last executing test programs: 14.625831838s ago: executing program 2 (id=1475): socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd, 0x0, 0x20000000, 0x8020, 0x0, 0x0, {0x2}}) r2 = memfd_secret(0x0) mmap$IORING_OFF_SQES(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x0, 0x11, r2, 0x10000000) r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r4 = fcntl$dupfd(r3, 0x0, r2) ioctl$SCSI_IOCTL_GET_PCI(r4, 0x5393, &(0x7f0000000000)) prctl$PR_SET_PTRACER(0x59616d61, 0x0) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, 0x0) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000140)={0xc, 0x0, &(0x7f0000000100)=[@free_buffer], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000280)=[@request_death={0x400c630e, 0x0, 0x7}, @clear_death], 0x0, 0x0, 0x0}) getpid() ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f0000000380)={{0x4, 0x4}, 'port1\x00', 0x50, 0x1100c, 0x0, 0x400, 0xcf4, 0x1, 0x7, 0x0, 0x2, 0x6}) bind$alg(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff070067060000200000007a0a00ff0ee60000bf250000000000002d350000000000006507000002080000270700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce0400000000000014000000000000009500000000000000db13d4d8b741f2cdaabc8383c8f56bb5df3083d20f8c2b84a800ea6553f304000000815dcf00c3eebc52267b042d1966d7ded3c5c49a08a503ea6dcfafbc718c3ada3d8ac0836d6454745e30a274f8d51744003c5b20451b624db6f58b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c9081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded55a48b0ed45e8659f7e3730489befb866f8ba2eb2018000000000000003ea6a5be537b3c7c178dbdfaa67785410ad604f5c1e777cea1a9f878c4486"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x90) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd_index, 0x0, 0x20000000, 0x4, 0x0, 0x0, {0x2}}) memfd_secret(0x0) r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) fcntl$dupfd(r7, 0x0, r6) 13.758513395s ago: executing program 2 (id=1477): sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000940)=@mangle={'mangle\x00', 0x64, 0x6, 0x580, 0x1a8, 0x2a0, 0x1a8, 0x1a8, 0x2a0, 0x4b0, 0x4b0, 0x4b0, 0x4b0, 0x4b0, 0x6, 0x0, {[{{@ipv6={@empty, @loopback, [], [0x0, 0x0, 0x0, 0xff000000], 'gre0\x00', 'dummy0\x00', {}, {0xff}, 0x0, 0x0, 0x4}, 0x0, 0xa8, 0xd0}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x80}}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x4}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x390}}, {{@ipv6={@mcast2, @private1, [0x0, 0x0, 0xffffffff], [], 'pim6reg1\x00', 'vlan1\x00'}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@remote, @ipv6=@mcast1}}}, {{@ipv6={@mcast1, @remote, [], [], 'tunl0\x00', 'bond_slave_0\x00'}, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}, {0x7}}]}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5e0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmmsg$inet6(r2, 0x0, 0x0, 0x0) r3 = socket(0xf, 0x3, 0x0) write(r3, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/27, 0x1b) recvmmsg(r3, &(0x7f0000000200), 0x0, 0x0, &(0x7f00000001c0)={0x77359400}) r4 = syz_open_dev$sg(0x0, 0x0, 0x20440) ioctl$SCSI_IOCTL_GET_PCI(r4, 0x1274, 0x0) getpid() renameat2(r0, &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmstat\x00', 0x0, 0x0) pread64(r5, &(0x7f0000000280)=""/169, 0xa9, 0x25) openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) unshare(0x20000480) openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0) r6 = socket$inet(0xa, 0x801, 0x0) setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000001680)=@mangle={'mangle\x00', 0x44, 0x6, 0xc28, 0x98, 0x98, 0x0, 0x228, 0x98, 0xb90, 0xb90, 0xb90, 0xb90, 0xb90, 0x6, 0x0, {[{{@ip={@broadcast, @dev, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xac8}}, {{@ip={@remote, @local, 0x0, 0x0, 'vcan0\x00', 'veth0_virt_wifi\x00'}, 0x0, 0xa8, 0xd0, 0x0, {}, [@common=@unspec=@devgroup={{0x38}, {0xe}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@ttl={{0x28}}]}, @ECN={0x28}}, {{@ip={@private, @multicast2, 0x0, 0x0, 'veth0\x00', 'bond0\x00'}, 0x0, 0x878, 0x8a0, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@u32={{0x7e0}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@ah={{0x30}}]}, @common=@unspec=@NFQUEUE1={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0xc88) 11.566731119s ago: executing program 2 (id=1484): get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x4) 11.12133877s ago: executing program 3 (id=1487): syz_usb_connect(0x0, 0x24, &(0x7f0000000740)={{0x12, 0x1, 0x0, 0xed, 0x3e, 0xc9, 0x8, 0xccd, 0xb3, 0x2dee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xb0, 0x87, 0x1d}}]}}]}}, 0x0) 10.604393309s ago: executing program 2 (id=1489): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x2d) r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setuid(r1) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1adc51, 0x0) mount(0x0, &(0x7f0000000040)='./file0/../file0/../file0\x00', &(0x7f0000000000)='hugetlbfs\x00', 0x0, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00') r4 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0) sendfile(r4, r3, 0x0, 0x80000000) 10.038237448s ago: executing program 2 (id=1493): socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd, 0x0, 0x20000000, 0x8020, 0x0, 0x0, {0x2}}) r2 = memfd_secret(0x0) mmap$IORING_OFF_SQES(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x0, 0x11, r2, 0x10000000) r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r4 = fcntl$dupfd(r3, 0x0, r2) ioctl$SCSI_IOCTL_GET_PCI(r4, 0x5393, &(0x7f0000000000)) prctl$PR_SET_PTRACER(0x59616d61, 0x0) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, 0x0) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000140)={0xc, 0x0, &(0x7f0000000100)=[@free_buffer], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000280)=[@request_death={0x400c630e, 0x0, 0x7}, @clear_death], 0x0, 0x0, 0x0}) getpid() ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f0000000380)={{0x4, 0x4}, 'port1\x00', 0x50, 0x1100c, 0x0, 0x400, 0xcf4, 0x1, 0x7, 0x0, 0x2, 0x6}) bind$alg(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff070067060000200000007a0a00ff0ee60000bf250000000000002d350000000000006507000002080000270700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce0400000000000014000000000000009500000000000000db13d4d8b741f2cdaabc8383c8f56bb5df3083d20f8c2b84a800ea6553f304000000815dcf00c3eebc52267b042d1966d7ded3c5c49a08a503ea6dcfafbc718c3ada3d8ac0836d6454745e30a274f8d51744003c5b20451b624db6f58b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c9081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded55a48b0ed45e8659f7e3730489befb866f8ba2eb2018000000000000003ea6a5be537b3c7c178dbdfaa67785410ad604f5c1e777cea1a9f878c4486"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x90) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd_index, 0x0, 0x20000000, 0x4, 0x0, 0x0, {0x2}}) memfd_secret(0x0) r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) fcntl$dupfd(r7, 0x0, r6) 8.367896232s ago: executing program 3 (id=1500): r0 = syz_open_dev$video4linux(&(0x7f0000000040), 0x7ffffffbffffffff, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000240)={0x1, 0x0, {0x0, 0x0, 0x3010}}) 7.96044774s ago: executing program 2 (id=1502): socket$kcm(0xa, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000c40)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="22003300d000000008021100000108021100000050505050505000000f04000000000000"], 0x40}}, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0xd5b, 0x8000}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xf, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="1802000000000000000000000000000085b1551db8000000a90000009500d04858e52e850000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) r4 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r5, {0xb, 0x3}, {}, {0x0, 0x5}}}, 0x24}}, 0x0) unshare(0x20000400) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) connect$802154_dgram(r6, &(0x7f0000000040)={0x24, @long={0x2}}, 0x8) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={r3, 0x58, &(0x7f0000000380)}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000900)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r9, @ANYBLOB="0a00180003030303030300001c005a8018000480140005000000000000000000000000000000000019f5cf7b8b582d729b4774952e4aacb2e27441b273fd94e4243a2985e36ec24d8a2b93e459a8f4463f9def57f76229a5cae5f608141f87ae4f3fef05fe12711f8eacc2066cd87af3f6f6e3232896662c63cb11b964019f11d78b6a17"], 0x44}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x3000000, &(0x7f00000006c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="030700000000000000000b00000008000300", @ANYRES32=r10, @ANYBLOB="7898e34a08d3ba637a59b93bbc6d6ee2c0af842bfb85fcfba93814d2ed85baa9271ba397a5488e43542c39db8dc834c35c289525b7417c7cdbed82dcfd6006f0003327878a1744f86c03aab40e2aec9476621e1fe3b5bac20fb6c881005a2d2a44de7189e41f79c160349bac2fdf398956454781f255a35100616cd02a8492c6b43467ca7506d2d1c15be4c93a5422d105bced01321bba5b1f73050000000600000000d811772b543d9e0bb10ad6aabadeaa2cdcd6c4def2955f69b557ebcab2821148785dafa5095c809ca001bb358454c9d01682d2e8ec144acb8c65047a4eac01fe9c655a6a843ccf623423bf9c3fa6045727b8b84232fe47ac2d03d1b841eaba14522a67d7fef4d3ac03ae4aae4a27018a62ee00b0f28d956830d91c9b45185ca47a57ba5c9811a03d6ef27ff8d248dc2dde6619bc2be28c82f44dc15381bc2be879d48018c5f951e6f334b83187686f480f3fc36281aa7eddc8c9debaf7a78ad46ee4058aee7f911d65db39c4ac67bf2a000000000000000000"], 0x1c}}, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$packet(0x11, 0x2, 0x300) 6.620596502s ago: executing program 3 (id=1505): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {}, {}, 0x0, 0x0, 0x1}, {{@in, 0x0, 0x32}, 0x0, @in=@broadcast, 0x0, 0x0, 0x0, 0xb7}}, 0xe8) sendmmsg(r0, &(0x7f0000000180), 0x400000000000077, 0x0) 6.590301086s ago: executing program 4 (id=1506): bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x48) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f0000000080), 0x4) bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00'}) setsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000004280), 0x0, 0x40012100, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000008000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TCSETS(r6, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "00ff00"}) r7 = syz_open_pts(r6, 0x0) ioctl$TCSETSW(r7, 0x5403, &(0x7f00000000c0)={0xf0e, 0x0, 0x0, 0x7fff, 0x0, "f8b566e785fc5b9c390467ff7eeeb133329dba"}) ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000180)=0xff) 5.263632943s ago: executing program 4 (id=1508): syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='./file1\x00', 0x208400, &(0x7f0000000500)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c636f6465706167653d69736f383835392d392c747970653d8806e6d92c007c3da50838b213e45c60dfa80dde3ce87abe5e338e4e6a59adcbbcd8c1298ca6754466db1a8a1278dabca7f2fe40cf27dc1fb941304798bf42ba7569909de3630242504efec00c875fa448eb7bdaa7ba31d37ec3e7d64cd77624a0da2b05469cfb6ff12378569cc8b28d1168e0b17c24be8bc7e84cc44764d86c47497b7f98bc4582fe16504124539d5e1c09b9294efa2dd7"], 0x1, 0x2e5, &(0x7f00000001c0)="$eJzs3U9rE08cx/HPbJI27a/0t/0jghelWtBLsepBvEQkV++eRG1SKIaKbQX1YisexQfg3afgg/Ci+AT05MkH0IOwMpPJZtPsbpLSJE19vyBhMzsz+x1mNzvfRRsB+Gfdq/74dPOXfRmpoIKkO1IgqSwVJZ3T+fKL7b2tvUa9ltdRwbWwL6NmS9NVZ2O7ntbUtnMtvNB+KmouWZZkunvGMUVRdPdnXoXC6GLB+JiMmQ6kaX8duv3lEcc1LPvSxXHHMGrJCTaHOtRLzY8xHADAKeDv/4G/Tcy5IqMgkFb9bf9M3f8Pxx3AybrV6CqKchsk7v9udRcZO7//u13tfM8lWnZ/0MoS+wmmdOTzlJpnVscC0/TKKl0swczmVlFrGweqBXqripeotuzea81Tt6VHtCspuWmO7N5Kuj/bHI1bUR7VCmlzq1GfthuJ+FsRLA12xDwzfdUyX8w389CE+qhavP4rRsZOk5up8MhMBSUb//XsHv9zrWwt+YFVKpWgo8qCO8gFfwSvxyjLPXLPhfZDg/04grw43bEX1flYoTm69R6tltJahfGnjFbLHa0K/kxY23jWyH2UMhytIZoP5oFZ0W99VjWx/g9sfKtKXJl5X/XG1fRnRnM8U+k1i65m2HXnaF8ul+IIvOmBxwYp62lZhvd6otua3331+mmh0ajv2I3HKRvP53aMLym9k1LrDH+joJw62m+XRNabKOq352iYwV870Q7t90dcYi+ftMr2KotLglFP06Ru/BmwVfWr8k7IydmIIilj19C+p3CK7JrWpLuPxT4XkTg77LrLNPM/t5L3qzqXoNi3MGednp9kqqPH9TiD61wKLrr32YEyuP6OeCMjZ3Q51+Wr0pVEoVHuEUMf5xlhqvquRzz/BwAAAAAAAAAAAAAAAAAAmDTJf/R/MKT/aTDuMQIAAAAAAAAAAAAAAAAAAAAAMOmO9fu/aX8j3v3+bziS3/8FcDL+BgAA//9Id3lt") listxattr(&(0x7f0000000040)='./file1\x00', 0x0, 0x0) 5.08765258s ago: executing program 0 (id=1509): r0 = socket$inet6(0xa, 0x2, 0x3a) bind$inet6(r0, &(0x7f0000000040)={0x25, 0x0, 0x0, @local}, 0x1c) 5.036894257s ago: executing program 3 (id=1510): socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$DCCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4c00000013000100000000000000000000000000000000000000000000000000000000000000000000000000000000000900000000000000", @ANYRES32=0x0, @ANYBLOB="00001031a8b8164dba018c978912757220532b68c4f6c259d74ef370147f3a4f9d40c04f31f6993b25941380f4bf79e8536ef52b699d792486f2295d862cf885"], 0x4c}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x7, 0x3, &(0x7f0000000040)=@framed={{0xffffffb4, 0x9, 0x0, 0x0, 0x0, 0x69, 0x10, 0xae}, [], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x90) socket$inet6(0xa, 0x1, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_int(r1, 0x29, 0x1a, &(0x7f0000000180)=0x2f9, 0x4) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x85, &(0x7f00000000c0)={0x0, @in={{0x2, 0x0, @loopback}}}, &(0x7f00000001c0)=0x90) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_MASQ_REG_PROTO_MIN={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_MASQ_REG_PROTO_MAX={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_USERDATA={0x5, 0x7, 0x1, 0x0, "f1"}]}], {0x14}}, 0x84}}, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x50}, {0x28, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10) syz_emit_ethernet(0x86, &(0x7f00000001c0)={@random="591a1d9a2bdb", @link_local={0x1, 0x80, 0xc2, 0x25}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x5, 0x78, 0x0, 0x0, 0x0, 0x29, 0x0, @empty, @multicast1}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x220, 0x0, 0x0, "bfd8a5dd2002c02142c4391145badd28fd7b0ffc0e896f38da00", "0bb10000085b2e00", {"bb3b6900000000000000a70864abf1f0", "524a72fc460b8cd26e095f24ab642591"}}}}}}}, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) epoll_create1(0x0) syz_80211_inject_frame(&(0x7f0000000080)=@device_b, &(0x7f0000000780)=ANY=[@ANYBLOB="80340700ffffffffffff08021100000187272bc59a224900ffffffffffffff7f06002280000453ec897a040600f7f00e05002503000b040f0105720603030303030371070101ffffffd2037606018012000080ddab9a0e39463b2ba80935bf1b37a54e546794b021745027b18373942fd1d14cda4c9d44cbf31fea475a58fd92213d713d1be12280926891587c7665c5886726003876b5a8c6095cd4e599d4b58ac6049a000f90ad5b755f5011374ddbbe7a82fe24c484c7fddcb5ec48abf0d512b3d7e5dd651219d5dec918e6f0e8c2fdc68115bd8747df18666ad832976d8e1b7bed77e6a26127a51a95df98b778a3107e1b0edd49e6fd50b547e6fa18a0b73dcb", @ANYRES32=r3, @ANYBLOB="ba5bccbf8cfdb5f2fd99e254685e7c0a9e170d854254942f8af81b66089104828bbbbf5dd514c51caf3287f2f3369bd3159d91639b94547a8fbd6a11c0d8af663d3a9b31d16d5161e2b1377c8883b9f47d7b4d174097e87350067f80880a5dcaa57708175e30e9b5281fefbc07ee08d5e618955fff87976ce1075a5c9aa756013d595001ed27e89fc6024e6d58f7c022ed7d6b8ece223841453325cd5e4c628c02b2a1dba81882d4b670e12b96a1943b0f80bf5e10e8d1ab0e5954b146a1dc386ab3c149604bdb814d0c7c768d381b160c8b50a21b5de07a483b5a604cf71241dfacaddc86d6fca5056970af08200c2696cb8c695c5eb120a1837f5a3a7a954a1ced93d3f7555e39c1f0a6b74833848e233755208b9f47776ded4e612de0fc672396422db5e1247591a7094e807f947dae5eda2097eefc08640824fd256d8cf291989d52acff567bcfb3f932af7a9ce8f4a84620eb4e5d8205bdb320d037e64f86fcd93bdebba0e3a8418730d55907cf9da4b28cc196085cc4a0d38c2b60fa09e54b172769d55ef477249048dfc119971c67d66d1c649147b7c11d6f20201f0096caa9225d7d3fac56e5eba628e99857b510418cb7c0d72eadfe731cf5f5729851c2f618c2aeed2c1bbaa2939e4fa2a785d7f3a2a555124e80142de12cab0d5eb8f3a71ce3352fd35630aa110803cf81ed6e594319e24b4a1e640ce6b9cfd2b6d9f03a01b776ec01921dd6b570d58e5d711609dc9f1ba8be6c1e56573a984297d784792f0747f13cb4cd8689a60495bceb0def4dba9ec6f81881102474bfbbec758e2f03c26684c39e"], 0x404) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_SERVICE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="18000000", @ANYRES16=r5, @ANYBLOB="01e7000000000000000004"], 0x18}}, 0x0) 4.697337786s ago: executing program 0 (id=1511): get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x4) 4.564356154s ago: executing program 1 (id=1512): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001240)=[{0x10}], 0x50e7ba67ff04dc9c}, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0) preadv2(r0, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0xffe00}], 0x5, 0x0, 0x0, 0x0) 4.56189805s ago: executing program 4 (id=1513): socket$kcm(0xa, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000c40)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="22003300d000000008021100000108021100000050505050505000000f04000000000000"], 0x40}}, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0xd5b, 0x8000}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xf, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="1802000000000000000000000000000085b1551db8000000a90000009500d04858e52e850000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) r4 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r5, {0xb, 0x3}, {}, {0x0, 0x5}}}, 0x24}}, 0x0) unshare(0x20000400) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) connect$802154_dgram(r6, &(0x7f0000000040)={0x24, @long={0x2}}, 0x8) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={r3, 0x58, &(0x7f0000000380)}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000900)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r9, @ANYBLOB="0a00180003030303030300001c005a8018000480140005000000000000000000000000000000000019f5cf7b8b582d729b4774952e4aacb2e27441b273fd94e4243a2985e36ec24d8a2b93e459a8f4463f9def57f76229a5cae5f608141f87ae4f3fef05fe12711f8eacc2066cd87af3f6f6e3232896662c63cb11b964019f11d78b6a17"], 0x44}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x3000000, &(0x7f00000006c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="030700000000000000000b00000008000300", @ANYRES32=r10, @ANYBLOB="7898e34a08d3ba637a59b93bbc6d6ee2c0af842bfb85fcfba93814d2ed85baa9271ba397a5488e43542c39db8dc834c35c289525b7417c7cdbed82dcfd6006f0003327878a1744f86c03aab40e2aec9476621e1fe3b5bac20fb6c881005a2d2a44de7189e41f79c160349bac2fdf398956454781f255a35100616cd02a8492c6b43467ca7506d2d1c15be4c93a5422d105bced01321bba5b1f73050000000600000000d811772b543d9e0bb10ad6aabadeaa2cdcd6c4def2955f69b557ebcab2821148785dafa5095c809ca001bb358454c9d01682d2e8ec144acb8c65047a4eac01fe9c655a6a843ccf623423bf9c3fa6045727b8b84232fe47ac2d03d1b841eaba14522a67d7fef4d3ac03ae4aae4a27018a62ee00b0f28d956830d91c9b45185ca47a57ba5c9811a03d6ef27ff8d248dc2dde6619bc2be28c82f44dc15381bc2be879d48018c5f951e6f334b83187686f480f3fc36281aa7eddc8c9debaf7a78ad46ee4058aee7f911d65db39c4ac67bf2a000000000000000000"], 0x1c}}, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$packet(0x11, 0x2, 0x300) 4.316092625s ago: executing program 0 (id=1514): syz_mount_image$erofs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="00058639aa6f0bfbe4b28434ef119376977b00fffbcec7a5fc1f5a72d4fe24156a9f971990e4f372b7"], 0x0, 0x17d, &(0x7f0000000380)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA") mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f0000000b80)='./bus\x00') chdir(&(0x7f0000000140)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000300)=""/104, 0x68) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 4.235234742s ago: executing program 1 (id=1515): bind$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$vcsn(&(0x7f0000000180), 0x7fffffffffffffff, 0x1) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x20}) sendmmsg$inet(r0, &(0x7f0000004840)=[{{&(0x7f0000000000)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYRES8=r0, @ANYBLOB="ac"], 0x58}}], 0x1, 0x0) r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_SET_FLAGS(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)={0x28, r5, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x5}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}]}, 0x28}}, 0x0) ioperm(0x0, 0x7, 0x1f) utimensat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) io_uring_setup(0xad1, &(0x7f0000000340)={0x0, 0xac9d, 0x2, 0x1}) syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000480)='./file0\x00', 0x446, &(0x7f0000000680)=ANY=[@ANYRES32=0x0, @ANYRES16, @ANYRES32, @ANYRESHEX, @ANYBLOB="fe2ecf20a9a17bd2ed797c4c6e0375c150a1f848f604c2c1f932d2b7163be4b2bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76ffff9ba8923afc6ccbd89d3faded8307ca587354322803b0983cc65725ae7f45fb958c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498baca5a161345b3d01a55f14ef636b6f832c7a6071f00000000000000008e03648d19a8a007f30200000039eb5673792cae80335732030f9aeab6f35fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b9941e63b0f31d41783b25cdce079be35f08275e2b4b4477c6fcf4806134e839aa39ffffffffffff0000006a000000000000", @ANYRES64], 0x8, 0x309, &(0x7f0000000b00)="$eJzs3EtrG1cUwPGjpyUZW16UlhaKL+2m3Qy22nVrUWwoFdS4VskDAmN7lAhNJKERDgohTlbZhnyILIyX3hkS5wN4k12yySY7bwJZxIuQCZqHJVnjlyxLxv7/wMzRvfeM7tXI5lxhze61p3dLBUsr6HUJJ5SERET2RCYkLL6Qdww7cVzaPZJfRz+++fG/6zf+yeZyswtKzWUXf8sopcYnX9x7kPSGbY3IzsSt3Q+Z9zvf7ny/+2XxTtFSRUuVK3Wlq6XKu7q+ZBpqpWiVNKXmTUO3DFUsW0bN7a+4/QWzUq02lF5eGUtVa4ZlKb3cUCWjoeoVVa81VOS2XiwrTdPUWEpwnPz6woKe7TF5uc+TQQ8iJxhTq2X15rhkV09+/VwmBQAALrT2+j/mN/av/t/4abs++v/muFf/b8WD6v/f37rn6qj/EyISWP/7zx9Y/+unq/+7K6Kr5Uz1Py6GyXhXU6gVNjtrWT3l/f46Ht/cmHKCvNdQHcA0AQAAAAAAAAAAAAAAAAAAAABAr/ZsO23bdto9vrJt7/GIiCRExH8ckBoRkT+HMGX0Uef1b/2c4PrjEmh9cS86LmI+Wc2v5t2jN2BbREwxZErS8tl5P3iasf/NI9U0IS/NNS9/bTXv3pkgW5Cikz8t6ZgczLftub9zs9PK1Zkfk1R7fkbS8k1wfiYwPy6//NyWr0laXi9LRUxZcebRyn84rdRf/+YO5CedcQAAAAAAXAaa2ufv3xMisr9/17Sufm9/7Obv768Pfj4Qae2vpwL351H5ITrctQMAAAAAcFVYjfslPS5GzQlMMyhIyqFdfQii53Rmf4UnzfL/l+H8VnpE4D95R1fCa+z7yxI6xctySBCWXrImm6tRZ12F/7HRYWNkfmbwV9AJvnv2/FP/TvjHZuKYlfYeRI5+A8QG9gcIAAAAwMC0in6/ZWa4EwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4AoaxN3Rhr1GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KL4GgAA//+zGgP2") r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r7, &(0x7f0000000800)={'#! ', './file0', [{0x20, ']'}, {0x20, '#\x8b\x14\xf8! \x05h\xbd\x0f\xda\x9d\xee\xb2u\xb2i*s\x9f\xd4-\xa4 \xcd9\x19\x8c\x05@\xb5\xeb\xcf?RN[\x18\"\'\xeeN\xd4^\xbb\xdd\xe3`\xd1\xfc\x89\\\xde\x91A\xb6\xddn\xf8\x7fz\xf2\x8f\xff\xa6\x01\xb9\x97\xc2\xb6\x84\xb0r\f!