program: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0xe, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0005400100142603600e1209000b0000000401a80016000800014009001100036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x3c, 0x3, 0x8, 0x0, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_DATA={0x1c, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_COOKIE_ECHOED={0x8}, @CTA_TIMEOUT_SCTP_SHUTDOWN_SENT={0x8, 0x5, 0x1, 0x0, 0x8000000}, @CTA_TIMEOUT_SCTP_HEARTBEAT_SENT={0x8}]}]}, 0x3c}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000004c0)={'vcan0\x00', 0x0}) r4 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) sendto$inet(r4, &(0x7f0000000300)="ab", 0x1a000, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r4, 0x84, 0x73, &(0x7f0000000000)={0x0, 0x7ff, 0x10, 0x200, 0x5}, &(0x7f0000000040)=0x18) syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000180)={[{@coherency_buffered}, {@heartbeat_none}, {@coherency_full}, {@err_cont}, {@journal_async_commit}, {@localflocks}, {@intr}, {@dir_resv_level}]}, 0x9, 0x442b, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzsLOwIaVsGDr53NgmOf38p159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4n2zb/6H965/2dOI6Oehr75/s6vmL7944E8L3sz8+WV9fXw9V3SERhWZDTb//9uu9meZjQxzSqu2GjvoghHByy7iqukII739X/xTnkrTR5NgbQjiWfMIb9z67mduj0Tx8XDybfzp1f2349OTqg7XWnz0K4avS/167Pf/zi13DP72yR90DAAAAAAAAAAAAAAAAAPCMG7929fo7g0PhURS6V6Ot7+uOJ8dW78eu75kXOv9hAQAAAAAAAAAAAAAAAAAA4G9q8/3/XHRim/f/x5LjSIv66291fox0zsTbV8cuDA4l+79HW/JfT5J+OdcV+rfZ9z27//u5TP3t93/f2s9uNcbX6LcvRPFA6jyOBwZC+CbZ+P1UdCQulZcqr94qLy/M7tkwnlnp+Nd3709FJ9nQv934j2ba7/z+///dcjVVz2/u3SX2XEvHv6tluW8/jdqK//lMvf2IP7uXjn93La23ucBIfQKoxv/z7p3jP5Zpv1PxPx5CyEXVseZSM0B1DVNNb7VeIS0d/0O1tNTUmfwhW93/v2fifyHT/kHN/yvZLyK2lY7/v2ppPakSm/d/f7zz/X8x0/5BxL86/hXf/21Jx/9wPbE7VaT2l2x3/h/PtN+p+F+Pk3Eej1JXwGpUT2/1/+pIS8e/Z0v+5vNf3Nb671Km/n49/zX6bTz/Nab/l6P68x/bS8e/t2W5du//iUy9Ts//I7X1H7uVjv+RWlp67dxX+9lu/Ccz7Xcq/rVVSU8j/pvzyR+H6+lfW/+1JR3/f9cT4+YSK7WftfVftPP6/3Km/YNY/1XHvxJ3ttfnRXP8u8LRluWq8f+hje//K5l6nY9/CIPW+ruWvv+PtSxXu/97do7/VKZep+P/UicbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgGjCbHvhDFA6nzOB4YCOF8cn4qHImmC7P56VJ55qOlEMaS9Fw4Ed0ulacLpfzcQnm2mC+USuWZEC4k+SdDT7RUKlfy84W7Fzfa6o3uFAuLlelioRJCGE/S/x+ONdqanqvMF+6GEC5t5P0nLi/evVNYyM/OLb45ODg4GCY2xtAfFT+pFBcq9d7ruSFMbtTti5oGV8u+vDGWo9GH5eXFhUKpln6lqU6pPFMoNdWZSvK+CP1RZXF5YaZQKeZL5duN/g7SSHIcm7j23rUrQ1vyb0b14+j+DgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv+jR8BtfhhC662dxCGGk8Uu0XfmHj4tn80+n7q8Nn55cfbD2pFU5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/ZgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwi4dozQQRGEAfjMWaucxrJbdznZFES1cETyBHsPD6FG8hHdIkSJtihBIZiFsdmGbpPq+5sH8zLwH8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJjn6b37eKubiBRXm8uIv6//xWH+UurP/fj9izPMyOk8v3YPj3VT/j0d5XflaNnmXbpefX/GSO39DvZkuE97fZ/rybmm9m1qvr7vTaRcRURb8tuUc1XNewsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5W0fRtwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/AgAA//+Elx0W") mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f0000000280)='system.posix_acl_default\x00', 