b+z6/m/3P5akq/XZqfhuYX1l3Hp98+Wx/SOjrSxWzr/V3Zsy18/mFpcPDcRsS15vVnp1v2TK8cW8SJ/1v7RQ93H/55Y+SQORER2Ej8YEQ9FxMPNvjv4SEQ8GhGHerT/x5cfe3e1tM3Q/zMd/V9rz7Lc/431+pbAtujc0z1QOf3Dty3vV43aetqf9f/RRmg037OW77+11CsL3ObHBwAAAP8JaUTsjiQdWw6n6Vi1mbY3dqZz8wuLT52Yf//sTPMZgVpU0+JOV/N+cPN+6ER+z6WIT3bEj+T3jb+o7GjEx6bn52bKbjwMuF1dxn8+/OOPSsmVAzae57VgcBn/MLiMfxhcxj8Mri7jv/P/NIEtqtvv/0crwfrwnawMcEd1jH/LfjBAXP/DQErLrgBQrtbf/57P3wNbycKOuPlD8gMbqG6OamzKQKSbohr9CSQbPAp2l93A9QfK/mYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoj38DAAD//xsU47c=")
chdir(&(0x7f0000000040)='./file0\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000c80)='./file0\x00', 0x840, 0x0)

890.462827ms ago: executing program 2 (id=949):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r4, 0x4b33, &(0x7f0000000440)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x5, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x11, 0x32}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000280)={r5, r6}, 0xc)
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000080), 0x18)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000500)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c9d064bbd27b2aa57459cff33a3a9831ac46b8829b48fff3d63520d260804d0", 0x2b}, 0x48, 0xfffffffffffffffd)
syz_mount_image$fuse(0x0, &(0x7f0000000440)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r7}, 0x10)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r8, 0x800c6613, 0x0)
renameat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', r8, &(0x7f0000000140)='./file1\x00')
ioctl$UI_ABS_SETUP(r3, 0x401c5504, &(0x7f0000000340)={0x400000100002f})
write$uinput_user_dev(r3, &(0x7f0000000d00)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x296], [0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x5f4, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1b, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x45c)

762.374038ms ago: executing program 1 (id=950):
unshare(0x4000400)
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r0, 0xc0109207, 0x0)

585.438492ms ago: executing program 1 (id=951):
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
syz_usb_connect$uac1(0x0, 0xb6, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902a400030100000009040057f31b4f00000a24010000000201020a2404023fb07b2f465a0904010000010200000904010101010200001024020108030181912ad60b977cb57811240201020106bfaec76cd22154d66b33a511ea1e98ebe50b240201080405090305710f240202090001000037acdfbe9e710905010900000602000725010001000100000000000102000009040201010102000022058209000000000007250100000000"], 0x0)
r0 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48)
close(r2)
fstatfs(r0, &(0x7f00000002c0)=""/123)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000080)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x5, 0x2, 0x35d, 0xc, 0x0, 0x1}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000010000e1250000008600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x4d5}, 0x48)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="20008000000000fc00"], 0x20}}, 0x0)
bind$bt_hci(r4, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r4, &(0x7f0000000000)=ANY=[@ANYBLOB="4c00030007"], 0xd)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f00000000c0)=r7, 0x4)
symlinkat(&(0x7f0000000400)='./file0\x00', r1, &(0x7f0000000440)='./file0\x00')
sendmsg$unix(r6, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

337.673732ms ago: executing program 0 (id=952):
mkdir(0x0, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200))
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r0, &(0x7f0000000540)=[{&(0x7f00000001c0)="00214717a70200000000000000710afb5d62e9346aa9", 0x16}], 0x1, 0x0, 0x0)

270.814247ms ago: executing program 4 (id=953):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00')
fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000040), &(0x7f0000000080), 0x2, 0x2)

270.640237ms ago: executing program 4 (id=954):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="02000000050000f58604"])

270.556828ms ago: executing program 0 (id=955):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCGPTLCK(r0, 0x80045439, &(0x7f0000000000))

259.193448ms ago: executing program 0 (id=956):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000a40)=""/44, 0x25)
getdents(r1, &(0x7f0000000080)=""/42, 0x2a)

242.641929ms ago: executing program 0 (id=957):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x800000, &(0x7f0000000100)=ANY=[@ANYBLOB='nobarrier,mode=lfs,fsync_mode=strict\x00acl,\x00'], 0x1, 0x552d, &(0x7f000000d000)="$eJzs3M1rI2UYAPAn7Xa7X65FPHjbgUVoYRM23Q/0VnUXP7BLWfXgSdMkDdlNMqVJ09qTB4/iwf9EFDx59G/w4NmbeFC8CUpmJrpdFVybtN3294PJM/PmnWeeN5TCMxMSwKm1kPz6cykux/mImI2ISxHZfqnYMit5eCEirkTEzCNbqRj/c+BsRFyIiMtxbnx6qXjr82vDq7d+euuXb76bP3Pxi6+/P5IFA8fCixHR3cz3d7p5TFt5fFCM14btLHZvDouYv9F9WBynedxprmcZdmrjebUs3mjl89PN7f4obnRq9VFstTey8c1efsH+sDXOk53woLaVHTea61ls99Mstvbyunb38v+Xe/1BnqdR5PsoSx+DwTjm483dZr6ezYdZrPcGxXieN200d0dxWMTiclFPO42sjvWDfNLH29vt3vZuMmxu9dtpL7lVqb5Uqd4uV7fSRnPQvFmudRu3byaLrc5oWnnQrHVXWmna6jQr9bS7lCy26vVytZos3mmut2u9pFqt3KhcL99aKvauJa/fey/pNJLFUXy13dsetDv9ZCPdSvIzlpLlyo2Xl5Kr1eSd1bVk7f7du6tr735w5/17r6y++Vox6W9lJYvL15eXy9Xr5eXq0ila/ydF0RNcPxxI6cmmz0+rDoCnyBT7/4iFPKf+H3jc9Pr/rfsR0+//Q/8/EU9V/3va+/8prB8O5An7fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATo4f5r58I9tZyI8vFuPPFEPPFceliJiJiN//wWyc3Zdztsgz9y/z5x6r4dtSZBlG15gvtgsRsVJsvz077U8BAAAATq6vPr7yWd6t5y8LR10Qhym/aTNz6cMJ5StFxNzCjxPKNjN6eX5CybK/7zOxO6Fs2Q2scxNKlt9yOzOpbP/J7L5w7pFQysPMoZYDAAAciv2dwOF2IQAAABymT4+6AI5GKcaPMsfPgrNv3v/1QPD8viMAAADgKM3/v9NKk64DAAAAOHay/t/v/wEAAMDJlv/+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAHO3eUozQQxwH435YKikZifDTxKPoGx/AIPvpoOICX4Ah4BS/AGfDNIxjY0OmSZcNudtNp2d18X9IO0ww/Zgg8zEwyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQp7/1evH75+dfXXN2+27yjAYAAAA4Z1uvF82LWapP2+fv2kcf2noREWVEnJu7V/HqJLOKiE8RUd/Rvr7Vhz8RTcLhM8bt9SYivrbX//d9fwsAAADwcm2Wq3marafb7NIdYkhp0aZ8+y1TXhER9exfprTykPcxU1jz+x7Fj0xpzQLWJFNYWnIb5Up7kObvfly1m9woilSU978/29gBAIABVSfFsLMQAAAAhvT9cPty6V7QXfW45kVcb2UetwLHqWi3916f1AAAAIBnqLh0BwAAAIDeNfP/vs7/mzr/DwAAAJ6EdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfdrW68VmuZp3zdntu8kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAK/bnHQVCIAzCYO/6zmTuf1hp0NTUpAqEj78xGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42J/fDIhhKIqjd2Yy/75V9r/YuqS6hCrnEH7yJDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABu5H/EY50zXo0tyUjybLx7PZN8Omp8O2r8+mCuD8e8cCMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY2bmf1ziqOADgb2Z2tmlVXKPkEBELHvRi021t7U08KMGDf4IQ0m2N3fqjzcGWIuTiTXLuRfQoIijx1v+h5xZ6qbcecqjguTK/kpc04KpkZtP9fODN+84wmfd9sxDynTdZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYY/v93TgrNoMqTutj9x7fWi36+/v6wp3NB4tFK+KkzaSPhtfinWQh2plrPxkAAABmQ9bU9yGEh/nWctGng7L+z5tzipr/hxequKnn99f9Td/U/kX7/bdHr+wMNKjGKS56aW08Ov10Kr3Dm+V0e/Efz+iVd7589pKVH0j60cbL23l5P5Pv7t79oF+Gx9rIFgD4L041fR00fw8V/bDLxACYGb2o8G7q/2zQbU4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbdjeCM81cRJCWOztxoX7j2+tHtTf2Xyw2LTzt29vxtcsLpGHEC6tjUenw1yLs5lu12/cvLIyHo+utR+8HkLoavT36ulf+WSCk0M4pDROdnTnZyxI6w97WvI5GkGHv5QAAHgm5XUr6vqH+dZycSyZD+HJj3vr/zejOExY/z/69Py9eKy4/h+2NsPpt7R+9cul6zduvr12deXy6PLo83fODN8dnr1w7tyFpfJZSbXtOk0AAACOsH7d4vo/nX96/f9EFIcJ6/+vvh9+E4+Vqf8PtLvo13UmAAAAs+2lk3/9mRxwPOn3w9cr6+vXhtV2Z/9Mte0g1X/tWN3i+j+b7zorAAAAoA3bG8me9f+LURwmXP9//qdXf4mvmYUQjtfr/6dWvxhfbG86U+1//Idw6E34413PEQAAgHY92fciw/G6xev/efn+f7pzZhpCeOuNKq6/BnCi+j/78Nuf47Hi9//PHvI8p126UN2Psl8IobfQdUYAAAA8y+bKNijr/z/yreXPfj3xcd/7/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABt+zsAAP//RP895g==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1817c1, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_queued_recursive\x00', 0x26e1, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0)

186.039794ms ago: executing program 3 (id=958):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x11, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB], 0x3c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x4000000, '\x00', 0x0, 0x0}, 0x48)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000300)={0x8, 'veth1_to_bond\x00', {'dummy0\x00'}, 0x6})
openat$null(0xffffffffffffff9c, &(0x7f0000000340), 0xcc0, 0x0)
openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000001100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = add_key(&(0x7f0000000080)='user\x00', &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000040)='9', 0x1, 0xfffffffffffffffc)
keyctl$chown(0x4, r4, 0xee00, 0xffffffffffffffff)
keyctl$chown(0x4, r4, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

185.850974ms ago: executing program 4 (id=959):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000600)='./bus\x00', 0x1c14744, &(0x7f0000000100), 0xff, 0x490, &(0x7f0000000f40)="$eJzs3M9vFFUcAPDvTLf8VFoRf4AkVtHY+KOlBZSDHjSaeNBEowc81rYQZKGG1kQI0WIMHg2Jd+PRxL/Akyejnky8eNC7ISFKTAAvrpndmba77lT6cxf380kW3tt5M+99++btvr632wB61lD2TxJxR0T8EhEDjWxzgaHGfzeuXZi8ee3CZBK12hu/J/Vy169dmCyKFuftzDPDaUT6cZJX0mz23PlTE9Xq9Nk8Pzp3+t3R2XPnnzp5euLE9InpM+NHjx4+NPbM0+NHms47sso4s/iu7/tgZv/el9+6/Orksctvf/9V1t40P740jvUylAX+R62u9dij611Zh/1dW4wzqXS6NdyqvojIuqu/Pv4Hoi8WO28gXvqoo40DNlT2mr21/PB8DfgfS6LTLQA6o3ijz37/zR/9mzT16ApXn2/8ApTFfiN/NI5UFtYGNvIHMhQRx+b/+jx7RMs6RK3NugEAwFp9k81/nmya/+XzjzTuXVJuV743NBgRd0XE7oi4OyL2RMQ9EfWy90XE/Susv3Vr6N/7MOmVVQV2i7L537P53lbz/K+Y/cVgX567sx5/f3L8ZHX6YP4zGY7+rVl+rN3Fi0u8+NOnZfUvnf9lj6z+Yi6YX+RKpWWBbmpibmK9JqVXL0bsq7SLP1nYCUgiYm9E7FvZpXcViZOPf7m/rNB/x7+Mddhnqn0R8Vij/+ejJf5Csvz+5Oi2qE4fHG3cFX1t6vjhx0uvldW/pvjXQdb/O5rv/5YSA38mS/drZ1dex6VfPyndW62s8v7fkrxZ39Pdkj/3/sTc3NmxiC3JK/V80/Pji+cW+aJ8Fv/wgfbjf3d+Thb/AxGxP+LnYtg9mPfdQxHxcEQcWCb+71545J2yY93Q/1NtX/8W7v/B5v5feaLv1Ldfl9XfGn+S5xdLZP1/uJ4azp+pv/7ltpdct7w52/ISq72bAQAA4PaT1j8bn6QjC+k0HRlpfIZ/T+xIqzOzc08cn3nvzFTjM/SD0Z8W658DS9ZDx5L5/IqN/Hi+VlwcP5SvG3/Wtz1Jojo9MjlTnepw7NDrdpaM/8xv7RazI+K5TW0hsKF8Xwt6V+v4TzvUDmDzef+H3mX8Q+8y/qF3FeP/9SXPfdhSpmQvALjNef+H3mX8Q+9aGP8XO9sOYPN5/4ee1O5L8sXfOFjDV/7XlKgs8+39Lk0Uq6Pd0p5TSURsbBWRdkekpYnI/4hFt7Rn5YmbtVWeXllmdN9qojOvRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOvtnwAAAP//aP7lHQ==")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x4, 0x4, 0x4, 0x0, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008230000b7040000000000008500000001000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000060ff850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

185.716434ms ago: executing program 3 (id=960):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r1}, 0x10)
setitimer(0x0, 0x0, 0x0)

138.193328ms ago: executing program 3 (id=961):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x19)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETAF(r4, 0x5408, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "571a0a0da4c642c2"})
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0xfffffffe, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
openat$incfs(r5, &(0x7f0000000080)='.pending_reads\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0x80106725, 0x0)
r6 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000000)=0x1a)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000000)=0x4547, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