\xc3\xae \x9e\xaf\x1c\xb8\xb9\xca\xbb\xab\x9b\xaa\xdb\xe9m\xb6\xb8\x03\x8b\x83\xfd5Q|\xe9\f\'\xd9\xb2\xae\xdfJ\xaeFY\xa1\xf2x\x1e\x10 \xe3O\x8eda\x96\xb6\xd5\xa9\b(j\x8d\xbcf\xc6g\xf8\xe3\xb4\x94\xcc\t\x91%gI\x9bp\xe8^Je\x9dPr\xf6\xbe\xdc\x95W\x98\x7f\xb7n\xd7\xf1(RK\x89\xe5\xe4\xc8\xb5\x93\xceD\xa6I\xc31@T\x15\x99\xcfl\x9d\xe4~\xfds&\x1c\xc0\f\x1e_z\xac\xe7S\xaa\xb4o2\xff]\xdcP\x97\x19\xee\x90\xe3.K \x7f\xba(-\x8b\x1f\x1b\xc4\x9f;\xddvTe\xb6X\x00\xa3\xcb\xd4\n\x05J\x04\xbf\xba\f\x12+\xd9\x13\x0e^x/6\xc4\xfc\xb2\x10_\x98\xd5\xa3\x01-D\xc7e^\x0f\xfb\xa1\xcc\xa2\x82|\"b\xae\xd7\nx8\xd9\xa2'}]}, 0x128) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r7, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="180602160000000000000000ffffffff0f0020001c00000100ffff"], 0x0}, 0x90) socket$nl_generic(0x10, 0x3, 0x10) 3.928273793s ago: executing program 4 (id=1516): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x58}}, 0x0) 3.872031897s ago: executing program 0 (id=1517): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) getsockopt$bt_hci(r1, 0x84, 0x7c, &(0x7f0000000000)=""/4087, &(0x7f0000001080)=0xff7) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000300), r0) sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f0000000100)={0x0, 0xc, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000040000e1170002000500000008000700f7ffffff08000800ac1e000105000100000000eb000000"], 0x34}}, 0x0) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000240), r0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r5) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r6, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r7}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r2, &(0x7f0000001180)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001140)={&(0x7f0000001100)={0x24, r6, 0x8, 0x70bd29, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0xa}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x40000) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x34, 0x0, 0x7, 0x801, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_QUOTA={0xc}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}]}, 0x34}}, 0x0) sendmsg$NFC_CMD_SE_IO(r2, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, r4, 0x10, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4040041) sendmsg$IEEE802154_SET_MACPARAMS(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x24, 0x0, 0x100, 0x70bd2b, 0x25dfdbff, {}, [@IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x4}, @IEEE802154_ATTR_LBT_ENABLED={0x5}]}, 0x24}}, 0x50004) r9 = openat$cgroup_type(0xffffffffffffffff, &(0x7f0000001000), 0x2, 0x0) fremovexattr(r9, &(0x7f0000001040)=@known='trusted.overlay.redirect\x00') r10 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000b80), 0x2, 0x0) ioctl$VIDIOC_G_CROP(r10, 0xc014563b, &(0x7f0000000140)={0x9}) syz_usb_connect$cdc_ecm(0x0, 0x59, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x47, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x2}, {0xd, 0x24, 0xf, 0x1, 0xddf5}, [@mbim={0xc, 0x24, 0x1b, 0x2400, 0x8e84, 0x2, 0x4, 0x8, 0x6}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x0, 0x0, 0x0, 0x7}}}}}]}}]}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 3.060869268s ago: executing program 1 (id=1518): socket$inet6(0xa, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioprio_set$uid(0x3, 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) sendfile(r1, r1, 0x0, 0x8) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x14552, &(0x7f0000000240)=ANY=[], 0xfe, 0x11f3, &(0x7f0000000980)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=") ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = socket$kcm(0x10, 0x3, 0x10) socket$kcm(0x11, 0xa, 0x300) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000700000000000000000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sock_rcvqueue_full\x00', r5}, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030029000b05d25a806c8c6f94f90224fc60100002000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000500)={0x0, 0x0, 0x200000, 0x2000, &(0x7f0000000000/0x2000)=nil}) 2.94150546s ago: executing program 4 (id=1519): socket$inet_dccp(0x2, 0x6, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x3a0ffffffff) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000240)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000240)=""/90) 2.767819743s ago: executing program 3 (id=1520): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {}, {}, 0x0, 0x0, 0x1}, {{@in, 0x0, 0x32}, 0x0, @in=@broadcast, 0x0, 0x0, 0x0, 0xb7}}, 0xe8) sendmmsg(r0, &(0x7f0000000180), 0x400000000000077, 0x0) 2.345370442s ago: executing program 4 (id=1521): syz_usb_connect$printer(0x0, 0x0, 0x0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x2, [{0x32, &(0x7f0000000100)=@string={0x32, 0x3, "ed4876663ea7cf378030b2769586a39c94ecb31b6c373c940dbe506ff4934d0481439d01dce71363f9def934224feee8"}}, {0x5d, &(0x7f00000001c0)=@string={0x5d, 0x3, "27a6b502eb2f8fc89fbaffe8f01bfd2c7bdd39e9c33116869875deb90779480a908b0ca083aa4debad1114f244b62421a0c0da77737be9e8e115ea54de5912b9291c14571568578bd1858fbb04c470b8aa4b5450db06f1eaff0723"}}]}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(0xffffffffffffffff, 0xc0305602, &(0x7f0000000100)) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r1, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0) 1.443528417s ago: executing program 3 (id=1522): syz_mount_image$xfs(&(0x7f0000009800), &(0x7f0000009840)='./file1\x00', 0x40, &(0x7f0000000180)={[{@pqnoenforce}, {@noquota}, {@attr2}, {@nogrpid}, {@ikeep}, {@prjquota}, {@noikeep}]}, 0x1, 0x98ae, &(0x7f0000009880)="$eJzs3QW4ZXWhuP8zw9CNhYEMjUU3BqEggoCElBLSkgJKGIAIAqKApKAIKFISUiIK0t3d3d0d/2eYGR3HF67+7v1fvLzv+zxn9t5rr73O2t/PWuuczTrsveIiyy40MDDJwPBGXv69Q1/8+NFbvrjQTsdde8QLix6++NEjJo81/GLI0BGXU424nHpgYGDQiOUMGj5t8JCTTh48MM7AwOBRlzvBuOMPmmBgYK0RNxcYcTn38IsJrxo53xujxSs6bDUG7Tr8a/g3HRgYGHfYlacGZl5h1OWMWK9Z/umJSltxwUUX+bvV39yGjd+QEddH/Rpr+NeElwwMTHjxAG8fg97ZZ/Tm959k7/NWWvkdXo//E6244KKLjeY/bF8cY8S0uYft46Pvg8ZG386Hzn3byGPQIDxw/h9pxQUXWWLgrY/zA6u+ftDmb7x53Bw83sDA4PEHBgZPMDAweMKBgcETDQwMnviddqn/Xu/oxldVVVXvSAsuNPtCw17vjfb7wDgjf6+l3wtXeW2p2wYGBsYcPs/guUa+Fqyqqqqqqqqq/8wWXGj2heH1/yRv9/r/xNNenrHX/1VVVVVVVVX/d1pswYVmH/Y6frTX/5O/3ev/7e57fsMRf/s/9/BHvf7OPomqqqqqqqqqetuW+fKbr//HH+31/9C3e/3/4Py73D9ivpH/3eC1URY5aJS/J3hllOljjDL/y6NMHzLK9FHnH2tgYPCQEdNf/fvkweMNu++f5x88ybD1HjH9pVGmz/L3/795yLSjTJ91lOnTjzJ9thHrOmz6DKNMn3OU+Wf8V8a2qqqqqqqqqqqqqqqqqqrqf6vXHzvtjL+/5/tHB0Z5//a/vY/7iL8LGHT8mVde+Y6t6H9Gg/757yG2e6fX6b/bMOdxjho6MLDx8u/0qtQ70Dv9eQ31zpa/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+Yt7i/P/f3v//ykOX2vk/zM/96G7TznRqI9df5Tr4/yvrvU71rv1/P/A+oMGBkb4TjLMdckFl1luxoGBgYmm3P3QOQb+dt88w+6bf7IxRrxBwvC3QZhuCC94uxGfir7diFlHLOP4N5e/2BuHjDFotJUYpUlPOeyw9VZ8YY7RL6d/6+cxeOSV91201cIj38ti8GgzvdV2OnL5I5/L6M4j1n3GYes+8xYbbTrz5ltv86n1N1pj3bXXXXvjeeeee545555r3tlmXmf9DdeeZfi/bzVmQ9/8d5p/ZcwmH33MHltw1DEb/bm91ZgNffsxe3OJY++12gYjx2z0Vfuvxmyatx+zoeuP+EZDho45sPqbYzNoYGDItGMObDXsxqxjDwwMmW7EvJMPm/fTkw0eGNjj70902LWx/7YNDtpu2DwrLrLsQn//2P1//vj9t/g8+7GGXwwZMSRDphpxOfXwbzPJwN83xcFDTjp58LDn/g/DPMG44w+aYGBgrRE3FxhxOe+Iey8fOd9bfM76aCv65tus7Dr8628e4w67cszSE98w6nLeguB/ov+nn///5DXPoL8N1KARXyPmGe614KKL/f17vTkMC4x8T5hhP1uGmfw3Psb+v+yf1nfoOG++ye1bre/bvC/u8OcP29f0j5wz9H/qfXH52LHEm/8O/VeOHQNvf+wY4+9X/z517cumGP3Ysfhbr+I/7Bcjx2js0WZ6q2PHjPsvuO2bx6a3P3Yssf6IDxr6+7Fj8MDAkGlGHjuGHUimH3Ngj2E3Zht2Y4YxB44YdmP2N2+MO3DmsBszrbnJhmsNevNte0Ysd5Zhy11gskFvPvkrZ17w6DH2fuONaUesyyyjHVhHbB9DR/35uOBkw4dt5GNpuXduMfy+6Ucsd9Z/Y7kjH0vLnWez4ffNMGK5s4223DHeZrkjHztyfxg265v7w4yD/uEPP2H/XWS0/XfQyMP6KA8Z+TXW8K8JLxn52VCwv/xbxx3afyd5m/V9m8+1wu1t2LQdlrzstP+pz7Wi9R3n7df3rT6H+y3Xd4Nxt1rqf2B9B42yvv+wnW063/BtZcYR29mc/8b2O/Kxox/Hxnzz3uEMM/4rx7EF/uk4tv0Yg0db+VF6q9+B1oL5h1+f/G9Lm/fIMSYeOfZjjrbc/+p3oBnf/jg2yfqjPW6RgwcG0Zg/+Ohh6439X4z5mAP/+Lv6yDEf+di3G/MZ/nnMB/3TmM/z9mP+r/7eOeM0w+8f423GfPDOmy85cszH+jfHfIZ/d8wXGBiDxnyPA4aP29sdT99qzEc+9h/HfMjAFwYGBqYdMebT/yvb+Sz/M9v5eDD/8Ov3/W3SRVOcvtsox5hB/86YT//vjvnQv23n075539SDB8Yaa2CrNbbYYrNZh/878uZsw//lY9GT9w4f57f7WfpWRiMf+3b7xbT/itHQ/xmjDw355/lHvugYeXv5M4+Z9P/1WDTtv2c0aJEBPhadesHwcXu734veasxHPpZ+Dg4d5fGjv657m/ejxOc0bNp+++9z68hFjnhY70f5r/cPm+3I/8a3/ugH+Xq31n//d5e/u/zd5e8uf3Fvcf7/b+///+Akyz4y4kXymHvOt+6a7/T6vsO9q8//j/D9h/P/a647357DXgqOuO9tz88On+c/8vzs3MMvJrxq5Hyjnx/kFX3r87Mz7DXTMgP/O+dn/58aua/+C6/jO/67y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v8xb3F+f+Rf6M89MDX7t1uxInQMffdZ83X3un1fYd7V5//H+H7D+f/X1tzn30HD/ztvrc9/z98Hsf5/6UO3Pvkgf/g8/8j99XO/9d/Uf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3lL+4tzv8vMPLvAOZabZ1dR/49wMazfm7Hd3p93+Heref/+/x/bx3/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uJGnP8fGO1jHZduu8Dg/P//7d7C/yv5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvH/av6YxX+F/DGL/4r5Yxb/lfLHLP4r549Z/FfJH7P4fy1/zOL/9fwxi/+q+WMW/9Xyxyz+q+ePWfzXyB+z+H8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfzXyx+z+K+fP2bx/2b+mMV/g/wxi/+G+WMW/43yxyz+G+ePWfw3yR+z+G+aP2bx/1b+mMV/s/wxi//m+WMW/y3yxyz+384fs/h/J3/M4r9l/pjFf6v8MYv/1vljFv9t8scs/t/NH7P4fy9/zOL//dH9V9z8f3e9/kOz+P+g/R+z+G+bP2bx3y5/zOK/ff6Yxf+H+WMW/x3yxyz+P8ofs/jvmD9m8d8pf8zi/+P8MYv/zvljFv9d8scs/rvmj1n8f5I/ZvHfLX/M4v/T/DGL/8/yxyz+u+ePWfz3yB+z+O+ZP2bx/3n+mMV/r/wxi//e+WMW/33yxyz+++aPWfz3yx+z+O+fP2bx/0X+mMX/gPwxi/+B+WMW/1/mj1n8f5U/ZvE/KH/M4v/r/DGL/8H5Yxb/Q/LHLP6H5o9Z/H+TP2bx/23+mMX/sPwxi//v8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/9/ljFv9j8scs/sfmj1n8j8sfs/gfnz9m8f9D/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/j/MX/M4n9q/pjF/0/5Yxb/0/LHLP5/zh+z+P8lf8zif3r+mMX/jPwxi/9f88cs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+F+aPWfwvyh+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/K/KH7P4X50/ZvG/Jn/M4n9t/pjF/7r8MYv/9fljFv8b8scs/jfmj1n8b8ofs/jfnD9m8b8lf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+d+aPWfzvyh+z+N+dP2bxvyd/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP4P5o9Z/B/KH7P4P5w/ZvF/JH/M4v9o/pjF/7H8MYv/4/ljFv8n8scs/k/mj1n8n8ofs/g/nT9m8X8mf8zi/2z+mMX/ufwxi//z+WMW/xfyxyz+L+aPWfxfyh+z+L+cP2bxfyV/zOL/av6Yxf+1/DGL/+v5Yxb/N/LHJP6DBvLHLP6D8scs/oPzxyz+Y+SPWfyH5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv/x88cs/hPkj1n8J8wfs/hPlD9m8Z84f8ziP0n+mMV/0vwxi/9k+WMW//fkj1n835s/ZvF/X/6Yxf/9+WMW/w/kj1n8J88fs/h/MH/M4v+h/DGL/4fzxyz+H8kfs/hPkT9m8f9o/pjFf8r8MYv/0Pwxi/9U+WMW/6nzxyz+0+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6YxX/G/DGL/8fyxyz+H88fs/h/In/M4v/J/DGL/6fyxyz+M+WPWfxnzh+z+M+SP2bxnzV/zOI/W/6YxX/2/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/p/PHLP6fyR+z+H82f8zi/7n8MYv/AvljFv8F88cs/gvlj1n8F84fs/h/Pn/M4v+F/DGL/yL5Yxb/RfPHLP5fzB+z+C+WP2bx/1L+mMV/8fwxi/8S+WMW/y/nj1n8l8wfs/gvlT9m8V86f8zi/5X8MYv/MvljFv9l88cs/svlj1n8l88fs/h/NX/M4r9C/pjFf8X8MYv/SvljFv+V88cs/qvkj1n8v5Y/ZvH/ev6YxX/V/DGL/2r5Yxb/1fPHLP5r5I9Z/L+RP2bxXzN/zOK/Vv6YxX/t/DGL/zr5Yxb/dfPHLP7r5Y9Z/NfPH7P4fzN/zOK/Qf6YxX/D/DGL/0b5Yxb/jfPHLP6b5I9Z/DfNH7P4fyt/zOK/Wf6YxX/z/DGL/xb5Yxb/b+ePWfy/kz9m8d8yf8ziv1X+mMV/6/wxi/82+WMW/+/mj1n8v5c/ZvH/fv6Yxf8H+WMW/23zxyz+2+WPWfy3zx+z+P8wf8ziv0P+mMX/R/ljFv8d88cs/jvlj1n8f5w/ZvHfOX/M4r9L/pjFf9f8MYv/T/LHLP675Y9Z/H+aP2bx/1n+mMV/9/wxi/8e+WMW/z3zxyz+P88fs/jvlT9m8d87f8ziv0/+mMV/3/wxi/9++WMW//3zxyz+v8gfs/gfkD9m8T8wf8zi/8v8MYv/r/LHLP4H5Y9Z/H+dP2bxPzh/zOJ/SP6Yxf/Q/DGL/2/yxyz+v80fs/gflj9m8f9d/pjF//D8MYv/EfljFv8j88cs/kflj1n8j84fs/j/Pn/M4n9M/pjF/9j8MYv/cfljFv/j88cs/n/IH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv8/5o9Z/E/NH7P4/yl/zOJ/Wv6Yxf/P+WMW/7/kj1n8T88fs/ifkT9m8f9r/pjF/8z8MYv/WfljFv+z88cs/ufkj1n8z80fs/iflz9m8T8/f8zif0H+mMX/wvwxi/9F+WMW/4vzxyz+l+SPWfwvzR+z+F+WP2bxvzx/zOJ/Rf6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/zOL/Rv6YxP/Nq/n/cxb/QfljFv/B+WMW/zHyxyz+Q/LHLP5j5o9Z/MfKH7P4j50/ZvEfJ3/M4j9u/pjFf7z8MYv/+PljFv8J8scs/hPmj1n8J8ofs/hPnD9m8Z8kf8ziP2n+mMV/svwxi/978scs/u/NH7P4vy9/zOL//vwxi/8H8scs/pPnj1n8P5g/ZvH/UP6Yxf/D+WMW/4/kj1n8p8gfs/h/NH/M4j9l/pjFf2j+mMV/qvwxi//U+WMW/2nyxyz+0+aPWfynyx+z+E+fP2bxnyF/zOI/Y/6Yxf9j+WMW/4/nj1n8P5E/ZvH/ZP6Yxf9T+WMW/5nyxyz+M+ePWfxnyR+z+M+aP2bxny1/zOI/e/6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjF/9P5Yxb/z+SPWfw/mz9m8f9c/pjFf4H8MYv/gvljFv+F8scs/gvnj1n8P58/ZvH/Qv6YxX+R/DGL/6L5Yxb/L+aPWfwXyx+z+H8pf8ziv3j+mMV/ifwxi/+X88cs/kvmj1n8l8ofs/gvnT9m8f/KSP9j36H1+g/N4r9M+z9m8V82f8ziv1z+mMV/+fwxi/9X88cs/ivkj1n8V8wfs/ivlD9m8V85f8ziv0r+mMX/a/ljFv+v549Z/FfNH7P4r5Y/ZvFfPX/M4r9G/pjF/xv5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvFfN3/M4r9e/pjFf/38MYv/N/PHLP4b5I9Z/DfMH7P4b5Q/ZvHfOH/M4r9J/pjFf9P8MYv/t/LHLP6b5Y9Z/DfPH7P4b5E/ZvH/dv6Yxf87+WMW/y3zxyz+W+WPWfy3zh+z+G+TP2bx/27+mMX/e/ljFv/v549Z/H+QP2bx3zZ/zOK/Xf6YxX/7/DGL/w/zxyz+O+SPWfx/lD9m8d8xf8ziv1P+mMX/x/ljFv+d88cs/rvkj1n8d80fs/j/JH/M4r9b/pjF/6f5Yxb/n+WPWfx3zx+z+O+RP2bx3zN/zOL/8/wxi/9e+WMW/73zxyz+++SPWfz3zR+z+O+XP2bx3z9/zOL/i/wxi/8B+WMW/wPzxyz+v8wfs/j/Kn/M4n9Q/pjF/9f5Yxb/g/PHLP6H5I9Z/A/NH7P4/yZ/zOL/2/wxi/9h+WMW/9/lj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi//v88cs/sfkj1n8j80fs/gflz9m8T8+f8zi/4f8MYv/CfljFv8T88cs/iflj1n8T84fs/ifkj9m8f9j/pjF/9T8MYv/n/LHLP6n5Y9Z/P+cP2bx/0v+mMX/9Pwxi/8Z+WMW/7/mj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4X5U/ZvG/On/M4n9N/pjF/9r8MYv/dfljFv/r88cs/jfkj1n8b8wfs/jflD9m8b85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+d+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/B/MH7P4P5Q/ZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5Yxb/1/PHLP5v5I9J/McYyB+z+A/KH7P4D84fs/iPkT9m8R+SP2bxHzN/zOI/Vv6YxX/s/DGL/zj5Yxb/cfPHLP7j5Y9Z/MfPH7P4T5A/ZvGfMH/M4j9R/pjFf+L8MYv/JPljFv9J88cs/pPlj1n835M/ZvF/b/6Yxf99+WMW//fnj1n8P5A/ZvGfPH/M4v/B/DGL/4fyxyz+H84fs/h/JH/M4j9F/pjF/6P5Yxb/KfPHLP5D88cs/lPlj1n8p84fs/hPkz9m8Z82f8ziP13+mMV/+vwxi/8M+WMW/xnzxyz+H8sfs/h/PH/M4v+J/DGL/yfzxyz+n8ofs/jPlD9m8Z85f8ziP0v+mMV/1vwxi/9s+WMW/9nzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP6fzh+z+H8mf8zi/9n8MYv/5/LHLP4L5I9Z/BfMH7P4L5Q/ZvFfOH/M4v/5/DGL/xfyxyz+i+SPWfwXzR+z+H8xf8ziv1j+mMX/S/ljFv/F88cs/kvkj1n8v5w/ZvFfMn/M4r9U/pjFf+n8MYv/V/7u//Ibw3tHVu8/LYv/Mu3/mMV/2fwxi/9y+WMW/+Xzxyz+X80fs/ivkD9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/6/lj1n8v54/ZvFfNX/M4r9a/pjFf/X8MYv/GvljFv9v5I9Z/NfMH7P4r5U/ZvFfO3/M4r9O/pjFf938MYv/evljFv/188cs/t/MH7P4b5A/ZvHfMH/M4r9R/pjFf+P8MYv/JvljFv9N88cs/t/KH7P4b5Y/ZvHfPH/M4r9F/pjF/9v5Yxb/7+SPWfy3zB+z+G+VP2bx3zp/zOK/Tf6Yxf+7+WMW/+/lj1n8v58/ZvH/Qf6YxX/b/DGL/3b5Yxb/7fPHLP4/zB+z+O+QP2bx/1H+mMV/x/wxi/9O+WMW/x/nj1n8d84fs/jvkj9m8d81f8zi/5P8MYv/bvljFv+f5o9Z/H+WP2bx3z1/zOK/R/6YxX/P/DGL/8/zxyz+e+WPWfz3zh+z+O+TP2bx3zd/zOK/X/6YxX///DGL/y/yxyz+B+SPWfwPzB+z+P8yf8zi/6v8MYv/QfljFv9f549Z/A/OH7P4H5I/ZvE/NH/M4v+b/DGL/2/zxyz+h+WPWfx/lz9m8T88f8zif0T+mMX/yPwxi/9R+WMW/6Pzxyz+v88fs/gfkz9m8T82f8zif1z+mMX/+Pwxi/8f8scs/ifkj1n8T8wfs/iflD9m8T85f8zif0r+mMX/j/ljFv9T88cs/n/KH7P4n5Y/ZvH/c/6Yxf8v+WMW/9Pzxyz+Z+SPWfz/mj9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvG/Mn/M4n9V/pjF/+r8MYv/NfljFv9r88cs/tflj1n8r88fs/jfkD9m8b8xf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+t+WPWfxvzx+z+N+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvF/MH/M4v9Q/pjF/+H8MYv/I/ljFv9H88cs/o9Z/cd9+7st/o9b/f+LLP5P5I9Z/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPSfyHDOSPWfwH5Y9Z/Afnj1n8x8gfs/gPyR+z+I+ZP2bxHyt/zOI/dv6YxX+c/DGL/7j5Yxb/8fLHLP7j549Z/CfIH7P4T5g/ZvGfKH/M4j9x/pjFf5L8MYv/pPljFv/J8scs/u/JH7P4vzd/zOL/vvwxi//788cs/h/IH7P4T54/ZvH/YP6Yxf9D+WMW/w/nj1n8P5I/ZvGfIn/M4v/R/DGL/5T5Yxb/ofljFv+p8scs/lPnj1n8p8kfs/hPmz9m8Z8uf8ziP33+mMV/hvwxi/+M+WMW/4/lj1n8P54/ZvH/RP6Yxf+T+WMW/0/lj1n8Z8ofs/jPnD9m8Z8lf8ziP2v+mMV/tvwxi//s+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/T+ePWfw/kz9m8f9s/pjF/3P5Yxb/BfLHLP4L5o9Z/BfKH7P4L5w/ZvH/fP6Yxf8L+WMW/0Xyxyz+i+aPWfy/mD9m8V8sf8zi/6X8MYv/4vljFv8l8scs/l/OH7P4L5k/ZvFfKn/M4r90/pjF/yv5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvH/av6YxX+F/DGL/4r5Yxb/lfLHLP4r549Z/FfJH7P4fy1/zOL/9fwxi/+q+WMW/9Xyxyz+q+ePWfzXyB+z+H8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfzXyx+z+K+fP2bx/2b+mMV/g/wxi/+G+WMW/43yxyz+G+ePWfw3yR+z+G+aP2bx/1b+mMV/s/wxi//m+WMW/y3yxyz+384fs/h/J3/M4r9l/pjFf6v8MYv/1vljFv9t8scs/t/NH7P4fy9/zOL//fwxi/8P8scs/tvmj1n8t8sfs/hvnz9m8f9h/pjFf4f8MYv/j/LHLP475o9Z/HfKH7P4/zh/zOK/c/6YxX+X/DGL/675Yxb/n+SPWfx3yx+z+P80f8zi/7P8MYv/7vljFv898scs/nvmj1n8f54/ZvHfK3/M4r93/pjFf5/8MYv/vvljFv/98scs/vvnj1n8f5E/ZvE/IH/M4n9g/pjF/5f5Yxb/X+WPWfwPyh+z+P86f8zif3D+mMX/kPwxi/+h+WMW/9/kj1n8f5s/ZvE/LH/M4v+7/DGL/+H5Yxb/I/LHLP5H5o9Z/I/KH7P4H50/ZvH/ff6Yxf+Y/DGL/7H5Yxb/4/LHLP7H549Z/P+QP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/U/LHLP5/zB+z+J+aP2bx/1P+mMX/tPwxi/+f88cs/n/JH7P4n54/ZvE/I3/M4v/X/DGL/5n5Yxb/s/LHLP5n549Z/M/JH7P4n5s/ZvE/L3/M4n9+/pjF/4L8MYv/hfljFv+L8scs/hfnj1n8L8kfs/hfmj9m8b8sf8zif3n+mMX/ivwxi/+V+WMW/6vyxyz+V+ePWfyvyR+z+F+bP2bxvy5/zOJ/ff6Yxf+G/DGL/435Yxb/m/LHLP43549Z/G/JH7P435o/ZvG/LX/M4n97/pjF/478MYv/nfljFv+78scs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMX/gfwxi/+D+WMW/4fyxyz+D+ePWfwfyR+z+D+aP2bxfyx/zOL/eP6Yxf+J/DGL/5P5Yxb/p/LHLP5P549Z/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfs/i/mj9m8X8tf8zi/3r+mMX/jfwxif+YA/ljFv9B+WMW/8H5Yxb/MfLHLP5D8scs/mPmj1n8x8ofs/iPnT9m8R8nf8ziP27+mMV/vPwxi//4+WMW/wnyxyz+E+aPWfwnyh+z+E+cP2bxnyR/zOI/af6YxX+y/DGL/3vyxyz+780fs/i/L3/M4v/+/DGL/wfyxyz+k+ePWfw/mD9m8f9Q/pjF/8P5Yxb/j+SPWfynyB+z+H80f8ziP2X+mMV/aP6YxX+q/DGL/9T5Yxb/afLHLP7T5o9Z/KfLH7P4T58/ZvGfIX/M4j9j/pjF/2P5Yxb/j+ePWfw/kT9m8f9k/pjF/1P5Yxb/mfLHLP4z549Z/GfJH7P4z5o/ZvGfLX/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMX/0/ljFv/P5I9Z/D+bP2bx/1z+mMV/gfwxi/+C+WMW/4Xyxyz+C+ePWfw/nz9m8f9C/pjFf5H8MYv/ovljFv8v5o9Z/BfLH7P4fyl/zOK/eP6YxX+J/DGL/5fzxyz+S+aPWfyXyh+z+C+dP2bx/0r+mMV/mfwxi/+y+WMW/+Xyxyz+y+ePWfy/mj9m8V8hf8ziv2L+mMV/pfwxi//K+WMW/1Xyxyz+X8sfs/h/PX/M4r9q/pjFf7X8MYv/6vljFv818scs/t/IH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv/18scs/uvnj1n8v5k/ZvHfIH/M4r9h/pjFf6P8MYv/xvljFv9N8scs/pvmj1n8v5U/ZvHfLH/M4r95/pjFf4v8MYv/t/PHLP7fyR+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/3dH8x/nf3u9/kOz+H+v/R+z+H8/f8zi/4P8MYv/tvljFv/t8scs/tvnj1n8f5g/ZvHfIX/M4v+j/DGL/475Yxb/nfLHLP4/zh+z+O+cP2bx3yV/zOK/a/6Yxf8n+WMW/93yxyz+P80fs/j/LH/M4r97/pjFf4/8MYv/nvljFv+f549Z/PfKH7P4750/ZvHfJ3/M4r9v/pjFf7/8MYv//vljFv9f5I9Z/A/IH7P4H5g/ZvH/Zf6Yxf9X+WMW/4Pyxyz+v84fs/gfnD9m8T8kf8zif2j+mMX/N/ljFv/f5o9Z/A/LH7P4/y5/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/H+fP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/P+SPWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/x/zxyz+p+aPWfz/lD9m8T8tf8zi/+f8MYv/X/LHLP6n549Z/M/IH7P4/zV/zOJ/Zv6Yxf+s/DGL/9n5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4n9h/pjF/6L8MYv/xfljFv9L8scs/pfmj1n8L8sfs/hfnj9m8b8if8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyv+2f/bf9X1+s/NIv/9e3/mMX/hvwxi/+N+WMW/5vyxyz+N+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf+O/DGL/535Yxb/u/LHLP53549Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH7P4v5o/ZvF/LX/M4v96/pjF/438MYn/WAP5Yxb/QfljFv/B+WMW/zHyxyz+Q/LHLP5j5o9Z/MfKH7P4j50/ZvEfJ3/M4j9u/pjFf7z8MYv/+PljFv8J8scs/hPmj1n8J8ofs/hPnD9m8Z8kf8ziP6nJf4J/fVaL/2Qm/38ji/978scs/u/NH7P4vy9/zOL//vwxi/8H8scs/pPnj1n8P5g/ZvH/UP6Yxf/D+WMW/4/kj1n8p8gfs/h/NH/M4j9l/pjFf2j+mMV/qvwxi//U+WMW/2nyxyz+0+aPWfynyx+z+E+fP2bxnyF/zOI/Y/6Yxf9j+WMW/4/nj1n8P5E/ZvH/ZP6Yxf9T+WMW/5nyxyz+M+ePWfxnyR+z+M+aP2bxny1/zOI/e/6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjF/9P5Yxb/z+SPWfw/mz9m8f9c/pjFf4H8MYv/gvljFv+F8scs/gvnj1n8P58/ZvH/Qv6YxX+R/DGL/6L5Yxb/L+aPWfwXyx+z+H8pf8ziv3j+mMV/ifwxi/+X88cs/kvmj1n8l8ofs/gvnT9m8f9K/pjFf5n8MYv/svljFv/l8scs/svnj1n8v5o/ZvFfIX/M4r9i/pjFf6X8MYv/yvljFv9V8scs/l/LH7P4fz1/zOK/av6YxX+1/DGL/+r5Yxb/NfLHLP7fyB+z+K+ZP2bxXyt/zOK/dv6YxX+d/DGL/7r5Yxb/9fLHLP7r549Z/L+ZP2bx3yB/zOK/Yf6YxX+j/DGL/8b5Yxb/TfLHLP6b5o9Z/L+VP2bx3yx/zOK/ef6YxX+L/DGL/7fzxyz+38kfs/hvmT9m8d8qf8ziv3X+mMV/m/wxi/9388cs/t/LH7P4fz9/zOL/g/wxi/+2+WMW/+3yxyz+2+ePWfx/mD9m8d8hf8zi/6P8MYv/jvljFv+d8scs/j/OH7P475w/ZvHfJX/M4r9r/pjF/yf5Yxb/3fLHLP4/zR+z+P8sf8ziv3v+mMV/j/wxi/+e+WMW/5/nj1n898ofs/jvnT9m8d8nf8ziv2/+mMV/v/wxi//++WMW/1/kj1n8D8gfs/gfmD9m8f9l/pjF/1f5Yxb/g/LHLP6/zh+z+B+cP2bxPyR/zOJ/aP6Yxf83+WMW/9/mj1n8D8sfs/j/Ln/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8f58/ZvE/Jn/M4n9s/pjF/7j8MYv/8fljFv8/5I9Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/H/PHLP6n5o9Z/P+UP2bxPy1/zOL/5/wxi/9f8scs/qfnj1n8z8gfs/j/NX/M4n9m/pjF/6z8MYv/2fljFv9z8scs/ufmj1n8z8sfs/ifnz9m8b8gf8zif2H+mMX/ovwxi//F+WMW/0vyxyz+l+aPWfwvyx+z+F+eP2bxvyJ/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxi//L+WMW/1fyxyz+r+aPWfxfyx+z+L+eP2bxfyN/TOI/9kD+mMV/UP6YxX9w/pjFf4z8MYv/kPwxi/+Y+WMW/7Hyxyz+Y+ePWfzHyR+z+I+bP2bxHy9/zOI/fv6YxX+C/DGL/4T5Yxb/ifLHLP4T549Z/CfJH7P4T5o/ZvGfLH/M4v+e/DGL/3vzxyz+78sfs/i/P3/M4v+B/DGL/+T5Yxb/D+aPWfw/lD9m8f9w/pjF/yP5Yxb/KfLHLP4fzR+z+E+ZP2bxH5o/ZvGfKn/M4j91/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/jPmD9m8f9Y/pjF/+P5Yxb/T+SPWfw/mT9m8f9U/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8Z8sfs/jPnj9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bx/3T+mMX/M/ljFv/P5o9Z/D+XP2bxXyB/zOK/YP6YxX+h/DGL/8L5Yxb/z+ePWfy/kD9m8V8kf8ziv2j+mMX/i/ljFv/F8scs/l/KH7P4L54/ZvFfIn/M4v/l/DGL/5L5Yxb/pfLHLP5L549Z/L+SP2bxXyZ/zOK/bP6YxX+5/DGL//L5Yxb/r+aPWfxXyB+z+K+YP2bxXyl/zOK/cv6YxX+V/DGL/9fyxyz+X88fs/ivmj9m8V8tf8ziv3r+mMV/jfwxi/838scs/mvmj1n818ofs/ivnT9m8V8nf8ziv27+mMV/vfwxi//6+WMW/2/mj1n8N8gfs/hvmD9m8d8of8ziv3H+mMV/k/wxi/+m+WMW/2/lj1n8N8sfs/hvnj9m8d8if8zi/+38MYv/d/LHLP5b5o9Z/LfKH7P4b50/ZvHfJn/M4v/d/DGL//fyxyz+388fs/j/IH/M4r9t/pjFf7v8MYv/9vljFv8f5o9Z/HfIH7P4/yh/zOK/Y/6YxX+n/DGL/4/zxyz+O+ePWfx3yR+z+O+aP2bx/0n+mMV/t/wxi/9P88cs/j/LH7P4754/ZvHfI3/M4r9n/pjF/+f5Yxb/vfLHLP57549Z/PfJH7P475s/ZvHfL3/M4r9//ti72H/QqP6/yB97F/v/w/5/QP6Yxf/A/DGL/y/zxyz+v8ofs/gflD9m8f91/pjF/+D8MYv/IfljFv9D88cs/r/JH7P4/zZ/zOJ/WP6Yxf93+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOL/+/wxi/8x+WMW/2Pzxyz+x+WPWfyPzx+z+P8hf8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+p+SPWfz/mD9m8T81f8zi/6f8MYv/afljFv8/549Z/P+SP2bxPz1/zOJ/Rv6Yxf+v+WMW/zPzxyz+Z+WPWfzPzh+z+J+j8R/n35rb4n+uxv/fy+J/Xv6Yxf/8/DGL/wX5Yxb/C/PHLP4X5Y9Z/C/OH7P4X5I/ZvG/NH/M4n9Z/pjF//L8MYv/FfljFv8r88cs/lflj1n8r84fs/hfkz9m8b82f8zif13+mMX/+vwxi/8N+WMW/xvzxyz+N+WPWfxvzh+z+N+SP2bxvzV/zOJ/W/6Yxf/2/DGL/x35Yxb/O/PHLP535Y9Z/O/OH7P435M/ZvG/N3/M4n9f/pjF//78MYv/A/ljFv8H88cs/g/lj1n8H84fs/g/kj9m8X80f8zi/1j+mMX/8fwxi/8T+WMW/yfzxyz+T+WPWfyfzh+z+D+TP2bxfzZ/zOL/XP6Yxf/5/DGL/wv5Yxb/F/PHLP4v5Y9Z/F/OH7P4v5I/ZvF/NX/M4v9a/pjF//X8MYv/G/ljEv83PxQ5/3/O4j8of8ziPzh/zOI/Rv6YxX9I/pjFf8z8MYv/WPljFv+x88cs/uPkj1n8x80fs/iPlz9m8R8/f8ziP0H+mMV/wvwxi/9E+WMW/4nzxyz+k+SPWfwnzR+z+E+WP2bxf0/+mMX/vfljFv/35Y9Z/N+fP2bx/0D+mMV/8vwxi/8H88cs/h/KH7P4fzh/zOL/kfwxi/8U+WMW/4/mj1n8p8wfs/gPzR+z+E+VP2bxnzp/zOI/Tf6YxX/a/DGL/3T5Yxb/6fPHLP4z5I9Z/GfMH7P4fyx/zOL/8fwxi/8n8scs/p/MH7P4fyp/zOI/U/6YxX/m/DGL/yz5Yxb/WfPHLP6z5Y9Z/GfPH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/h/On/M4v+Z/DGL/2fzxyz+n8sfs/gvkD9m8V8wf8ziv1D+mMV/4fwxi//n88cs/l/IH7P4L5I/ZvFfNH/M4v/F/DGL/2L5Yxb/L+WPWfwXzx+z+C+RP2bx/3L+mMV/yfwxi/9S+WMW/6Xzxyz+X8kfs/gvkz9m8V82f8ziv1z+mMV/+fwxi/9X88cs/ivkj1n8V8wfs/ivlD9m8V85f8ziv0r+mMX/a/ljFv+v549Z/FfNH7P4r5Y/ZvFfPX/M4r9G/pjF/xv5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvFfN3/M4r9e/pjFf/38MYv/N/PHLP4b5I9Z/DfMH7P4b5Q/ZvHfOH/M4r9J/pjFf9P8MYv/t/LHLP6b5Y9Z/DfPH7P4b5E/ZvH/dv6Yxf87+WMW/y3zxyz+W+WPWfy3zh+z+G+TP2bx/27+mMX/e/ljFv/v549Z/H+QP2bx3zZ/zOK/Xf6YxX/7/DGL/w/zxyz+O+SPWfx/lD9m8d8xf8ziv1P+mMX/x/ljFv+d88cs/rvkj1n8d80fs/j/JH/M4r9b/pjF/6f5Yxb/n+WPWfx3zx+z+O+RP2bx3zN/zOL/8/wxi/9e+WMW/73zxyz+++SPWfz3zR+z+O+XP2bx3z9/zOL/i/wxi/8B+WMW/wPzxyz+v8wfs/j/Kn/M4n9Q/pjF/9f5Yxb/g/PHLP6H5I9Z/A/NH7P4/yZ/zOL/2/wxi/9h+WMW/9/lj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi//v88cs/sfkj1n8j80fs/gflz9m8T8+f8zi/4f8MYv/CfljFv8T88cs/iflj1n8T84fs/ifkj9m8f9j/pjF/9T8MYv/n/LHLP6n5Y9Z/P+cP2bx/0v+mMX/9Pwxi/8Z+WMW/7/mj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4X5U/ZvG/On/M4n9N/pjF/9r8MYv/dfljFv/r88cs/jfkj1n8b8wfs/jflD9m8b85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