0x0, 0x0, 0x1) connect$can_bcm(r2, &(0x7f00000000c0)={0x1d, r3}, 0x10) sendmsg$can_bcm(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x1, 0x840, 0x0, {}, {0x77359400}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "ef1d62ee7e923b0ad9cda5b28dd4753620a2f0271768a8284c18a4e2b5e44dc77098b18fd964df81213608ec503db52d42f1a78c97322f4ae4c8dc89cf2b1440"}}, 0x80}}, 0x0) r5 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) ppoll(&(0x7f00000006c0)=[{r5, 0x1224}, {r5, 0x8204}], 0x2008, 0x0, 0x0, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$FUSE_OPEN(r6, &(0x7f0000000840)={0x20}, 0x20) fdatasync(r6) sendmsg$kcm(r6, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000580)="496d13c859cb91b41e6a6015c4429c5c7e2a2ed3407197b1c19da1c1b6709a4fffe3127326920ac19962d234a53ed4086178e8ffcfbfdce00d0a89d9d0df7a6cd6aa0f4f3b824dc6f9b77b5b43559045a2c970a85ba9f1dacb389c2cac2d0d4c3906984701e3f7571e81fb9dc867dc8de2fdfbe8242cec58a49b628a26dffcf2c3c46f0b998c61e09147516e51dec20edf1fbc858a9d115ee7d770ae7a2bf0b7692646316ce0e3d515684fa1dd3303edea36aaf4c7dcc822a91f28c9bd8100c504b26e57a5c37c4f2bb7c52cb78a4eb531e3d7f6f31d875a3bb502c47a5bf800d3cbe4f72f091c17f4cdd0f3377fab5d7931fc7d", 0xf4}, {&(0x7f0000000700)="39eae3472b5b96213bd32ffb0e1a1fc76b29e2e8888ab21c5af1d6b834fd441e5abf25bede6e6620813db43ce9728c2c76e516ceb0cfa57107ed7f120d66c558a66703e30b719bb52c46764f65ca79cb224198f3a1e62784fcf6ce53249eaf4face6755aa33bb3", 0x67}, {&(0x7f0000000680)}], 0x3, &(0x7f00000007c0)=[{0x40, 0x107, 0x29, "cdc518b36054183d4f235dc598fe6977b29e599b85c198f5c520c484efc252a99cdfca8d8f065aee1a0c"}, {0xe0, 0x102, 0x400, "32e52e68b8ff984bb1fd6fd1b5a3792b554c2dd270d2abd877b711f383c5c5a89d74940b3e0cfe6ad2963cbecde1cd9cd6fc7eaade8185397c2ed9fc1c4c4186b210d2fc649598de8c2d3b9c07c980e9c5e8ede924d50e2721375259d78fd7c55b92c37168610f60e58468c8c3dec910ec1ff91d7cd55f1d096f947448b3e477724fc4256c61c55323ddff29252b767c2ef140bb30ef75a0078717899e895351ffc9593cf30ac2ff369602f003da860802e2cf068ef4a0881bcd690a97acef2f636e17468b1fe5d70fae7540"}, {0xf0, 0x111, 0x800, "466d0ddf393e456a16b1a0225703046c06caf09b9d295a62a2a5004ef994636a2f2853ab2e0510ddcd54a595676d57fb55c14fa1500c13b5a6fe1dcb95652da697eb040719b786718273cd2870383a88655ab50cdca8f2b2004210f79565ecfa5d965babc9676e2f7d6743d018306048475c4d9682a7ea52e499e742aadfc08996f55381ce73a964beda513d8b020812140c6dfd4d9e6b9fe705b1eb3b25e21025e936d71f69a1466017d6bf4a3360aed33b536b6a3cd16bd2ae04c6e9e7bcbd53f7a8e3205434929323bf11af686f20fd80b913079144bb8beaada0674ea1"}, {0x88, 0x0, 0x6, "2bc5b78f19a7bde20ca4223e95f10d892394d524f98506594d63b12a0fa4ba3cbf253fccd981e6e734ed20eda0049e117db5842dc99eb9994d413f0068a22685e43df3efe0bbe76625f6a6cfcdb46089b3ca0038a3208746678b25be7e356189204743cfda5c9bd165b01cba790b9eafd2972bee"}], 