0s ago: executing program 2 (id=962):
syz_open_procfs$namespace(0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x0, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000840))
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), 0xffffffffffffffff)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3)
syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(0xffffffffffffffff)
syz_open_procfs(r1, &(0x7f0000000240)='fd/3\x00')
mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, 0x0)
unshare(0x0)

kernel console output (not intermixed with test programs):

ady
[  117.723225][ T2225] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  117.723692][ T1283] usbhid 1-1:0.0: can't add hid device: -71
[  117.737408][ T2367] EXT4-fs (loop1): Test dummy encryption mode enabled
[  117.749804][ T1283] usbhid: probe of 1-1:0.0 failed with error -71
[  117.761855][ T2225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  117.767331][ T1283] usb 1-1: USB disconnect, device number 16
[  117.775794][ T2367] EXT4-fs (loop1): Test dummy encryption mode enabled
[  117.790317][ T2369] 9pnet: Insufficient options for proto=fd
[  117.794697][ T2354] device veth0_vlan entered promiscuous mode
[  117.796896][ T2367] EXT4-fs (loop1): Ignoring removed orlov option
[  117.804827][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  117.817664][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  117.826698][ T2367] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  117.829962][ T2369] loop2: detected capacity change from 0 to 2048
[  117.855151][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  117.873381][ T2354] device veth1_macvtap entered promiscuous mode
[  117.880416][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  117.892839][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  117.910358][ T2369] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  117.921324][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  117.930529][ T2369] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038 (0x7fffffff)
[  117.946879][    T8] device veth1_macvtap left promiscuous mode
[  117.959661][    T8] device veth0_vlan left promiscuous mode
[  118.112515][ T2381] loop3: detected capacity change from 0 to 256
[  118.125275][ T2369] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.553: bg 0: block 288: padding at end of block bitmap is not set
[  118.140446][ T2369] fs-verity (loop2, inode 13): ext4_end_enable_verity() failed with err -117
[  118.156897][ T2381] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  118.279031][ T2386] loop1: detected capacity change from 0 to 512
[  118.289048][  T713] usb 5-1: USB disconnect, device number 17
[  118.317097][ T2386] EXT4-fs (loop1): Ignoring removed bh option
[  118.327491][ T2386] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  118.381602][ T2388] loop4: detected capacity change from 0 to 1024
[  118.444312][ T2388] EXT4-fs (loop4): Test dummy encryption mode enabled
[  118.447828][ T1283] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  118.503472][ T2388] EXT4-fs (loop4): Test dummy encryption mode enabled
[  118.513306][ T2388] EXT4-fs (loop4): Ignoring removed orlov option
[  118.536778][ T2388] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  118.827234][ T2395] loop2: detected capacity change from 0 to 512
[  118.892826][ T2395] EXT4-fs (loop2): 1 truncate cleaned up
[  118.899111][ T1283] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.940450][ T2395] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  119.094394][ T1283] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.105599][ T1283] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  119.114461][ T1283] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.146555][ T2407] loop3: detected capacity change from 0 to 1024
[  119.161833][ T2407] EXT4-fs (loop3): Test dummy encryption mode enabled
[  119.168808][ T2407] EXT4-fs (loop3): Test dummy encryption mode enabled
[  119.327715][ T1283] usb 1-1: config 0 descriptor??
[  119.346100][ T2407] EXT4-fs (loop3): Ignoring removed orlov option
[  119.401151][  T325] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  119.421162][ T2407] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  119.556216][ T2414] loop3: detected capacity change from 0 to 512
[  119.601832][ T2414] EXT4-fs (loop3): 1 truncate cleaned up
[  119.607498][ T2414] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  119.734613][  T747] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  119.829464][ T1283] hid-multitouch 0003:1FD2:6007.0015: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.0-1/input0
[  120.042637][  T325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  120.054827][  T325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  120.061444][ T1283] usb 1-1: USB disconnect, device number 17
[  120.067179][  T325] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  120.085835][  T325] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.097118][  T325] usb 5-1: config 0 descriptor??
[  120.144235][  T747] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  120.155041][  T747] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  120.164667][  T747] usb 2-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  120.173588][  T747] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.182158][  T747] usb 2-1: config 0 descriptor??
[  120.325940][ T2400] UDC core: couldn't find an available UDC or it's busy: -16
[  120.333220][ T2400] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  120.363181][ T2225] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  120.436146][ T2411] UDC core: couldn't find an available UDC or it's busy: -16
[  120.444262][ T2411] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  120.494850][ T2426] 9pnet: Insufficient options for proto=fd
[  120.509988][ T2426] loop3: detected capacity change from 0 to 2048
[  120.565370][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  120.579866][ T2426] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  120.591410][ T2426] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038 (0x7fffffff)
[  120.605228][ T2433] loop0: detected capacity change from 0 to 1024
[  120.650413][ T2433] EXT4-fs (loop0): Test dummy encryption mode enabled
[  120.657181][ T2433] EXT4-fs (loop0): Test dummy encryption mode enabled
[  120.664311][ T2433] EXT4-fs (loop0): Ignoring removed orlov option
[  120.673854][  T325] usbhid 5-1:0.0: can't add hid device: -71
[  120.679780][  T325] usbhid: probe of 5-1:0.0 failed with error -71
[  120.684395][ T2433] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  120.686847][  T325] usb 5-1: USB disconnect, device number 18
[  120.801720][  T747] usbhid 2-1:0.0: can't add hid device: -71
[  120.817338][  T747] usbhid: probe of 2-1:0.0 failed with error -71
[  120.831368][  T747] usb 2-1: USB disconnect, device number 20
[  120.972356][ T2225] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  120.983903][ T2225] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  120.994035][ T2225] usb 3-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00
[  121.002928][ T2225] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.011731][ T2225] usb 3-1: config 0 descriptor??
[  121.039162][ T2440] loop0: detected capacity change from 0 to 512
[  121.050146][ T2225] usbhid 3-1:0.0: can't add hid device: -22
[  121.055895][ T2225] usbhid: probe of 3-1:0.0 failed with error -22
[  121.097338][ T2440] EXT4-fs (loop0): Ignoring removed bh option
[  121.103441][ T2440] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[  121.132186][ T2444] loop4: detected capacity change from 0 to 256
[  121.158247][ T2444] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  121.166085][ T2440] incfs: Error accessing: ./file0.
[  121.176627][ T2440] incfs: mount failed -20
[  121.298516][ T2448] loop1: detected capacity change from 0 to 1024
[  121.462521][ T2310] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 288: padding at end of block bitmap is not set
[  121.481881][ T2448] EXT4-fs (loop1): Test dummy encryption mode enabled
[  121.549181][ T2448] EXT4-fs (loop1): Test dummy encryption mode enabled
[  121.556920][ T2448] EXT4-fs (loop1): Ignoring removed orlov option
[  121.609705][ T2448] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  121.905772][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  122.043884][ T2470] loop1: detected capacity change from 0 to 1024
[  122.084863][ T2470] EXT4-fs (loop1): Test dummy encryption mode enabled
[  122.091904][ T2470] EXT4-fs (loop1): Test dummy encryption mode enabled
[  122.098628][ T2470] EXT4-fs (loop1): Ignoring removed orlov option
[  122.107269][ T2470] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  122.116736][ T2225] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  122.240208][ T2480] loop1: detected capacity change from 0 to 512
[  122.279151][ T2480] EXT4-fs (loop1): Ignoring removed bh option
[  122.285304][ T2480] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  122.354851][  T311] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  122.375046][ T2480] incfs: Error accessing: ./file0.
[  122.380030][ T2480] incfs: mount failed -20
[  122.459611][  T310] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  122.488302][ T2225] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  122.499342][ T2225] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  122.509036][ T2225] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  122.518119][ T2225] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.527828][ T2225] usb 1-1: config 0 descriptor??
[  122.669225][  T313] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  122.717019][  T311] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  122.727979][  T311] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  122.737558][  T311] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  122.746410][  T311] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.754763][  T311] usb 5-1: config 0 descriptor??
[  122.803059][  T310] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  122.813829][  T310] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  122.823352][  T310] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  122.832192][  T310] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.840608][  T310] usb 4-1: config 0 descriptor??
[  122.917065][  T313] usb 2-1: Using ep0 maxpacket: 16
[  122.967691][ T1283] usb 3-1: USB disconnect, device number 16
[  122.987668][ T2225] hid-multitouch 0003:1FD2:6007.0016: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.0-1/input0
[  123.011507][ T2472] UDC core: couldn't find an available UDC or it's busy: -16
[  123.018884][ T2472] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  123.070655][ T2478] UDC core: couldn't find an available UDC or it's busy: -16
[  123.077921][ T2478] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  123.085288][  T313] usb 2-1: config 0 has no interfaces?
[  123.177732][  T325] usb 1-1: USB disconnect, device number 18
[  123.250952][  T313] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  123.259895][  T313] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.267664][  T313] usb 2-1: Product: syz
[  123.271678][  T313] usb 2-1: Manufacturer: syz
[  123.276051][  T313] usb 2-1: SerialNumber: syz
[  123.281539][  T313] r8152-cfgselector 2-1: config 0 descriptor??
[  123.412562][  T310] usbhid 4-1:0.0: can't add hid device: -71
[  123.414778][  T311] usbhid 5-1:0.0: can't add hid device: -71
[  123.418597][  T310] usbhid: probe of 4-1:0.0 failed with error -71
[  123.424552][  T311] usbhid: probe of 5-1:0.0 failed with error -71
[  123.431750][  T310] usb 4-1: USB disconnect, device number 17
[  123.441600][  T311] usb 5-1: USB disconnect, device number 19
[  123.517435][  T313] r8152-cfgselector 2-1: Unknown version 0x0000
[  123.524299][  T313] r8152-cfgselector 2-1: USB disconnect, device number 21
[  123.685544][ T2492] loop0: detected capacity change from 0 to 512
[  123.719069][ T2492] EXT4-fs (loop0): Ignoring removed bh option
[  123.725205][ T2492] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[  123.816670][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  123.846007][ T2496] loop4: detected capacity change from 0 to 1024
[  123.854490][ T2498] loop3: detected capacity change from 0 to 256
[  123.899461][ T2496] EXT4-fs (loop4): Test dummy encryption mode enabled
[  123.912539][ T2496] EXT4-fs (loop4): Test dummy encryption mode enabled
[  123.921384][ T2496] EXT4-fs (loop4): Ignoring removed orlov option
[  123.922251][ T2498] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  123.932805][ T2496] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  124.045316][ T2506] loop1: detected capacity change from 0 to 1024
[  124.069873][ T2506] EXT4-fs (loop1): Test dummy encryption mode enabled
[  124.074836][ T2511] loop0: detected capacity change from 0 to 512
[  124.077203][ T2506] EXT4-fs (loop1): Test dummy encryption mode enabled
[  124.089776][ T2506] EXT4-fs (loop1): Ignoring removed orlov option
[  124.102192][ T2506] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  124.138573][ T2511] EXT4-fs (loop0): Ignoring removed bh option
[  124.184639][ T2511] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[  124.194034][  T310] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  124.209017][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  124.283548][ T2511] incfs: Error accessing: ./file0.
[  124.305430][ T2511] incfs: mount failed -20
[  124.347637][ T2517] loop4: detected capacity change from 0 to 512
[  124.556573][  T310] usb 3-1: too many configurations: 65, using maximum allowed: 8
[  124.604861][ T2517] EXT4-fs (loop4): 1 truncate cleaned up
[  124.612992][ T2517] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  125.135027][ T2522] loop1: detected capacity change from 0 to 40427
[  125.204515][ T2522] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  125.212229][ T2522] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  125.222328][ T2522] F2FS-fs (loop1): invalid crc value
[  125.229032][ T2522] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  125.248810][ T2522] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  125.274076][ T2522] F2FS-fs (loop1): recover fsync data on readonly fs
[  125.280988][ T2522] F2FS-fs (loop1): Try to recover 1th superblock, ret: -30
[  125.288160][ T2522] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  125.375562][ T1283] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  125.390439][ T2540] loop1: detected capacity change from 0 to 1024
[  125.452486][ T2540] EXT4-fs (loop1): Test dummy encryption mode enabled
[  125.459491][ T2540] EXT4-fs (loop1): Test dummy encryption mode enabled
[  125.466292][ T2540] EXT4-fs (loop1): Ignoring removed orlov option
[  125.474297][ T2540] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  125.556837][  T310] usb 3-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  125.565817][  T310] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.606153][ T2546] loop1: detected capacity change from 0 to 512
[  125.661917][ T2546] EXT4-fs (loop1): Ignoring removed bh option
[  125.667934][ T2546] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  125.785781][ T1283] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.796951][ T1283] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.807859][ T1283] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  125.833373][ T1283] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.849561][ T1283] usb 4-1: config 0 descriptor??
[  125.863159][ T2551] loop1: detected capacity change from 0 to 1024
[  125.947790][ T2551] EXT4-fs (loop1): Test dummy encryption mode enabled
[  125.954649][ T2551] EXT4-fs (loop1): Test dummy encryption mode enabled
[  125.961373][ T2551] EXT4-fs (loop1): Ignoring removed orlov option
[  125.969565][ T2551] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  126.009920][ T2556] loop4: detected capacity change from 0 to 512
[  126.033716][  T310] usb 3-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  126.040571][ T2225] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  126.048147][  T310] usb 3-1: No valid video chain found.
[  126.053604][ T2556] EXT4-fs (loop4): Ignoring removed bh option
[  126.064425][ T2556] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  126.091452][ T2532] UDC core: couldn't find an available UDC or it's busy: -16