+d+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/B/MH7P4P5Q/ZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5Yxb/1/PHLP5v5I9J/McdyB+z+A/KH7P4D84fs/iPkT9m8R+SP2bxHzN/zOI/Vv6YxX/s/DGL/zj5Yxb/cfPHLP7j5Y9Z/MfPH7P4T5A/ZvGfMH/M4j9R/pjFf+L8MYv/JPljFv9J88cs/pPlj1n835M/ZvF/b/6Yxf99+WMW//fnj1n8P5A/ZvGfPH/M4v/B/DGL/4fyxyz+H84fs/h/JH/M4j9F/pjF/6P5Yxb/KfPHLP5D88cs/lPlj1n8p84fs/hPkz9m8Z82f8ziP13+mMV/+vwxi/8M+WMW/xnzxyz+H8sfs/h/PH/M4v+J/DGL/yfzxyz+n8ofs/jPlD9m8Z85f8ziP0v+mMV/1vwxi/9s+WMW/9nzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP6fzh+z+H8mf8zi/9n8MYv/5/LHLP4L5I9Z/BfMH7P4L5Q/ZvFfOH/M4v/5/DGL/xfyxyz+i+SPWfwXzR+z+H8xf8ziv1j+mMX/S/+K/+D/H9frPzSL/+Lt/5jFf4n8MYv/l/PHLP5L5o9Z/JfKH7P4L50/ZvH/Sv6YxX+Z/DGL/7L5Yxb/5fLHLP7L549Z/L+aP2bxXyF/zOK/Yv6YxX+l/DGL/8r5Yxb/VfLHLP5fyx+z+H89f8ziv2r+mMV/tfwxi//q+WMW/zXyxyz+38gfs/ivmT9m8V8rf8ziv3b+mMV/nfwxi/+6+WMW//Xyxyz+6+ePWfy/mT9m8d8gf8ziv2H+mMV/o/wxi//G+WMW/03yxyz+m+aPWfy/lT9m8d8sf8ziv3n+mMV/i/wxi/+388cs/t/JH7P4b5k/ZvHfKn/sXer/JvWo/lvnj71L/d9sVP9t8scs/t/NH7P4fy9/zOL//fwxi/8P8scs/tvmj1n8t8sfs/hvnz9m8f9h/pjFf4f8MYv/j/LHLP475o9Z/HfKH7P4/zh/zOK/c/6YxX+X/DGL/675Yxb/n+SPWfx3yx+z+P80f8zi/7P8MYv/7vljFv898scs/nvmj1n8f54/ZvHfK3/M4r93/pjFf5/8MYv/vvljFv/98scs/vvnj1n8f/G2/t4tw+J/gFr5rbP4H5g/ZvH/Zf6Yxf9X+WMW/4Pyxyz+v84fs/gfnD9m8T8kf8zif2j+mMX/N/ljFv/f5o9Z/A/LH7P4/y5/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/H+fP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/P+SPWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/x/zxyz+p+aPWfz/lD9m8T8tf8zi/+f8MYv/X/LHLP6n549Z/M/IH7P4/zV/zOJ/Zv6Yxf+s/DGL/9n5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4n9h/pjF/6L8MYv/xfljFv9L8scs/pfmj1n8L8sfs/hfnj9m8b8if8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfs/i/nj9m8X8jf0ziP95A/pjFf1D+mMV/cP6YxX+M/DGL/5D8MYv/mPljFv+x8scs/mPnj1n8x8kfs/iPmz9m8R8vf8ziP37+mMV/gvwxi/+E+WMW/4nyxyz+E+ePWfwnyR+z+E+aP2bxnyx/zOL/nvwxi/9788cs/u/LH7P4vz9/zOL/gfwxi//k+WMW/w/mj1n8P5Q/ZvH/cP6Yxf8j+WMW/ynyxyz+H80fs/hPmT9m8R+aP2bxnyp/zOI/df6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/WP6Yxf/j+WMW/0/kj1n8P5k/ZvH/VP6YxX+m/DGL/8z5Yxb/WfLHLP6z5o9Z/GfLH7P4z54/ZvGfI3/M4j9n/pjFf678MYv/3PljFv958scs/vPmj1n858sfs/jPnz9m8f90/pjF/zP5Yxb/z+aPWfw/lz9m8V8gf8ziv2D+mMV/ofwxi//C+WMW/8/nj1n8v5A/ZvFfJH/M4r9o/pjF/4v5Yxb/xfLHLP5fyh+z+C+eP2bxXyJ/zOL/5fwxi/+S+WMW/6Xyxyz+S+ePWfy/kj9m8V8mf8ziv2z+mMV/ufwxi//y+WMW/6/mj1n8V8gfs/ivmD9m8V8pf8ziv3L+mMV/lfwxi//X8scs/l/PH7P4r5o/ZvFfLX/M4r96/pjFf438MYv/N/LHLP5r5o9Z/NfKH7P4r50/ZvFfJ3/M4r9u/pjFf738MYv/+vljFv9v5o9Z/DfIH7P4b5g/ZvHfKH/M4r9x/pjFf5P8MYv/pvljFv9v5Y9Z/DfLH7P4b54/ZvHfIn/M4v/t/DGL/3fyxyz+W+aPWfy3yh+z+G+dP2bx3yZ/zOL/3fwxi//38scs/t/PH7P4/yB/zOK/bf6YxX+7/DGL//b5Yxb/H+aPWfx3yB+z+P8of8ziv2P+mMV/p/wxi/+P88cs/jvnj1n8d8kfs/jvmj9m8f9J/pjFf7f8MYv/T/PHLP4/yx+z+O+eP2bx3yN/zOK/Z/6Yxf/n+WMW/73yxyz+e+ePWfz3yR+z+O+bP2bx3y9/zOK/f/6Yxf8X+WMW/wPyxyz+B+aPWfx/mT9m8f9V/pjF/6D8MYv/r/PHLP4H549Z/A/JH7P4H5o/ZvH/Tf6Yxf+3+WMW/8Pyxyz+v8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/9/nj1n8j8kfs/gfmz9m8T8uf8zif3z+mMX/D/ljFv8T8scs/ifmj1n8T8ofs/ifnD9m8T8lf8zi/8f8MYv/qfljFv8/5Y9Z/E/LH7P4/zl/zOL/l/wxi//p+WMW/zPyxyz+f80fs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvG/Kn/M4n91/pjF/5r8MYv/tfljFv/r8scs/tfnj1n8b8gfs/jfmD9m8b8pf8zif3P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfzvyB+z+N+ZP2bxvyt/zOJ/d/6Yxf+e/DGL/735Yxb/+/LHLP73549Z/B/IH7P4P5g/ZvF/KH/M4v9w/pjF/5H8MYv/o/ljFv/H8scs/o/nj1n8n8gfs/g/mT9m8X8qf8zi/3T+mMX/mfwxi/+z+WMW/+fyxyz+z+ePWfxfyB+z+L+YP2bxfyl/zOL/cv6Yxf+V/DGL/6v5Yxb/1/LHLP6v549Z/N/IH5P4jz+QP2bxH5Q/ZvEfnD9m8R8jf8ziPyR/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7j5o9Z/MfLH7P4j58/ZvGfIH/M4j9h/pjFf6L8MYv/xPljFv9J8scs/pPmj1n8J8sfs/i/J3/M4v/e/DGL//vyxyz+788fs/h/IH/M4j95/pjF/4P5Yxb/D+WPWfw/nD9m8f9I/pjFf4r8MYv/R/PHLP5T5o9Z/Ifmj1n8p8ofs/hPnT9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/xnyxyz+M+aPWfw/lj9m8f94/pjF/xP5Yxb/T+aPWfw/lT9m8Z8pf8ziP3P+mMV/lvwxi/+s+WMW/9nyxyz+s+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/D+dP2bx/0z+mMX/s/ljFv/P5Y9Z/BfIH7P4L5g/ZvFfKH/M4r9w/pjF//P5Yxb/L+SPWfwXyR+z+C+aP2bx/2L+mMV/sfwxi/+X8scs/ovnj1n8l8gfs/h/OX/M4r9k/pjFf6n8MYv/0vljFv+v5I9Z/JfJH7P4L5s/ZvFfLn/M4r98/pjF/6v5Yxb/FfLHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4v+1/DGL/9fzxyz+q+aPWfxXyx+z+K+eP2bxXyN/zOL/jfwxi/+a+WMW/7Xyxyz+a+ePWfzXyR+z+K+bP2bxXy9/zOK/fv6Yxf+b+WMW/w3yxyz+G+aPWfw3yh+z+G+cP2bx3yR/zOK/af6Yxf9b+WMW/83yxyz+m+ePWfy3yB+z+H87f8zi/538MYv/lvljFv+t8scs/lvnj1n8t8kfs/h/N3/M4v+9/DGL//fzxyz+P8gfs/hvmz9m8d8uf8ziv33+mMX/h/ljFv8d8scs/j/KH7P475g/ZvHfKX/M4v/j/DGL/875Yxb/XfLHLP675o9Z/H+SP2bx3y1/zOL/0/wxi//P8scs/rvnj1n898gfs/jvmT9m8f95/pjFf6/8MYv/3vljFv998scs/vvmj1n898sfs/jvnz9m8f9F/pjF/4D8MYv/gfljFv9f5o9Z/H+VP2bxPyh/zOL/6/wxi//B+WMW/0Pyxyz+h+aPWfx/kz9m8f9t/pjF/7D8MYv/7/LHLP6H549Z/I/IH7P4H5k/ZvE/Kn/M4n90/pjF//f5Yxb/Y/LHLP7H5o9Z/I/LH7P4H58/ZvH/Q/6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4/zF/zOJ/av6Yxf9P+WMW/9Pyxyz+f84fs/j/JX/M4n96/pjF/4z8MYv/X/PHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+V+aPWfyvyh+z+F+dP2bxvyZ/zOJ/bf6Yxf+6/DGL//X5Yxb/G/LHLP435o9Z/G/KH7P435w/ZvG/JX/M4n9r/pjF/7b8MYv/7fljFv878scs/nfmj1n878ofs/jfnT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+D+aPWfwfyh+z+D+cP2bxfyR/zOL/aP6Yxf+x/DGL/+P5Yxb/J/LHLP5P5o9Z/J/KH7P4P50/ZvF/Jn/M4v9s/pjF/7n8MYv/8/ljFv8X8scs/i/mj1n8X8ofs/i/nD9m8X8lf8zi/2r+mMX/tfwxi//r+WMW/zfyxyT+Ewzkj1n8B+WPWfwH549Z/MfIH7P4D8kfs/iPmT/27vcf9spvYIKx8sfe/f5vNsHY+WMW/3Hyxyz+4+r9B+NUi/94en/O4j9+/pjFf4L8MYv/hPljFv+J8scs/hPnj1n8J8kfs/hPmj9m8Z8sf8zi/578MYv/e/PHLP7vyx+z+L8/f8zi/4H8MYv/5PljFv8P5o9Z/D+UP2bx/3D+mMX/I/ljFv8p8scs/h/NH7P4T5k/ZvEfmj9m8Z8qf8ziP3X+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+M+YP2bx/1j+mMX/4/ljFv9P5I9Z/D+ZP2bx/1T+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfxnyx+z+M+eP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvH/dP6Yxf8z+WMW/8/mj1n8P5c/ZvFfIH/M4r9g/pjFf6H8MYv/wvljFv/P549Z/L+QP2bxXyR/zOK/aP6Yxf+L+WMW/8Xyxyz+X8ofs/gvnj9m8V8if8zi/+X8MYv/kvljFv+l8scs/kvnj1n8v5I/ZvFfJn/M4r9s/pjFf7n8MYv/8vljFv+v5o9Z/FfIH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/1/LHLP5fzx+z+K+aP2bxXy1/zOK/ev6YxX+N/DGL/zfyxyz+a+aPWfzXyh+z+K+dP2bxXyd/zOK/bv6YxX+9/DGL//r5Yxb/b+aPWfw3yB+z+G+YP2bx3yh/zOK/cf6YxX+T/DGL/6b5Yxb/b+WPWfw3yx+z+G+eP2bx3yJ/zOL/7fwxi/938scs/lvmj1n8t8ofs/hvnT9m8d8mf8zi/938MYv/9/LHLP7fzx+z+P8gf8ziv23+mMV/u/wxi//2+WMW/x/mj1n8d8gfs/j/KH/M4r9j/pjFf6f8MYv/j/PHLP47549Z/HfJH7P475o/ZvH/Sf6YxX+3/DGL/0/zxyz+P8sfs/jvnj9m8d8jf8ziv2f+mMX/5/ljFv+98scs/nvnj1n898kfs/jvmz9m8d8vf8ziv3/+mMX/F/ljFv8D8scs/gfmj1n8f5k/ZvH/Vf6Yxf+g/DGL/6/zxyz+B+ePWfwPyR+z+B+aP2bx/03+mMX/t/ljFv/D8scs/r/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv/f549Z/I/JH7P4H5s/ZvE/Ln/M4n98/pjF/w/5Yxb/E/LH/u4/7sC72f/E/DHL/n9S/pjF/+T8MYv/KfljFv8/5o9Z/E/NH7P4/yl/zOJ/Wv6Yxf/P+WMW/7/kj1n8T88fs/ifkT9m8f9r/pjF/8z8MYv/WfljFv+z/0v/1///Xa//0Cz+57T/Yxb/c/PHLP7n5Y9Z/M/PH7P4X5A/ZvG/MH/M4n9R/pjF/+L8MYv/JfljFv9L88cs/pflj1n8L88fs/hfkT9m8b8yf8zif1X+mMX/6vwxi/81+WMW/2vzxyz+1+WPWfyvzx+z+N+QP2bxvzF/zOJ/U/6Yxf/m/DGL/y35Yxb/W/PHLP635Y9Z/G/PH7P435E/ZvG/M3/M4n9X/pjF/+78MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8X8wf8zi/1D+mMX/4fwxi/8j+WMW/0fzxyz+j+WPWfwfzx+z+D+RP2bxfzJ/zOL/VP6Yxf/p/DGL/zP5Yxb/Z/PHLP7P5Y9Z/J/PH7P4v5A/ZvF/MX/M4v9S/pjF/+X8MYv/K/ljFv9X88cs/q/lj1n8X88fs/i/kT8m8Z9wIH/M4j8of8ziPzh/zOI/Rv6YxX9I/pjFf8z8MYv/WPljFv+x88cs/uPkj1n8x80fs/iPlz9m8R8/f8ziP0H+mMV/wvwxi/9E+WMW/4nzxyz+k+SPWfwnzR+z+E+WP2bxf0/+mMX/vfljFv/35Y9Z/N+fP2bx/0D+mMV/8vwxi/8H88cs/h/KH7P4fzh/zOL/kfwxi/8U+WMW/4/mj1n8p8wfs/gPzR+z+E+VP2bxnzp/zOI/Tf6YxX/a/DGL/3T5Yxb/6fPHLP4z5I9Z/GfMH7P4fyx/zOL/8fwxi/8n8scs/p/MH7P4fyp/zOI/U/6YxX/m/DGL/yz5Yxb/WfPHLP6z5Y9Z/GfPH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/h/On/M4v+Z/DGL/2fzxyz+n8sfs/gvkD9m8V8wf8ziv1D+mMV/4fwxi//n88cs/l/IH7P4L5I/ZvFfNH/M4v/F/DGL/2L5Yxb/L+WPWfwXzx+z+C+RP2bx/3L+mMV/yfwxi/9S+WMW/6Xzxyz+X8kfs/gvkz9m8V82f8ziv1z+mMV/+fwxi/9X88cs/ivkj1n8V8wfs/ivlD9m8V85f8ziv0r+mMX/a/ljFv+v549Z/FfNH7P4r5Y/ZvFfPX/M4r9G/pjF/xv5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvFfN3/M4r9e/pjFf/38MYv/N/PHLP4b5I9Z/DfMH7P4b5Q/ZvHfOH/M4r9J/pjFf9P8MYv/t/LHLP6b5Y9Z/DfPH7P4b5E/ZvH/dv6Yxf87+WMW/y3zxyz+W+WPWfy3zh+z+G+TP2bx/27+mMX/e/ljFv/v549Z/H+QP2bx3zZ/zOK/Xf6YxX/7/DGL/w/zxyz+O+SPWfx/lD9m8d8xf8ziv1P+mMX/x/ljFv+d88cs/rvkj1n8d80fs/j/JH/M4r9b/pjF/6f5Yxb/n+WPWfx3zx+z+O+RP2bx3zN/zOL/8/wxi/9e+WMW/73zxyz+++SPWfz3zR+z+O+XP2bx3z9/zOL/i/wxi/8B+WMW/wPzxyz+v8wfs/j/Kn/M4n9Q/pjF/9f5Yxb/g/PH3o3+gwYGthsYzf+Q/LF3oz/t/4fmj1n8f5M/ZvH/bf6Yxf+w/DGL/+/yxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf/3+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bx/0P+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfxPyR+z+P8xf8zif2r+mMX/T/ljFv/T8scs/n/OH7P4/yV/zOJ/ev6Yxf+M/DGL/1/zxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP4X5o9Z/C/KH7P4X5w/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/hfnT9m8b8mf8zif23+mMX/uvwxi//1+WMW/xvyxyz+N+aPWfxvyh+z+N+cP2bxvyV/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP535o9Z/O/KH7P4350/ZvG/J3/M4n9v/pjF/778MYv//fljFv8H8scs/g/mj1n8H8ofs/g/nD9m8X8kf8zi/2j+mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH7P4v5w/ZvF/JX/M4v9q/pjF/7X8MYv/6/ljFv838sck/hMN5I9Z/Aflj1n8B+ePWfzHyB+z+A/JH7P4j5k/ZvEfK3/M4j92/pjFf5z8MYv/uPljFv/x8scs/uPnj1n8J8gfs/hPmD9m8Z8of8ziP3H+mMV/kvwxi/+k+WMW/8nyxyz+78kfs/i/N3/M4v++/DGL//vzxyz+H8gfs/hPnj9m8f9g/pjF/0P5Y6P7j/tOr9B/t7fw/3D+mGX//0j+mMV/ivwxi/9H88cs/lPmj1n8h+aPWfynyh+z+E+dP2bxnyZ/zOI/bf6YxX+6/DGL//T5Yxb/GfLHLP4z5o9Z/D+WP2bx/3j+mMX/E/ljFv9P5o9Z/D+VP2bxnyl/zOI/c/6YxX+W/DGL/6z5Yxb/2fLHLP6z549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv/58scs/vPnj1n8P50/ZvH/TP6Yxf+z+WMW/8/lj1n8F8gfs/gvmD9m8V8of8ziv3D+mMX/8/ljFv8v5I9Z/BfJH7P4L5o/ZvH/Yv6YxX+x/DGL/5fyxyz+i+ePWfyXyB+z+H85f8ziv2T+mMV/qfwxi//S+WMW/6/kj1n8l8kfs/gvmz9m8V8uf8ziv3z+mMX/q/ljFv8V8scs/ivmj1n8V8ofs/ivnD9m8V8lf8zi/7X8MYv/1/PHLP6r5o9Z/FfLH7P4r54/ZvFfI3/M4v+N/DGL/5r5Yxb/tfLHLP5r549Z/NfJH7P4r5s/ZvFfL3/M4r9+/pjF/5v5Yxb/DfLHLP4b5o9Z/DfKH7P4b5w/ZvHfJH/M4r9p/pjF/1v5Yxb/zfLHLP6b549Z/LfIH7P4fzt/zOL/nfwxi/+W+WMW/63yxyz+W+ePWfy3yR+z+H83f8zi/738MYv/9/PHLP4/yB+z+G+bP2bx3y5/zOK/ff6Yxf+H+WMW/x3yxyz+P8ofs/jvmD9m8d8pf8zi/+P8MYv/zvljFv9d8scs/rvmj1n8f5I/ZvHfLX/M4v/T/DGL/8/yxyz+u+ePWfz3yB+z+O+ZP2bx/3n+mMV/r/wxi//e+WMW/33yxyz+++aPWfz3yx+z+O+fP2bx/0X+mMX/gPwxi/+B+WMW/1/mj1n8f5U/ZvE/KH/M4v/r/DGL/8H5Yxb/Q/LHLP6H5o9Z/H+TP2bx/23+mMX/sPwxi//v8scs/ofnj1n8j8gfG83/hHer/5H5Y5b9/6j8MYv/0fljFv/f549Z/I/JH7P4H5s/ZvE/Ln/M4n98/pjF/w/5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4v/H/DGL/6n5Yxb/P+WPWfxPyx+z+P85f8zi/5f8MYv/6fljFv8z8scs/n/NH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s/nj1n8X8gfs/i/mD9m8X8pf8zi/3L+mMX/lfwxi/+r+WMW/9fyxyz+r+ePWfzfyB+T+E88kD9m8R+UP2bxH5w/ZvEfI3/M4j8kf8ziP2b+mMV/rP+PnbuP17qu7zj+A77ciAo6VwsNIxBFU0FQkcwbtNQjcLQbS0lQUryZoEwp0JWS3VhbOctVrq00b1JnaumsuaajnHO6bFZW22yOzRxrhcty4lbJHgfOIc7p43l4fvz2Y+PzfP4B57roc3Xk9ag31+Fx1D+Upf9w/UNZ+o/QP5Sl/zb6h7L0H6l/KEv/bfUPZem/nf6hLP231z+Upf8o/UNZ+o/WP5Sl/w76h7L031H/UJb+v6Z/KEv/nfQPZen/6/qHsvR/if6hLP1fqn8oS//f0D+Upf/L9A9l6T9G/1CW/jvrH8rSfxf9Q1n6v1z/UJb+Y/UPZem/q/6hLP1foX8oS/9x+oey9H+l/qEs/cfrH8rSf4L+oSz9d9M/lKX/RP1DWfrvrn8oS/899A9l6T9J/1CW/nvqH8rSfy/9Q1n6v0r/UJb+e+sfytJ/H/1DWfrvq38oS//J+oey9J+ifyhL//30D2XpP1X/0Nbef9iGD0dP0z+0tffvNnp//UNZ+h+gfyhL/wP1D2XpP13/UJb+B+kfytJ/hv6hLP1frX8oS/+D9Q9l6f8a/UNZ+h+ifyhL/0P1D2Xpf5j+oSz9D9c/lKX/TP1DWfofoX8oS/8j9Q9l6f9a/UNZ+r9O/1CW/kfpH8rS/2j9Q1n6H6N/KEv/Dv1DWfofq38oS/9Z+oey9J+tfyhL/zn6h7L079Q/lKX/cfqHsvQ/Xv9Qlv6v1z+Upf8b9A9l6f9G/UNZ+r9J/1CW/ifoH8rS/836h7L0f4v+oSz9T9Q/lKX/SfqHsvSfq38oS/+36h/K0v9k/UNZ+s/TP5Sl/3z9Q1n6n6J/KEv/U/UPZem/QP9Qlv5v0z+Upf9p+oey9D9d/1CW/gv1D2Xpf4b+oSz9z9Q/lKX/WfqHsvQ/W/9Qlv6/qX8oS/9z9A9l6b9I/1CW/ov1D2Xpf67+oSz9z9M/lKX/Ev1DWfr/lv6hLP3P1z+Upf8F+oey9F+qfyhL/7frH8rS/x36h7L0X6Z/KEv/5fqHsvS/UP9Qlv4X6R/K0v+39Q9l6f9O/UNZ+r9L/1CW/hfrH8rS/xL9Q1n6r9A/lKX/u/UPZel/qf6hLP3fo38oS//36h/K0v99+oey9H+//qEs/S/TP5Sl/wf0D2Xp/0H9Q1n6/47+oSz9f1f/UJb+H9I/lKX/h/UPZel/uf6hLP1/T/9Qlv5X6B/K0v8j+oey9P+o/qEs/a/UP5Sl/+/rH8rS/2P6h7L0/7j+oSz9P6F/KEv/q/QPZen/B/qHsvT/pP6hLP3/UP9Qlv5/pH8oS/9P6R/K0v/T+oey9L9a/1CW/tfoH8rS/zP6h7L0v1b/UJb+1+kfytL/ev1DWfrfoH8oS//P6h/K0v9G/UNZ+t+kfyhL/5v1D2Xp/8f6h7L0v0X/UJb+n9M/lKX/rfqHsvS/Tf9Qlv636x/K0v/z+oey9P+C/qEs/e/QP5Sl/536h7L0/xP9Q1n636V/KEv/L+ofytL/S1VVDd9Sn9P/YVn6/6n//Yey9L9b/1CW/n+mfyhL/y/rH8rS/8/1D2Xpf4/+oSz979U/lKX/X+gfytJ/pf6hLP2/on8oS/+v6h/K0v8+/UNZ+v+l/qEs/e/XP5Sl/1/pH8rS/wH9Q1n6/7X+oSz9H9Q/lKX/Q/qHsvT/G/1DWfp/Tf9Qlv4P6x/K0v/r+oey9P9b/UNZ+j+ifyhL/2/oH8rS/5v6h7L0/5b+oSz9H9U/lKX/t/UPZen/Hf1DWfp/V/9Qlv5/p38oS/+/1z+Upf8/6B/K0v8x/UNZ+n9P/1CW/v+ofyhL/8f1D2Xp/0/6h7L0X6V/KEv/f9Y/lKX/v+gfytL/Cf1DWfp/X/9Qlv5P6h/K0v9f9Q9l6b9a/1CW/v+mfyhL/x/oH8rS/9/1D2Xp/0P9Q1n6/0j/UJb+a/QPZen/lP6hLP3/Q/9Qlv4/1j+Upf/T+oey9P+J/qEs/X+qfyhL/2f0D2Xp/5/6h7L0f1b/UJb+a/UPZen/nP6hLP3/S/9Qlv7/rX8oS/+f6R/K0v/n+oey9P+F/qEs/Z/XP5Sl/zr9Q0n671DpH8rSf5D+oSz9B+sfytJ/iP6hLP2L/qEs/YfqH8rSf5j+oSz9h+sfytJ/hP6hLP230T+Upf9I/UNZ+m+rfyhL/+30D2Xpv73+oSz9R+kfytJ/tP6hra4/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFBVHZ0z1wwZ1OupIZs+GPvwwvU/77/2xLNuuOGLO/b83P3Ls4KXHLzpg3Xr1q0b/Ez1te6Hw6uq6vpv26H78Yi+x12vf8nMqyZteFTGXfvcXrcse+6I99/+6E1rj75x1i1D1z87tDr1jLMXLZwyuKrKhKHV8q4H+w2qqrL70OqKrgdTux7sMbS6qevBtPUPtqlWdj3Y97TzFp3e9cSk2r9nAPD/XUfnimpIr8Wuev1pYNP9v2TmnSt6fu7nJXterVTd+3/3HTu9o8+v9XiB/e95/fLKvvs/4H9AAOBXDGz/7xvX83M/L/kr7//nnPvxR6Nfe+H973n9Mt7+A0Dzgq//99rovl/37/P1/+jPARvvzznlyuFd+3/j2hOWdj9VXszX/3/5+mVC3/0f3Ovr/4OqquzW8/X/4VVVJm7mbwcApNDR+e41/b3/73//y859bgZtuv873rryhK79f3zk7S/tfmroAPd/t/7e/x/V53MFAF6cjs7PrOvz/n8A+1/tHrzkxv0/cvmDL+na/288/v1xm/zaQPZ/Yt/9n7x08ZLJF1x40T5nL15w5sIzF547Y/r0gw6YfuCMqZPXf0Vgw4+b+ZsCAFu5zXv/X43sczOoqp7ceP+he8Y+2LX/Uz95zFndT40Y4P7v3u/7/3He/wNAL+MHV8OGVcsXLF16/n4bfux5OHXDjxv+Y8H+D+Dv/yf0fBNdz/cMDqqql22877zgA4O79v+6CTvf0/3UsAHu/x797v/hvb9XEQB4cTbz/f/pfW567f/oITfP6Nr/YyfueVn3UwP9+/9J/e7/Nd7/A0AdHZ3V/+qb6K79v3S7X1xd77rs6fv/AKB5bez/U2PfM77eddnL/gNA89rY/4WHbX9XvevyKvsPAM1rY/8f6LhyXr3rsrf9B4DmtbH/s88Z+1C967KP/QeA5rWx/+MuOm1Zveuyr/0HgOa1sf+3nLhmVb3rMtn+A0Dz2tj/k0c8/nS96zLF/gNA89rY/+/udfwZ9a7LfvYfAJrXxv5/+eB9H6t3XabafwBoXhv7P2XMNbPrXZdp9h8AmtfG/n/0vEOvr3dd9rf/ANC8NvZ/zJzPT6t3XQ6w/wDQvDb2/+0nf/3yetflQPsPAM1rY/+fv/jwMfWuy3T7DwDNa2P/Vz6w69x61+Ug+w8AzWtj/2c9ecXD9a7LDPsPAM1rY//3eOapJfWuy6vtPwA0r439/9x3Tl1d77ocbP8BoHlt7P+oa54fXe+6vMb+A0Dz2tj/91265Kp61+UQ+w8AzWtj/39w5aiJ9a7LofYfAJrXxv6/7Qsr7qh3XQ6z/wDQvDb2/5tPTJtV77ocbv8BoHlt7P9JX7nne/Wuy0z7DwDNa2P/D3jkvgX1rssR9h8AmtfG/t/7kznP1rsuR9p/AGheG/v/8vd+a9d61+W19h8AmtfG/n/is/M+WO+6vM7+A0Dz2tj/n31pwv71rstRL7T/pcHPEQCyaWP/l3zs1uvqXZejvf8HgOa1sf+de/90Vb3rcoz9B4DmtbH/949617J616XD/gNA89rY/5tfMeShetflWPsPAM1rY//HH/LhefWuyyz7DwDNa2P/V8za6a5612W2/QeA5rWx/9ue/anx9a7LHPsPAM1rY//PXP7E1fWuS6f9B4DmtbH/P5q7eES963Kc/QeA5rWx/7uMnD+m3nU53v4DQPPa2P8rJj1yeb3r8nr7DwDNa2P/fz7jtmn1rssb7D8ANK+N/V+2y7jr612XN9p/AGheG/v/7cX3zq53Xd5k/wGgeW3s//zjpjxW77qcYP8BoHlt7P/U+Z1n1Lsub7b/ANC8Nvb/7neufLredXmL/QeA5rWx/5fd/+k76l2XE+0/ADSvjf3fbvUOE+tdl5PsPwA0r439P/XZc6+qd13m2n8AaF4b+//DR1eNrndd3mr/AaB5bex/x7UXr653XU62/wDQvDb2/6srfryk3nWZZ/8BoHlt7P9tH7n84XrXZb79B4DmtbH/E++s5ta7LqfYfwBo3gUXXnTOgkWLFp7vAx/4wAcbP9jS/88EAAA07Zd/6N/SnwkAAAAAAAAAAAAAAAAAAADk1ca/TmxL/zMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/8MOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAgvytVxigAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOArAAD//1NT3B0=") quotactl$Q_SETQUOTA(0xffffffff80000802, &(0x7f0000000200)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000240)={0x104, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4040c405}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000080), 0x208e24b) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0xffc9) write$binfmt_script(r2, &(0x7f0000000140), 0xfcb8) 509.224002ms ago: executing program 1 (id=1523): get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x4) 360.494186ms ago: executing program 0 (id=1524): syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='./file1\x00', 0x208400, &(0x7f0000000500)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c636f6465706167653d69736f383835392d392c747970653d8806e6d92c007c3da50838b213e45c60dfa80dde3ce87abe5e338e4e6a59adcbbcd8c1298ca6754466db1a8a1278dabca7f2fe40cf27dc1fb941304798bf42ba7569909de3630242504efec00c875fa448eb7bdaa7ba31d37ec3e7d64cd77624a0da2b05469cfb6ff12378569cc8b28d1168e0b17c24be8bc7e84cc44764d86c47497b7f98bc4582fe16504124539d5e1c09b9294efa2dd7"], 0x1, 0x2e5, &(0x7f00000001c0)="$eJzs3U9rE08cx/HPbJI27a/0t/0jghelWtBLsepBvEQkV++eRG1SKIaKbQX1YisexQfg3afgg/Ci+AT05MkH0IOwMpPJZtPsbpLSJE19vyBhMzsz+x1mNzvfRRsB+Gfdq/74dPOXfRmpoIKkO1IgqSwVJZ3T+fKL7b2tvUa9ltdRwbWwL6NmS9NVZ2O7ntbUtnMtvNB+KmouWZZkunvGMUVRdPdnXoXC6GLB+JiMmQ6kaX8duv3lEcc1LPvSxXHHMGrJCTaHOtRLzY8xHADAKeDv/4G/Tcy5IqMgkFb9bf9M3f8Pxx3AybrV6CqKchsk7v9udRcZO7//u13tfM8lWnZ/0MoS+wmmdOTzlJpnVscC0/TKKl0swczmVlFrGweqBXqripeotuzea81Tt6VHtCspuWmO7N5Kuj/bHI1bUR7VCmlzq1GfthuJ+FsRLA12xDwzfdUyX8w389CE+qhavP4rRsZOk5up8MhMBSUb//XsHv9zrWwt+YFVKpWgo8qCO8gFfwSvxyjLPXLPhfZDg/04grw43bEX1flYoTm69R6tltJahfGnjFbLHa0K/kxY23jWyH2UMhytIZoP5oFZ0W99VjWx/g9sfKtKXJl5X/XG1fRnRnM8U+k1i65m2HXnaF8ul+IIvOmBxwYp62lZhvd6otua3331+mmh0ajv2I3HKRvP53aMLym9k1LrDH+joJw62m+XRNabKOq352iYwV870Q7t90dcYi+ftMr2KotLglFP06Ru/BmwVfWr8k7IydmIIilj19C+p3CK7JrWpLuPxT4XkTg77LrLNPM/t5L3qzqXoNi3MGednp9kqqPH9TiD61wKLrr32YEyuP6OeCMjZ3Q51+Wr0pVEoVHuEUMf5xlhqvquRzz/BwAAAAAAAAAAAAAAAAAAmDTJf/R/MKT/aTDuMQIAAAAAAAAAAAAAAAAAAAAAMOmO9fu/aX8j3v3+bziS3/8FcDL+BgAA//9Id3lt") listxattr(&(0x7f0000000040)='./file1\x00', 0x0, 0x0) 320.094725ms ago: executing program 1 (id=1525): r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80080400) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @empty}, 0x10) getsockopt$inet_int(r1, 0x10d, 0xf8, &(0x7f0000000000), &(0x7f0000000080)=0x4) 156.953836ms ago: executing program 0 (id=1526): syz_mount_image$erofs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="00058639aa6f0bfbe4b28434ef119376977b00fffbcec7a5fc1f5a72d4fe24156a9f971990e4f372b7"], 0x0, 0x17d, &(0x7f0000000380)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA") mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f0000000b80)='./bus\x00') chdir(&(0x7f0000000140)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000300)=""/104, 0x68) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 0s ago: executing program 1 (id=1527): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x2d) r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setuid(r1) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1adc51, 0x0) mount(0x0, &(0x7f0000000040)='./file0/../file0/../file0\x00', &(0x7f0000000000)='hugetlbfs\x00', 0x0, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00') r4 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0) sendfile(r4, r3, 0x0, 0x80000000) kernel console output (not intermixed with test programs): 9.326960][ C0] 2 locks held by getty/4987: [ 439.331637][ C0] #0: ffff88802b1470a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 439.341392][ C0] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 439.351494][ C0] 4 locks held by udevd/5246: [ 439.356149][ C0] #0: ffff88801f1c0418 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xb7/0xd60 [ 439.364945][ C0] #1: ffff88802d6fe888 (&of->mutex#2){+.+.}-{3:3}, at: kernfs_seq_start+0x53/0x3b0 [ 439.374359][ C0] #2: ffff8880222f12d8 (kn->active#5){++++}-{0:0}, at: kernfs_seq_start+0x72/0x3b0 [ 439.383771][ C0] #3: ffff888023b4d0e8 (&dev->mutex){....}-{3:3}, at: uevent_show+0x17d/0x340 [ 439.392747][ C0] 3 locks held by kworker/0:5/5284: [ 439.397922][ C0] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 439.408896][ C0] #1: ffffc900043d7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 439.419879][ C0] #2: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 439.428861][ C0] 7 locks held by syz-executor/10198: [ 439.434208][ C0] #0: ffff88801ecc4420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 439.443099][ C0] #1: ffff88801ecb4488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 439.452842][ C0] #2: ffff88802381e2d8 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 439.462855][ C0] #3: ffffffff8f51f608 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 439.473207][ C0] #4: ffff888023b4d0e8 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8e/0x520 [ 439.482514][ C0] #5: ffff8880121f1250 (&devlink->lock_key#21){+.+.