0x298}, 0x4000080) sendmsg$can_bcm(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1, 0x0, 0x0, {}, {0x77359400}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "ce2a4fa77baa108b"}}, 0x48}}, 0x0) dup2(r1, r2) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r7, &(0x7f0000000000)={0x0, 0x46, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[], 0x78}, 0x1, 0x0, 0x0, 0x40080}, 0x20000000) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r1) sendmsg$ETHTOOL_MSG_COALESCE_SET(r7, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000500)={0x44, r8, 0x4, 0x70bd27, 0x25dfdbfd, {}, [@ETHTOOL_A_COALESCE_RX_MAX_FRAMES_HIGH={0x8, 0x14, 0x2}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW={0x8, 0x11, 0x3}, @ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL={0x8, 0x17, 0x9}, @ETHTOOL_A_COALESCE_TX_USECS={0x8, 0x6, 0x5}, @ETHTOOL_A_COALESCE_RX_USECS_HIGH={0x8, 0x13, 0xc2b7}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW={0x8, 0x11, 0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x240000e1) [ 82.382367][ T5102] Bluetooth: hci0: command tx timeout [ 83.047590][ T5117] netlink: 'syz.0.0': attribute type 5 has an invalid length. [ 83.050397][ T5117] netlink: 'syz.0.0': attribute type 11 has an invalid length. [ 83.053100][ T5117] netlink: 156 bytes leftover after parsing attributes in process `syz.0.0'. [ 83.474143][ T5117] loop0: detected capacity change from 0 to 32768 [ 83.496117][ T5117] ======================================================= [ 83.496117][ T5117] WARNING: The mand mount option has been deprecated and [ 83.496117][ T5117] and is ignored by this kernel. Remove the mand [ 83.496117][ T5117] option from the mount to silence this warning. [ 83.496117][ T5117] ======================================================= [ 83.592789][ T5117] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 83.683528][ T5117] [ 83.684505][ T5117] ====================================================== [ 83.687160][ T5117] WARNING: possible circular locking dependency detected [ 83.689783][ T5117] 6.11.0-rc7-syzkaller-00039-g77f587896757 #0 Not tainted [ 83.692535][ T5117] ------------------------------------------------------ [ 83.695187][ T5117] syz.0.0/5117 is trying to acquire lock: [ 83.697418][ T5117] ffff88803cd84610 (sb_internal#2){.+.+}-{0:0}, at: ocfs2_write_begin_nolock+0x226b/0x4d30 [ 83.701368][ T5117] [ 83.701368][ T5117] but task is already holding lock: [ 83.704287][ T5117] ffff888011f0cda0 (&oi->ip_alloc_sem){++++}-{3:3}, at: ocfs2_write_begin+0x1d1/0x3a0 [ 83.707916][ T5117] [ 83.707916][ T5117] which lock already depends on the new lock. [ 83.707916][ T5117] [ 83.711801][ T5117] [ 83.711801][ T5117] the existing dependency chain (in reverse order) is: [ 83.715239][ T5117] [ 83.715239][ T5117] -> #4 (&oi->ip_alloc_sem){++++}-{3:3}: [ 83.718190][ T5117] lock_acquire+0x1ed/0x550 [ 83.720143][ T5117] down_write+0x99/0x220 [ 83.722090][ T5117] ocfs2_try_remove_refcount_tree+0xb6/0x330 [ 83.724623][ T5117] ocfs2_xattr_set+0xa4f/0x1930 [ 83.726722][ T5117] ocfs2_set_acl+0x4cb/0x580 [ 83.728705][ T5117] ocfs2_iop_set_acl+0x24a/0x3c0 [ 83.730797][ T5117] vfs_set_acl+0x7fd/0xa60 [ 83.732636][ T5117] path_setxattr+0x3bd/0x4d0 [ 83.734542][ T5117] __x64_sys_lsetxattr+0xb8/0xd0 [ 83.736647][ T5117] do_syscall_64+0xf3/0x230 [ 83.738627][ T5117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.741111][ T5117] [ 83.741111][ T5117] -> #3 (&oi->ip_xattr_sem){++++}-{3:3}: [ 83.744183][ T5117] lock_acquire+0x1ed/0x550 [ 83.746147][ T5117] down_read+0xb1/0xa40 [ 83.747970][ T5117] ocfs2_init_acl+0x397/0x930 [ 83.749982][ T5117] ocfs2_mknod+0x1c05/0x2b40 [ 83.751970][ T5117] ocfs2_mkdir+0x1ab/0x480 [ 83.753840][ T5117] vfs_mkdir+0x2f9/0x4f0 [ 83.755715][ T5117] do_mkdirat+0x264/0x3a0 [ 83.757596][ T5117] __x64_sys_mkdirat+0x87/0xa0 [ 83.759563][ T5117] do_syscall_64+0xf3/0x230 [ 83.761426][ T5117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.763930][ T5117] [ 83.763930][ T5117] -> #2 (jbd2_handle){++++}-{0:0}: [ 83.766725][ T5117] lock_acquire+0x1ed/0x550 [ 83.768737][ T5117] start_this_handle+0x1eb4/0x2110 [ 83.770841][ T5117] jbd2__journal_start+0x2da/0x5d0 [ 83.772998][ T5117] jbd2_journal_start+0x29/0x40 [ 83.774987][ T5117] ocfs2_start_trans+0x3c9/0x700 [ 83.777085][ T5117] ocfs2_mknod+0x150c/0x2b40 [ 83.779094][ T5117] ocfs2_mkdir+0x1ab/0x480 [ 83.781023][ T5117] vfs_mkdir+0x2f9/0x4f0 [ 83.782932][ T5117] do_mkdirat+0x264/0x3a0 [ 83.784845][ T5117] __x64_sys_mkdirat+0x87/0xa0 [ 83.786893][ T5117] do_syscall_64+0xf3/0x230 [ 83.788868][ T5117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.791339][ T5117] [ 83.791339][ T5117] -> #1 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 83.794539][ T5117] lock_acquire+0x1ed/0x550 [ 83.796493][ T5117] down_read+0xb1/0xa40 [ 83.798342][ T5117] ocfs2_start_trans+0x3be/0x700 [ 83.800440][ T5117] ocfs2_mknod+0x150c/0x2b40 [ 83.802436][ T5117] ocfs2_mkdir+0x1ab/0x480 [ 83.804356][ T5117] vfs_mkdir+0x2f9/0x4f0 [ 83.806257][ T5117] do_mkdirat+0x264/0x3a0 [ 83.808171][ T5117] __x64_sys_mkdirat+0x87/0xa0 [ 83.810232][ T5117] do_syscall_64+0xf3/0x230 [ 83.812135][ T5117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.814585][ T5117] [ 83.814585][ T5117] -> #0 (sb_internal#2){.+.