[  126.098765][ T2532] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  126.118611][ T2559] loop1: detected capacity change from 0 to 512
[  126.205437][ T2559] EXT4-fs (loop1): Ignoring removed bh option
[  126.211499][ T2559] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  126.260724][ T2556] incfs: Error accessing: ./file0.
[  126.265840][ T2556] incfs: mount failed -20
[  126.309603][ T2564] loop4: detected capacity change from 0 to 256
[  126.314123][ T2559] incfs: Error accessing: ./file0.
[  126.321353][ T2559] incfs: mount failed -20
[  126.333916][  T310] usb 3-1: USB disconnect, device number 17
[  126.368148][ T2564] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  126.447977][ T2225] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  126.452651][ T1283] usbhid 4-1:0.0: can't add hid device: -71
[  126.459185][ T2225] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  126.474419][ T2225] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  126.476316][ T1283] usbhid: probe of 4-1:0.0 failed with error -71
[  126.483331][ T2225] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.491255][ T1283] usb 4-1: USB disconnect, device number 18
[  126.513520][ T2225] usb 1-1: config 0 descriptor??
[  126.743859][ T2549] UDC core: couldn't find an available UDC or it's busy: -16
[  126.751293][ T2549] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  127.119588][ T2225] usbhid 1-1:0.0: can't add hid device: -71
[  127.125533][ T2225] usbhid: probe of 1-1:0.0 failed with error -71
[  127.136127][ T2225] usb 1-1: USB disconnect, device number 19
[  127.199385][ T2578] loop3: detected capacity change from 0 to 8192
[  127.234238][ T2578]  loop3: p2 p3 p4
[  127.238818][ T2578] loop3: p2 start 452985600 is beyond EOD, truncated
[  127.245371][ T2578] loop3: p3 start 4177527808 is beyond EOD, truncated
[  127.252134][ T2578] loop3: p4 size 3599499392 extends beyond EOD, truncated
[  127.529201][  T747] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  127.586598][ T2589] loop0: detected capacity change from 0 to 1024
[  127.644047][ T2589] EXT4-fs (loop0): Test dummy encryption mode enabled
[  127.650837][ T2589] EXT4-fs (loop0): Test dummy encryption mode enabled
[  127.657543][ T2589] EXT4-fs (loop0): Ignoring removed orlov option
[  127.665709][ T2589] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  127.745709][ T2593] loop1: detected capacity change from 0 to 1024
[  127.757967][  T747] usb 4-1: Using ep0 maxpacket: 16
[  127.772861][ T2596] loop4: detected capacity change from 0 to 512
[  127.787803][ T2593] EXT4-fs (loop1): Test dummy encryption mode enabled
[  127.795322][ T2593] EXT4-fs (loop1): Test dummy encryption mode enabled
[  127.805413][ T2596] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  127.807317][ T2593] EXT4-fs (loop1): Ignoring removed orlov option
[  127.820350][ T2596] EXT4-fs error (device loop4): __ext4_iget:4892: inode #11: block 1: comm syz.4.623: invalid block
[  127.821744][ T2598] loop0: detected capacity change from 0 to 512
[  127.832704][ T2593] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  127.837692][ T2596] EXT4-fs (loop4): Remounting filesystem read-only
[  127.870471][ T2596] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.623: couldn't read orphan inode 11 (err -117)
[  127.882301][ T2596] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,errors=continue,max_dir_size_kb=0x0000000000000009,data_err=abort,errors=remount-ro,noinit_itable,mblk_io_submit,i_version,acl,. Quota mode: none.
[  127.910459][  T747] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.929901][  T747] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.948646][  T747] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  127.964685][ T2598] EXT4-fs (loop0): Ignoring removed bh option
[  127.970974][  T747] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  127.977796][ T2598] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[  127.980438][  T747] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.000064][ T2602] FAULT_INJECTION: forcing a failure.
[  128.000064][ T2602] name failslab, interval 1, probability 0, space 0, times 0
[  128.013430][ T2602] CPU: 0 PID: 2602 Comm: syz.4.623 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0
[  128.014255][  T747] usb 4-1: config 0 descriptor??
[  128.023159][ T2602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  128.023187][ T2602] Call Trace:
[  128.023194][ T2602]  <TASK>
[  128.023203][ T2602]  dump_stack_lvl+0x151/0x1b7
[  128.023237][ T2602]  ? io_uring_drop_tctx_refs+0x190/0x190
[  128.053713][ T2602]  ? __ia32_sys_msync+0x90/0x90
[  128.058402][ T2602]  dump_stack+0x15/0x17
[  128.062402][ T2602]  should_fail+0x3c6/0x510
[  128.066642][ T2602]  ? mempool_free+0x310/0x310
[  128.071434][ T2602]  __should_failslab+0xa4/0xe0
[  128.076031][ T2602]  ? mempool_alloc_slab+0x1d/0x30
[  128.080891][ T2602]  should_failslab+0x9/0x20
[  128.085230][ T2602]  slab_pre_alloc_hook+0x37/0xd0
[  128.090098][ T2602]  ? mempool_free+0x310/0x310
[  128.094605][ T2602]  ? mempool_alloc_slab+0x1d/0x30
[  128.099468][ T2602]  kmem_cache_alloc+0x44/0x200
[  128.104151][ T2602]  ? mempool_free+0x310/0x310
[  128.108664][ T2602]  mempool_alloc_slab+0x1d/0x30
[  128.113357][ T2602]  mempool_alloc+0x149/0x550
[  128.117783][ T2602]  ? try_to_unmap+0x310/0x310
[  128.122440][ T2602]  ? down_read_trylock+0x1f9/0x300
[  128.127375][ T2602]  ? mempool_resize+0x840/0x840
[  128.132063][ T2602]  ? flush_tlb_func+0x372/0x550
[  128.136755][ T2602]  bio_alloc_bioset+0x12a/0x950
[  128.141437][ T2602]  __swap_writepage+0x14c/0xf50
[  128.146124][ T2602]  ? madvise_free_pte_range+0x1470/0x1470
[  128.151685][ T2602]  ? swap_writepage+0x70/0x70
[  128.156190][ T2602]  ? _raw_spin_lock+0xa4/0x1b0
[  128.160792][ T2602]  ? _raw_spin_trylock_bh+0x190/0x190
[  128.166001][ T2602]  ? __kasan_check_read+0x11/0x20
[  128.170860][ T2602]  ? _raw_spin_unlock+0x4d/0x70
[  128.175556][ T2602]  ? page_swapcount+0x24c/0x340
[  128.180232][ T2602]  ? try_to_free_swap+0x27a/0x620
[  128.185097][ T2602]  ? arch_tlbbatch_flush+0x21d/0x2d0
[  128.190243][ T2602]  swap_writepage+0x56/0x70
[  128.194553][ T2602]  shrink_page_list+0x3800/0x5c50
[  128.199430][ T2602]  ? reclaim_clean_pages_from_list+0x9d0/0x9d0
[  128.205402][ T2602]  ? __kernel_text_address+0x9b/0x110
[  128.210613][ T2602]  ? unwind_get_return_address+0x4d/0x90
[  128.216082][ T2602]  ? stack_trace_save+0x113/0x1c0
[  128.221024][ T2602]  ? stack_trace_snprint+0xf0/0xf0
[  128.225972][ T2602]  ? __stack_depot_save+0x20/0x470
[  128.230924][ T2602]  reclaim_pages+0x631/0x9e0
[  128.235347][ T2602]  ? isolate_lru_page+0xa80/0xa80
[  128.240218][ T2602]  ? _raw_spin_unlock_irq+0x4e/0x70
[  128.245239][ T2602]  madvise_cold_or_pageout_pte_range+0x139b/0x1c20
[  128.251599][ T2602]  ? put_page+0xc0/0xc0
[  128.255570][ T2602]  ? release_pages+0x1310/0x1370
[  128.260341][ T2602]  ? syscall_exit_to_user_mode+0x130/0x160
[  128.265993][ T2602]  walk_pgd_range+0xb26/0x1400
[  128.270592][ T2602]  walk_page_range+0x4d1/0x670
[  128.275190][ T2602]  ? page_mapped_in_vma+0x510/0x510
[  128.280221][ T2602]  ? __kasan_check_write+0x14/0x20
[  128.285181][ T2602]  ? tlb_gather_mmu+0x249/0x310
[  128.289859][ T2602]  do_madvise+0x249a/0x2bf0
[  128.294192][ T2602]  ? _kstrtoull+0x3a0/0x4a0
[  128.298533][ T2602]  ? madvise_set_anon_name+0x4a0/0x4a0
[  128.303832][ T2602]  ? __kasan_check_write+0x14/0x20
[  128.308780][ T2602]  ? proc_fail_nth_write+0x20b/0x290
[  128.313892][ T2602]  ? selinux_file_permission+0x2c4/0x570
[  128.319372][ T2602]  ? proc_fail_nth_read+0x210/0x210
[  128.324395][ T2602]  ? fsnotify_perm+0x6a/0x5d0
[  128.328911][ T2602]  ? vfs_write+0x9ec/0x1110
[  128.333271][ T2602]  ? file_end_write+0x1c0/0x1c0
[  128.338031][ T2602]  ? __kasan_check_write+0x14/0x20
[  128.342978][ T2602]  ? mutex_unlock+0xb2/0x260
[  128.347411][ T2602]  ? wait_for_completion_killable_timeout+0x10/0x10
[  128.353842][ T2602]  ? __mutex_lock_slowpath+0x10/0x10
[  128.359325][ T2602]  ? __kasan_check_write+0x14/0x20
[  128.364230][ T2602]  ? fput_many+0x160/0x1b0
[  128.368486][ T2602]  ? fput+0x1a/0x20
[  128.372126][ T2602]  ? ksys_write+0x260/0x2c0
[  128.376903][ T2602]  ? debug_smp_processor_id+0x17/0x20
[  128.382108][ T2602]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  128.388012][ T2602]  __x64_sys_madvise+0xa8/0xc0
[  128.392610][ T2602]  do_syscall_64+0x3d/0xb0
[  128.396866][ T2602]  ? sysvec_call_function_single+0x52/0xb0
[  128.402592][ T2602]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  128.408450][ T2602] RIP: 0033:0x7fee4f19dbd9
[  128.412694][ T2602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.432227][ T2602] RSP: 002b:00007fee4e3fe048 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  128.440466][ T2602] RAX: ffffffffffffffda RBX: 00007fee4f32c038 RCX: 00007fee4f19dbd9
[  128.448281][ T2602] RDX: 0000000000000015 RSI: 0000000000800000 RDI: 0000000020000000
[  128.456096][ T2602] RBP: 00007fee4e3fe0a0 R08: 0000000000000000 R09: 0000000000000000
[  128.463902][ T2602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.471957][ T2602] R13: 000000000000006e R14: 00007fee4f32c038 R15: 00007ffeb8d2fe58
[  128.479769][ T2602]  </TASK>
[  128.642684][ T2598] incfs: Error accessing: ./file0.
[  128.647777][ T2598] incfs: mount failed -20
[  128.831743][   T30] kauditd_printk_skb: 32 callbacks suppressed
[  128.831759][   T30] audit: type=1400 audit(1720821478.424:344): avc:  denied  { mount } for  pid=2612 comm="syz.1.626" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  128.883342][ T2617] loop4: detected capacity change from 0 to 256
[  128.890101][ T2619] loop1: detected capacity change from 0 to 512
[  128.897744][ T2617] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  128.911950][  T747] microsoft 0003:045E:07DA.0017: unknown main item tag 0x0
[  128.920220][  T747] microsoft 0003:045E:07DA.0017: item 0 4 0 8 parsing failed
[  128.927706][  T747] microsoft 0003:045E:07DA.0017: parse failed
[  128.933701][  T747] microsoft: probe of 0003:045E:07DA.0017 failed with error -22
[  128.971731][ T2619] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  128.978232][ T2225] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  128.983943][ T2619] EXT4-fs (loop1): mount failed
[  129.101239][ T2619] loop1: detected capacity change from 0 to 256
[  129.164420][ T2619] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  129.924958][ T2625] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  130.162486][ T2225] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  130.173220][ T2225] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  130.182831][ T2225] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  130.206288][ T2225] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.239551][ T2225] usb 1-1: config 0 descriptor??
[  130.244611][  T747] usb 4-1: USB disconnect, device number 19
[  130.262223][ T2630] loop4: detected capacity change from 0 to 1024
[  130.289399][  T100]  loop3: p2 p3 p4
[  130.293761][  T100] loop3: p2 start 452985600 is beyond EOD, truncated
[  130.308994][  T100] loop3: p3 start 4177527808 is beyond EOD, truncated
[  130.322204][ T2630] EXT4-fs (loop4): Test dummy encryption mode enabled
[  130.330854][  T100] loop3: p4 size 3599499392 extends beyond EOD, truncated
[  130.331411][ T2630] EXT4-fs (loop4): Test dummy encryption mode enabled
[  130.344740][ T2630] EXT4-fs (loop4): Ignoring removed orlov option
[  130.353224][ T2630] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  130.494001][ T2611] UDC core: couldn't find an available UDC or it's busy: -16
[  130.501268][ T2611] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  130.673807][  T325] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  130.836250][ T2225] usbhid 1-1:0.0: can't add hid device: -71
[  130.836900][ T2642] loop2: detected capacity change from 0 to 512
[  130.842019][ T2225] usbhid: probe of 1-1:0.0 failed with error -71
[  130.855787][ T2225] usb 1-1: USB disconnect, device number 20
[  130.916608][ T2642] EXT4-fs (loop2): Ignoring removed bh option
[  130.932465][ T2642] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  131.017358][  T325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  131.035911][  T325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  131.057487][  T325] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  131.083995][  T325] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.092726][  T325] usb 5-1: config 0 descriptor??
[  131.157605][ T2642] incfs: Error accessing: ./file0.
[  131.179521][ T2642] incfs: mount failed -20
[  131.323737][ T2656] loop3: detected capacity change from 0 to 256
[  131.402505][ T2656] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  131.762452][  T325] hid-multitouch 0003:1FD2:6007.0018: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.4-1/input0
[  131.787710][  T325] usb 5-1: USB disconnect, device number 20
[  132.298280][ T2671] loop4: detected capacity change from 0 to 512
[  132.362868][ T2671] EXT4-fs (loop4): corrupt root inode, run e2fsck
[  132.401498][ T2671] EXT4-fs (loop4): mount failed
[  132.411042][ T2667] loop1: detected capacity change from 0 to 40427
[  132.429273][ T2667] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  132.436995][ T2667] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  132.467322][ T2674] loop3: detected capacity change from 0 to 1024
[  132.474347][ T2667] F2FS-fs (loop1): invalid crc value
[  132.480830][ T2667] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  132.492932][ T2667] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  132.497221][ T2674] EXT4-fs (loop3): Test dummy encryption mode enabled
[  132.507777][ T2671] loop4: detected capacity change from 0 to 256
[  132.508640][ T2674] EXT4-fs (loop3): Test dummy encryption mode enabled
[  132.528212][ T2674] EXT4-fs (loop3): Ignoring removed orlov option
[  132.540083][ T2671] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  132.546183][ T2667] F2FS-fs (loop1): recover fsync data on readonly fs
[  132.562786][ T2667] F2FS-fs (loop1): Try to recover 1th superblock, ret: -30
[  132.570042][ T2667] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  132.586601][ T2674] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  132.702656][ T2685] loop2: detected capacity change from 0 to 512
[  132.754251][   T45] device bridge_slave_1 left promiscuous mode
[  132.761355][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.770704][   T45] device bridge_slave_0 left promiscuous mode
[  132.777048][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.814830][ T2685] EXT4-fs (loop2): Ignoring removed bh option
[  132.837336][  T747] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  132.923356][ T2685] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  132.933336][   T45] device veth1_macvtap left promiscuous mode
[  132.939192][   T45] device veth0_vlan left promiscuous mode
[  133.078811][ T2686] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  133.110274][ T2685] incfs: Error accessing: ./file0.
[  133.115404][ T2685] incfs: mount failed -20
[  133.265800][ T2225] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  133.306750][  T747] usb 1-1: device descriptor read/64, error -71
[  133.711116][   T30] audit: type=1400 audit(1720821483.545:345): avc:  denied  { accept } for  pid=2706 comm="syz.4.653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  133.744726][ T2709] loop4: detected capacity change from 0 to 256
[  133.780406][  T747] usb 1-1: device descriptor read/64, error -71
[  133.786832][   T30] audit: type=1400 audit(1720821483.618:346): avc:  denied  { create } for  pid=2710 comm="syz.3.655" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  133.788274][ T2711] capability: warning: `syz.3.655' uses deprecated v2 capabilities in a way that may be insecure
[  133.817306][ T2709] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  133.923375][ T2225] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.940347][ T2225] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  133.950535][ T2225] usb 2-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  133.960870][ T2225] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.973948][ T2225] usb 2-1: config 0 descriptor??
[  133.992628][ T2713] syz.3.655[2713] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  133.992943][ T2713] syz.3.655[2713] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  134.047198][  T747] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  134.200595][ T2692] UDC core: couldn't find an available UDC or it's busy: -16