}-{3:3}, at: nsim_drv_probe+0xcb/0xb80 [ 439.492539][ C0] #6: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 439.502558][ C0] 1 lock held by syz.0.1343/10552: [ 439.507651][ C0] #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 439.517069][ C0] 1 lock held by syz-executor/10559: [ 439.522354][ C0] #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 439.531767][ C0] 2 locks held by syz.3.1346/10564: [ 439.536943][ C0] #0: ffffffff8fce80d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 439.545131][ C0] #1: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_doit+0x567/0xd80 [ 439.554621][ C0] 5 locks held by syz.4.1350/10581: [ 439.559811][ C0] #0: ffff888016a82420 (sb_writers#5){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 439.568696][ C0] #1: ffff8880235a29f8 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}, at: shmem_file_write_iter+0x83/0x120 [ 439.579838][ C0] #2: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: get_mem_cgroup_from_mm+0x38/0x2a0 [ 439.589857][ C0] #3: ffffc90000007c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 439.599958][ C0] #4: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 439.609808][ C0] [ 439.612119][ C0] ============================================= [ 439.612119][ C0] [ 439.793608][T10581] loop4: detected capacity change from 0 to 32768 [ 439.888710][T10581] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 440.018993][T10581] XFS (loop4): Ending clean mount [ 440.028650][T10581] XFS (loop4): Quotacheck needed: Please wait. [ 440.138561][T10581] XFS (loop4): Quotacheck: Done. [ 440.173248][ T8472] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 440.281345][ T1264] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.287682][ T1264] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.668515][ C0] DEBUG: waiting rtnl_mutex for 1672 jiffies. [ 440.674651][ C0] task:kworker/0:5 state:D stack:20720 pid:5284 tgid:5284 ppid:2 flags:0x00004000 [ 440.684954][ C0] Workqueue: events linkwatch_event [ 440.690219][ C0] Call Trace: [ 440.693508][ C0] [ 440.696523][ C0] __schedule+0x1800/0x4a60 [ 440.701222][ C0] ? __pfx___schedule+0x10/0x10 [ 440.706152][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 440.712209][ C0] ? __pfx_lock_release+0x10/0x10 [ 440.717288][ C0] ? kick_pool+0x1bd/0x620 [ 440.721854][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 440.727113][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 440.732454][ C0] ? schedule+0x90/0x320 [ 440.736770][ C0] schedule+0x14b/0x320 [ 440.741068][ C0] schedule_preempt_disabled+0x13/0x30 [ 440.746612][ C0] __mutex_lock+0x6a4/0xd70 [ 440.751259][ C0] ? __mutex_lock+0x527/0xd70 [ 440.755978][ C0] ? linkwatch_event+0xe/0x60 [ 440.760703][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 440.765750][ C0] ? get_rtnl_holder+0x144/0x190 [ 440.770750][ C0] ? process_scheduled_works+0x945/0x1830 [ 440.776530][ C0] linkwatch_event+0xe/0x60 [ 440.781150][ C0] process_scheduled_works+0xa2c/0x1830 [ 440.786867][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 440.792991][ C0] ? assign_work+0x364/0x3d0 [ 440.797678][ C0] worker_thread+0x86d/0xd40 [ 440.802369][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 440.808338][ C0] ? __kthread_parkme+0x169/0x1d0 [ 440.813392][ C0] ? __pfx_worker_thread+0x10/0x10 [ 440.818586][ C0] kthread+0x2f0/0x390 [ 440.822773][ C0] ? __pfx_worker_thread+0x10/0x10 [ 440.827942][ C0] ? __pfx_kthread+0x10/0x10 [ 440.832643][ C0] ret_from_fork+0x4b/0x80 [ 440.837087][ C0] ? __pfx_kthread+0x10/0x10 [ 440.841729][ C0] ret_from_fork_asm+0x1a/0x30 [ 440.846552][ C0] [ 440.849639][ C0] DEBUG: waiting rtnl_mutex for 1082 jiffies. [ 440.855722][ C0] task:kworker/u8:0 state:D stack:20408 pid:11 tgid:11 ppid:2 flags:0x00004000 [ 440.866014][ C0] Workqueue: ipv6_addrconf addrconf_verify_work [ 440.872392][ C0] Call Trace: [ 440.875752][ C0] [ 440.878813][ C0] __schedule+0x1800/0x4a60 [ 440.883397][ C0] ? __pfx___schedule+0x10/0x10 [ 440.888364][ C0] ? __pfx_lock_release+0x10/0x10 [ 440.893465][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 440.899083][ C0] ? kthread_data+0x52/0xd0 [ 440.903673][ C0] ? schedule+0x90/0x320 [ 440.908008][ C0] ? wq_worker_sleeping+0x66/0x240 [ 440.913291][ C0] ? schedule+0x90/0x320 [ 440.917624][ C0] schedule+0x14b/0x320 [ 440.921901][ C0] schedule_preempt_disabled+0x13/0x30 [ 440.927439][ C0] __mutex_lock+0x6a4/0xd70 [ 440.932101][ C0] ? __mutex_lock+0x527/0xd70 [ 440.936867][ C0] ? addrconf_verify_work+0x19/0x30 [ 440.942230][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 440.947348][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 440.953484][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 440.959969][ C0] ? get_rtnl_holder+0x144/0x190 [ 440.964999][ C0] ? process_scheduled_works+0x945/0x1830 [ 440.970849][ C0] addrconf_verify_work+0x19/0x30 [ 440.975978][ C0] process_scheduled_works+0xa2c/0x1830 [ 440.981681][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 440.987699][ C0] ? assign_work+0x364/0x3d0 [ 440.992366][ C0] worker_thread+0x86d/0xd40 [ 440.997012][ C0] ? __kthread_parkme+0x169/0x1d0 [ 441.002153][ C0] ? __pfx_worker_thread+0x10/0x10 [ 441.007328][ C0] kthread+0x2f0/0x390 [ 441.011507][ C0] ? __pfx_worker_thread+0x10/0x10 [ 441.016678][ C0] ? __pfx_kthread+0x10/0x10 [ 441.021290][ C0] ret_from_fork+0x4b/0x80 [ 441.025697][ C0] ? __pfx_kthread+0x10/0x10 [ 441.030292][ C0] ret_from_fork_asm+0x1a/0x30 [ 441.035053][ C0] [ 441.038078][ C0] DEBUG: waiting rtnl_mutex for 900 jiffies. [ 441.044056][ C0] task:syz.0.1343 state:D stack:26816 pid:10552 tgid:10551 ppid:8808 flags:0x00004004 [ 441.054223][ C0] Call Trace: [ 441.057485][ C0] [ 441.060423][ C0] __schedule+0x1800/0x4a60 [ 441.064927][ C0] ? __pfx___schedule+0x10/0x10 [ 441.069786][ C0] ? __pfx_lock_release+0x10/0x10 [ 441.074800][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 441.080272][ C0] ? schedule+0x90/0x320 [ 441.084517][ C0] schedule+0x14b/0x320 [ 441.088683][ C0] schedule_preempt_disabled+0x13/0x30 [ 441.094128][ C0] __mutex_lock+0x6a4/0xd70 [ 441.098642][ C0] ? __mutex_lock+0x527/0xd70 [ 441.103305][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 441.108435][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 441.113453][ C0] ? get_rtnl_holder+0x144/0x190 [ 441.118420][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 441.123369][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 441.128493][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 441.133944][ C0] ? ref_tracker_free+0x643/0x7e0 [ 441.138991][ C0] netlink_rcv_skb+0x1e3/0x430 [ 441.143767][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 441.149237][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 441.154521][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 441.158532][ T54] Bluetooth: hci7: command tx timeout [ 441.159728][ C0] netlink_unicast+0x7f6/0x990 [ 441.169861][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 441.175133][ C0] ? __virt_addr_valid+0x183/0x530 [ 441.180250][ C0] ? __check_object_size+0x49c/0x900 [ 441.185522][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 441.190643][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 441.195400][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 441.200694][ C0] ? __import_iovec+0x536/0x820 [ 441.205531][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 441.210483][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 441.215760][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 441.221224][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 441.226509][ C0] __sock_sendmsg+0x221/0x270 [ 441.231201][ C0] ____sys_sendmsg+0x525/0x7d0 [ 441.235973][ C0] ? __pfx_____sys_sendmsg+0x10/0x10 [ 441.241287][ C0] __sys_sendmsg+0x2b0/0x3a0 [ 441.245865][ C0] ? __pfx___sys_sendmsg+0x10/0x10 [ 441.251006][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 441.257324][ C0] ? do_syscall_64+0x100/0x230 [ 441.262097][ C0] ? do_syscall_64+0xb6/0x230 [ 441.266767][ C0] do_syscall_64+0xf3/0x230 [ 441.271279][ C0] ? clear_bhb_loop+0x35/0x90 [ 441.275949][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.281861][ C0] RIP: 0033:0x7f9b56b75f19 [ 441.286262][ C0] RSP: 002b:00007f9b57929048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 441.294683][ C0] RAX: ffffffffffffffda RBX: 00007f9b56d05f60 RCX: 00007f9b56b75f19 [ 441.302661][ C0] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 441.310639][ C0] RBP: 00007f9b56be4e68 R08: 0000000000000000 R09: 0000000000000000 [ 441.318618][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 441.326585][ C0] R13: 000000000000000b R14: 00007f9b56d05f60 R15: 00007fff4b5cd4c8 [ 441.334593][ C0] [ 441.337629][ C0] DEBUG: waiting rtnl_mutex for 845 jiffies. [ 441.343606][ C0] task:syz-executor state:D stack:24992 pid:10559 tgid:10559 ppid:10546 flags:0x00000000 [ 441.353775][ C0] Call Trace: [ 441.357036][ C0] [ 441.359976][ C0] __schedule+0x1800/0x4a60 [ 441.364478][ C0] ? __pfx___schedule+0x10/0x10 [ 441.369340][ C0] ? __pfx_lock_release+0x10/0x10 [ 441.374353][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 441.379824][ C0] ? schedule+0x90/0x320 [ 441.384056][ C0] schedule+0x14b/0x320 [ 441.388202][ C0] schedule_preempt_disabled+0x13/0x30 [ 441.393671][ C0] __mutex_lock+0x6a4/0xd70 [ 441.398169][ C0] ? __mutex_lock+0x527/0xd70 [ 441.402857][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 441.407955][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 441.413001][ C0] ? get_rtnl_holder+0x144/0x190 [ 441.417927][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 441.422875][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 441.427973][ C0] ? __lock_acquire+0x1384/0x2050 [ 441.433011][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 441.438501][ C0] netlink_rcv_skb+0x1e3/0x430 [ 441.443264][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 441.448847][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 441.454134][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 441.459361][ C0] netlink_unicast+0x7f6/0x990 [ 441.464118][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 441.469409][ C0] ? __virt_addr_valid+0x183/0x530 [ 441.474507][ C0] ? __check_object_size+0x49c/0x900 [ 441.479796][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 441.484914][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 441.489694][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 441.495053][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 441.500001][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 441.505267][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 441.510734][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 441.516007][ C0] __sock_sendmsg+0x221/0x270 [ 441.520694][ C0] __sys_sendto+0x3a4/0x4f0 [ 441.525185][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 441.530230][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 441.536205][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 441.542546][ C0] ? exc_page_fault+0x590/0x8c0 [ 441.547383][ C0] __x64_sys_sendto+0xde/0x100 [ 441.552163][ C0] do_syscall_64+0xf3/0x230 [ 441.556655][ C0] ? clear_bhb_loop+0x35/0x90 [ 441.561346][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.567226][ C0] RIP: 0033:0x7f3444d77cac [ 441.571653][ C0] RSP: 002b:00007ffcc5ff20d0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 441.580100][ C0] RAX: ffffffffffffffda RBX: 00007f3445a34620 RCX: 00007f3444d77cac [ 441.588057][ C0] RDX: 0000000000000028 RSI: 00007f3445a34670 RDI: 0000000000000003 [ 441.596034][ C0] RBP: 0000000000000000 R08: 00007ffcc5ff2124 R09: 000000000000000c [ 441.604099][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 441.612077][ C0] R13: 0000000000000000 R14: 00007f3445a34670 R15: 0000000000000000 [ 441.620067][ C0] [ 441.623097][ C0] DEBUG: waiting rtnl_mutex for 704 jiffies. [ 441.629076][ C0] task:syz.3.1346 state:D stack:25456 pid:10564 tgid:10563 ppid:8366 flags:0x00000004 [ 441.639273][ C0] Call Trace: [ 441.642541][ C0] [ 441.645483][ C0] __schedule+0x1800/0x4a60 [ 441.650010][ C0] ? __pfx___schedule+0x10/0x10 [ 441.654853][ C0] ? __pfx_lock_release+0x10/0x10 [ 441.659886][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 441.665336][ C0] ? schedule+0x90/0x320 [ 441.669589][ C0] schedule+0x14b/0x320 [ 441.673736][ C0] schedule_preempt_disabled+0x13/0x30 [ 441.679199][ C0] __mutex_lock+0x6a4/0xd70 [ 441.683695][ C0] ? __mutex_lock+0x527/0xd70 [ 441.688356][ C0] ? ethnl_default_doit+0x567/0xd80 [ 441.693581][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 441.698623][ C0] ? rcu_is_watching+0x15/0xb0 [ 441.703401][ C0] ? get_rtnl_holder+0x144/0x190 [ 441.708330][ C0] ethnl_default_doit+0x567/0xd80 [ 441.713375][ C0] ? __pfx_ethnl_default_doit+0x10/0x10 [ 441.718966][ C0] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 441.725289][ C0] genl_rcv_msg+0xb14/0xec0 [ 441.729799][ C0] ? mark_lock+0x9a/0x360 [ 441.734123][ C0] ? __pfx_genl_rcv_msg+0x10/0x10 [ 441.739174][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 441.744191][ C0] ? __pfx_ethnl_default_doit+0x10/0x10 [ 441.749753][ C0] ? __pfx___might_resched+0x10/0x10 [ 441.755036][ C0] netlink_rcv_skb+0x1e3/0x430 [ 441.759811][ C0] ? __pfx_genl_rcv_msg+0x10/0x10 [ 441.764827][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 441.770145][ C0] ? __netlink_deliver_tap+0x77e/0x7c0 [ 441.775611][ C0] genl_rcv+0x28/0x40 [ 441.779602][ C0] netlink_unicast+0x7f6/0x990 [ 441.784365][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 441.789659][ C0] ? __virt_addr_valid+0x183/0x530 [ 441.794759][ C0] ? __check_object_size+0x49c/0x900 [ 441.800055][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 441.805158][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 441.809948][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 441.815750][ C0] ? __import_iovec+0x536/0x820 [ 441.820608][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 441.825543][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 441.830845][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 441.836294][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 441.841598][ C0] __sock_sendmsg+0x221/0x270 [ 441.846275][ C0] ____sys_sendmsg+0x525/0x7d0 [ 441.851054][ C0] ? __pfx_____sys_sendmsg+0x10/0x10 [ 441.856334][ C0] __sys_sendmsg+0x2b0/0x3a0 [ 441.860934][ C0] ? __pfx___sys_sendmsg+0x10/0x10 [ 441.866056][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 441.872409][ C0] ? do_syscall_64+0x100/0x230 [ 441.877203][ C0] ? do_syscall_64+0xb6/0x230 [ 441.881900][ C0] do_syscall_64+0xf3/0x230 [ 441.886405][ C0] ? clear_bhb_loop+0x35/0x90 [ 441.891099][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.896982][ C0] RIP: 0033:0x7f36a7975f19 [ 441.901436][ C0] RSP: 002b:00007f36a86f2048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 441.909856][ C0] RAX: ffffffffffffffda RBX: 00007f36a7b05f60 RCX: 00007f36a7975f19 [ 441.917817][ C0] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000007 [ 441.925792][ C0] RBP: 00007f36a79e4e68 R08: 0000000000000000 R09: 0000000000000000 [ 441.933768][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 441.941752][ C0] R13: 000000000000000b R14: 00007f36a7b05f60 R15: 00007ffdea9e4db8 [ 441.949766][ C0] [ 441.952790][ C0] DEBUG: waiting rtnl_mutex for 1844 jiffies. [ 441.958863][ C0] task:syz-executor state:D stack:21728 pid:10198 tgid:10198 ppid:10171 flags:0x00004000 [ 441.969066][ C0] Call Trace: [ 441.972346][ C0] [ 441.975268][ C0] __schedule+0x1800/0x4a60 [ 441.979801][ C0] ? __pfx___schedule+0x10/0x10 [ 441.984641][ C0] ? __pfx_lock_release+0x10/0x10 [ 441.989679][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 441.995128][ C0] ? schedule+0x90/0x320 [ 441.999378][ C0] schedule+0x14b/0x320 [ 442.003521][ C0] schedule_preempt_disabled+0x13/0x30 [ 442.009003][ C0] __mutex_lock+0x6a4/0xd70 [ 442.013500][ C0] ? __mutex_lock+0x527/0xd70 [ 442.018168][ C0] ? register_nexthop_notifier+0x84/0x290 [ 442.023896][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 442.028927][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 442.035248][ C0] ? get_rtnl_holder+0x144/0x190 [ 442.040199][ C0] register_nexthop_notifier+0x84/0x290 [ 442.045737][ C0] ? devlink_resource_find+0xba/0xf0 [ 442.051048][ C0] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 442.057197][ C0] ? devlink_resource_find+0xc4/0xf0 [ 442.062589][ C0] nsim_fib_create+0x8a6/0xa70 [ 442.067351][ C0] ? __pfx_nsim_fib_create+0x10/0x10 [ 442.072649][ C0] nsim_drv_probe+0x747/0xb80 [ 442.077321][ C0] ? __pfx_nsim_drv_probe+0x10/0x10 [ 442.082528][ C0] ? kernfs_create_link+0x187/0x1f0 [ 442.087714][ C0] ? sysfs_do_create_link_sd+0xdd/0x110 [ 442.093273][ C0] ? driver_sysfs_add+0x1de/0x1f0 [ 442.098286][ C0] ? really_probe+0x147/0xad0 [ 442.102978][ C0] ? __pfx_nsim_bus_probe+0x10/0x10 [ 442.108188][ C0] really_probe+0x2b8/0xad0 [ 442.112706][ C0] __driver_probe_device+0x1a2/0x390 [ 442.117983][ C0] driver_probe_device+0x50/0x430 [ 442.123027][ C0] __device_attach_driver+0x2d6/0x530 [ 442.128387][ C0] bus_for_each_drv+0x24e/0x2e0 [ 442.133244][ C0] ? __pfx___device_attach_driver+0x10/0x10 [ 442.139225][ C0] ? __pfx_bus_for_each_drv+0x10/0x10 [ 442.144592][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 442.149761][ C0] __device_attach+0x333/0x520 [ 442.154519][ C0] ? __pfx___device_attach+0x10/0x10 [ 442.159816][ C0] bus_probe_device+0x189/0x260 [ 442.164656][ C0] device_add+0x856/0xbf0 [ 442.168998][ C0] new_device_store+0x3f3/0x890 [ 442.173834][ C0] ? kernfs_fop_write_iter+0x1eb/0x500 [ 442.179302][ C0] ? __pfx_new_device_store+0x10/0x10 [ 442.184666][ C0] ? sysfs_kf_write+0x182/0x2a0 [ 442.189521][ C0] ? bus_attr_store+0x4f/0xa0 [ 442.194188][ C0] ? __pfx_sysfs_kf_write+0x10/0x10 [ 442.199388][ C0] kernfs_fop_write_iter+0x3a1/0x500 [ 442.204667][ C0] vfs_write+0xa72/0xc90 [ 442.208921][ C0] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 442.214714][ C0] ? __pfx_vfs_write+0x10/0x10 [ 442.219488][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 442.225457][ C0] ksys_write+0x1a0/0x2c0 [ 442.229801][ C0] ? __pfx_ksys_write+0x10/0x10 [ 442.234641][ C0] ? do_syscall_64+0x100/0x230 [ 442.239502][ C0] ? do_syscall_64+0xb6/0x230 [ 442.244167][ C0] do_syscall_64+0xf3/0x230 [ 442.248702][ C0] ? clear_bhb_loop+0x35/0x90 [ 442.253388][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 442.259297][ C0] RIP: 0033:0x7f108d174a9f [ 442.263695][ C0] RSP: 002b:00007ffe01e870b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 442.272198][ C0] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f108d174a9f [ 442.280174][ C0] RDX: 0000000000000003 RSI: 00007ffe01e87100 RDI: 0000000000000005 [ 442.288126][ C0] RBP: 00007f108d1e45d6 R08: 0000000000000000 R09: 00007ffe01e86f07 [ 442.296097][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 442.304070][ C0] R13: 00007ffe01e87100 R14: 00007f108de34620 R15: 0000000000000003 [ 442.312050][ C0] [ 442.315052][ C0] DEBUG: holding rtnl_mutex for 1877 jiffies. [ 442.321112][ C0] task:kworker/u8:13 state:D stack:19992 pid:4588 tgid:4588 ppid:2 flags:0x00004000 [ 442.331275][ C0] Workqueue: netns cleanup_net [ 442.336636][ C0] Call Trace: [ 442.339917][ C0] [ 442.342836][ C0] __schedule+0x1800/0x4a60 [ 442.347334][ C0] ? __pfx___schedule+0x10/0x10 [ 442.352194][ C0] ? __pfx_lock_release+0x10/0x10 [ 442.357206][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 442.363110][ C0] ? kthread_data+0x52/0xd0 [ 442.367601][ C0] ? wq_worker_sleeping+0x66/0x240 [ 442.372714][ C0] ? schedule+0x90/0x320 [ 442.376944][ C0] schedule+0x14b/0x320 [ 442.381107][ C0] synchronize_rcu_expedited+0x684/0x830 [ 442.386727][ C0] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 442.392892][ C0] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 442.398188][ C0] ? __pfx___might_resched+0x10/0x10 [ 442.403480][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 442.409464][ C0] ? __pfx_autoremove_wake_function+0x10/0x10 [ 442.415517][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 442.421858][ C0] synchronize_rcu+0x11b/0x360 [ 442.426603][ C0] ? __pfx_synchronize_rcu+0x10/0x10 [ 442.431897][ C0] lockdep_unregister_key+0x4b7/0x540 [ 442.437257][ C0] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 442.443157][ C0] ? rcu_is_watching+0x15/0xb0 [ 442.447899][ C0] ? qdisc_reset+0x3bf/0x5b0 [ 442.452495][ C0] __qdisc_destroy+0x165/0x410 [ 442.457251][ C0] dev_shutdown+0x357/0x450 [ 442.461765][ C0] unregister_netdevice_many_notify+0x97b/0x1c40 [ 442.468085][ C0] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 442.474864][ C0] ? unregister_netdevice_queue+0x26b/0x370 [ 442.480765][ C0] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 442.486907][ C0] default_device_exit_batch+0xa0f/0xa90 [ 442.492556][ C0] ? __pfx___might_resched+0x10/0x10 [ 442.497825][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 442.503986][ C0] ? cfg802154_pernet_exit+0xc3/0xe0 [ 442.509272][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 442.515429][ C0] cleanup_net+0x89d/0xcc0 [ 442.519854][ C0] ? __pfx_cleanup_net+0x10/0x10 [ 442.524777][ C0] ? process_scheduled_works+0x945/0x1830 [ 442.530499][ C0] process_scheduled_works+0xa2c/0x1830 [ 442.536043][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 442.542031][ C0] ? assign_work+0x364/0x3d0 [ 442.546629][ C0] worker_thread+0x86d/0xd40 [ 442.551231][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 442.557115][ C0] ? __kthread_parkme+0x169/0x1d0 [ 442.562155][ C0] ? __pfx_worker_thread+0x10/0x10 [ 442.567256][ C0] kthread+0x2f0/0x390 [ 442.571329][ C0] ? __pfx_worker_thread+0x10/0x10 [ 442.576422][ C0] ? __pfx_kthread+0x10/0x10 [ 442.581012][ C0] ret_from_fork+0x4b/0x80 [ 442.585413][ C0] ? __pfx_kthread+0x10/0x10 [ 442.590002][ C0] ret_from_fork_asm+0x1a/0x30 [ 442.594760][ C0] [ 442.597761][ C0] [ 442.597761][ C0] Showing all locks held in the system: [ 442.605476][ C0] 3 locks held by kworker/u8:0/11: [ 442.610843][ C0] #0: ffff88802aa64948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 442.622429][ C0] #1: ffffc90000107d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 442.636092][ C0] #2: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 442.645585][ C0] 5 locks held by kworker/u8:1/12: [ 442.650693][ C0] 2 locks held by kworker/u8:2/35: [ 442.655805][ C0] 5 locks held by kworker/u8:13/4588: [ 442.661180][ C0] #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 442.672064][ C0] #1: ffffc9000ced7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 442.682599][ C0] #2: ffffffff8fc75b10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 442.692002][ C0] #3: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90 [ 442.702017][ C0] #4: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 442.712902][ C0] 2 locks held by getty/4987: [ 442.717560][ C0] #0: ffff88802b1470a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 442.727309][ C0] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 442.737406][ C0] 4 locks held by udevd/5246: [ 442.742077][ C0] #0: ffff88801f1c0418 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xb7/0xd60 [ 442.750873][ C0] #1: ffff88802d6fe888 (&of->mutex#2){+.+.}-{3:3}, at: kernfs_seq_start+0x53/0x3b0 [ 442.760305][ C0] #2: ffff8880222f12d8 (kn->active#5){++++}-{0:0}, at: kernfs_seq_start+0x72/0x3b0 [ 442.769770][ C0] #3: ffff888023b4d0e8 (&dev->mutex){....}-{3:3}, at: uevent_show+0x17d/0x340 [ 442.778744][ C0] 6 locks held by kworker/1:4/5280: [ 442.783918][ C0] 3 locks held by kworker/0:5/5284: [ 442.789109][ C0] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 442.800075][ C0] #1: ffffc900043d7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 442.811039][ C0] #2: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 442.820008][ C0] 3 locks held by kworker/0:7/5341: [ 442.825189][ C0] 7 locks held by syz-executor/10198: [ 442.830552][ C0] #0: ffff88801ecc4420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 442.839442][ C0] #1: ffff88801ecb4488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 442.849190][ C0] #2: ffff88802381e2d8 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 442.859203][ C0] #3: ffffffff8f51f608 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 442.869567][ C0] #4: ffff888023b4d0e8 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8e/0x520 [ 442.878931][ C0] #5: ffff8880121f1250 (&devlink->lock_key#21){+.+.