+}-{0:0}: [ 83.817326][ T5117] validate_chain+0x18e0/0x5900 [ 83.819373][ T5117] __lock_acquire+0x137a/0x2040 [ 83.821445][ T5117] lock_acquire+0x1ed/0x550 [ 83.823405][ T5117] ocfs2_start_trans+0x2b9/0x700 [ 83.825522][ T5117] ocfs2_write_begin_nolock+0x226b/0x4d30 [ 83.827953][ T5117] ocfs2_write_begin+0x205/0x3a0 [ 83.830041][ T5117] generic_perform_write+0x399/0x840 [ 83.832295][ T5117] ocfs2_file_write_iter+0x17b4/0x1f60 [ 83.834555][ T5117] vfs_write+0xa72/0xc90 [ 83.836373][ T5117] ksys_write+0x1a0/0x2c0 [ 83.838227][ T5117] do_syscall_64+0xf3/0x230 [ 83.840158][ T5117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.842616][ T5117] [ 83.842616][ T5117] other info that might help us debug this: [ 83.842616][ T5117] [ 83.846411][ T5117] Chain exists of: [ 83.846411][ T5117] sb_internal#2 --> &oi->ip_xattr_sem --> &oi->ip_alloc_sem [ 83.846411][ T5117] [ 83.851393][ T5117] Possible unsafe locking scenario: [ 83.851393][ T5117] [ 83.854243][ T5117] CPU0 CPU1 [ 83.856351][ T5117] ---- ---- [ 83.858416][ T5117] lock(&oi->ip_alloc_sem); [ 83.860238][ T5117] lock(&oi->ip_xattr_sem); [ 83.863022][ T5117] lock(&oi->ip_alloc_sem); [ 83.865711][ T5117] rlock(sb_internal#2); [ 83.867389][ T5117] [ 83.867389][ T5117] *** DEADLOCK *** [ 83.867389][ T5117] [ 83.870503][ T5117] 4 locks held by syz.0.0/5117: [ 83.872376][ T5117] #0: ffff888011b1a0c8 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x24e/0x310 [ 83.875874][ T5117] #1: ffff88803cd84420 (sb_writers#10){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 83.879303][ T5117] #2: ffff888011f0d100 (&sb->s_type->i_mutex_key#19){+.+.}-{3:3}, at: ocfs2_file_write_iter+0x46a/0x1f60 [ 83.883622][ T5117] #3: ffff888011f0cda0 (&oi->ip_alloc_sem){++++}-{3:3}, at: ocfs2_write_begin+0x1d1/0x3a0 [ 83.887551][ T5117] [ 83.887551][ T5117] stack backtrace: [ 83.889852][ T5117] CPU: 0 UID: 0 PID: 5117 Comm: syz.0.0 Not tainted 6.11.0-rc7-syzkaller-00039-g77f587896757 #0 [ 83.893755][ T5117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.897828][ T5117] Call Trace: [ 83.899126][ T5117] [ 83.900273][ T5117] dump_stack_lvl+0x241/0x360 [ 83.901954][ T5117] ? __pfx_dump_stack_lvl+0x10/0x10 [ 83.903818][ T5117] ? print_circular_bug+0x130/0x1a0 [ 83.905621][ T5117] check_noncircular+0x36a/0x4a0 [ 83.907362][ T5117] ? __pfx_check_noncircular+0x10/0x10 [ 83.909284][ T5117] ? lockdep_lock+0x123/0x2b0 [ 83.910949][ T5117] ? add_lock_to_list+0x1de/0x2e0 [ 83.912751][ T5117] validate_chain+0x18e0/0x5900 [ 83.914486][ T5117] ? __pfx_validate_chain+0x10/0x10 [ 83.916338][ T5117] ? mark_lock+0x9a/0x350 [ 83.917945][ T5117] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 83.920411][ T5117] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 83.922700][ T5117] ? lockdep_hardirqs_on+0x99/0x150 [ 83.924720][ T5117] ? mark_lock+0x9a/0x350 [ 83.926484][ T5117] __lock_acquire+0x137a/0x2040 [ 83.928439][ T5117] lock_acquire+0x1ed/0x550 [ 83.930237][ T5117] ? ocfs2_write_begin_nolock+0x226b/0x4d30 [ 83.932537][ T5117] ? __pfx_lock_acquire+0x10/0x10 [ 83.934495][ T5117] ? __pfx_lock_release+0x10/0x10 [ 83.936441][ T5117] ? __pfx___might_resched+0x10/0x10 [ 83.938502][ T5117] ? do_raw_spin_unlock+0x58/0x8b0 [ 83.940454][ T5117] ocfs2_start_trans+0x2b9/0x700 [ 83.942329][ T5117] ? ocfs2_write_begin_nolock+0x226b/0x4d30 [ 83.944629][ T5117] ? __pfx_ocfs2_start_trans+0x10/0x10 [ 83.946720][ T5117] ? __kasan_kmalloc+0x98/0xb0 [ 83.948580][ T5117] ? ocfs2_write_begin_nolock+0x435/0x4d30 [ 83.950912][ T5117] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 83.953191][ T5117] ocfs2_write_begin_nolock+0x226b/0x4d30 [ 83.955429][ T5117] ? __lock_acquire+0x137a/0x2040 [ 83.957442][ T5117] ? __pfx_ocfs2_read_blocks+0x10/0x10 [ 83.959586][ T5117] ? __pfx_ocfs2_write_begin_nolock+0x10/0x10 [ 83.961850][ T5117] ? __pfx_lock_acquire+0x10/0x10 [ 83.963717][ T5117] ? mark_lock+0x9a/0x350 [ 83.965350][ T5117] ? __lock_acquire+0x137a/0x2040 [ 83.967284][ T5117] ? __pfx_lock_acquire+0x10/0x10 [ 83.969233][ T5117] ? __pfx___might_resched+0x10/0x10 [ 83.971306][ T5117] ? down_write+0x18c/0x220 [ 83.973012][ T5117] ? __pfx_down_write+0x10/0x10 [ 83.974839][ T5117] ocfs2_write_begin+0x205/0x3a0 [ 83.976621][ T5117] ? __pfx_ocfs2_write_begin+0x10/0x10 [ 83.978568][ T5117] ? fault_in_iov_iter_readable+0x229/0x280 [ 83.980641][ T5117] generic_perform_write+0x399/0x840 [ 83.982527][ T5117] ? __pfx_generic_perform_write+0x10/0x10 [ 83.984603][ T5117] ? __generic_file_write_iter+0x105/0x230 [ 83.986616][ T5117] ? ocfs2_file_write_iter+0x1793/0x1f60 [ 83.988567][ T5117] ocfs2_file_write_iter+0x17b4/0x1f60 [ 83.990721][ T5117] ? __pfx_ocfs2_file_write_iter+0x10/0x10 [ 83.992902][ T5117] ? __pfx_lock_acquire+0x10/0x10 [ 83.994902][ T5117] ? rcu_read_lock_any_held+0xb7/0x160 [ 83.996967][ T5117] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 83.999215][ T5117] vfs_write+0xa72/0xc90 [ 84.000841][ T5117] ? __pfx_ocfs2_file_write_iter+0x10/0x10 [ 84.003032][ T5117] ? __pfx_vfs_write+0x10/0x10 [ 84.004801][ T5117] ? do_futex+0x392/0x560 [ 84.006459][ T5117] ksys_write+0x1a0/0x2c0 [ 84.008127][ T5117] ? __pfx_ksys_write+0x10/0x10 [ 84.009922][ T5117] ? do_syscall_64+0x100/0x230 [ 84.011719][ T5117] ? do_syscall_64+0xb6/0x230 [ 84.013465][ T5117] do_syscall_64+0xf3/0x230 [ 84.015162][ T5117] ? clear_bhb_loop+0x35/0x90 [ 84.016923][ T5117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.019140][ T5117] RIP: 0033:0x7f273037def9 [ 84.020884][ T5117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.028101][ T5117] RSP: 002b:00007f2731197038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 84.031228][ T5117] RAX: ffffffffffffffda RBX: 00007f2730535f80 RCX: 00007f273037def9 [ 84.034275][ T5117] RDX: 0000000000000020 RSI: 0000000020000840 RDI: 0000000000000008 [ 84.037321][ T5117] RBP: 00007f27303f0b76 R08: 0000000000000000 R09: 0000000000000000 [ 84.040360][ T5117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 84.043250][ T5117] R13: 0000000000000000 R14: 00007f2730535f80 R15: 00007ffccd625368 [ 84.046187][ T5117] [ 84.425946][ T5102] Bluetooth: hci0: command tx timeout