[  134.207809][ T2692] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  134.342611][  T747] usb 1-1: device descriptor read/64, error -71
[  134.549683][ T2225] usbhid 2-1:0.0: can't add hid device: -71
[  134.562334][ T2225] usbhid: probe of 2-1:0.0 failed with error -71
[  134.569483][ T2225] usb 2-1: USB disconnect, device number 22
[  134.576736][ T2718] 9pnet: Insufficient options for proto=fd
[  134.585842][   T30] audit: type=1400 audit(1720821484.468:347): avc:  denied  { read } for  pid=2717 comm="syz.2.656" dev="nsfs" ino=4026532455 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  134.606995][   T30] audit: type=1400 audit(1720821484.468:348): avc:  denied  { open } for  pid=2717 comm="syz.2.656" path="net:[4026532455]" dev="nsfs" ino=4026532455 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  134.641802][ T2718] loop2: detected capacity change from 0 to 2048
[  134.659094][ T2718] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  134.669716][ T2718] ext4 filesystem being mounted at /100/file0 supports timestamps until 2038 (0x7fffffff)
[  134.695176][ T2722] loop4: detected capacity change from 0 to 1024
[  134.713103][   T30] audit: type=1326 audit(1720821484.594:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2723 comm="syz.3.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0600339bd9 code=0x7ffc0000
[  134.772043][ T2722] EXT4-fs (loop4): Test dummy encryption mode enabled
[  134.779399][ T2722] EXT4-fs (loop4): Test dummy encryption mode enabled
[  134.789794][ T2722] EXT4-fs (loop4): Ignoring removed orlov option
[  134.797254][   T30] audit: type=1326 audit(1720821484.626:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2723 comm="syz.3.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f0600339bd9 code=0x7ffc0000
[  134.820712][   T30] audit: type=1326 audit(1720821484.626:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2723 comm="syz.3.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0600339bd9 code=0x7ffc0000
[  134.844428][  T747] usb 1-1: device descriptor read/64, error -71
[  134.873714][ T2722] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  135.029057][  T747] usb usb1-port1: attempt power cycle
[  135.117960][ T2732] loop1: detected capacity change from 0 to 512
[  135.187560][ T2732] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  135.194001][ T2732] EXT4-fs (loop1): mount failed
[  135.220893][ T2726] loop3: detected capacity change from 0 to 40427
[  135.286357][ T2726] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  135.296740][ T2726] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  135.306054][ T2726] F2FS-fs (loop3): invalid crc value
[  135.312333][ T2726] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  135.448033][  T747] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  135.476821][ T2726] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  135.590512][ T2726] F2FS-fs (loop3): recover fsync data on readonly fs
[  135.598397][ T2726] F2FS-fs (loop3): Try to recover 1th superblock, ret: -30
[  135.622202][ T2737] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  135.633428][ T2726] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  135.834809][ T2753] loop3: detected capacity change from 0 to 1024
[  135.912316][ T2753] EXT4-fs (loop3): Test dummy encryption mode enabled
[  135.920551][ T2753] EXT4-fs (loop3): Test dummy encryption mode enabled
[  135.929596][ T2753] EXT4-fs (loop3): Ignoring removed orlov option
[  135.937632][ T2756] loop1: detected capacity change from 0 to 256
[  135.943616][  T747] usb 1-1: device not accepting address 23, error -71
[  135.947846][ T2753] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  135.998342][ T2756] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  136.448588][  T311] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  136.496718][ T2772] loop1: detected capacity change from 0 to 512
[  136.573722][ T2772] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  136.580277][ T2772] EXT4-fs (loop1): mount failed
[  136.620954][ T2772] loop1: detected capacity change from 0 to 256
[  136.628463][ T2772] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  136.872507][ T2777] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  136.963592][  T311] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  136.975490][  T747] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  137.030695][  T311] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.068897][ T2780] 9pnet: Insufficient options for proto=fd
[  137.072365][  T311] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  137.084088][  T311] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.096295][  T311] usb 4-1: config 0 descriptor??
[  137.102907][ T2780] loop4: detected capacity change from 0 to 2048
[  137.163365][  T747] usb 1-1: device descriptor read/8, error -71
[  137.183856][ T2780] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  137.194386][ T2780] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038 (0x7fffffff)
[  137.356072][ T2784] fs-verity (loop4, inode 13): Unknown hash algorithm number: 0
[  137.430610][ T2768] UDC core: couldn't find an available UDC or it's busy: -16
[  137.438707][ T2768] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  137.525465][  T747] usb 1-1: device descriptor read/8, error -71
[  137.630854][ T2795] loop2: detected capacity change from 0 to 256
[  137.649690][  T747] usb usb1-port1: unable to enumerate USB device
[  137.830804][  T311] usbhid 4-1:0.0: can't add hid device: -71
[  137.838862][  T311] usbhid: probe of 4-1:0.0 failed with error -71
[  137.976351][ T2795] tipc: Started in network mode
[  137.981074][ T2795] tipc: Node identity ffff000000a0ffffff00000000000001, cluster identity 4711
[  137.989879][ T2795] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  138.005796][  T311] usb 4-1: USB disconnect, device number 20
[  138.250462][ T2809] loop3: detected capacity change from 0 to 1024
[  138.279197][ T2809] EXT4-fs (loop3): Test dummy encryption mode enabled
[  138.292247][ T2809] EXT4-fs (loop3): Test dummy encryption mode enabled
[  138.311003][ T2811] loop4: detected capacity change from 0 to 256
[  138.322655][ T2809] EXT4-fs (loop3): Ignoring removed orlov option
[  138.367075][ T2809] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  138.397394][ T2811] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  138.652194][   T30] audit: type=1400 audit(1720821488.729:352): avc:  denied  { write } for  pid=2820 comm="syz.2.683" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  138.675845][ T2821] loop2: detected capacity change from 0 to 512
[  138.727096][ T2821] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  138.739595][ T2821] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  138.767091][ T2821] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a064e01c, mo2=0002]
[  138.775522][ T2821] System zones: 1-12
[  138.789496][ T2821] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.683: casefold flag without casefold feature
[  138.811359][ T2821] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.683: missing EA_INODE flag
[  138.843547][ T2821] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.683: error while reading EA inode 12 err=-117
[  138.874080][ T2821] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.683: missing EA_INODE flag
[  138.973704][ T2821] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.683: error while reading EA inode 12 err=-117
[  138.993277][ T2821] EXT4-fs (loop2): 1 orphan inode deleted
[  138.999101][ T2821] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,user_xattr,debug_want_extra_isize=0x000000000000005c,debug,mblk_io_submit,errors=continue,usrjquota=,prjquota,nodiscard,,errors=continue. Quota mode: writeback.
[  139.228058][   T30] audit: type=1400 audit(1720821489.338:353): avc:  denied  { map } for  pid=2820 comm="syz.2.683" path="/107/file0/bus" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  139.399689][ T2832] loop4: detected capacity change from 0 to 512
[  139.471460][ T2832] EXT4-fs (loop4): corrupt root inode, run e2fsck
[  139.487871][ T2832] EXT4-fs (loop4): mount failed
[  139.558680][ T2832] loop4: detected capacity change from 0 to 256
[  139.578443][ T2832] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  139.590781][ T2839] 9pnet: Insufficient options for proto=fd
[  139.674055][ T2841] loop2: detected capacity change from 0 to 2048
[  139.693269][ T2845] loop3: detected capacity change from 0 to 256
[  139.706350][ T2841] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  139.717209][ T2841] ext4 filesystem being mounted at /109/file0 supports timestamps until 2038 (0x7fffffff)
[  139.778486][ T2848] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  139.980239][ T2834] loop0: detected capacity change from 0 to 40427
[  139.999060][ T2845] tipc: Started in network mode
[  140.003933][ T2845] tipc: Node identity ffff000000a0ffffff00000000000001, cluster identity 4711
[  140.012890][ T2845] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  140.079760][ T2834] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  140.099932][ T2834] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  140.112181][ T2834] F2FS-fs (loop0): invalid crc value
[  140.118792][ T2834] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  140.132051][ T2834] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  140.141473][ T2854] fs-verity (loop2, inode 13): Unknown hash algorithm number: 0
[  140.159508][ T2834] F2FS-fs (loop0): recover fsync data on readonly fs
[  140.166578][ T2834] F2FS-fs (loop0): Try to recover 1th superblock, ret: -30
[  140.173682][ T2834] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  140.279850][ T2856] loop1: detected capacity change from 0 to 1024
[  140.298510][  T747] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  140.340038][ T2856] EXT4-fs (loop1): Test dummy encryption mode enabled
[  140.361141][ T2856] EXT4-fs (loop1): Test dummy encryption mode enabled
[  140.378581][ T2856] EXT4-fs (loop1): Ignoring removed orlov option
[  140.396453][ T2856] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  140.484078][ T2864] loop0: detected capacity change from 0 to 256
[  140.495916][ T2862] loop1: detected capacity change from 0 to 1024
[  140.519897][ T2864] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  140.530772][ T2862] EXT4-fs (loop1): Test dummy encryption mode enabled
[  140.544273][ T2862] EXT4-fs (loop1): Test dummy encryption mode enabled
[  140.551682][ T2862] EXT4-fs (loop1): Ignoring removed orlov option
[  140.569559][ T2862] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  140.717854][  T747] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.757629][  T747] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.775227][  T747] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  140.786260][  T747] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.799340][ T2873] loop1: detected capacity change from 0 to 512
[  140.815920][  T747] usb 4-1: config 0 descriptor??
[  140.864634][ T2873] EXT4-fs (loop1): 1 truncate cleaned up
[  140.871767][ T2873] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  141.238789][ T2852] UDC core: couldn't find an available UDC or it's busy: -16
[  141.274043][ T2852] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  141.434688][ T2882] loop4: detected capacity change from 0 to 8192
[  141.471925][ T2882]  loop4: p2 p3 p4
[  141.475692][ T2882] loop4: p2 start 452985600 is beyond EOD, truncated
[  141.482299][ T2882] loop4: p3 start 4177527808 is beyond EOD, truncated
[  141.489339][ T2882] loop4: p4 size 3599499392 extends beyond EOD, truncated
[  141.718274][  T747] usbhid 4-1:0.0: can't add hid device: -71
[  141.738466][  T747] usbhid: probe of 4-1:0.0 failed with error -71
[  141.744255][ T2889] loop1: detected capacity change from 0 to 256
[  141.752595][  T747] usb 4-1: USB disconnect, device number 21
[  141.766380][ T1283] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  141.797064][ T2889] tipc: Started in network mode
[  141.801752][ T2889] tipc: Node identity ffff000000a0ffffff00000000000001, cluster identity 4711
[  141.810626][ T2889] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  142.023196][ T1283] usb 5-1: Using ep0 maxpacket: 16
[  142.166118][ T1283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  142.178374][ T1283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  142.187961][ T1283] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  142.200548][ T1283] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  142.209465][ T1283] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.217995][ T1283] usb 5-1: config 0 descriptor??
[  142.233136][ T2897] loop3: detected capacity change from 0 to 512
[  142.272918][ T2897] EXT4-fs (loop3): corrupt root inode, run e2fsck
[  142.279861][ T2897] EXT4-fs (loop3): mount failed
[  142.285835][ T2900] loop0: detected capacity change from 0 to 1024
[  142.330740][ T2897] loop3: detected capacity change from 0 to 256
[  142.338343][ T2900] EXT4-fs (loop0): Test dummy encryption mode enabled
[  142.345103][ T2900] EXT4-fs (loop0): Test dummy encryption mode enabled
[  142.351815][ T2900] EXT4-fs (loop0): Ignoring removed orlov option
[  142.360158][ T2900] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  142.408284][ T2897] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  142.593861][ T2906] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  142.737972][ T1283] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[  142.756426][ T1283] microsoft 0003:045E:07DA.0019: item 0 4 0 8 parsing failed
[  142.764375][ T1283] microsoft 0003:045E:07DA.0019: parse failed
[  142.770800][ T1283] microsoft: probe of 0003:045E:07DA.0019 failed with error -22
[  142.956933][ T1283] usb 5-1: USB disconnect, device number 21
[  143.006850][  T100]  loop4: p2 p3 p4
[  143.010587][  T100] loop4: p2 start 452985600 is beyond EOD, truncated
[  143.017306][  T100] loop4: p3 start 4177527808 is beyond EOD, truncated
[  143.024106][  T100] loop4: p4 size 3599499392 extends beyond EOD, truncated
[  143.088505][ T2909] 9pnet: Insufficient options for proto=fd
[  143.107651][ T2909] loop3: detected capacity change from 0 to 2048
[  143.167924][ T2909] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  143.178729][ T2909] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038 (0x7fffffff)
[  143.206392][ T2913] loop1: detected capacity change from 0 to 1024
[  143.257055][ T2913] EXT4-fs (loop1): Test dummy encryption mode enabled
[  143.271452][ T2913] EXT4-fs (loop1): Test dummy encryption mode enabled
[  143.278427][ T2913] EXT4-fs (loop1): Ignoring removed orlov option
[  143.286661][ T2913] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  143.376951][ T2919] fs-verity (loop3, inode 13): Unknown hash algorithm number: 0
[  143.698407][ T2923] loop2: detected capacity change from 0 to 512
[  143.717095][ T2923] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  143.724221][  T325] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  143.731854][ T2923] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  143.745840][ T2923] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a064e01c, mo2=0002]
[  143.756325][ T2923] System zones: 1-12
[  143.759167][ T2929] loop4: detected capacity change from 0 to 256
[  143.769951][ T2923] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.711: casefold flag without casefold feature
[  143.784544][ T2923] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.711: missing EA_INODE flag
[  143.805124][ T2923] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.711: error while reading EA inode 12 err=-117
[  143.818609][ T2923] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.711: missing EA_INODE flag
[  143.830642][ T2923] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.711: error while reading EA inode 12 err=-117
[  143.843379][ T2929] FAT-fs (loop4): Unrecognized mount option "" or missing value
[  143.843554][ T2923] EXT4-fs (loop2): 1 orphan inode deleted
[  143.857024][ T2923] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,user_xattr,debug_want_extra_isize=0x000000000000005c,debug,mblk_io_submit,errors=continue,usrjquota=,prjquota,nodiscard,,errors=continue. Quota mode: writeback.