}-{3:3}, at: nsim_drv_probe+0xcb/0xb80 [ 442.888951][ C0] #6: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 442.898966][ C0] 1 lock held by syz.0.1343/10552: [ 442.904056][ C0] #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 442.913462][ C0] 1 lock held by syz-executor/10559: [ 442.918740][ C0] #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 442.928126][ C0] 2 locks held by syz.3.1346/10564: [ 442.933327][ C0] #0: ffffffff8fce80d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 442.941532][ C0] #1: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_doit+0x567/0xd80 [ 442.951028][ C0] [ 442.953335][ C0] ============================================= [ 442.953335][ C0] [ 442.969559][ T5280] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 443.208792][ T5280] usb 5-1: Using ep0 maxpacket: 16 [ 443.225174][ T5280] usb 5-1: New USB device found, idVendor=0b05, idProduct=1736, bcdDevice= d.b1 [ 443.244707][ T5280] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 443.278281][ T5280] usb 5-1: Product: syz [ 443.298418][ T5280] usb 5-1: Manufacturer: syz [ 443.320401][ T5280] usb 5-1: SerialNumber: syz [ 443.326823][ T5234] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 443.329863][ T5280] usb 5-1: config 0 descriptor?? [ 443.342341][ T5234] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 443.359099][ T5234] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 443.381621][ T5234] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 443.396479][ T5234] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 443.403984][ T5234] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 443.558141][ T5280] dvb-usb: found a 'Asus My Cinema-U3000Hybrid' in cold state, will try to load a firmware [ 443.629885][ T4588] team0 (unregistering): Port device team_slave_1 removed [ 443.656969][ T5280] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 443.680705][ T5280] dib0700: firmware download failed at 7 with -22 [ 443.881570][ T4588] team0 (unregistering): Port device team_slave_0 removed [ 443.928120][T10596] loop4: detected capacity change from 0 to 64 [ 443.959845][T10596] hfs: creator requires a 4 character value [ 443.972117][T10596] hfs: unable to parse mount options [ 444.028870][ C0] DEBUG: waiting rtnl_mutex for 2008 jiffies. [ 444.034968][ C0] task:kworker/0:5 state:D stack:20720 pid:5284 tgid:5284 ppid:2 flags:0x00004000 [ 444.045255][ C0] Workqueue: events linkwatch_event [ 444.050472][ C0] Call Trace: [ 444.053734][ C0] [ 444.056651][ C0] __schedule+0x1800/0x4a60 [ 444.061176][ C0] ? __pfx___schedule+0x10/0x10 [ 444.066010][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 444.072005][ C0] ? __pfx_lock_release+0x10/0x10 [ 444.077015][ C0] ? kick_pool+0x1bd/0x620 [ 444.081444][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 444.086623][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 444.091858][ C0] ? schedule+0x90/0x320 [ 444.096130][ C0] schedule+0x14b/0x320 [ 444.100346][ C0] schedule_preempt_disabled+0x13/0x30 [ 444.105833][ C0] __mutex_lock+0x6a4/0xd70 [ 444.110417][ C0] ? __mutex_lock+0x527/0xd70 [ 444.115084][ C0] ? linkwatch_event+0xe/0x60 [ 444.119786][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 444.124806][ C0] ? get_rtnl_holder+0x144/0x190 [ 444.129755][ C0] ? process_scheduled_works+0x945/0x1830 [ 444.135460][ C0] linkwatch_event+0xe/0x60 [ 444.139965][ C0] process_scheduled_works+0xa2c/0x1830 [ 444.145510][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 444.151518][ C0] ? assign_work+0x364/0x3d0 [ 444.156093][ C0] worker_thread+0x86d/0xd40 [ 444.160696][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 444.166581][ C0] ? __kthread_parkme+0x169/0x1d0 [ 444.171613][ C0] ? __pfx_worker_thread+0x10/0x10 [ 444.176800][ C0] kthread+0x2f0/0x390 [ 444.180873][ C0] ? __pfx_worker_thread+0x10/0x10 [ 444.185965][ C0] ? __pfx_kthread+0x10/0x10 [ 444.190557][ C0] ret_from_fork+0x4b/0x80 [ 444.194962][ C0] ? __pfx_kthread+0x10/0x10 [ 444.199561][ C0] ret_from_fork_asm+0x1a/0x30 [ 444.204316][ C0] [ 444.207315][ C0] DEBUG: waiting rtnl_mutex for 1417 jiffies. [ 444.213380][ C0] task:kworker/u8:0 state:D stack:20408 pid:11 tgid:11 ppid:2 flags:0x00004000 [ 444.223547][ C0] Workqueue: ipv6_addrconf addrconf_verify_work [ 444.229800][ C0] Call Trace: [ 444.233061][ C0] [ 444.235976][ C0] __schedule+0x1800/0x4a60 [ 444.240500][ C0] ? __pfx___schedule+0x10/0x10 [ 444.245338][ C0] ? __pfx_lock_release+0x10/0x10 [ 444.250370][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 444.255810][ C0] ? kthread_data+0x52/0xd0 [ 444.260320][ C0] ? schedule+0x90/0x320 [ 444.264547][ C0] ? wq_worker_sleeping+0x66/0x240 [ 444.269669][ C0] ? schedule+0x90/0x320 [ 444.273893][ C0] schedule+0x14b/0x320 [ 444.278032][ C0] schedule_preempt_disabled+0x13/0x30 [ 444.283496][ C0] __mutex_lock+0x6a4/0xd70 [ 444.287992][ C0] ? __mutex_lock+0x527/0xd70 [ 444.292680][ C0] ? addrconf_verify_work+0x19/0x30 [ 444.297891][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 444.302937][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 444.308931][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 444.315246][ C0] ? get_rtnl_holder+0x144/0x190 [ 444.320204][ C0] ? process_scheduled_works+0x945/0x1830 [ 444.326254][ C0] addrconf_verify_work+0x19/0x30 [ 444.331287][ C0] process_scheduled_works+0xa2c/0x1830 [ 444.336832][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 444.342834][ C0] ? assign_work+0x364/0x3d0 [ 444.347605][ C0] worker_thread+0x86d/0xd40 [ 444.352241][ C0] ? __kthread_parkme+0x169/0x1d0 [ 444.357253][ C0] ? __pfx_worker_thread+0x10/0x10 [ 444.362374][ C0] kthread+0x2f0/0x390 [ 444.366429][ C0] ? __pfx_worker_thread+0x10/0x10 [ 444.371551][ C0] ? __pfx_kthread+0x10/0x10 [ 444.376121][ C0] ret_from_fork+0x4b/0x80 [ 444.380553][ C0] ? __pfx_kthread+0x10/0x10 [ 444.385122][ C0] ret_from_fork_asm+0x1a/0x30 [ 444.389901][ C0] [ 444.392903][ C0] DEBUG: waiting rtnl_mutex for 1236 jiffies. [ 444.398992][ C0] task:syz.0.1343 state:D stack:26816 pid:10552 tgid:10551 ppid:8808 flags:0x00004004 [ 444.409201][ C0] Call Trace: [ 444.412467][ C0] [ 444.415384][ C0] __schedule+0x1800/0x4a60 [ 444.419919][ C0] ? __pfx___schedule+0x10/0x10 [ 444.424755][ C0] ? __pfx_lock_release+0x10/0x10 [ 444.429792][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 444.435239][ C0] ? schedule+0x90/0x320 [ 444.439492][ C0] schedule+0x14b/0x320 [ 444.443633][ C0] schedule_preempt_disabled+0x13/0x30 [ 444.449105][ C0] __mutex_lock+0x6a4/0xd70 [ 444.453597][ C0] ? __mutex_lock+0x527/0xd70 [ 444.458255][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 444.463374][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 444.468387][ C0] ? get_rtnl_holder+0x144/0x190 [ 444.473339][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 444.478263][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 444.483383][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 444.488872][ C0] ? ref_tracker_free+0x643/0x7e0 [ 444.493891][ C0] netlink_rcv_skb+0x1e3/0x430 [ 444.498641][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 444.504113][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 444.509417][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 444.514609][ C0] netlink_unicast+0x7f6/0x990 [ 444.519409][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 444.524675][ C0] ? __virt_addr_valid+0x183/0x530 [ 444.529794][ C0] ? __check_object_size+0x49c/0x900 [ 444.535061][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 444.540183][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 444.544945][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 444.550262][ C0] ? __import_iovec+0x536/0x820 [ 444.555099][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 444.560044][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 444.565310][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 444.570772][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 444.576045][ C0] __sock_sendmsg+0x221/0x270 [ 444.580738][ C0] ____sys_sendmsg+0x525/0x7d0 [ 444.585496][ C0] ? __pfx_____sys_sendmsg+0x10/0x10 [ 444.590794][ C0] __sys_sendmsg+0x2b0/0x3a0 [ 444.595372][ C0] ? __pfx___sys_sendmsg+0x10/0x10 [ 444.600516][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 444.606835][ C0] ? do_syscall_64+0x100/0x230 [ 444.611616][ C0] ? do_syscall_64+0xb6/0x230 [ 444.616278][ C0] do_syscall_64+0xf3/0x230 [ 444.620790][ C0] ? clear_bhb_loop+0x35/0x90 [ 444.625449][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 444.631347][ C0] RIP: 0033:0x7f9b56b75f19 [ 444.635743][ C0] RSP: 002b:00007f9b57929048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 444.644163][ C0] RAX: ffffffffffffffda RBX: 00007f9b56d05f60 RCX: 00007f9b56b75f19 [ 444.652139][ C0] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 444.660114][ C0] RBP: 00007f9b56be4e68 R08: 0000000000000000 R09: 0000000000000000 [ 444.668066][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 444.676125][ C0] R13: 000000000000000b R14: 00007f9b56d05f60 R15: 00007fff4b5cd4c8 [ 444.684112][ C0] [ 444.687115][ C0] DEBUG: waiting rtnl_mutex for 1180 jiffies. [ 444.693181][ C0] task:syz-executor state:D stack:24992 pid:10559 tgid:10559 ppid:10546 flags:0x00000000 [ 444.703344][ C0] Call Trace: [ 444.706613][ C0] [ 444.709555][ C0] __schedule+0x1800/0x4a60 [ 444.714056][ C0] ? __pfx___schedule+0x10/0x10 [ 444.718915][ C0] ? __pfx_lock_release+0x10/0x10 [ 444.723926][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 444.729394][ C0] ? schedule+0x90/0x320 [ 444.733617][ C0] schedule+0x14b/0x320 [ 444.737758][ C0] schedule_preempt_disabled+0x13/0x30 [ 444.743223][ C0] __mutex_lock+0x6a4/0xd70 [ 444.747714][ C0] ? __mutex_lock+0x527/0xd70 [ 444.752392][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 444.757485][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 444.762609][ C0] ? get_rtnl_holder+0x144/0x190 [ 444.767534][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 444.772487][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 444.777597][ C0] ? __lock_acquire+0x1384/0x2050 [ 444.782637][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 444.788090][ C0] netlink_rcv_skb+0x1e3/0x430 [ 444.792864][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 444.798313][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 444.803622][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 444.808861][ C0] netlink_unicast+0x7f6/0x990 [ 444.813658][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 444.818977][ C0] ? __virt_addr_valid+0x183/0x530 [ 444.824113][ C0] ? __check_object_size+0x49c/0x900 [ 444.829420][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 444.834529][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 444.839324][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 444.844609][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 444.849561][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 444.854829][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 444.860294][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 444.865563][ C0] __sock_sendmsg+0x221/0x270 [ 444.870258][ C0] __sys_sendto+0x3a4/0x4f0 [ 444.874748][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 444.879795][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 444.885762][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 444.892106][ C0] ? exc_page_fault+0x590/0x8c0 [ 444.896946][ C0] __x64_sys_sendto+0xde/0x100 [ 444.901725][ C0] do_syscall_64+0xf3/0x230 [ 444.906213][ C0] ? clear_bhb_loop+0x35/0x90 [ 444.910924][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 444.916838][ C0] RIP: 0033:0x7f3444d77cac [ 444.921267][ C0] RSP: 002b:00007ffcc5ff20d0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 444.929701][ C0] RAX: ffffffffffffffda RBX: 00007f3445a34620 RCX: 00007f3444d77cac [ 444.937657][ C0] RDX: 0000000000000028 RSI: 00007f3445a34670 RDI: 0000000000000003 [ 444.945636][ C0] RBP: 0000000000000000 R08: 00007ffcc5ff2124 R09: 000000000000000c [ 444.953617][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 444.961591][ C0] R13: 0000000000000000 R14: 00007f3445a34670 R15: 0000000000000000 [ 444.969575][ C0] [ 444.972577][ C0] DEBUG: waiting rtnl_mutex for 1039 jiffies. [ 444.978615][ C0] task:syz.3.1346 state:D stack:25456 pid:10564 tgid:10563 ppid:8366 flags:0x00000004 [ 444.988817][ C0] Call Trace: [ 444.992098][ C0] [ 444.995015][ C0] __schedule+0x1800/0x4a60 [ 444.999541][ C0] ? __pfx___schedule+0x10/0x10 [ 445.004379][ C0] ? __pfx_lock_release+0x10/0x10 [ 445.009413][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 445.014866][ C0] ? schedule+0x90/0x320 [ 445.019125][ C0] schedule+0x14b/0x320 [ 445.023268][ C0] schedule_preempt_disabled+0x13/0x30 [ 445.028719][ C0] __mutex_lock+0x6a4/0xd70 [ 445.033235][ C0] ? __mutex_lock+0x527/0xd70 [ 445.037899][ C0] ? ethnl_default_doit+0x567/0xd80 [ 445.043106][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 445.048123][ C0] ? rcu_is_watching+0x15/0xb0 [ 445.052889][ C0] ? get_rtnl_holder+0x144/0x190 [ 445.057812][ C0] ethnl_default_doit+0x567/0xd80 [ 445.062855][ C0] ? __pfx_ethnl_default_doit+0x10/0x10 [ 445.068387][ C0] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 445.074731][ C0] genl_rcv_msg+0xb14/0xec0 [ 445.079263][ C0] ? mark_lock+0x9a/0x360 [ 445.083588][ C0] ? __pfx_genl_rcv_msg+0x10/0x10 [ 445.088607][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 445.093644][ C0] ? __pfx_ethnl_default_doit+0x10/0x10 [ 445.099204][ C0] ? __pfx___might_resched+0x10/0x10 [ 445.104481][ C0] netlink_rcv_skb+0x1e3/0x430 [ 445.109256][ C0] ? __pfx_genl_rcv_msg+0x10/0x10 [ 445.114268][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 445.119669][ C0] ? __netlink_deliver_tap+0x77e/0x7c0 [ 445.125124][ C0] genl_rcv+0x28/0x40 [ 445.129113][ C0] netlink_unicast+0x7f6/0x990 [ 445.133866][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 445.139156][ C0] ? __virt_addr_valid+0x183/0x530 [ 445.144253][ C0] ? __check_object_size+0x49c/0x900 [ 445.149544][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 445.154642][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 445.159430][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 445.164704][ C0] ? __import_iovec+0x536/0x820 [ 445.169562][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 445.174485][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 445.179771][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 445.185213][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 445.190504][ C0] __sock_sendmsg+0x221/0x270 [ 445.195169][ C0] ____sys_sendmsg+0x525/0x7d0 [ 445.199946][ C0] ? __pfx_____sys_sendmsg+0x10/0x10 [ 445.205221][ C0] __sys_sendmsg+0x2b0/0x3a0 [ 445.209821][ C0] ? __pfx___sys_sendmsg+0x10/0x10 [ 445.214940][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 445.221278][ C0] ? do_syscall_64+0x100/0x230 [ 445.226031][ C0] ? do_syscall_64+0xb6/0x230 [ 445.230714][ C0] do_syscall_64+0xf3/0x230 [ 445.235202][ C0] ? clear_bhb_loop+0x35/0x90 [ 445.239884][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.245759][ C0] RIP: 0033:0x7f36a7975f19 [ 445.250179][ C0] RSP: 002b:00007f36a86f2048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 445.258574][ C0] RAX: ffffffffffffffda RBX: 00007f36a7b05f60 RCX: 00007f36a7975f19 [ 445.266548][ C0] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000007 [ 445.274523][ C0] RBP: 00007f36a79e4e68 R08: 0000000000000000 R09: 0000000000000000 [ 445.282497][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 445.290472][ C0] R13: 000000000000000b R14: 00007f36a7b05f60 R15: 00007ffdea9e4db8 [ 445.298435][ C0] [ 445.301466][ C0] DEBUG: waiting rtnl_mutex for 2179 jiffies. [ 445.307508][ C0] task:syz-executor state:D stack:21728 pid:10198 tgid:10198 ppid:10171 flags:0x00004000 [ 445.317675][ C0] Call Trace: [ 445.320982][ C0] [ 445.323917][ C0] __schedule+0x1800/0x4a60 [ 445.328419][ C0] ? __pfx___schedule+0x10/0x10 [ 445.333280][ C0] ? __pfx_lock_release+0x10/0x10 [ 445.338292][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 445.343761][ C0] ? schedule+0x90/0x320 [ 445.347986][ C0] schedule+0x14b/0x320 [ 445.352151][ C0] schedule_preempt_disabled+0x13/0x30 [ 445.357591][ C0] __mutex_lock+0x6a4/0xd70 [ 445.362110][ C0] ? __mutex_lock+0x527/0xd70 [ 445.366773][ C0] ? register_nexthop_notifier+0x84/0x290 [ 445.372496][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 445.377507][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 445.383843][ C0] ? get_rtnl_holder+0x144/0x190 [ 445.388771][ C0] register_nexthop_notifier+0x84/0x290 [ 445.394320][ C0] ? devlink_resource_find+0xba/0xf0 [ 445.399651][ C0] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 445.405821][ C0] ? devlink_resource_find+0xc4/0xf0 [ 445.411131][ C0] nsim_fib_create+0x8a6/0xa70 [ 445.415889][ C0] ? __pfx_nsim_fib_create+0x10/0x10 [ 445.421183][ C0] nsim_drv_probe+0x747/0xb80 [ 445.425855][ C0] ? __pfx_nsim_drv_probe+0x10/0x10 [ 445.431070][ C0] ? kernfs_create_link+0x187/0x1f0 [ 445.436252][ C0] ? sysfs_do_create_link_sd+0xdd/0x110 [ 445.441803][ C0] ? driver_sysfs_add+0x1de/0x1f0 [ 445.446809][ C0] ? really_probe+0x147/0xad0 [ 445.451489][ C0] ? __pfx_nsim_bus_probe+0x10/0x10 [ 445.456667][ C0] really_probe+0x2b8/0xad0 [ 445.461177][ C0] __driver_probe_device+0x1a2/0x390 [ 445.466447][ C0] driver_probe_device+0x50/0x430 [ 445.471479][ C0] __device_attach_driver+0x2d6/0x530 [ 445.476835][ C0] bus_for_each_drv+0x24e/0x2e0 [ 445.479021][ T54] Bluetooth: hci8: command tx timeout [ 445.481697][ C0] ? __pfx___device_attach_driver+0x10/0x10 [ 445.493306][ C0] ? __pfx_bus_for_each_drv+0x10/0x10 [ 445.498665][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 445.503698][ C0] __device_attach+0x333/0x520 [ 445.508447][ C0] ? __pfx___device_attach+0x10/0x10 [ 445.513739][ C0] bus_probe_device+0x189/0x260 [ 445.518583][ C0] device_add+0x856/0xbf0 [ 445.522920][ C0] new_device_store+0x3f3/0x890 [ 445.527761][ C0] ? kernfs_fop_write_iter+0x1eb/0x500 [ 445.533240][ C0] ? __pfx_new_device_store+0x10/0x10 [ 445.538599][ C0] ? sysfs_kf_write+0x182/0x2a0 [ 445.543455][ C0] ? bus_attr_store+0x4f/0xa0 [ 445.548118][ C0] ? __pfx_sysfs_kf_write+0x10/0x10 [ 445.553321][ C0] kernfs_fop_write_iter+0x3a1/0x500 [ 445.558594][ C0] vfs_write+0xa72/0xc90 [ 445.562845][ C0] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 445.568635][ C0] ? __pfx_vfs_write+0x10/0x10 [ 445.573411][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 445.579404][ C0] ksys_write+0x1a0/0x2c0 [ 445.583720][ C0] ? __pfx_ksys_write+0x10/0x10 [ 445.588552][ C0] ? do_syscall_64+0x100/0x230 [ 445.593325][ C0] ? do_syscall_64+0xb6/0x230 [ 445.597991][ C0] do_syscall_64+0xf3/0x230 [ 445.602497][ C0] ? clear_bhb_loop+0x35/0x90 [ 445.607156][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.613052][ C0] RIP: 0033:0x7f108d174a9f [ 445.617450][ C0] RSP: 002b:00007ffe01e870b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 445.625865][ C0] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f108d174a9f [ 445.633850][ C0] RDX: 0000000000000003 RSI: 00007ffe01e87100 RDI: 0000000000000005 [ 445.641824][ C0] RBP: 00007f108d1e45d6 R08: 0000000000000000 R09: 00007ffe01e86f07 [ 445.649799][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 445.657751][ C0] R13: 00007ffe01e87100 R14: 00007f108de34620 R15: 0000000000000003 [ 445.665734][ C0] [ 445.668737][ C0] DEBUG: holding rtnl_mutex for 2212 jiffies. [ 445.674801][ C0] task:kworker/u8:13 state:R running task stack:19992 pid:4588 tgid:4588 ppid:2 flags:0x00004000 [ 445.686537][ C0] Workqueue: netns cleanup_net [ 445.691306][ C0] Call Trace: [ 445.694580][ C0] [ 445.697498][ C0] __schedule+0x1800/0x4a60 [ 445.702022][ C0] ? __pfx___schedule+0x10/0x10 [ 445.706857][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 445.712850][ C0] ? preempt_schedule_irq+0xf0/0x1c0 [ 445.718121][ C0] preempt_schedule_irq+0xfb/0x1c0 [ 445.723237][ C0] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 445.728997][ C0] irqentry_exit+0x5e/0x90 [ 445.733413][ C0] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 445.738854][ C0] RIP: 0010:get_stack_info+0x0/0x180 [ 445.744184][ C0] Code: 74 60 00 31 c0 5b c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 55 41 57 41 56 41 55 41 54 53 49 89 ce 49 89 d7 49 89 [ 445.763794][ C0] RSP: 0000:ffffc9000ced7390 EFLAGS: 00000246 [ 445.769873][ C0] RAX: 1ffff920019dae87 RBX: ffffc9000ced7398 RCX: ffffc9000ced7420 [ 445.777827][ C0] RDX: ffffc9000ced7400 RSI: ffff88802fd99e00 RDI: ffffc9000ced7398 [ 445.785803][ C0] RBP: dffffc0000000000 R08: ffffc9000ced745f R09: 0000000000000000 [ 445.793787][ C0] R10: ffffc9000ced7400 R11: fffff520019dae8c R12: ffffc9000ced7420 [ 445.801764][ C0] R13: ffffc9000ced7428 R14: ffffc9000ced7400 R15: 1ffff920019dae85 [ 445.809757][ C0] __unwind_start+0x481/0x7c0 [ 445.814435][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 445.820605][ C0] arch_stack_walk+0x103/0x1b0 [ 445.825356][ C0] ? __unwind_start+0x2bc/0x7c0 [ 445.830223][ C0] stack_trace_save+0x118/0x1d0 [ 445.835069][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 445.840462][ C0] ? synchronize_rcu+0x11b/0x360 [ 445.845391][ C0] ref_tracker_free+0x105/0x7e0 [ 445.850256][ C0] ? __pfx_ref_tracker_free+0x10/0x10 [ 445.855619][ C0] ? rcu_is_watching+0x15/0xb0 [ 445.860390][ C0] ? qdisc_reset+0x3bf/0x5b0 [ 445.865000][ C0] ? module_put+0x13a/0x2d0 [ 445.869528][ C0] __qdisc_destroy+0x1a2/0x410 [ 445.874284][ C0] dev_shutdown+0x9b/0x450 [ 445.878682][ C0] unregister_netdevice_many_notify+0x97b/0x1c40 [ 445.885029][ C0] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 445.891810][ C0] ? unregister_netdevice_queue+0x26b/0x370 [ 445.897690][ C0] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 445.903861][ C0] default_device_exit_batch+0xa0f/0xa90 [ 445.909512][ C0] ? __pfx___might_resched+0x10/0x10 [ 445.914787][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 445.920978][ C0] ? cfg802154_pernet_exit+0xc3/0xe0 [ 445.926250][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 445.932415][ C0] cleanup_net+0x89d/0xcc0 [ 445.936838][ C0] ? __pfx_cleanup_net+0x10/0x10 [ 445.941822][ C0] ? process_scheduled_works+0x945/0x1830 [ 445.947533][ C0] process_scheduled_works+0xa2c/0x1830 [ 445.953111][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 445.959129][ C0] ? assign_work+0x364/0x3d0 [ 445.963721][ C0] worker_thread+0x86d/0xd40 [ 445.968309][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 445.974235][ C0] ? __kthread_parkme+0x169/0x1d0 [ 445.979277][ C0] ? __pfx_worker_thread+0x10/0x10 [ 445.984381][ C0] kthread+0x2f0/0x390 [ 445.988432][ C0] ? __pfx_worker_thread+0x10/0x10 [ 445.993562][ C0] ? __pfx_kthread+0x10/0x10 [ 445.998138][ C0] ret_from_fork+0x4b/0x80 [ 446.002560][ C0] ? __pfx_kthread+0x10/0x10 [ 446.007134][ C0] ret_from_fork_asm+0x1a/0x30 [ 446.011920][ C0] [ 446.014936][ C0] [ 446.014936][ C0] Showing all locks held in the system: [ 446.022674][ C0] 3 locks held by kworker/u8:0/11: [ 446.027766][ C0] #0: ffff88802aa64948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 446.039358][ C0] #1: ffffc90000107d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 446.053067][ C0] #2: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 446.062587][ C0] 5 locks held by kworker/u8:3/52: [ 446.067705][ C0] 4 locks held by kworker/u8:13/4588: [ 446.073097][ C0] 1 lock held by udevd/4684: [ 446.077671][ C0] 2 locks held by getty/4987: [ 446.082354][ C0] #0: ffff88802b1470a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 446.092135][ C0] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 446.102248][ C0] 4 locks held by udevd/5246: [ 446.106906][ C0] #0: ffff88801f1c0418 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xb7/0xd60 [ 446.115709][ C0] #1: ffff88802d6fe888 (&of->mutex#2){+.+.}-{3:3}, at: kernfs_seq_start+0x53/0x3b0 [ 446.125122][ C0] #2: ffff8880222f12d8 (kn->active#5){++++}-{0:0}, at: kernfs_seq_start+0x72/0x3b0 [ 446.134539][ C0] #3: ffff888023b4d0e8 (&dev->mutex){....