[  143.936568][ T2932] loop1: detected capacity change from 0 to 512
[  144.001180][ T2932] EXT4-fs (loop1): 1 truncate cleaned up
[  144.006903][ T2932] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  144.121137][  T325] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.132007][  T325] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.142660][  T325] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  144.151822][  T325] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.165622][  T325] usb 1-1: config 0 descriptor??
[  144.246836][ T1283] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  144.672613][ T1283] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.683698][ T1283] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.701510][ T1283] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  144.710838][ T1283] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.722859][ T1283] usb 4-1: config 0 descriptor??
[  144.841113][ T2945] x_tables: duplicate underflow at hook 2
[  144.961723][  T325] hid-multitouch 0003:1FD2:6007.001A: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.0-1/input0
[  145.174434][ T2935] UDC core: couldn't find an available UDC or it's busy: -16
[  145.198991][ T2935] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  145.244510][  T325] usb 1-1: USB disconnect, device number 25
[  145.588631][ T1283] usbhid 4-1:0.0: can't add hid device: -71
[  145.594986][ T1283] usbhid: probe of 4-1:0.0 failed with error -71
[  145.605535][ T1283] usb 4-1: USB disconnect, device number 22
[  145.898227][ T2961] loop1: detected capacity change from 0 to 1024
[  145.911728][ T2963] loop0: detected capacity change from 0 to 512
[  145.922295][ T2961] EXT4-fs (loop1): Test dummy encryption mode enabled
[  145.929020][ T2961] EXT4-fs (loop1): Test dummy encryption mode enabled
[  145.935810][ T2961] EXT4-fs (loop1): Ignoring removed orlov option
[  145.936124][ T2963] EXT4-fs (loop0): corrupt root inode, run e2fsck
[  145.948638][ T2963] EXT4-fs (loop0): mount failed
[  145.954227][ T2961] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  146.023075][ T2963] loop0: detected capacity change from 0 to 256
[  146.029265][  T325] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  146.040567][ T2963] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  146.152185][ T2970] loop1: detected capacity change from 0 to 8192
[  146.160029][ T2970]  loop1: p2 p3 p4
[  146.164047][ T2970] loop1: p2 start 452985600 is beyond EOD, truncated
[  146.170752][ T2970] loop1: p3 start 4177527808 is beyond EOD, truncated
[  146.177550][ T2970] loop1: p4 size 3599499392 extends beyond EOD, 
[  146.275953][ T2973] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  146.387525][ T2970] truncated
[  146.568296][ T2978] 9pnet: Insufficient options for proto=fd
[  146.582535][ T2978] loop3: detected capacity change from 0 to 2048
[  146.597734][  T325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  146.608506][  T325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  146.618235][  T325] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  146.627553][  T325] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.636280][  T325] usb 5-1: config 0 descriptor??
[  146.684361][ T2978] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  146.694961][ T2978] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038 (0x7fffffff)
[  146.719273][  T310] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  146.866775][ T2956] UDC core: couldn't find an available UDC or it's busy: -16
[  146.874825][ T2956] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  146.882097][ T2981] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.723: bg 0: block 288: padding at end of block bitmap is not set
[  146.896738][ T2981] fs-verity (loop3, inode 13): ext4_end_enable_verity() failed with err -117
[  146.979370][  T310] usb 2-1: Using ep0 maxpacket: 16
[  147.045993][   T30] audit: type=1400 audit(1720821497.544:354): avc:  denied  { create } for  pid=2984 comm="syz.0.724" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  147.066569][   T30] audit: type=1400 audit(1720821497.565:355): avc:  denied  { map } for  pid=2984 comm="syz.0.724" path="socket:[23395]" dev="sockfs" ino=23395 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  147.075086][ T2992] FAULT_INJECTION: forcing a failure.
[  147.075086][ T2992] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.089666][   T30] audit: type=1400 audit(1720821497.565:356): avc:  denied  { read } for  pid=2984 comm="syz.0.724" path="socket:[23395]" dev="sockfs" ino=23395 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  147.103507][  T310] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.137089][ T2992] CPU: 0 PID: 2992 Comm: syz.0.724 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0
[  147.146796][ T2992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  147.156706][ T2992] Call Trace:
[  147.159827][ T2992]  <TASK>
[  147.162604][ T2992]  dump_stack_lvl+0x151/0x1b7
[  147.167117][ T2992]  ? io_uring_drop_tctx_refs+0x190/0x190
[  147.172582][ T2992]  dump_stack+0x15/0x17
[  147.176571][ T2992]  should_fail+0x3c6/0x510
[  147.180835][ T2992]  should_fail_usercopy+0x1a/0x20
[  147.185717][ T2992]  _copy_from_user+0x20/0xd0
[  147.190136][ T2992]  __sys_bpf+0x1e9/0x760
[  147.194200][ T2992]  ? fput_many+0x160/0x1b0
[  147.198500][ T2992]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  147.203680][ T2992]  ? debug_smp_processor_id+0x17/0x20
[  147.209037][ T2992]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  147.214964][ T2992]  __x64_sys_bpf+0x7c/0x90
[  147.219280][ T2992]  do_syscall_64+0x3d/0xb0
[  147.223695][ T2992]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  147.229355][ T2992] RIP: 0033:0x7feee53c5bd9
[  147.233718][ T2992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.253131][ T2992] RSP: 002b:00007feee4605048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  147.261370][ T2992] RAX: ffffffffffffffda RBX: 00007feee5554110 RCX: 00007feee53c5bd9
[  147.269183][ T2992] RDX: 0000000000000020 RSI: 0000000020000100 RDI: 0000000000000012
[  147.276995][ T2992] RBP: 00007feee46050a0 R08: 0000000000000000 R09: 0000000000000000
[  147.284808][ T2992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.292644][ T2992] R13: 000000000000006e R14: 00007feee5554110 R15: 00007ffc9f865838
[  147.300444][ T2992]  </TASK>
[  147.305317][  T310] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.315086][  T310] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  147.328153][  T310] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  147.337110][  T310] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.349286][  T310] usb 2-1: config 0 descriptor??
[  147.402139][  T325] usbhid 5-1:0.0: can't add hid device: -71
[  147.410800][  T325] usbhid: probe of 5-1:0.0 failed with error -71
[  147.418122][  T325] usb 5-1: USB disconnect, device number 22
[  147.759770][  T713] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  147.780563][ T3001] loop2: detected capacity change from 0 to 512
[  147.808553][  T310] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[  147.815700][  T310] microsoft 0003:045E:07DA.001B: item 0 4 0 8 parsing failed
[  147.823146][  T310] microsoft 0003:045E:07DA.001B: parse failed
[  147.829413][  T310] microsoft: probe of 0003:045E:07DA.001B failed with error -22
[  147.848255][ T3001] EXT4-fs (loop2): 1 truncate cleaned up
[  147.854078][ T3001] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  147.877217][ T3007] loop4: detected capacity change from 0 to 1024
[  147.941904][ T3007] EXT4-fs (loop4): Test dummy encryption mode enabled
[  147.948815][ T3007] EXT4-fs (loop4): Test dummy encryption mode enabled
[  147.955469][ T3007] EXT4-fs (loop4): Ignoring removed orlov option
[  147.964139][ T3007] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  148.014322][  T311] usb 2-1: USB disconnect, device number 23
[  148.037310][  T100]  loop1: p2 p3 p4
[  148.041050][  T100] loop1: p2 start 452985600 is beyond EOD, truncated
[  148.047892][  T100] loop1: p3 start 4177527808 is beyond EOD, truncated
[  148.054559][  T100] loop1: p4 size 3599499392 extends beyond EOD, truncated
[  148.179094][  T713] usb 4-1: config 0 has no interfaces?
[  148.265603][  T713] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  148.278037][  T713] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  148.290343][  T713] usb 4-1: Manufacturer: syz
[  148.301686][  T713] usb 4-1: config 0 descriptor??
[  148.360212][ T1283] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  148.532588][ T2997] FAULT_INJECTION: forcing a failure.
[  148.532588][ T2997] name failslab, interval 1, probability 0, space 0, times 0
[  148.545078][ T2997] CPU: 0 PID: 2997 Comm: syz.3.728 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0
[  148.554803][ T2997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  148.564867][ T2997] Call Trace:
[  148.568008][ T2997]  <TASK>
[  148.570771][ T2997]  dump_stack_lvl+0x151/0x1b7
[  148.575282][ T2997]  ? io_uring_drop_tctx_refs+0x190/0x190
[  148.580751][ T2997]  dump_stack+0x15/0x17
[  148.584741][ T2997]  should_fail+0x3c6/0x510
[  148.589001][ T2997]  __should_failslab+0xa4/0xe0
[  148.593597][ T2997]  should_failslab+0x9/0x20
[  148.597932][ T2997]  slab_pre_alloc_hook+0x37/0xd0
[  148.602712][ T2997]  kmem_cache_alloc_trace+0x48/0x210
[  148.607826][ T2997]  ? v9fs_mount+0x5f/0x7f0
[  148.612082][ T2997]  v9fs_mount+0x5f/0x7f0
[  148.616160][ T2997]  legacy_get_tree+0xf1/0x190
[  148.620814][ T2997]  ? incfs_get_verity_signature+0x420/0x420
[  148.626516][ T2997]  vfs_get_tree+0x88/0x290
[  148.630873][ T2997]  do_new_mount+0x2ba/0xb30
[  148.635196][ T2997]  ? do_move_mount_old+0x160/0x160
[  148.640145][ T2997]  ? security_capable+0x87/0xb0
[  148.644827][ T2997]  ? ns_capable+0x89/0xe0
[  148.648992][ T2997]  path_mount+0x671/0x1070
[  148.653247][ T2997]  __se_sys_mount+0x2c4/0x3b0
[  148.657757][ T2997]  ? fput+0x1a/0x20
[  148.661406][ T2997]  ? __x64_sys_mount+0xd0/0xd0
[  148.666015][ T2997]  ? debug_smp_processor_id+0x17/0x20
[  148.671212][ T2997]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  148.677113][ T2997]  __x64_sys_mount+0xbf/0xd0
[  148.681544][ T2997]  do_syscall_64+0x3d/0xb0
[  148.685793][ T2997]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  148.691808][ T2997] RIP: 0033:0x7f0600339bd9
[  148.696131][ T2997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.715967][ T2997] RSP: 002b:00007f05ff5bb048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  148.724206][ T2997] RAX: ffffffffffffffda RBX: 00007f06004c7f60 RCX: 00007f0600339bd9
[  148.732017][ T2997] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 0000000000000000
[  148.739835][ T2997] RBP: 00007f05ff5bb0a0 R08: 0000000020000080 R09: 0000000000000000
[  148.747649][ T2997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  148.755454][ T2997] R13: 000000000000000b R14: 00007f06004c7f60 R15: 00007ffd32579c18
[  148.763406][ T2997]  </TASK>
[  148.769664][  T310] usb 4-1: USB disconnect, device number 23
[  148.884543][ T1283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  148.895592][ T1283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  148.905399][ T1283] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  148.917118][ T1283] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.928039][ T1283] usb 5-1: config 0 descriptor??
[  148.934295][ T3023] loop2: detected capacity change from 0 to 512
[  149.104980][ T3023] EXT4-fs (loop2): corrupt root inode, run e2fsck
[  149.111771][ T3023] EXT4-fs (loop2): mount failed
[  149.209232][ T3012] UDC core: couldn't find an available UDC or it's busy: -16
[  149.216554][ T3012] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  149.233940][ T3023] loop2: detected capacity change from 0 to 256
[  149.244076][ T3023] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  149.462822][ T3031] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  149.713373][ T1283] usbhid 5-1:0.0: can't add hid device: -71
[  149.719973][ T1283] usbhid: probe of 5-1:0.0 failed with error -71
[  149.731316][ T1283] usb 5-1: USB disconnect, device number 23
[  149.809293][ T3036] 9pnet: Insufficient options for proto=fd
[  149.820499][ T3038] x_tables: duplicate underflow at hook 2
[  149.837192][ T3036] loop2: detected capacity change from 0 to 2048
[  149.857962][ T3036] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  149.868598][ T3036] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038 (0x7fffffff)
[  150.554945][ T3044] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.738: bg 0: block 288: padding at end of block bitmap is not set
[  150.571277][ T3044] fs-verity (loop2, inode 13): ext4_end_enable_verity() failed with err -117
[  150.955318][ T3047] fuse: Bad value for 'group_id'
[  151.025034][ T3055] loop3: detected capacity change from 0 to 1024
[  151.143600][ T3055] EXT4-fs (loop3): Test dummy encryption mode enabled
[  151.150427][ T3055] EXT4-fs (loop3): Test dummy encryption mode enabled
[  151.186083][ T3055] EXT4-fs (loop3): Ignoring removed orlov option
[  151.215132][ T3055] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  151.522379][ T3068] loop4: detected capacity change from 0 to 512
[  151.529820][ T3066] FAULT_INJECTION: forcing a failure.
[  151.529820][ T3066] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.581064][ T3066] CPU: 0 PID: 3066 Comm: syz.3.745 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0
[  151.590716][ T3066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  151.600718][ T3066] Call Trace:
[  151.603919][ T3066]  <TASK>
[  151.606695][ T3066]  dump_stack_lvl+0x151/0x1b7
[  151.611214][ T3066]  ? io_uring_drop_tctx_refs+0x190/0x190
[  151.616767][ T3066]  dump_stack+0x15/0x17
[  151.620758][ T3066]  should_fail+0x3c6/0x510
[  151.625097][ T3066]  should_fail_usercopy+0x1a/0x20
[  151.629961][ T3066]  _copy_to_user+0x20/0x90
[  151.634218][ T3066]  simple_read_from_buffer+0xc7/0x150
[  151.639507][ T3066]  proc_fail_nth_read+0x1a3/0x210
[  151.644371][ T3066]  ? proc_fault_inject_write+0x390/0x390
[  151.649831][ T3066]  ? fsnotify_perm+0x470/0x5d0
[  151.654434][ T3066]  ? security_file_permission+0x86/0xb0
[  151.659815][ T3066]  ? proc_fault_inject_write+0x390/0x390
[  151.665281][ T3066]  vfs_read+0x27d/0xd40
[  151.669272][ T3066]  ? kasan_quarantine_put+0x34/0x1a0
[  151.674395][ T3066]  ? kernel_read+0x1f0/0x1f0
[  151.678824][ T3066]  ? __kasan_check_write+0x14/0x20
[  151.683767][ T3066]  ? mutex_lock+0xb6/0x1e0
[  151.688019][ T3066]  ? wait_for_completion_killable_timeout+0x10/0x10
[  151.694444][ T3066]  ? __fdget_pos+0x2e7/0x3a0
[  151.698866][ T3066]  ? ksys_read+0x77/0x2c0
[  151.703037][ T3066]  ksys_read+0x199/0x2c0
[  151.707122][ T3066]  ? bpf_trace_run1+0x1c0/0x1c0
[  151.711806][ T3066]  ? vfs_write+0x1110/0x1110
[  151.716231][ T3066]  ? __bpf_trace_sys_enter+0x62/0x70
[  151.721434][ T3066]  __x64_sys_read+0x7b/0x90
[  151.725782][ T3066]  do_syscall_64+0x3d/0xb0
[  151.730111][ T3066]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  151.735939][ T3066] RIP: 0033:0x7f06003386bc
[  151.740184][ T3066] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  151.759625][ T3066] RSP: 002b:00007f05ff5bb040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  151.767984][ T3066] RAX: ffffffffffffffda RBX: 00007f06004c7f60 RCX: 00007f06003386bc
[  151.775793][ T3066] RDX: 000000000000000f RSI: 00007f05ff5bb0b0 RDI: 0000000000000008
[  151.778120][ T3068] EXT4-fs (loop4): 1 truncate cleaned up
[  151.783601][ T3066] RBP: 00007f05ff5bb0a0 R08: 0000000000000000 R09: 0000000000000000
[  151.783621][ T3066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.783634][ T3066] R13: 000000000000000b R14: 00007f06004c7f60 R15: 00007ffd32579c18
[  151.783655][ T3066]  </TASK>
[  151.799200][ T3068] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  152.361640][   T30] audit: type=1400 audit(1720821503.116:357): avc:  denied  { nlmsg_read } for  pid=3070 comm="syz.3.747" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  152.383155][ T3075] netlink: 168 bytes leftover after parsing attributes in process `syz.3.747'.
[  152.402715][ T3080] FAULT_INJECTION: forcing a failure.
[  152.402715][ T3080] name failslab, interval 1, probability 0, space 0, times 0
[  152.419795][ T3080] CPU: 0 PID: 3080 Comm: syz.1.749 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0
[  152.429579][ T3080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  152.439521][ T3080] Call Trace:
[  152.442645][ T3080]  <TASK>
[  152.443268][ T3082] loop3: detected capacity change from 0 to 512
[  152.445416][ T3080]  dump_stack_lvl+0x151/0x1b7
[  152.445444][ T3080]  ? io_uring_drop_tctx_refs+0x190/0x190
[  152.461480][ T3080]  ? avc_has_perm_noaudit+0x2dd/0x430
[  152.466813][ T3080]  dump_stack+0x15/0x17
[  152.470786][ T3080]  should_fail+0x3c6/0x510
[  152.475171][ T3080]  __should_failslab+0xa4/0xe0
[  152.479765][ T3080]  should_failslab+0x9/0x20
[  152.484105][ T3080]  slab_pre_alloc_hook+0x37/0xd0
[  152.488885][ T3080]  kmem_cache_alloc_trace+0x48/0x210
[  152.494002][ T3080]  ? p9_fid_create+0x53/0x280
[  152.498853][ T3080]  p9_fid_create+0x53/0x280
[  152.503460][ T3080]  p9_client_walk+0x10a/0x7b0
[  152.508178][ T3080]  ? p9_client_rpc+0x13a0/0x13a0
[  152.513123][ T3080]  ? v9fs_fid_lookup+0x118/0x160
[  152.518099][ T3080]  v9fs_file_open+0x408/0x6c0
[  152.522995][ T3080]  ? v9fs_fid_readpage+0x680/0x680
[  152.528226][ T3080]  do_dentry_open+0x81c/0xfd0
[  152.532715][ T3080]  vfs_open+0x73/0x80
[  152.536534][ T3080]  path_openat+0x26f0/0x2f40
[  152.540980][ T3080]  ? __kasan_slab_alloc+0xb1/0xe0
[  152.545815][ T3080]  ? kmem_cache_alloc+0xf5/0x200
[  152.550719][ T3080]  ? getname_flags+0xba/0x520
[  152.555383][ T3080]  ? __x64_sys_openat+0x243/0x290
[  152.560249][ T3080]  ? do_filp_open+0x460/0x460
[  152.564842][ T3080]  do_filp_open+0x21c/0x460
[  152.569182][ T3080]  ? vfs_tmpfile+0x2c0/0x2c0
[  152.574097][ T3080]  do_sys_openat2+0x13f/0x830
[  152.578826][ T3080]  ? __kasan_check_write+0x14/0x20
[  152.583777][ T3080]  ? mutex_unlock+0xb2/0x260
[  152.588220][ T3080]  ? wait_for_completion_killable_timeout+0x10/0x10
[  152.594730][ T3080]  ? do_sys_open+0x220/0x220
[  152.599150][ T3080]  ? __kasan_check_write+0x14/0x20
[  152.604101][ T3080]  ? fput_many+0x160/0x1b0
[  152.608350][ T3080]  ? fput+0x1a/0x20
[  152.612083][ T3080]  __x64_sys_openat+0x243/0x290
[  152.616773][ T3080]  ? __ia32_sys_open+0x270/0x270
[  152.621542][ T3080]  ? debug_smp_processor_id+0x17/0x20
[  152.626749][ T3080]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  152.632665][ T3080]  ? exit_to_user_mode_prepare+0x39/0xa0
[  152.638121][ T3080]  do_syscall_64+0x3d/0xb0
[  152.642375][ T3080]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  152.648101][ T3080] RIP: 0033:0x7f627b820bd9
[  152.652475][ T3080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.672120][ T3080] RSP: 002b:00007f627aaa2048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  152.680358][ T3080] RAX: ffffffffffffffda RBX: 00007f627b9aef60 RCX: 00007f627b820bd9
[  152.688179][ T3080] RDX: 0000000000000000 RSI: 0000000020004280 RDI: ffffffffffffff9c
[  152.695981][ T3080] RBP: 00007f627aaa20a0 R08: 0000000000000000 R09: 0000000000000000
[  152.703790][ T3080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.711603][ T3080] R13: 000000000000000b R14: 00007f627b9aef60 R15: 00007ffed38afe08
[  152.719446][ T3080]  </TASK>
[  152.744924][ T3082] EXT4-fs (loop3): corrupt root inode, run e2fsck
[  152.751302][ T3082] EXT4-fs (loop3): mount failed
[  152.788644][ T3085] 9pnet: Insufficient options for proto=fd
[  152.802464][ T3085] loop1: detected capacity change from 0 to 2048
[  152.815913][ T3087] fuse: Bad value for 'group_id'
[  152.830447][ T3089] loop4: detected capacity change from 0 to 512
[  152.841589][ T3082] loop3: detected capacity change from 0 to 256
[  152.849866][ T3089] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  152.859656][ T3089] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  152.859718][ T3085] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  152.880212][ T3085] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038 (0x7fffffff)
[  152.881470][ T3089] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  152.895282][ T3082] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  152.966521][ T3089] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  152.977023][ T3089] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e118, mo2=0000]
[  152.985649][ T3089] EXT4-fs (loop4): orphan cleanup on readonly fs
[  152.992943][ T3089] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.753: bg 0: block 34: padding at end of block bitmap is not set
[  153.007688][ T3089] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:476: comm syz.4.753: Invalid block bitmap block 0 in block_group 1
[  153.021391][ T3089] Quota error (device loop4): write_blk: dquota write failed
[  153.032626][ T3089] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota
[  153.043529][ T3089] EXT4-fs (loop4): 1 truncate cleaned up
[  153.058472][ T3089] EXT4-fs (loop4): mounted filesystem without journal. Opts: noload,debug,nogrpid,noblock_validity,,errors=continue. Quota mode: writeback.
[  153.077426][   T30] audit: type=1400 audit(1720821503.872:358): avc:  denied  { remount } for  pid=3088 comm="syz.4.753" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  153.078872][ T3089] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: writeback.
[  153.105157][ T3095] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.751: bg 0: block 288: padding at end of block bitmap is not set
[  153.145204][ T3095] fs-verity (loop1, inode 13): ext4_end_enable_verity() failed with err -117
[  153.157151][ T3097] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  153.465018][ T3100] loop2: detected capacity change from 0 to 1024
[  153.544331][ T3100] EXT4-fs (loop2): Test dummy encryption mode enabled
[  153.557471][ T3100] EXT4-fs (loop2): Test dummy encryption mode enabled
[  153.564678][ T3100] EXT4-fs (loop2): Ignoring removed orlov option
[  153.574419][ T3100] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  154.035601][ T3115] loop2: detected capacity change from 0 to 1024
[  154.057101][ T3115] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  154.068381][ T3115] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  154.077925][ T3115] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #3: comm syz.2.758: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  154.095890][ T3115] EXT4-fs (loop2): no journal found
[  154.101460][ T3115] EXT4-fs (loop2): can't get journal size
[  154.108130][ T3115] EXT4-fs (loop2): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000005,noinit_itable,max_dir_size_kb=0x0000000000000005,noblock_validity,noload,data=writeback,,errors=continue. Quota mode: writeback.
[  154.426452][ T3121] netlink: 168 bytes leftover after parsing attributes in process `syz.2.760'.
[  154.575057][  T310] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  154.604764][ T3124] loop2: detected capacity change from 0 to 8192
[  154.640589][ T3124]  loop2: p2 p3 p4
[  154.644361][ T3124] loop2: p2 start 452985600 is beyond EOD, truncated
[  154.650958][ T3124] loop2: p3 start 4177527808 is beyond EOD, truncated
[  154.657590][ T3124] loop2: p4 size 3599499392 extends beyond EOD, truncated
[  154.827155][ T3126] loop4: detected capacity change from 0 to 512
[  154.871111][ T3126] EXT4-fs (loop4): 1 truncate cleaned up
[  154.876788][ T3126] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  154.916425][  T310] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.930188][  T325] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  154.938057][  T310] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.951348][  T310] usb 2-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  154.960525][  T310] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.974916][  T310] usb 2-1: config 0 descriptor??
[  155.164181][  T325] usb 3-1: Using ep0 maxpacket: 16
[  155.203542][ T3113] UDC core: couldn't find an available UDC or it's busy: -16
[  155.210915][ T3113] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  155.278700][  T325] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  155.289504][  T325] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  155.299265][  T325] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  155.312288][  T325] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  155.321126][  T325] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.329473][  T325] usb 3-1: config 0 descriptor??
[  155.440655][ T1283] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  155.545198][  T310] usbhid 2-1:0.0: can't add hid device: -71
[  155.551152][  T310] usbhid: probe of 2-1:0.0 failed with error -71
[  155.559842][  T310] usb 2-1: USB disconnect, device number 24
[  155.743042][ T3143] 9pnet: Insufficient options for proto=fd
[  155.756667][ T3143] loop4: detected capacity change from 0 to 2048
[  155.765262][  T325] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[  155.772691][  T325] microsoft 0003:045E:07DA.001C: item 0 4 0 8 parsing failed
[  155.780114][  T325] microsoft 0003:045E:07DA.001C: parse failed
[  155.786114][  T325] microsoft: probe of 0003:045E:07DA.001C failed with error -22
[  155.832666][ T3143] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  155.843124][ T3143] ext4 filesystem being mounted at /109/file0 supports timestamps until 2038 (0x7fffffff)
[  155.853111][ T1283] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  155.864163][ T1283] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  155.875016][ T1283] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  155.930463][ T1283] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.939568][ T1283] usb 4-1: config 0 descriptor??
[  155.967874][  T311] usb 3-1: USB disconnect, device number 18
[  155.977982][ T3148] loop1: detected capacity change from 0 to 1024
[  156.042882][ T3150] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.767: bg 0: block 288: padding at end of block bitmap is not set
[  156.058670][ T3150] fs-verity (loop4, inode 13): ext4_end_enable_verity() failed with err -117
[  156.076585][  T100]  loop2: p2 p3 p4
[  156.081171][  T100] loop2: p2 start 452985600 is beyond EOD, truncated
[  156.093407][ T3148] EXT4-fs (loop1): Test dummy encryption mode enabled
[  156.100661][  T100] loop2: p3 start 4177527808 is beyond EOD, truncated
[  156.109211][  T100] loop2: p4 size 3599499392 extends beyond EOD, truncated
[  156.142474][ T3148] EXT4-fs (loop1): Test dummy encryption mode enabled
[  156.151633][ T3148] EXT4-fs (loop1): Ignoring removed orlov option
[  156.174890][ T3148] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  156.191874][ T3140] UDC core: couldn't find an available UDC or it's busy: -16
[  156.213650][ T3140] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  156.318466][ T3155] loop1: detected capacity change from 0 to 1024
[  156.386370][ T3155] EXT4-fs (loop1): Test dummy encryption mode enabled
[  156.393105][ T3155] EXT4-fs (loop1): Test dummy encryption mode enabled
[  156.399908][ T3155] EXT4-fs (loop1): Ignoring removed orlov option
[  156.408315][ T3155] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  156.536396][ T3159] mmap: syz.1.770 (3159) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  156.563923][ T1283] usbhid 4-1:0.0: can't add hid device: -71
[  156.569836][ T1283] usbhid: probe of 4-1:0.0 failed with error -71
[  156.577086][ T1283] usb 4-1: USB disconnect, device number 24
[  156.712679][ T3166] loop4: detected capacity change from 0 to 512
[  156.755211][ T3162] netlink: 168 bytes leftover after parsing attributes in process `syz.2.771'.
[  156.786870][ T3166] EXT4-fs (loop4): 1 truncate cleaned up
[  156.792596][ T3166] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  156.811426][ T3172] loop2: detected capacity change from 0 to 1024
[  157.700803][ T3172] EXT4-fs (loop2): Test dummy encryption mode enabled
[  157.713807][ T3172] EXT4-fs (loop2): Test dummy encryption mode enabled
[  157.727653][ T3172] EXT4-fs (loop2): Ignoring removed orlov option
[  157.756636][ T3172] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  157.831211][ T3186] loop4: detected capacity change from 0 to 256
[  157.937440][ T3186] FAT-fs (loop4): Unrecognized mount option "ģ¯d‘ytö£utf8=0" or missing value
[  157.959189][ T3191] loop2: detected capacity change from 0 to 1024
[  157.996508][ T3195] 9pnet: Insufficient options for proto=fd
[  158.004957][ T3191] EXT4-fs (loop2): Test dummy encryption mode enabled
[  158.016419][ T3186] loop4: detected capacity change from 0 to 512
[  158.033372][ T3191] EXT4-fs (loop2): Test dummy encryption mode enabled
[  158.046706][ T3196] loop1: detected capacity change from 0 to 1024
[  158.053269][ T3191] EXT4-fs (loop2): Ignoring removed orlov option
[  158.056541][ T3195] loop3: detected capacity change from 0 to 2048
[  158.066597][ T3186] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:476: comm syz.4.778: Invalid block bitmap block 0 in block_group 0
[  158.080250][ T3186] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6176: Corrupt filesystem
[  158.088460][ T3191] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  158.114521][ T3186] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.778: attempt to clear invalid blocks 983261 len 1
[  158.129148][ T3186] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.778: invalid indirect mapped block 2683928664 (level 0)
[  158.130360][ T3195] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  158.143865][ T3186] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm syz.4.778: Invalid inode table block 0 in block_group 0
[  158.155588][ T3195] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038 (0x7fffffff)
[  158.175447][ T3186] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  158.185643][ T3196] EXT4-fs (loop1): Test dummy encryption mode enabled
[  158.192285][ T3186] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  158.200879][ T3186] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm syz.4.778: Invalid inode table block 0 in block_group 0
[  158.214035][ T3186] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  158.223823][ T3186] EXT4-fs error (device loop4): ext4_truncate:4292: inode #13: comm syz.4.778: mark_inode_dirty error
[  158.235066][ T3186] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  158.244459][ T3186] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm syz.4.778: Invalid inode table block 0 in block_group 0
[  158.257359][ T3186] EXT4-fs (loop4): 1 truncate cleaned up
[  158.262874][ T3186] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resuid=0x000000000000ee00,,errors=continue. Quota mode: none.
[  158.279777][ T3196] EXT4-fs (loop1): Test dummy encryption mode enabled
[  158.286790][ T3196] EXT4-fs (loop1): Ignoring removed orlov option
[  158.298981][ T3196] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  158.396548][ T3210] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.782: bg 0: block 288: padding at end of block bitmap is not set
[  158.412989][ T3210] fs-verity (loop3, inode 13): ext4_end_enable_verity() failed with err -117
[  158.482466][ T3186] fuse: Unknown parameter '˙˙˙˙0x0000000000000006'
[  158.568186][ T3199] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.575509][ T3199] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.585229][ T3199] device bridge_slave_0 entered promiscuous mode
[  158.593353][ T3199] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.600639][ T3199] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.619179][ T3199] device bridge_slave_1 entered promiscuous mode
[  158.632722][   T39] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  158.687783][ T3214] netlink: 168 bytes leftover after parsing attributes in process `syz.1.784'.
[  158.748419][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  158.756037][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  158.772628][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  159.035522][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  159.081650][ T1283] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.088702][ T1283] bridge0: port 1(bridge_slave_0) entered forwarding state
[  159.097326][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  159.105675][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  159.114091][ T1283] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.120962][ T1283] bridge0: port 2(bridge_slave_1) entered forwarding state
[  159.129901][  T713] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  159.147919][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  159.155790][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  159.170531][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  159.206482][   T30] audit: type=1326 audit(1720821510.305:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3228 comm="syz.3.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0600339bd9 code=0x7ffc0000