}-{3:3}, at: uevent_show+0x17d/0x340 [ 446.143530][ C0] 3 locks held by kworker/0:5/5284: [ 446.148707][ C0] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 446.159684][ C0] #1: ffffc900043d7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 446.170655][ C0] #2: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 446.179635][ C0] 7 locks held by syz-executor/10198: [ 446.184983][ C0] #0: ffff88801ecc4420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 446.193880][ C0] #1: ffff88801ecb4488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 446.203633][ C0] #2: ffff88802381e2d8 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 446.213735][ C0] #3: ffffffff8f51f608 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 446.224094][ C0] #4: ffff888023b4d0e8 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8e/0x520 [ 446.233365][ C0] #5: ffff8880121f1250 (&devlink->lock_key#21){+.+.}-{3:3}, at: nsim_drv_probe+0xcb/0xb80 [ 446.243394][ C0] #6: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 446.253510][ C0] 1 lock held by syz.0.1343/10552: [ 446.258604][ C0] #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 446.268021][ C0] 1 lock held by syz-executor/10559: [ 446.273314][ C0] #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 446.282733][ C0] 2 locks held by syz.3.1346/10564: [ 446.287906][ C0] #0: ffffffff8fce80d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 446.296096][ C0] #1: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_doit+0x567/0xd80 [ 446.305600][ C0] 2 locks held by syz.4.1351/10591: [ 446.310802][ C0] #0: ffffc9000330fb40 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 446.320922][ C0] #1: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 446.330773][ C0] 1 lock held by syz-executor/10593: [ 446.336038][ C0] 1 lock held by syz-executor/10594: [ 446.341355][ C0] #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 446.350775][ C0] [ 446.353084][ C0] ============================================= [ 446.353084][ C0] [ 446.430048][ T5234] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 446.448903][ T5234] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 446.461507][ T5234] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 446.473758][ T5234] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 446.481771][ T5234] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 446.501071][ T5234] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 446.548168][ T8] usb 5-1: USB disconnect, device number 16 [ 447.267713][T10552] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1343'. [ 447.316849][T10602] tap0: tun_chr_ioctl cmd 1074812118 [ 447.559247][ T5234] Bluetooth: hci8: command tx timeout [ 448.161537][T10198] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 448.201894][T10198] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 448.284534][T10198] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 448.304048][T10198] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 448.593727][ T5234] Bluetooth: hci9: command tx timeout [ 448.892540][T10594] chnl_net:caif_netlink_parms(): no params data found [ 448.947410][T10559] chnl_net:caif_netlink_parms(): no params data found [ 448.987167][T10597] chnl_net:caif_netlink_parms(): no params data found [ 449.544330][T10623] loop4: detected capacity change from 0 to 40427 [ 449.563457][T10594] bridge0: port 1(bridge_slave_0) entered blocking state [ 449.572711][T10623] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(262146) root(3) [ 449.581705][T10594] bridge0: port 1(bridge_slave_0) entered disabled state [ 449.587944][T10623] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 449.610597][T10594] bridge_slave_0: entered allmulticast mode [ 449.618344][T10594] bridge_slave_0: entered promiscuous mode [ 449.628351][T10594] bridge0: port 2(bridge_slave_1) entered blocking state [ 449.636649][T10594] bridge0: port 2(bridge_slave_1) entered disabled state [ 449.641249][ T5234] Bluetooth: hci8: command tx timeout [ 449.644413][T10594] bridge_slave_1: entered allmulticast mode [ 449.656921][T10623] F2FS-fs (loop4): Found nat_bits in checkpoint [ 449.664067][T10594] bridge_slave_1: entered promiscuous mode [ 449.753819][T10559] bridge0: port 1(bridge_slave_0) entered blocking state [ 449.780601][T10559] bridge0: port 1(bridge_slave_0) entered disabled state [ 449.806605][T10559] bridge_slave_0: entered allmulticast mode [ 449.809425][T10623] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 449.815801][T10559] bridge_slave_0: entered promiscuous mode [ 449.832259][T10623] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 449.888575][T10597] bridge0: port 1(bridge_slave_0) entered blocking state [ 449.896513][T10597] bridge0: port 1(bridge_slave_0) entered disabled state [ 449.906157][T10597] bridge_slave_0: entered allmulticast mode [ 449.921167][T10597] bridge_slave_0: entered promiscuous mode [ 450.019660][ T8472] syz-executor: attempt to access beyond end of device [ 450.019660][ T8472] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 450.036268][ T8472] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 450.063059][T10559] bridge0: port 2(bridge_slave_1) entered blocking state [ 450.075113][T10559] bridge0: port 2(bridge_slave_1) entered disabled state [ 450.100908][T10559] bridge_slave_1: entered allmulticast mode [ 450.111019][T10559] bridge_slave_1: entered promiscuous mode [ 450.131312][T10597] bridge0: port 2(bridge_slave_1) entered blocking state [ 450.145967][T10597] bridge0: port 2(bridge_slave_1) entered disabled state [ 450.156205][T10597] bridge_slave_1: entered allmulticast mode [ 450.192665][T10597] bridge_slave_1: entered promiscuous mode [ 450.252397][T10198] 8021q: adding VLAN 0 to HW filter on device bond0 [ 450.261907][T10594] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 450.467091][T10597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 450.511590][T10594] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 450.622076][ T4588] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 450.669771][ T5234] Bluetooth: hci9: command tx timeout [ 450.687770][T10559] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 450.721218][T10597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 450.843203][T10559] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 450.902545][ T4588] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 450.994799][T10594] team0: Port device team_slave_0 added [ 451.013771][T10594] team0: Port device team_slave_1 added [ 451.131055][ T4588] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 451.226139][T10559] team0: Port device team_slave_0 added [ 451.289182][T10597] team0: Port device team_slave_0 added [ 451.322343][T10198] 8021q: adding VLAN 0 to HW filter on device team0 [ 451.394544][ T4588] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 451.442920][T10559] team0: Port device team_slave_1 added [ 451.468824][T10597] team0: Port device team_slave_1 added [ 451.522016][T10594] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 451.529068][T10594] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 451.574247][T10594] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 451.709778][ T5234] Bluetooth: hci8: command tx timeout [ 452.486817][T10597] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 452.509919][T10597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 452.547330][T10597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 452.673962][T10594] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 452.681500][T10594] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 452.708467][T10594] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 452.750111][ T5234] Bluetooth: hci9: command tx timeout [ 452.783386][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 452.790591][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 452.814722][T10559] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 452.833040][T10559] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 452.901821][T10559] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 452.936964][T10597] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 452.953087][T10597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 452.979638][T10597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 453.076828][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 453.084027][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 453.098696][T10647] loop4: detected capacity change from 0 to 32768 [ 453.106253][T10559] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 453.120334][T10559] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 453.169318][T10647] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1363 (10647) [ 453.180703][T10559] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 453.261984][T10647] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 453.290814][T10647] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 453.330405][T10647] BTRFS info (device loop4): using free-space-tree [ 453.363864][T10594] hsr_slave_0: entered promiscuous mode [ 453.372286][T10594] hsr_slave_1: entered promiscuous mode [ 453.391314][T10594] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 453.398931][T10594] Cannot create hsr debugfs directory [ 453.616610][ T29] audit: type=1800 audit(1721924281.638:263): pid=10647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1363" name="bus" dev="loop4" ino=263 res=0 errno=0 [ 453.690233][ T29] audit: type=1800 audit(1721924281.698:264): pid=10665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1363" name="bus" dev="loop4" ino=263 res=0 errno=0 [ 453.735757][T10597] hsr_slave_0: entered promiscuous mode [ 453.771448][T10597] hsr_slave_1: entered promiscuous mode [ 453.800014][ T29] audit: type=1800 audit(1721924281.708:265): pid=10647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1363" name="bus" dev="loop4" ino=263 res=0 errno=0 [ 453.837854][T10597] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 453.869422][T10597] Cannot create hsr debugfs directory [ 454.038629][T10559] hsr_slave_0: entered promiscuous mode [ 454.047087][T10559] hsr_slave_1: entered promiscuous mode [ 454.049339][ T8472] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 454.065617][T10559] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 454.076175][T10559] Cannot create hsr debugfs directory [ 454.466114][ T4588] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 454.808737][ T4588] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 454.830113][ T5234] Bluetooth: hci9: command tx timeout [ 455.122677][ T4588] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 455.384363][T10667] loop4: detected capacity change from 0 to 40427 [ 455.419657][T10667] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 455.428699][T10667] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 455.439443][ T4588] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 455.491700][T10667] F2FS-fs (loop4): Found nat_bits in checkpoint [ 455.618151][T10667] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 455.627235][T10667] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 455.969983][T10676] syz.4.1364: attempt to access beyond end of device [ 455.969983][T10676] loop4: rw=2049, sector=45096, nr_sectors = 128 limit=40427 [ 456.138988][T10198] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 456.195415][T10676] syz.4.1364: attempt to access beyond end of device [ 456.195415][T10676] loop4: rw=2049, sector=45224, nr_sectors = 8 limit=40427 [ 456.289432][ T4588] bridge_slave_1: left allmulticast mode [ 456.309405][ T4588] bridge_slave_1: left promiscuous mode [ 456.319725][ T8472] syz-executor: attempt to access beyond end of device [ 456.319725][ T8472] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 456.323673][ T4588] bridge0: port 2(bridge_slave_1) entered disabled state [ 456.338874][ T8472] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 456.391008][ T4588] bridge_slave_0: left allmulticast mode [ 456.396776][ T4588] bridge_slave_0: left promiscuous mode [ 456.432117][ T4588] bridge0: port 1(bridge_slave_0) entered disabled state [ 456.463662][ T4588] bridge_slave_1: left allmulticast mode [ 456.469329][ T4588] bridge_slave_1: left promiscuous mode [ 456.521019][ T4588] bridge0: port 2(bridge_slave_1) entered disabled state [ 456.544558][ T4588] bridge_slave_0: left allmulticast mode [ 456.550427][ T4588] bridge_slave_0: left promiscuous mode [ 456.556158][ T4588] bridge0: port 1(bridge_slave_0) entered disabled state [ 457.743967][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 457.756991][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 457.772960][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 457.801082][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 457.811277][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 457.825697][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 458.238191][ T4588] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 458.254342][ T4588] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 458.269535][ T4588] bond0 (unregistering): Released all slaves [ 458.464191][ T4588] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 458.481356][ T4588] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 458.502241][ T4588] bond0 (unregistering): Released all slaves [ 458.877821][T10594] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 458.927297][T10594] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 458.983798][T10690] loop4: detected capacity change from 0 to 2048 [ 459.026291][T10690] UDF-fs: warning (device loop4): udf_fill_super: No fileset found [ 459.300149][T10692] loop4: detected capacity change from 0 to 4096 [ 459.310800][T10594] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 459.340637][T10693] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 459.352464][T10594] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 459.714621][T10698] loop4: detected capacity change from 0 to 16 [ 459.724420][T10698] erofs: (device loop4): mounted with root inode @ nid 36. [ 459.986731][ T54] Bluetooth: hci1: command tx timeout [ 460.083758][T10702] openvswitch: netlink: Message has 2 unknown bytes. [ 461.339308][ T4588] hsr_slave_0: left promiscuous mode [ 461.349248][ T4588] hsr_slave_1: left promiscuous mode [ 461.392111][ T4588] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 461.397589][T10710] loop4: detected capacity change from 0 to 2048 [ 461.400307][ T4588] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 461.413607][T10710] UDF-fs: warning (device loop4): udf_fill_super: No fileset found [ 461.433838][ T4588] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 461.441763][ T4588] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 461.491615][ T4588] hsr_slave_0: left promiscuous mode [ 461.509588][ T4588] hsr_slave_1: left promiscuous mode [ 461.519989][ T4588] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 461.528759][ T4588] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 461.543546][ T4588] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 461.558196][ T4588] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 461.640815][ T4588] veth1_macvtap: left promiscuous mode [ 461.646444][ T4588] veth0_macvtap: left promiscuous mode [ 461.652847][ T4588] veth1_vlan: left promiscuous mode [ 461.658320][ T4588] veth0_vlan: left promiscuous mode [ 461.673867][ T4588] veth1_macvtap: left promiscuous mode [ 461.679391][ T4588] veth0_macvtap: left promiscuous mode [ 461.686753][ T4588] veth1_vlan: left promiscuous mode [ 461.692522][ T4588] veth0_vlan: left promiscuous mode [ 461.902055][ T5283] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 462.033404][ T54] Bluetooth: hci1: command tx timeout [ 462.101434][ T5283] usb 5-1: Using ep0 maxpacket: 8 [ 462.128695][ T5283] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 462.166787][ T5283] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 462.203088][ T5283] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 462.219378][ T5283] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 462.266041][ T5283] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 462.277628][ T5283] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 462.516627][ T5283] usb 5-1: GET_CAPABILITIES returned 0 [ 462.539432][ T5283] usbtmc 5-1:16.0: can't read capabilities [ 462.744788][ T5279] usb 5-1: USB disconnect, device number 17 [ 463.161776][ T4588] team0 (unregistering): Port device team_slave_1 removed [ 463.234722][ T4588] team0 (unregistering): Port device team_slave_0 removed [ 463.651216][ T5282] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 463.867388][ T5282] usb 5-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 463.885198][ T5282] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 463.941916][ T5282] usb 5-1: config 0 descriptor?? [ 463.964495][ T5282] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 464.040435][ T4588] vcan0 (unregistering): left allmulticast mode [ 464.111558][ T54] Bluetooth: hci1: command tx timeout [ 464.359471][ T5282] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-22) [ 464.381425][ T5282] dvb_usb_gp8psk 5-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22 [ 464.567520][ T5284] usb 5-1: USB disconnect, device number 18 [ 464.899596][ T4588] team0 (unregistering): Port device team_slave_1 removed [ 464.975626][ T4588] team0 (unregistering): Port device team_slave_0 removed [ 465.540352][ T29] audit: type=1326 audit(1721924293.557:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f0d75f19 code=0x7fc00000 [ 465.585647][ T29] audit: type=1326 audit(1721924293.587:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f25f0d75f19 code=0x7fc00000 [ 465.968208][T10685] chnl_net:caif_netlink_parms(): no params data found [ 466.079117][T10594] 8021q: adding VLAN 0 to HW filter on device bond0 [ 466.192046][ T54] Bluetooth: hci1: command tx timeout [ 466.201823][ T29] audit: type=1326 audit(1721924294.207:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f0d75f19 code=0x7fc00000 [ 466.316128][ T29] audit: type=1326 audit(1721924294.207:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f0d75f19 code=0x7fc00000 [ 466.368697][ T29] audit: type=1326 audit(1721924294.207:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f0d75f19 code=0x7fc00000 [ 466.409758][T10559] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 466.414423][T10724] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1381'. [ 466.429172][ T29] audit: type=1326 audit(1721924294.207:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f0d75f19 code=0x7fc00000 [ 466.453119][ T29] audit: type=1326 audit(1721924294.207:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f0d75f19 code=0x7fc00000 [ 466.480753][T10597] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 466.489170][ T29] audit: type=1326 audit(1721924294.207:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f0d75f19 code=0x7fc00000 [ 466.505239][T10597] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 466.520588][ T29] audit: type=1326 audit(1721924294.207:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f0d75f19 code=0x7fc00000 [ 466.543119][ T29] audit: type=1326 audit(1721924294.207:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.4.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f0d75f19 code=0x7fc00000 [ 466.587294][T10594] 8021q: adding VLAN 0 to HW filter on device team0 [ 466.619663][T10724] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1381'. [ 466.761245][T10559] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 466.811793][T10597] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 466.894640][ T5279] bridge0: port 1(bridge_slave_0) entered blocking state [ 466.901771][ T5279] bridge0: port 1(bridge_slave_0) entered forwarding state [ 466.911891][ T5279] bridge0: port 2(bridge_slave_1) entered blocking state [ 466.919188][ T5279] bridge0: port 2(bridge_slave_1) entered forwarding state [ 466.989313][T10594] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 467.015802][T10594] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 467.041002][T10597] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 467.114116][T10559] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.148949][T10685] bridge0: port 1(bridge_slave_0) entered blocking state [ 467.167043][T10685] bridge0: port 1(bridge_slave_0) entered disabled state [ 467.189554][T10685] bridge_slave_0: entered allmulticast mode [ 467.198035][T10685] bridge_slave_0: entered promiscuous mode [ 467.266943][T10559] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.371986][T10685] bridge0: port 2(bridge_slave_1) entered blocking state [ 467.388812][T10685] bridge0: port 2(bridge_slave_1) entered disabled state [ 467.405573][T10685] bridge_slave_1: entered allmulticast mode [ 467.437343][T10685] bridge_slave_1: entered promiscuous mode [ 467.533183][T10685] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 467.592974][T10685] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 467.775147][T10685] team0: Port device team_slave_0 added [ 467.901936][T10685] team0: Port device team_slave_1 added [ 468.032240][T10594] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 468.202199][T10685] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 468.209191][T10685] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 468.236356][T10685] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 468.998891][T10685] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 469.011784][T10685] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 469.048009][T10685] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 469.360290][T10559] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 469.460527][T10559] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 469.509952][T10559] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 469.601150][T10685] hsr_slave_0: entered promiscuous mode [ 469.623622][T10685] hsr_slave_1: entered promiscuous mode [ 469.630108][T10685] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 469.638665][T10685] Cannot create hsr debugfs directory [ 469.664139][T10597] 8021q: adding VLAN 0 to HW filter on device bond0 [ 469.682089][T10559] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 469.929319][T10597] 8021q: adding VLAN 0 to HW filter on device team0 [ 470.126762][ T4588] bridge_slave_1: left allmulticast mode [ 470.140708][ T4588] bridge_slave_1: left promiscuous mode [ 470.160080][ T4588] bridge0: port 2(bridge_slave_1) entered disabled state [ 470.178439][ T4588] bridge_slave_0: left allmulticast mode [ 470.184999][ T4588] bridge_slave_0: left promiscuous mode [ 470.191745][ T4588] bridge0: port 1(bridge_slave_0) entered disabled state [ 470.348221][T10749] loop4: detected capacity change from 0 to 1024 [ 470.368415][T10749] EXT4-fs: Ignoring removed nobh option [ 