[  159.234425][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  159.235300][   T30] audit: type=1326 audit(1720821510.326:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3228 comm="syz.3.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0600339bd9 code=0x7ffc0000
[  159.265558][   T39] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  159.267652][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  159.277692][   T30] audit: type=1326 audit(1720821510.326:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3228 comm="syz.3.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f0600339bd9 code=0x7ffc0000
[  159.306848][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  159.314999][   T39] usb 3-1: New USB device found, idVendor=03f0, idProduct=0307, bcdDevice= 0.01
[  159.324483][   T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.326932][ T3199] device veth0_vlan entered promiscuous mode
[  159.340082][   T30] audit: type=1326 audit(1720821510.326:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3228 comm="syz.3.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0600339bd9 code=0x7ffc0000
[  159.363654][   T39] usb 3-1: config 0 descriptor??
[  159.366915][  T310] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  159.369273][   T30] audit: type=1326 audit(1720821510.326:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3228 comm="syz.3.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0600339bd9 code=0x7ffc0000
[  159.409041][ T3199] device veth1_macvtap entered promiscuous mode
[  159.425355][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  159.428324][   T39] ums-usbat 3-1:0.0: USB Mass Storage device detected
[  159.440613][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  159.456686][ T2225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  159.465899][    T8] device bridge_slave_1 left promiscuous mode
[  159.473138][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.480692][    T8] device bridge_slave_0 left promiscuous mode
[  159.487080][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.512719][    T8] device veth1_macvtap left promiscuous mode
[  159.518570][    T8] device veth0_vlan left promiscuous mode
[  159.523132][ T3237] loop1: detected capacity change from 0 to 1024
[  159.543767][ T3237] EXT4-fs (loop1): Test dummy encryption mode enabled
[  159.558349][ T3237] EXT4-fs (loop1): Test dummy encryption mode enabled
[  159.565129][ T3237] EXT4-fs (loop1): Ignoring removed orlov option
[  159.580135][ T3237] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  159.719370][  T310] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.734508][  T310] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.744263][  T310] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  159.753214][  T310] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.762297][  T310] usb 5-1: config 0 descriptor??
[  160.103399][  T713] usb 3-1: USB disconnect, device number 19
[  160.125798][ T3250] loop0: detected capacity change from 0 to 1024
[  160.149045][ T3226] UDC core: couldn't find an available UDC or it's busy: -16
[  160.156422][ T3226] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  160.172380][ T3250] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  160.184737][ T3250] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  160.194487][ T3250] EXT4-fs error (device loop0): ext4_ext_check_inode:501: inode #3: comm syz.0.780: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  160.212681][ T3250] EXT4-fs (loop0): no journal found
[  160.217993][ T3250] EXT4-fs (loop0): can't get journal size
[  160.223981][ T3250] EXT4-fs error (device loop0): ext4_ext_check_inode:501: inode #3: comm syz.0.780: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  160.242750][ T3250] EXT4-fs (loop0): failed to initialize system zone (-117)
[  160.249919][ T3250] EXT4-fs (loop0): mount failed
[  160.315796][ T3260] 9pnet: Insufficient options for proto=fd
[  160.347059][ T3260] loop0: detected capacity change from 0 to 2048
[  160.425900][ T3260] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  160.436504][ T3260] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038 (0x7fffffff)
[  160.519927][  T310] usbhid 5-1:0.0: can't add hid device: -71
[  160.525720][  T310] usbhid: probe of 5-1:0.0 failed with error -71
[  160.532689][  T310] usb 5-1: USB disconnect, device number 24
[  160.614989][ T3266] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.797: bg 0: block 288: padding at end of block bitmap is not set
[  160.631376][ T3266] fs-verity (loop0, inode 13): ext4_end_enable_verity() failed with err -117
[  160.787886][ T3268] 9pnet: Insufficient options for proto=fd
[  160.827656][ T3268] loop2: detected capacity change from 0 to 2048
[  160.902005][ T3268] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  160.912529][ T3268] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038 (0x7fffffff)
[  161.037352][   T30] audit: type=1326 audit(1720821512.225:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3274 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4f19dbd9 code=0x7ffc0000
[  161.061117][   T30] audit: type=1326 audit(1720821512.225:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3274 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4f19dbd9 code=0x7ffc0000
[  161.093050][   T30] audit: type=1326 audit(1720821512.225:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3274 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7fee4f19dbd9 code=0x7ffc0000
[  161.258132][ T3276] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.798: bg 0: block 288: padding at end of block bitmap is not set
[  161.309590][   T30] audit: type=1326 audit(1720821512.225:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3274 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4f19dbd9 code=0x7ffc0000
[  161.335886][ T3276] fs-verity (loop2, inode 13): ext4_end_enable_verity() failed with err -117
[  161.444287][  T310] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  161.715791][ T3298] loop2: detected capacity change from 0 to 1024
[  161.760447][ T3301] loop1: detected capacity change from 0 to 512
[  161.789270][ T3298] EXT4-fs (loop2): Test dummy encryption mode enabled
[  161.790901][  T310] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.796229][ T3298] EXT4-fs (loop2): Test dummy encryption mode enabled
[  161.813322][  T310] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.816817][ T3298] EXT4-fs (loop2): Ignoring removed orlov option
[  161.830370][  T310] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  161.839476][  T310] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.848947][ T3298] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  161.854300][  T310] usb 4-1: config 0 descriptor??
[  161.901589][ T3301] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  161.927251][ T3301] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.808: casefold flag without casefold feature
[  161.942835][ T3301] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.808: missing EA_INODE flag
[  161.954814][ T3301] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.808: error while reading EA inode 12 err=-117
[  161.967251][ T3301] EXT4-fs (loop1): 1 orphan inode deleted
[  161.973017][ T3301] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,noinit_itable,errors=continue,errors=continue,errors=remount-ro,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000001,. Quota mode: writeback.
[  162.798122][ T3273] UDC core: couldn't find an available UDC or it's busy: -16
[  162.843921][ T3273] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  163.002136][   T30] audit: type=1326 audit(1720821514.261:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3312 comm="syz.4.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4f19dbd9 code=0x7ffc0000
[  163.086769][ T3318] loop2: detected capacity change from 0 to 128
[  163.128443][ T3320] 9pnet: Insufficient options for proto=fd
[  163.474828][ T3324] loop1: detected capacity change from 0 to 2048
[  163.476168][ T3326] loop0: detected capacity change from 0 to 512
[  163.505741][ T3324] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  163.516302][ T3324] ext4 filesystem being mounted at /182/file0 supports timestamps until 2038 (0x7fffffff)
[  163.530761][  T310] usbhid 4-1:0.0: can't add hid device: -71
[  163.536685][  T310] usbhid: probe of 4-1:0.0 failed with error -71
[  163.545681][  T310] usb 4-1: USB disconnect, device number 25
[  163.553917][ T3326] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  163.587675][ T3326] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  163.597731][ T3326] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  163.608262][ T3326] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  163.616071][ T3326] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e118, mo2=0000]
[  163.624586][ T3326] EXT4-fs (loop0): orphan cleanup on readonly fs
[  163.636405][ T3326] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.814: bg 0: block 34: padding at end of block bitmap is not set
[  163.685855][ T3326] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:476: comm syz.0.814: Invalid block bitmap block 0 in block_group 1
[  163.699808][ T3324] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.813: bg 0: block 288: padding at end of block bitmap is not set
[  163.715554][ T3326] EXT4-fs (loop0): 1 truncate cleaned up
[  163.728433][ T3326] EXT4-fs (loop0): mounted filesystem without journal. Opts: noload,debug,nogrpid,noblock_validity,,errors=continue. Quota mode: writeback.
[  163.743337][ T3324] fs-verity (loop1, inode 13): ext4_end_enable_verity() failed with err -117
[  163.780718][ T3326] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: writeback.
[  164.009778][ T3342] incfs: Error accessing: ./file0.
[  164.025392][ T3342] incfs: mount failed -20
[  164.192142][ T3349] FAULT_INJECTION: forcing a failure.
[  164.192142][ T3349] name failslab, interval 1, probability 0, space 0, times 0
[  164.204846][ T3349] CPU: 0 PID: 3349 Comm: syz.3.821 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0
[  164.214473][ T3349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  164.224370][ T3349] Call Trace:
[  164.227487][ T3349]  <TASK>
[  164.230265][ T3349]  dump_stack_lvl+0x151/0x1b7
[  164.234779][ T3349]  ? io_uring_drop_tctx_refs+0x190/0x190
[  164.240251][ T3349]  dump_stack+0x15/0x17
[  164.244239][ T3349]  should_fail+0x3c6/0x510
[  164.248497][ T3349]  __should_failslab+0xa4/0xe0
[  164.253092][ T3349]  ? __anon_vma_prepare+0x56/0x430
[  164.258039][ T3349]  should_failslab+0x9/0x20
[  164.262378][ T3349]  slab_pre_alloc_hook+0x37/0xd0
[  164.267151][ T3349]  ? __anon_vma_prepare+0x56/0x430
[  164.272102][ T3349]  kmem_cache_alloc+0x44/0x200
[  164.276702][ T3349]  __anon_vma_prepare+0x56/0x430
[  164.281472][ T3349]  wp_page_copy+0x14a7/0x1b00
[  164.285988][ T3349]  ? __kasan_check_write+0x14/0x20
[  164.290933][ T3349]  ? insert_page_into_pte_locked+0x4e0/0x4e0
[  164.296752][ T3349]  ? perf_event_mmap+0x3ac/0x1930
[  164.301616][ T3349]  ? do_syscall_64+0x3d/0xb0
[  164.306035][ T3349]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  164.311937][ T3349]  ? __pte_map_lock+0x442/0x620
[  164.316625][ T3349]  ? vm_normal_page+0x1e1/0x1f0
[  164.321314][ T3349]  do_wp_page+0x6fa/0xb60
[  164.325477][ T3349]  handle_pte_fault+0x7c0/0x24d0
[  164.330255][ T3349]  ? fault_around_bytes_set+0xc0/0xc0
[  164.335461][ T3349]  ? trace_raw_output_vm_unmapped_area+0x220/0x220
[  164.341796][ T3349]  do_handle_mm_fault+0x1ea9/0x23a0
[  164.346831][ T3349]  ? numa_migrate_prep+0xe0/0xe0
[  164.351604][ T3349]  ? memset+0x35/0x40
[  164.355421][ T3349]  ? get_unmapped_area+0x31d/0x380
[  164.360369][ T3349]  ? userfaultfd_unmap_prep+0x4a0/0x4a0
[  164.365750][ T3349]  ? down_read_trylock+0x1f9/0x300
[  164.370693][ T3349]  ? __init_rwsem+0x1c0/0x1c0
[  164.375208][ T3349]  ? debug_smp_processor_id+0x17/0x20
[  164.380414][ T3349]  ? vmacache_find+0x21f/0x4d0
[  164.385019][ T3349]  ? __find_vma+0x30/0x150
[  164.389270][ T3349]  exc_page_fault+0x3b5/0x830
[  164.393788][ T3349]  asm_exc_page_fault+0x27/0x30
[  164.398468][ T3349] RIP: 0033:0x7f06001ff453
[  164.402728][ T3349] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  164.422174][ T3349] RSP: 002b:00007f05ff5ba4b0 EFLAGS: 00010202
[  164.428067][ T3349] RAX: 0000000000000400 RBX: 00007f05ff5ba550 RCX: 00007f05f719b000
[  164.435961][ T3349] RDX: 00007f05ff5ba6f0 RSI: 0000000000000001 RDI: 00007f05ff5ba5f0
[  164.443861][ T3349] RBP: 00000000000000f9 R08: 0000000000000008 R09: 000000000000009a
[  164.451677][ T3349] R10: 00000000000000b8 R11: 00007f05ff5ba550 R12: 0000000000000001
[  164.459486][ T3349] R13: 00007f06003b9f80 R14: 0000000000000020 R15: 00007f05ff5ba5f0
[  164.467809][ T3349]  </TASK>
[  164.471595][ T3349] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  164.485465][ T3349] loop3: detected capacity change from 0 to 1024
[  164.519265][ T3349] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  164.534116][ T3349] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  164.545597][ T1283] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  164.550446][ T3349] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #3: comm syz.3.821: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  164.571087][ T3349] EXT4-fs (loop3): no journal found
[  164.571108][ T3349] EXT4-fs (loop3): can't get journal size
[  164.624355][ T3349] EXT4-fs (loop3): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000005,noinit_itable,max_dir_size_kb=0x0000000000000005,noblock_validity,noload,data=writeback,,errors=continue. Quota mode: writeback.
[  164.730871][ T3386] loop3: detected capacity change from 0 to 512
[  164.750408][ T3386] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  164.762122][ T3386] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038 (0x7fffffff)
[  164.827739][   T30] kauditd_printk_skb: 67 callbacks suppressed
[  164.827756][   T30] audit: type=1400 audit(1720821516.202:434): avc:  denied  { relabelfrom } for  pid=3397 comm="syz.0.843" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  164.855558][   T30] audit: type=1400 audit(1720821516.202:435): avc:  denied  { relabelto } for  pid=3397 comm="syz.0.843" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  164.875373][ T1283] usb 2-1: Using ep0 maxpacket: 8
[  164.992395][ T3403] loop3: detected capacity change from 0 to 512
[  165.027558][ T1283] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  165.063972][ T1283] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  165.113361][ T3403] EXT4-fs (loop3): Mount option "noacl" will be removed by 3.5
[  165.113361][ T3403] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  165.113361][ T3403] 
[  165.142930][ T3407] loop0: detected capacity change from 0 to 2048
[  165.144935][ T1283] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  165.161928][ T1283] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  165.162279][ T3403] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  165.175147][ T1283] usb 2-1: New USB device found, idVendor=05ac, idProduct=029f, bcdDevice= 0.00
[  165.190223][ T3403] EXT4-fs (loop3): 1 truncate cleaned up
[  165.195210][ T1283] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.197582][ T3403] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  165.229105][ T3407] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  165.239984][ T1283] usb 2-1: config 0 descriptor??
[  165.259218][ T3407] EXT4-fs (loop0): re-mounted. Opts: min_batch_time=0x0000000000000000,lazytime,nolazytime,noquota,jqfmt=vfsold,minixdf,init_itable=0x0000000000000002,grpid,debug,. Quota mode: none.
[  165.324419][ T3415] loop0: detected capacity change from 0 to 512
[  165.389251][ T3415] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  165.570401][    T6] usb 3-1: new low-speed USB device number 20 using dummy_hcd
[  165.584170][ T3427] netlink: 12 bytes leftover after parsing attributes in process `syz.0.852'.