470.388157][T10749] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 470.443391][T10749] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 470.571578][ T8472] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 471.074463][ T4588] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 471.090326][ T4588] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 471.104607][ T4588] bond0 (unregistering): Released all slaves [ 471.117912][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 471.125031][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 471.143000][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 471.150175][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 471.220288][ T5284] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 471.239919][T10594] veth0_vlan: entered promiscuous mode [ 471.283657][ T4588] hsr_slave_0: left promiscuous mode [ 471.298735][ T4588] hsr_slave_1: left promiscuous mode [ 471.307349][ T4588] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 471.326833][ T4588] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 471.425029][ T5284] usb 5-1: Using ep0 maxpacket: 16 [ 471.438777][ T5284] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 471.478980][ T5284] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 471.500874][ T5284] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 471.542623][ T5284] usb 5-1: Product: syz [ 471.546828][ T5284] usb 5-1: Manufacturer: syz [ 471.580897][ T5284] usb 5-1: SerialNumber: syz [ 471.597502][ T5284] usb 5-1: config 0 descriptor?? [ 471.606802][ T5284] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 471.618937][ T5284] em28xx 5-1:0.0: DVB interface 0 found: bulk [ 471.925902][ T54] Bluetooth: hci6: unexpected event for opcode 0x1005 [ 471.937767][ T4588] team0 (unregistering): Port device team_slave_1 removed [ 472.004322][ T5284] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 472.052748][ T4588] team0 (unregistering): Port device team_slave_0 removed [ 472.127831][ T5284] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 472.147537][ T5284] em28xx 5-1:0.0: board has no eeprom [ 472.242065][ T5284] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 472.250094][ T5284] em28xx 5-1:0.0: dvb set to bulk mode. [ 472.263159][ T5279] em28xx 5-1:0.0: Binding DVB extension [ 472.314828][ T5284] usb 5-1: USB disconnect, device number 19 [ 472.335532][ T5284] em28xx 5-1:0.0: Disconnecting em28xx [ 472.463988][ T5279] em28xx 5-1:0.0: Registering input extension [ 472.489081][ T5284] em28xx 5-1:0.0: Closing input extension [ 472.569450][ T5284] em28xx 5-1:0.0: Freeing device [ 473.122848][ T5284] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 473.342851][ T5284] usb 5-1: Using ep0 maxpacket: 8 [ 473.372773][ T5284] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 473.400665][ T5284] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 473.429360][ T5284] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 473.463359][ T5284] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 473.505617][ T5284] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 473.521740][T10594] veth1_vlan: entered promiscuous mode [ 473.528990][ T5284] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 473.695134][T10559] 8021q: adding VLAN 0 to HW filter on device bond0 [ 473.704001][T10594] veth0_macvtap: entered promiscuous mode [ 473.730589][T10594] veth1_macvtap: entered promiscuous mode [ 473.793240][ T5284] usb 5-1: GET_CAPABILITIES returned 0 [ 473.813198][ T5284] usbtmc 5-1:16.0: can't read capabilities [ 473.877595][T10559] 8021q: adding VLAN 0 to HW filter on device team0 [ 474.005931][T10594] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.032463][T10594] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.062546][T10594] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.073494][T10594] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.078435][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 474.083714][T10594] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.102318][T10761] usbtmc 5-1:16.0: Unable to send data, error -71 [ 474.104747][T10594] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.124101][T10594] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.126713][ T5284] usb 5-1: USB disconnect, device number 20 [ 474.135231][T10594] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.187323][T10594] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 474.221691][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 474.228880][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 474.316880][T10594] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.328385][T10594] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.338824][T10594] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.349496][T10594] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.361046][T10594] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.389558][T10594] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.400676][T10594] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.412104][T10594] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.424147][T10594] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 474.458274][ T5284] bridge0: port 2(bridge_slave_1) entered blocking state [ 474.465406][ T5284] bridge0: port 2(bridge_slave_1) entered forwarding state [ 474.524293][T10594] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.545117][T10594] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.554003][T10594] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.562979][T10594] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.634930][T10597] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 474.735933][T10685] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 474.834479][T10685] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 474.889824][T10559] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 474.909160][T10559] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 474.934618][T10685] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 474.991518][T10685] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 475.165696][ T1113] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.191827][ T1113] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 475.297786][T10597] veth0_vlan: entered promiscuous mode [ 475.371785][T10597] veth1_vlan: entered promiscuous mode [ 475.459449][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.467519][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 475.608688][T10559] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 475.643155][T10597] veth0_macvtap: entered promiscuous mode [ 475.725812][T10597] veth1_macvtap: entered promiscuous mode [ 475.748369][T10778] loop0: detected capacity change from 0 to 2048 [ 475.775635][T10778] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 475.836477][T10778] syz.0.1352: attempt to access beyond end of device [ 475.836477][T10778] loop0: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 475.863598][T10779] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 475.913136][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.929197][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.940048][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.957374][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.971547][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.983088][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.993307][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 476.005980][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.016943][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 476.027793][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.052292][T10597] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 476.093593][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.152440][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.193065][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.225525][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.241879][T10781] loop0: detected capacity change from 0 to 1024 [ 476.262503][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.276258][T10781] EXT4-fs: Ignoring removed nobh option [ 476.291516][T10781] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 476.308474][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.334072][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.346284][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.362927][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.368215][T10781] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 476.373989][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.399680][T10597] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 476.411882][T10685] 8021q: adding VLAN 0 to HW filter on device bond0 [ 476.441599][T10685] 8021q: adding VLAN 0 to HW filter on device team0 [ 476.473626][T10685] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 476.484403][T10685] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 476.506219][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 476.513399][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 476.585791][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 476.592960][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 476.613258][T10594] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 476.763633][T10597] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.772373][T10597] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.783793][T10597] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.792889][T10597] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.739040][ T4588] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 477.793023][ T4588] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 477.893202][T10559] veth0_vlan: entered promiscuous mode [ 477.968577][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 477.970654][T10559] veth1_vlan: entered promiscuous mode [ 478.002124][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 478.098175][ T29] kauditd_printk_skb: 29 callbacks suppressed [ 478.098189][ T29] audit: type=1326 audit(1721924306.105:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10794 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe788175f19 code=0x7fc00000 [ 478.158557][T10559] veth0_macvtap: entered promiscuous mode [ 478.176559][ T29] audit: type=1326 audit(1721924306.115:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10794 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe788175f19 code=0x7fc00000 [ 478.251824][T10559] veth1_macvtap: entered promiscuous mode [ 478.276655][T10685] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 478.423680][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 478.450733][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.462065][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 478.473666][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.499424][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 478.526305][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.538180][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 478.550698][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.550828][T10804] netlink: 264 bytes leftover after parsing attributes in process `syz.4.1399'. [ 478.561507][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 478.581349][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.592028][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 478.606896][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.676662][T10559] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 478.747477][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 478.759955][ T29] audit: type=1326 audit(1721924306.715:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10794 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe788175f19 code=0x7fc00000 [ 478.802104][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.814664][ T29] audit: type=1326 audit(1721924306.715:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10794 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe788174950 code=0x7fc00000 [ 478.839283][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 478.858439][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.882216][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 478.896024][ T29] audit: type=1326 audit(1721924306.715:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10794 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe788175f19 code=0x7fc00000 [ 478.937183][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.937684][T10808] loop0: detected capacity change from 0 to 256 [ 478.947520][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 478.964963][ T29] audit: type=1326 audit(1721924306.715:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10794 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe788175f19 code=0x7fc00000 [ 478.988611][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.999982][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 479.012068][ T29] audit: type=1326 audit(1721924306.715:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10794 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe788175f19 code=0x7fc00000 [ 479.046492][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 479.062442][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 479.077266][ T29] audit: type=1326 audit(1721924306.715:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10794 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe788175f19 code=0x7fc00000 [ 479.100276][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 479.129153][T10559] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 479.152435][ T29] audit: type=1326 audit(1721924306.715:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10794 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe788175f19 code=0x7fc00000 [ 479.178027][ T29] audit: type=1326 audit(1721924306.715:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10794 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe788175f19 code=0x7fc00000 [ 479.239109][T10559] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 479.278629][T10559] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 479.315682][T10559] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 479.366710][T10802] loop3: detected capacity change from 0 to 40427 [ 479.416376][T10559] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 479.417506][T10802] F2FS-fs (loop3): Small segment_count (9 < 1 * 24) [ 479.470215][T10802] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 479.530079][T10802] F2FS-fs (loop3): Found nat_bits in checkpoint [ 479.617616][T10685] veth0_vlan: entered promiscuous mode [ 479.703758][T10685] veth1_vlan: entered promiscuous mode [ 479.831871][T10802] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 479.846238][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 479.860222][T10685] veth0_macvtap: entered promiscuous mode [ 479.872931][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 479.896897][T10685] veth1_macvtap: entered promiscuous mode [ 479.954903][T10802] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 479.966761][ T4588] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 479.979299][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.013994][ T4588] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 480.030514][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.052016][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.086145][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.105659][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.174157][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.509636][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.248356][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.269216][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.290471][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.319204][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.390823][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.429364][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.473421][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.529921][T10597] syz-executor: attempt to access beyond end of device [ 481.529921][T10597] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 481.536948][T10685] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 481.586235][T10597] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 481.619477][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.629663][T10597] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 481.677986][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.728918][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.759286][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.809046][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.841896][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.852408][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.876455][ T1862] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 481.908556][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.938935][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.965580][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.977007][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.991566][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 482.002120][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 482.013482][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 482.080213][ T1862] usb 5-1: Using ep0 maxpacket: 32 [ 482.161847][T10685] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 482.175401][T10685] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 482.195819][T10685] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 482.213254][T10685] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 482.249272][T10685] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 482.314349][T10836] loop3: detected capacity change from 0 to 256 [ 482.331363][ T1862] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7 [ 482.500641][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 482.536114][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 482.576040][ T1862] usb 5-1: New USB device found, idVendor=06f8, idProduct=b000, bcdDevice=cb.c8 [ 482.603227][ T1862] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 482.614189][ T4588] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 482.637207][ T4588] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 482.642642][ T1862] usb 5-1: Product: syz [ 482.652834][ T1862] usb 5-1: Manufacturer: syz [ 482.666271][ T1862] usb 5-1: SerialNumber: syz [ 482.668496][T10844] loop2: detected capacity change from 0 to 256 [ 482.691374][ T1862] usb 5-1: config 0 descriptor?? [ 482.734227][T10845] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1413'. [ 483.051171][ T5279] usb 5-1: USB disconnect, device number 21 [ 483.115253][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 483.115270][ T29] audit: type=1804 audit(1721924311.115:319): pid=10844 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1341" name="/newroot/0/file0/file1" dev="loop2" ino=1048748 res=1 errno=0 [ 483.243550][ T5341] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 483.514176][ T5341] usb 4-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d [ 483.586790][ T5341] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 483.691856][ T5341] usb 4-1: config 0 descriptor?? [ 483.936076][ T29] audit: type=1326 audit(1721924311.965:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10841 comm="syz.2.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3444d75f19 code=0x7ffc0000 [ 484.043501][ T29] audit: type=1326 audit(1721924311.985:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10841 comm="syz.2.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3444d75f19 code=0x7ffc0000 [ 484.122255][T10855] loop1: detected capacity change from 0 to 512 [ 484.164953][T10855] EXT4-fs (loop1): blocks per group (71) and clusters per group (20800) inconsistent [ 484.296992][ T5341] hackrf 4-1:0.0: Board ID: 00 [ 484.301815][ T5341] hackrf 4-1:0.0: Firmware version: [ 484.332042][ T5341] hackrf 4-1:0.0: Registered as swradio16 [ 484.348609][ T29] audit: type=1326 audit(1721924312.355:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10841 comm="syz.2.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3444d75f19 code=0x7ffc0000 [ 484.392403][ T5341] hackrf 4-1:0.0: Registered as swradio17 [ 484.406957][ T5341] hackrf 4-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 484.445255][ T29] audit: type=1326 audit(1721924312.365:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10841 comm="syz.2.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3444d75f19 code=0x7ffc0000 [ 484.476530][ T29] audit: type=1326 audit(1721924312.365:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10841 comm="syz.2.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f3444d75f19 code=0x7ffc0000 [ 484.538115][ T5341] usb 4-1: USB disconnect, device number 17 [ 484.593487][ T29] audit: type=1326 audit(1721924312.375:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10841 comm="syz.2.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3444d75f19 code=0x7ffc0000 [ 484.693498][T10786] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 484.709641][ T29] audit: type=1326 audit(1721924312.375:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10841 comm="syz.2.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3444d75f19 code=0x7ffc0000 [ 484.803487][ T29] audit: type=1326 audit(1721924312.405:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10841 comm="syz.2.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3444d74950 code=0x7ffc0000 [ 484.922334][ T29] audit: type=1326 audit(1721924312.405:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10841 comm="syz.2.