[  165.702553][   T30] audit: type=1400 audit(1720821517.115:436): avc:  denied  { create } for  pid=3436 comm="syz.4.857" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  165.733294][ T3345] syz.1.820 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  165.739825][   T30] audit: type=1400 audit(1720821517.147:437): avc:  denied  { setopt } for  pid=3436 comm="syz.4.857" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  165.794131][ T1283] hid-generic 0003:05AC:029F.001D: hidraw0: USB HID v0.00 Device [HID 05ac:029f] on usb-dummy_hcd.1-1/input0
[  165.874363][ T3452] loop0: detected capacity change from 0 to 16
[  165.913354][ T3452] erofs: Unknown parameter ''
[  165.941830][    T6] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  165.951984][    T6] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt
[  165.981590][    T6] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  166.036787][ T1283] usb 2-1: USB disconnect, device number 25
[  166.409490][    T8] tipc: Left network mode
[  166.465274][ T3480] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.472569][ T3480] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.480596][ T3480] device bridge_slave_0 entered promiscuous mode
[  166.489516][ T3480] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.496702][ T3480] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.504280][ T3480] device bridge_slave_1 entered promiscuous mode
[  166.542052][    T6] usb 3-1: string descriptor 0 read error: -22
[  166.549033][    T6] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  166.558247][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.585465][ T3480] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.590233][ T3413] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  166.592516][ T3480] bridge0: port 2(bridge_slave_1) entered forwarding state
[  166.606357][ T3480] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.609845][    T6] cdc_ether: probe of 3-1:1.0 failed with error -22
[  166.613224][ T3480] bridge0: port 1(bridge_slave_0) entered forwarding state
[  166.648917][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  166.653235][ T3495] loop1: detected capacity change from 0 to 256
[  166.662384][ T1283] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.669805][ T1283] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.713590][  T310] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  166.727357][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  166.728606][ T3495] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  166.735941][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.752624][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[  166.761131][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  166.769333][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.776299][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[  166.797372][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  166.805362][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  166.816823][ T2225] usb 3-1: USB disconnect, device number 20
[  166.826001][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  166.839895][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  166.848284][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  166.855634][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  166.863711][ T3480] device veth0_vlan entered promiscuous mode
[  166.875278][ T3504] netlink: 'syz.1.885': attribute type 4 has an invalid length.
[  166.883360][ T3504] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.885'.
[  166.899147][ T3480] device veth1_macvtap entered promiscuous mode
[  166.906621][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  167.006172][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  167.025909][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  167.055510][    T8] device bridge_slave_1 left promiscuous mode
[  167.061868][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.095454][    T8] device bridge_slave_0 left promiscuous mode
[  167.112036][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.123428][  T310] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.143721][    T8] device veth1_macvtap left promiscuous mode
[  167.149701][  T310] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.162221][    T8] device veth0_vlan left promiscuous mode
[  167.467646][  T310] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  167.476730][  T310] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.493371][  T310] usb 1-1: config 0 descriptor??
[  167.509276][ T3506] loop1: detected capacity change from 0 to 40427
[  167.571689][ T3506] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  167.600705][ T3506] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  167.635094][ T3506] F2FS-fs (loop1): Found nat_bits in checkpoint
[  167.692340][ T3506] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  167.718694][ T3506] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  167.773689][   T30] audit: type=1400 audit(1720821519.298:438): avc:  denied  { create } for  pid=3531 comm="syz.2.895" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  167.796567][ T3532] netlink: 8 bytes leftover after parsing attributes in process `syz.2.895'.
[  167.828080][ T3534] netlink: 16 bytes leftover after parsing attributes in process `syz.2.896'.
[  168.366075][   T30] audit: type=1400 audit(1720821519.917:439): avc:  denied  { write } for  pid=3565 comm="syz.1.909" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  168.409920][  T314] usb 5-1: new low-speed USB device number 25 using dummy_hcd
[  168.418792][   T30] audit: type=1400 audit(1720821519.959:440): avc:  denied  { ioctl } for  pid=3571 comm="syz.1.912" path="socket:[26272]" dev="sockfs" ino=26272 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  168.452956][ T3574] loop1: detected capacity change from 0 to 128
[  168.465689][ T3574] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  168.476180][ T3574] ext4 filesystem being mounted at /196/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  168.543138][  T310] usb 1-1: string descriptor 0 read error: -71
[  168.562413][  T310] uclogic 0003:256C:006D.001E: failed retrieving string descriptor #200: -71
[  168.571231][  T310] uclogic 0003:256C:006D.001E: failed retrieving pen parameters: -71
[  168.579799][  T310] uclogic 0003:256C:006D.001E: failed probing pen v2 parameters: -71
[  168.588066][  T310] uclogic 0003:256C:006D.001E: failed probing parameters: -71
[  168.595657][  T310] uclogic: probe of 0003:256C:006D.001E failed with error -71
[  168.608800][  T310] usb 1-1: USB disconnect, device number 26
[  168.658144][   T30] audit: type=1326 audit(1720821520.221:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3582 comm="syz.1.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f627b820bd9 code=0x7ffc0000
[  168.682014][ T3584] loop1: detected capacity change from 0 to 256
[  168.682158][   T30] audit: type=1326 audit(1720821520.221:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3582 comm="syz.1.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f627b820bd9 code=0x7ffc0000
[  168.713269][   T30] audit: type=1326 audit(1720821520.221:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3582 comm="syz.1.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f627b820bd9 code=0x7ffc0000
[  168.790905][  T314] usb 5-1: config index 0 descriptor too short (expected 1307, got 27)
[  168.799142][  T314] usb 5-1: config 0 has an invalid interface number: 0 but max is -1
[  168.807038][  T314] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0
[  168.817100][  T314] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  169.057734][  T314] usb 5-1: string descriptor 0 read error: -22
[  169.065007][  T314] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de
[  169.083079][  T314] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.111628][  T314] usb 5-1: config 0 descriptor??
[  169.143522][ T3547] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  169.163658][  T314] hub 5-1:0.0: bad descriptor, ignoring hub
[  169.170390][  T314] hub: probe of 5-1:0.0 failed with error -5
[  169.180867][  T314] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input9
[  169.203619][ T3635] netlink: 256 bytes leftover after parsing attributes in process `syz.2.940'.
[  169.212448][ T3635] netlink: 136 bytes leftover after parsing attributes in process `syz.2.940'.
[  169.294919][ T3651] loop1: detected capacity change from 0 to 512
[  169.331042][ T3651] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  169.347949][ T3651] EXT4-fs error (device loop1): __ext4_iget:4892: inode #16: block 469762080: comm syz.1.948: invalid block
[  169.359799][ T3651] EXT4-fs (loop1): Remounting filesystem read-only
[  169.366531][ T3651] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.948: couldn't read orphan inode 16 (err -117)
[  169.372209][   T39] usb 5-1: USB disconnect, device number 25
[  169.380604][ T3651] EXT4-fs (loop1): 1 orphan inode deleted
[  169.389686][ T3651] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,noquota,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback.
[  169.413552][ T3651] EXT4-fs error (device loop1): ext4_search_dir:1548: inode #12: block 7: comm syz.1.948: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0
[  169.432417][ T3651] EXT4-fs (loop1): Remounting filesystem read-only
[  169.893762][   T30] kauditd_printk_skb: 32 callbacks suppressed
[  169.893780][   T30] audit: type=1400 audit(1720821521.512:476): avc:  denied  { setattr } for  pid=3664 comm="syz.4.953" name="raw" dev="proc" ino=4026532970 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  169.991731][ T3678] loop4: detected capacity change from 0 to 512
[  170.010626][   T39] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  170.028583][ T3678] EXT4-fs (loop4): 1 truncate cleaned up
[  170.034250][ T3678] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  170.303332][ T3688] syz.3.961[3688] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  170.303692][ T3688] syz.3.961[3688] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  170.372769][   T39] usb 2-1: Using ep0 maxpacket: 16
[  170.471420][ T3674] loop0: detected capacity change from 0 to 40427
[  170.480258][ T3678] BUG: unable to handle page fault for address: ffffffffff600000
[  170.487809][ T3678] #PF: supervisor read access in kernel mode
[  170.490042][ T3674] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  170.494062][ T3678] #PF: error_code(0x0001) - permissions violation
[  170.502022][ T3674] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  170.508070][ T3678] PGD 6812067 P4D 6812067 PUD 6814067 PMD 6816067 PTE 8000000006809165
[  170.508125][ T3678] Oops: 0001 [#1] PREEMPT SMP KASAN
[  170.508153][ T3678] CPU: 1 PID: 3678 Comm: syz.4.959 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0
[  170.517685][ T3674] F2FS-fs (loop0): invalid crc value
[  170.524112][ T3678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  170.531595][ T3674] F2FS-fs (loop0): Found nat_bits in checkpoint
[  170.538784][ T3678] RIP: 0010:copy_from_kernel_nofault+0x86/0x2e0
[  170.538826][ T3678] Code: 48 89 55 d0 0f 85 ea 01 00 00 ff 02 bf 07 00 00 00 4c 89 ee e8 8b 92 d6 ff 49 83 fd 07 76 5c 4d 89 fe 49 83 c5 f8 49 83 c7 08 <49> 8b 1c 24 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80
[  170.538844][ T3678] RSP: 0018:ffffc90000a17b10 EFLAGS: 00010292
[  170.538869][ T3678] RAX: 0000000000000002 RBX: 00007ffffffff000 RCX: ffff88810c2a93c0
[  170.583368][ T3674] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  170.585560][ T3678] RDX: ffff88810c2a9f50 RSI: 0000000000000008 RDI: 0000000000000007
[  170.591461][ T3674] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  170.599279][ T3678] RBP: ffffc90000a17b48 R08: ffffffff8199a975 R09: ffffed1021855279
[  170.599297][ T3678] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffffff600000
[  170.599311][ T3678] R13: 0000000000000000 R14: ffffc90000a17ba8 R15: ffffc90000a17bb0
[  170.599326][ T3678] FS:  00007fee4e41f6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  170.599345][ T3678] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  170.599360][ T3678] CR2: ffffffffff600000 CR3: 0000000120cff000 CR4: 00000000003506a0
[  170.599378][ T3678] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  170.625652][   T30] audit: type=1400 audit(1720821522.289:477): avc:  denied  { read } for  pid=3673 comm="syz.0.957" name="vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  170.629478][ T3678] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  170.643181][   T30] audit: type=1400 audit(1720821522.299:478): avc:  denied  { open } for  pid=3673 comm="syz.0.957" path="/dev/vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  170.645306][ T3678] Call Trace:
[  170.645316][ T3678]  <TASK>
[  170.737707][ T3678]  ? __die_body+0x62/0xb0
[  170.741953][ T3678]  ? __die+0x7e/0x90
[  170.745686][ T3678]  ? page_fault_oops+0x7f9/0xa90
[  170.750460][ T3678]  ? kernelmode_fixup_or_oops+0x270/0x270
[  170.756014][ T3678]  ? security_file_alloc+0x29/0x120
[  170.761050][ T3678]  ? kmem_cache_alloc+0xf5/0x200
[  170.765822][ T3678]  ? exc_page_fault+0x521/0x830
[  170.770507][ T3678]  ? errseq_sample+0x44/0x70
[  170.775028][ T3678]  ? asm_exc_page_fault+0x27/0x30
[  170.779881][ T3678]  ? copy_from_kernel_nofault+0x75/0x2e0
[  170.785377][ T3678]  ? copy_from_kernel_nofault+0x86/0x2e0
[  170.790848][ T3678]  bpf_probe_read_compat+0x112/0x180
[  170.795950][ T3678]  bpf_prog_baa065642a502c00+0x64/0x8c4
[  170.801318][ T3678]  __bpf_prog_test_run_raw_tp+0xa0/0x1d0
[  170.806966][ T3678]  ? bpf_prog_test_run_raw_tp+0x4c5/0x6c0
[  170.812519][ T3678]  bpf_prog_test_run_raw_tp+0x4cd/0x6c0
[  170.817994][ T3678]  ? bpf_prog_test_run_tracing+0x710/0x710
[  170.823631][ T3678]  ? __kasan_check_write+0x14/0x20
[  170.828573][ T3678]  ? fput_many+0x160/0x1b0
[  170.832830][ T3678]  ? bpf_prog_test_run_tracing+0x710/0x710
[  170.838483][ T3678]  bpf_prog_test_run+0x3b0/0x630
[  170.843241][ T3678]  ? bpf_prog_query+0x220/0x220
[  170.847930][ T3678]  ? selinux_bpf+0xd2/0x100
[  170.852357][ T3678]  ? security_bpf+0x82/0xb0
[  170.856693][ T3678]  __sys_bpf+0x525/0x760
[  170.860773][ T3678]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  170.865981][ T3678]  ? __kasan_check_read+0x11/0x20
[  170.870843][ T3678]  __x64_sys_bpf+0x7c/0x90
[  170.875092][ T3678]  do_syscall_64+0x3d/0xb0
[  170.879350][ T3678]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  170.885076][ T3678] RIP: 0033:0x7fee4f19dbd9
[  170.889328][ T3678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.908773][ T3678] RSP: 002b:00007fee4e41f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  170.917013][ T3678] RAX: ffffffffffffffda RBX: 00007fee4f32bf60 RCX: 00007fee4f19dbd9
[  170.924823][ T3678] RDX: 0000000000000050 RSI: 0000000020000680 RDI: 000000000000000a
[  170.932638][ T3678] RBP: 00007fee4f20ce60 R08: 0000000000000000 R09: 0000000000000000
[  170.940455][ T3678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  170.948579][ T3678] R13: 000000000000000b R14: 00007fee4f32bf60 R15: 00007ffeb8d2fe58
[  170.956380][ T3678]  </TASK>
[  170.959236][ T3678] Modules linked in:
[  170.963000][ T3678] CR2: ffffffffff600000
[  170.966970][ T3678] ---[ end trace 981450e6beba5d9c ]---
[  170.972256][ T3678] RIP: 0010:copy_from_kernel_nofault+0x86/0x2e0
[  170.978333][ T3678] Code: 48 89 55 d0 0f 85 ea 01 00 00 ff 02 bf 07 00 00 00 4c 89 ee e8 8b 92 d6 ff 49 83 fd 07 76 5c 4d 89 fe 49 83 c5 f8 49 83 c7 08 <49> 8b 1c 24 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80
[  170.997969][ T3678] RSP: 0018:ffffc90000a17b10 EFLAGS: 00010292
[  171.003870][ T3678] RAX: 0000000000000002 RBX: 00007ffffffff000 RCX: ffff88810c2a93c0
[  171.011684][ T3678] RDX: ffff88810c2a9f50 RSI: 0000000000000008 RDI: 0000000000000007
[  171.019489][ T3678] RBP: ffffc90000a17b48 R08: ffffffff8199a975 R09: ffffed1021855279
[  171.027387][ T3678] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffffff600000
[  171.035413][ T3678] R13: 0000000000000000 R14: ffffc90000a17ba8 R15: ffffc90000a17bb0
[  171.043206][ T3678] FS:  00007fee4e41f6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  171.051965][ T3678] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  171.058390][ T3678] CR2: ffffffffff600000 CR3: 0000000120cff000 CR4: 00000000003506a0
[  171.066206][ T3678] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  171.074013][ T3678] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  171.081834][ T3678] Kernel panic - not syncing: Fatal exception
[  171.087938][ T3678] Kernel Offset: disabled
[  171.092069][ T3678] Rebooting in 86400 seconds..