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3444d75b1b code=0x7ffc0000 [ 484.957159][T10786] usb 3-1: Using ep0 maxpacket: 16 [ 485.016659][T10786] usb 3-1: config 183 has too many interfaces: 145, using maximum allowed: 32 [ 485.051377][T10786] usb 3-1: config 183 has an invalid interface association descriptor of length 5, skipping [ 485.107231][T10786] usb 3-1: config 183 has an invalid descriptor of length 0, skipping remainder of the config [ 485.200536][T10786] usb 3-1: config 183 has 0 interfaces, different from the descriptor's value: 145 [ 485.259157][T10866] loop3: detected capacity change from 0 to 1024 [ 485.262677][T10786] usb 3-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= f.88 [ 485.295258][T10786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 485.295696][T10866] EXT4-fs: Ignoring removed nobh option [ 485.333339][T10786] usb 3-1: Product: syz [ 485.335995][T10858] loop0: detected capacity change from 0 to 40427 [ 485.343324][T10786] usb 3-1: Manufacturer: syz [ 485.356978][T10786] usb 3-1: SerialNumber: syz [ 485.370318][T10858] F2FS-fs (loop0): Small segment_count (9 < 1 * 24) [ 485.377413][T10866] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 485.404112][T10858] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 485.450619][T10866] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 485.482057][T10858] F2FS-fs (loop0): Found nat_bits in checkpoint [ 485.712125][T10858] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 485.727685][T10858] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 485.756496][T10597] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 485.768564][T10875] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1421'. [ 485.798584][T10786] usb 3-1: USB disconnect, device number 16 [ 485.934650][T10594] syz-executor: attempt to access beyond end of device [ 485.934650][T10594] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 486.016124][T10594] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 486.023047][T10594] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 486.054508][T10879] loop3: detected capacity change from 0 to 2048 [ 486.088824][T10879] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 486.146141][T10882] loop2: detected capacity change from 0 to 1024 [ 486.209283][T10886] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 486.220493][T10879] syz.3.1422: attempt to access beyond end of device [ 486.220493][T10879] loop3: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 487.871791][T10902] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1431'. [ 488.379779][T10911] loop3: detected capacity change from 0 to 512 [ 488.419287][T10911] EXT4-fs (loop3): blocks per group (255) and clusters per group (8192) inconsistent [ 488.463895][ T5284] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 488.613298][T10914] loop1: detected capacity change from 0 to 512 [ 488.633389][T10911] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1435'. [ 488.660685][T10914] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.1436: casefold flag without casefold feature [ 488.674149][ T5284] usb 1-1: Using ep0 maxpacket: 16 [ 488.694029][ T5284] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 488.711993][T10914] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1436: couldn't read orphan inode 15 (err -117) [ 488.719737][ T5284] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 488.734651][ T5284] usb 1-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00 [ 488.746563][ T5284] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 488.756927][ T5284] usb 1-1: config 0 descriptor?? [ 488.772684][T10914] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 488.843357][T10920] loop3: detected capacity change from 0 to 512 [ 488.895409][T10920] EXT4-fs: Ignoring removed oldalloc option [ 488.918868][T10914] EXT4-fs error (device loop1): ext4_check_dx_root:2218: inode #2: comm syz.1.1436: Corrupt dir, invalid name_len for '.', running e2fsck is recommended [ 488.947563][T10920] /dev/loop3: Can't open blockdev [ 489.046406][T10685] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 489.363233][ T5284] hid-rmi 0003:17EF:6085.000E: hidraw0: USB HID v0.00 Device [HID 17ef:6085] on usb-dummy_hcd.0-1/input0 [ 489.506138][ T5279] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 489.718516][ T5279] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 489.804918][ T5279] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 489.936143][ T5279] usb 2-1: config 0 descriptor?? [ 490.181718][ T9] usb 1-1: USB disconnect, device number 18 [ 490.737700][T10937] loop2: detected capacity change from 0 to 128 [ 491.215559][ T5279] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 491.226792][ T5279] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 491.275989][ T5279] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2 [ 491.282681][ T5279] [drm] Initialized udl on minor 2 [ 491.353493][T10944] loop0: detected capacity change from 0 to 4096 [ 491.372820][T10944] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 491.497571][T10594] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 491.586232][T10950] loop4: detected capacity change from 0 to 512 [ 491.618127][T10950] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 491.645710][ T5279] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 491.674896][ T5279] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 491.691607][ T5341] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 491.704377][ T5279] usb 2-1: USB disconnect, device number 17 [ 491.721715][ T5341] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 491.774599][T10950] ext4 filesystem being mounted at /199/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 491.909374][ T8472] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 492.029873][T10958] loop3: detected capacity change from 0 to 512 [ 492.172113][T10961] loop0: detected capacity change from 0 to 164 [ 492.207449][T10958] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.1452: casefold flag without casefold feature [ 492.234450][T10958] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1452: couldn't read orphan inode 15 (err -117) [ 492.250001][T10961] isofs_fill_super: get root inode failed [ 492.310725][T10958] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 492.379340][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 492.379359][ T29] audit: type=1326 audit(1721924320.404:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10960 comm="syz.0.1453" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe788175f19 code=0x0 [ 492.622041][T10961] ptrace attach of "./syz-executor exec"[10594] was attempted by "./syz-executor exec"[10961] [ 492.683525][T10958] EXT4-fs error (device loop3): ext4_check_dx_root:2218: inode #2: comm syz.3.1452: Corrupt dir, invalid name_len for '.', running e2fsck is recommended [ 493.534154][T10597] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 493.724627][T10786] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 494.879977][T10987] loop2: detected capacity change from 0 to 128 [ 496.159095][T10786] usb 2-1: device descriptor read/all, error -71 [ 496.335039][T10986] loop3: detected capacity change from 0 to 4096 [ 496.410721][T10992] loop1: detected capacity change from 0 to 512 [ 496.439950][T10994] loop4: detected capacity change from 0 to 512 [ 496.465698][T10992] EXT4-fs: Ignoring removed oldalloc option [ 496.564371][T10986] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 496.593851][T10992] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.1461: Parent and EA inode have the same ino 15 [ 496.649172][T10994] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 496.693416][T10992] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.1461: Parent and EA inode have the same ino 15 [ 496.797473][T10994] ext4 filesystem being mounted at /203/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 496.815697][T10992] EXT4-fs (loop1): 1 orphan inode deleted [ 496.847129][T10992] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 497.056955][T10597] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 497.968314][ T8472] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 498.209719][T11012] loop0: detected capacity change from 0 to 256 [ 498.223209][T11012] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 498.841075][T11012] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 499.050815][ T29] audit: type=1800 audit(1721924327.073:357): pid=11020 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1467" name="/" dev="9p" ino=2 res=0 errno=0 [ 499.070221][ C0] vkms_vblank_simulate: vblank timer overrun [ 499.073625][T10685] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 499.330284][T11027] trusted_key: syz.0.1472 sent an empty control message without MSG_MORE. [ 499.726710][T11028] loop4: detected capacity change from 0 to 256 [ 499.852977][T11021] loop3: detected capacity change from 0 to 2048 [ 499.881998][T11028] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 499.907375][T11032] binder: 11031:11032 ioctl 4018620d 0 returned -22 [ 500.361282][T11039] loop1: detected capacity change from 0 to 128 [ 500.745429][ T5341] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 501.088308][T11042] loop1: detected capacity change from 0 to 256 [ 501.199574][ T5341] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 501.241380][ T5341] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 501.276076][ T5341] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 501.293696][ T5341] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 501.303756][T11047] loop1: detected capacity change from 0 to 64 [ 501.342332][ T5341] usb 4-1: SerialNumber: syz [ 501.417213][T11048] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 501.432612][T11048] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 501.622452][ T5341] usb 4-1: 0:2 : does not exist [ 501.683531][ T5341] usb 4-1: unit 5: unexpected type 0x09 [ 501.728105][ T1264] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.734745][ T1264] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.746215][ T2589] tipc: Subscription rejected, illegal request [ 501.813678][ T5341] usb 4-1: USB disconnect, device number 18 [ 502.126448][ T5246] udevd[5246]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 503.060810][T11061] loop1: detected capacity change from 0 to 8192 [ 503.068740][T11061] vfat: Unknown parameter '€: ' [ 503.156512][ T5341] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 503.329884][T11061] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1483'. [ 503.446255][ T5341] usb 4-1: Using ep0 maxpacket: 8 [ 503.478125][T11080] loop4: detected capacity change from 0 to 512 [ 503.489217][ T5341] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 503.503334][T11080] EXT4-fs: Ignoring removed oldalloc option [ 503.539282][ T5341] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 503.574029][T11080] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1490: Parent and EA inode have the same ino 15 [ 503.583604][ T5341] usb 4-1: Product: syz [ 503.588558][T11083] loop0: detected capacity change from 0 to 64 [ 503.606205][ T5341] usb 4-1: Manufacturer: syz [ 503.610840][ T5341] usb 4-1: SerialNumber: syz [ 503.631776][ T5341] usb 4-1: config 0 descriptor?? [ 503.688972][T11080] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1490: Parent and EA inode have the same ino 15 [ 503.770944][T11080] EXT4-fs (loop4): 1 orphan inode deleted [ 503.779503][T11080] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 503.794365][ T2589] tipc: Subscription rejected, illegal request [ 504.099974][ T5341] dvb_usb_rtl28xxu 4-1:0.0: chip type detection failed -71 [ 504.116025][ T5341] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 504.669207][ T5341] usb 4-1: USB disconnect, device number 19 [ 504.899068][ T8472] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 505.022399][T11094] loop0: detected capacity change from 0 to 64 [ 505.463075][T11092] loop1: detected capacity change from 0 to 4096 [ 505.727081][ T9] IPVS: starting estimator thread 0... [ 505.755627][ T29] audit: type=1800 audit(1721924333.772:358): pid=11100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1498" name="/" dev="9p" ino=2 res=0 errno=0 [ 505.978914][T11107] IPVS: using max 32 ests per chain, 76800 per kthread [ 506.858629][T11100] syz.0.1498 (11100) used greatest stack depth: 18096 bytes left [ 507.003399][ T1123] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 507.258809][ T1123] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.450468][ T1123] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.461261][T11124] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1507'. [ 508.786451][T11153] loop4: detected capacity change from 0 to 64 [ 509.330355][ T1123] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 509.344306][T11179] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 509.363025][ T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 509.382885][ T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 509.392450][ T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 509.413920][ T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 509.435332][ T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 509.448735][ T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 509.707901][T11188] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1513'. [ 509.752010][T11191] loop0: detected capacity change from 0 to 16 [ 509.764902][T11191] erofs: (device loop0): mounted with root inode @ nid 36. [ 510.182004][T11195] loop1: detected capacity change from 0 to 128 [ 511.038501][ T1123] bridge_slave_1: left allmulticast mode [ 511.044181][ T1123] bridge_slave_1: left promiscuous mode [ 511.060927][ T1123] bridge0: port 2(bridge_slave_1) entered disabled state [ 511.125419][ T1123] bridge_slave_0: left allmulticast mode [ 511.197083][ T1123] bridge_slave_0: left promiscuous mode [ 511.203641][T11206] netlink: 'syz.0.1517': attribute type 2 has an invalid length. [ 511.241427][ T1123] bridge0: port 1(bridge_slave_0) entered disabled state [ 511.563169][ T5234] Bluetooth: hci2: command tx timeout [ 511.652707][ T5279] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 511.812514][T11223] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1521'. [ 511.926536][ T5279] usb 1-1: Using ep0 maxpacket: 8 [ 511.943834][ T5279] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 511.970282][ T5279] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 512.021664][T11211] loop1: detected capacity change from 0 to 8192 [ 512.044403][ T5279] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 512.069458][T11211] vfat: Unknown parameter '€: ' [ 512.112188][ T5279] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 512.357277][ T5279] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 512.425805][ T5279] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 512.527461][ T5279] usb 1-1: Product: syz [ 512.568595][ T5279] usb 1-1: Manufacturer: syz [ 512.602499][ T5279] usb 1-1: SerialNumber: syz [ 512.677695][ T5279] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 512.895438][ T5279] usb 1-1: USB disconnect, device number 19 [ 512.901449][T11201] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1518'. [ 513.562271][T11257] loop0: detected capacity change from 0 to 64 [ 513.637054][ T5234] Bluetooth: hci2: command tx timeout [ 513.792275][ T1123] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 513.829896][T11262] loop0: detected capacity change from 0 to 16 [ 513.851659][T11262] erofs: (device loop0): mounted with root inode @ nid 36. [ 513.864892][ T1123] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 513.908917][ T1123] bond0 (unregistering): Released all slaves [ 513.981451][ T4588] ------------[ cut here ]------------ [ 513.987349][ T4588] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0 [ 513.997788][ T4588] WARNING: CPU: 0 PID: 4588 at net/mac80211/rate.c:385 __rate_control_send_low+0x659/0x890 [ 513.997818][ T4588] Modules linked in: [ 513.997839][ T4588] CPU: 0 UID: 0 PID: 4588 Comm: kworker/u8:13 Not tainted 6.10.0-next-20240725-syzkaller #0 [ 513.997860][ T4588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 513.997870][ T4588] Workqueue: events_unbound cfg80211_wiphy_work [ 513.997891][ T4588] RIP: 0010:__rate_control_send_low+0x659/0x890 [ 513.997909][ T4588] Code: 8b 14 24 0f 85 de 01 00 00 8b 0a 48 c7 c7 c0 3a 29 8d 48 8b 74 24 10 44 89 f2 44 8b 44 24 1c 44 8b 4c 24 0c e8 e8 26 2b f6 90 <0f> 0b 90 90 e9 71 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c db [ 513.997924][ T4588] RSP: 0018:ffffc9000ced74c0 EFLAGS: 00010246 [ 513.997946][ T4588] RAX: 157dec9bb3633900 RBX: 000000000000000c RCX: ffff88802fd99e00 [ 513.997959][ T4588] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 513.997969][ T4588] RBP: ffff888029eeda28 R08: ffffffff815592b2 R09: fffffbfff1cf9f90 [ 513.997983][ T4588] R10: dffffc0000000000 R11: fffffbfff1cf9f90 R12: 0000000000000800 [ 513.997997][ T4588] R13: 000000000000000c R14: 00000000ffffffff R15: dffffc0000000000 [ 513.998010][ T4588] FS: 0000000000000000(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 513.998024][ T4588] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 513.998037][ T4588] CR2: 00007f77086356b8 CR3: 0000000050b52000 CR4: 00000000003506f0 [ 513.998053][ T4588] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 513.998064][ T4588] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 513.998077][ T4588] Call Trace: [ 513.998085][ T4588] [ 513.998093][ T4588] ? __warn+0x168/0x4e0 [ 513.998112][ T4588] ? __rate_control_send_low+0x659/0x890 [ 513.998133][ T4588] ? report_bug+0x2b3/0x500 [ 513.998153][ T4588] ? __rate_control_send_low+0x659/0x890 [ 513.998176][ T4588] ? handle_bug+0x3e/0x70 [ 513.998193][ T4588] ? exc_invalid_op+0x1a/0x50 [ 513.998210][ T4588] ? asm_exc_invalid_op+0x1a/0x20 [ 513.998235][ T4588] ? __warn_printk+0x292/0x360 [ 513.998256][ T4588] ? __rate_control_send_low+0x659/0x890 [ 513.998288][ T4588] rate_control_send_low+0x1a8/0x770 [ 513.998306][ T4588] ? __lock_acquire+0x1384/0x2050 [ 513.998332][ T4588] rate_control_get_rate+0x20e/0x5e0 [ 513.998359][ T4588] ieee80211_tx_h_rate_ctrl+0xc88/0x1a10 [ 513.998380][ T4588] ? __pfx_validate_chain+0x10/0x10 [ 513.998415][ T4588] ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10 [ 513.998452][ T4588] invoke_tx_handlers_late+0xb3/0x18e0 [ 513.998482][ T4588] ? invoke_tx_handlers_early+0xa0d/0x1f40 [ 513.998518][ T4588] ieee80211_tx+0x2e3/0x470 [ 513.998547][ T4588] ? __pfx_ieee80211_tx+0x10/0x10 [ 513.998591][ T4588] ? ieee80211_xmit+0x30f/0x3f0 [ 513.998622][ T4588] ? __ieee80211_tx_skb_tid_band+0x49e/0x610 [ 513.998642][ T4588] __ieee80211_tx_skb_tid_band+0x4e2/0x610 [ 513.998670][ T4588] ieee80211_handle_roc_started+0x267/0x440 [ 513.998695][ T4588] ? ieee80211_handle_roc_started+0x14f/0x440 [ 513.998726][ T4588] _ieee80211_start_next_roc+0x7a1/0xb00 [ 513.998761][ T4588] cfg80211_wiphy_work+0x2db/0x490 [ 513.998788][ T4588] ? process_scheduled_works+0x945/0x1830 [ 513.998810][ T4588] process_scheduled_works+0xa2c/0x1830 [ 513.998862][ T4588] ? __pfx_process_scheduled_works+0x10/0x10 [ 513.998895][ T4588] ? assign_work+0x364/0x3d0 [ 513.998932][ T4588] worker_thread+0x86d/0xd40 [ 513.998964][ T4588] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 513.998992][ T4588] ? __kthread_parkme+0x169/0x1d0 [ 513.999020][ T4588] ? __pfx_worker_thread+0x10/0x10 [ 513.999043][ T4588] kthread+0x2f0/0x390 [ 513.999061][ T4588] ? __pfx_worker_thread+0x10/0x10 [ 513.999083][ T4588] ? __pfx_kthread+0x10/0x10 [ 513.999101][ T4588] ret_from_fork+0x4b/0x80 [ 513.999124][ T4588] ? __pfx_kthread+0x10/0x10 [ 513.999143][ T4588] ret_from_fork_asm+0x1a/0x30 [ 513.999183][ T4588] [ 513.999199][ T4588] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 514.372364][ T4588] CPU: 0 UID: 0 PID: 4588 Comm: kworker/u8:13 Not tainted 6.10.0-next-20240725-syzkaller #0 [ 514.382421][ T4588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 514.392465][ T4588] Workqueue: events_unbound cfg80211_wiphy_work [ 514.398707][ T4588] Call Trace: [ 514.401976][ T4588] [ 514.404902][ T4588] dump_stack_lvl+0x241/0x360 [ 514.409580][ T4588] ? __pfx_dump_stack_lvl+0x10/0x10 [ 514.414774][ T4588] ? __pfx__printk+0x10/0x10 [ 514.419365][ T4588] ? vscnprintf+0x5d/0x90 [ 514.423686][ T4588] panic+0x349/0x870 [ 514.427577][ T4588] ? __warn+0x177/0x4e0 [ 514.431723][ T4588] ? __pfx_panic+0x10/0x10 [ 514.436140][ T4588] ? ret_from_fork_asm+0x1a/0x30 [ 514.441074][ T4588] __warn+0x34b/0x4e0 [ 514.445045][ T4588] ? __rate_control_send_low+0x659/0x890 [ 514.450673][ T4588] report_bug+0x2b3/0x500 [ 514.454995][ T4588] ? __rate_control_send_low+0x659/0x890 [ 514.460623][ T4588] handle_bug+0x3e/0x70 [ 514.464771][ T4588] exc_invalid_op+0x1a/0x50 [ 514.469263][ T4588] asm_exc_invalid_op+0x1a/0x20 [ 514.474103][ T4588] RIP: 0010:__rate_control_send_low+0x659/0x890 [ 514.480334][ T4588] Code: 8b 14 24 0f 85 de 01 00 00 8b 0a 48 c7 c7 c0 3a 29 8d 48 8b 74 24 10 44 89 f2 44 8b 44 24 1c 44 8b 4c 24 0c e8 e8 26 2b f6 90 <0f> 0b 90 90 e9 71 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c db [ 514.499929][ T4588] RSP: 0018:ffffc9000ced74c0 EFLAGS: 00010246 [ 514.505988][ T4588] RAX: 157dec9bb3633900 RBX: 000000000000000c RCX: ffff88802fd99e00 [ 514.513949][ T4588] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 514.521908][ T4588] RBP: ffff888029eeda28 R08: ffffffff815592b2 R09: fffffbfff1cf9f90 [ 514.529868][ T4588] R10: dffffc0000000000 R11: fffffbfff1cf9f90 R12: 0000000000000800 [ 514.537835][ T4588] R13: 000000000000000c R14: 00000000ffffffff R15: dffffc0000000000 [ 514.545802][ T4588] ? __warn_printk+0x292/0x360 [ 514.550577][ T4588] rate_control_send_low+0x1a8/0x770 [ 514.555859][ T4588] ? __lock_acquire+0x1384/0x2050 [ 514.560897][ T4588] rate_control_get_rate+0x20e/0x5e0 [ 514.566184][ T4588] ieee80211_tx_h_rate_ctrl+0xc88/0x1a10 [ 514.571807][ T4588] ? __pfx_validate_chain+0x10/0x10 [ 514.577011][ T4588] ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10 [ 514.583081][ T4588] invoke_tx_handlers_late+0xb3/0x18e0 [ 514.588537][ T4588] ? invoke_tx_handlers_early+0xa0d/0x1f40 [ 514.594343][ T4588] ieee80211_tx+0x2e3/0x470 [ 514.598843][ T4588] ? __pfx_ieee80211_tx+0x10/0x10 [ 514.603883][ T4588] ? ieee80211_xmit+0x30f/0x3f0 [ 514.608737][ T4588] ? __ieee80211_tx_skb_tid_band+0x49e/0x610 [ 514.614711][ T4588] __ieee80211_tx_skb_tid_band+0x4e2/0x610 [ 514.620515][ T4588] ieee80211_handle_roc_started+0x267/0x440 [ 514.626405][ T4588] ? ieee80211_handle_roc_started+0x14f/0x440 [ 514.632470][ T4588] _ieee80211_start_next_roc+0x7a1/0xb00 [ 514.638105][ T4588] cfg80211_wiphy_work+0x2db/0x490 [ 514.643211][ T4588] ? process_scheduled_works+0x945/0x1830 [ 514.648924][ T4588] process_scheduled_works+0xa2c/0x1830 [ 514.654488][ T4588] ? __pfx_process_scheduled_works+0x10/0x10 [ 514.660473][ T4588] ? assign_work+0x364/0x3d0 [ 514.665062][ T4588] worker_thread+0x86d/0xd40 [ 514.669652][ T4588] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 514.675541][ T4588] ? __kthread_parkme+0x169/0x1d0 [ 514.680562][ T4588] ? __pfx_worker_thread+0x10/0x10 [ 514.685668][ T4588] kthread+0x2f0/0x390 [ 514.689725][ T4588] ? __pfx_worker_thread+0x10/0x10 [ 514.694830][ T4588] ? __pfx_kthread+0x10/0x10 [ 514.699412][ T4588] ret_from_fork+0x4b/0x80 [ 514.703823][ T4588] ? __pfx_kthread+0x10/0x10 [ 514.708407][ T4588] ret_from_fork_asm+0x1a/0x30 [ 514.713178][ T4588] [ 514.716421][ T4588] Kernel Offset: disabled [ 514.720834][ T4588] Rebooting in 86400 seconds..