last executing test programs:

35.556261845s ago: executing program 0 (id=817):
socket$nl_route(0x10, 0x3, 0x0)
mkdir(0x0, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
chdir(&(0x7f0000001100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0x2}, 0x90)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000500)={0x24, 0x4, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_L4PROTO={0x5}]}, 0x24}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0xa37e, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x46342, 0x0)
ftruncate(r2, 0x2088002)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8088e3ad122bc192, 0x4002011, r1, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
read(0xffffffffffffffff, &(0x7f0000000000), 0x2000)

33.912630846s ago: executing program 0 (id=821):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1008}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000006"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000940)={'gretap0\x00', 0x0})
r1 = open(0x0, 0x0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1a, 0x0, 0x2, 0x7f, 0x1884, r0, 0x0, '\x00', 0x0, r1, 0x4, 0x20000000, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xd)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000340)="031f31b1f09d76af21e3b0224966a232dc1f5bfd8a29f730b10a53e756087a1df416fd804b636964220910b05962d95d7fb7873e8a0b7b62d7384dbd12b536f0e55e588092441663f9665e4b39f8eb3430840ac3c6ad014d6268fca6b3fc43da09b1d0a95d18e26a8e0ddd857f4911abb72ced02e4f1fe5ebb35042436374c7119229c019819a8491bdd74a299ca4fa71ee05f4c49c99de404b76d08fb1938674fa45fd06104cfcc08e9c017a2769a77e1a9e4da0e451353ca53b990500b18e4f4bb5cf1309fe4707c3f7200"/218, 0xda}, {&(0x7f0000000640)="ffb3ef96fd55310531a92b9d4b2ebcb168c3e90db153fe8bc3c9e2cfd50d22329495b92a7e12a948fff8e40f44798512135fd8fec900cca0c10e9e61d61cff5507f9298209ab8dd95ba0cb024a07dc20d07ac8940c729de29318e23818b2169da4374e8ec904573105b3dafbed9c3958b6570ec6117f2a8b7823b94056c0bcfd679f57db483bb7631bfd74f5f73cdebd19d4bd31a81d7c73c4428a65dc3820987e1ea1c45773112d4e2b1cc8064f220c7b2d673f84d4b1a5a9aedc2063b740198f57d0848358b2cf118bfcdc7c40303dee672f1ca6384e006460df438bde", 0xde}, {&(0x7f0000000140)="74812905b8bd297a48dc5adfa4052d6e7cdd8c1615a231859ac522b4ae78d7f1b3619ed73f0e93cf3ccd30f4e58303dfd9d20af483a3406d486bad53698267735b", 0x41}, {&(0x7f0000000000)="7c73c1e117e291cb6cef4163ed06963af9a19a5183aa91163ef7aa02b707e09546e781172decfece433c", 0x2a}, {&(0x7f00000004c0)="790f076461633e860315f3328f99377a0aa835675115acd2b7f10f5db17ec3fde9b974183c45cef27e5f95a42d5eee4f9c3ba0ef5c6601d08076576cddefe74f2b3b23c3b16076675cb1bcdede8d819967d59a7b7c2c34e76233d38be07bc9d91e27bfe688115bb226db5e1179a69c22357df381e6a73bd8b4132f610008d32103ebde594b4611450ab4bd7e97a51718c9e186ee8ae006e66ea2c6afbdfc76b2c4ba738000000021bfce27e702bb3159ac514b3b7141d184fc95a53e825dd7a264360483622d808bcc55ecdc58eaba26d65e8fb40c1446c7d56358b40a0632a44acdfd8232d2e421f97e40b190155087b0bab3d0d816eb3671842438c631384ca936a989ecb918492452a72e4c60592557ca046e36b047c4ca8a7a82b79e1bebf1d3668eceaf6899dc759640ba5fc108ada047d13471fc5aed0dcf3ba6ea78297e", 0x141}], 0x5)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x2, @thr={0x0, 0x0}}, 0x0)
r4 = gettid()
ioctl$FITRIM(r3, 0xc0185879, &(0x7f00000007c0)={0x10000, 0x58a, 0x5})
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
tkill(r4, 0x14)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000500)=0x100000001, 0x4)
connect$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r6, 0x11a, 0x1, &(0x7f0000000440)=@gcm_128={{0x303}, "e453f079df21d540", "1ec2d524d78682576ec2d9e13dad1018", "993161e3", "be0692db0b429ee8"}, 0x28)
write$binfmt_script(r6, &(0x7f0000001300), 0x8f)
setsockopt$inet6_tcp_TCP_REPAIR(r6, 0x6, 0x19, &(0x7f00000007c0), 0x4)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r8=>0x0})
sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000a40)=ANY=[@ANYBLOB="2c00000013000500000000000000000007000000", @ANYRES32=r8, @ANYBLOB="00000000000000000c001a800800108004000780a9c937b4a3f7d7392cab54fbaa76a735139685c619d3e8933304b65b6370d32cb2c6bdb0340a9db80ad162ed4ed018a9639d5658115920b6c7902b79f2af8d8a27b911d32dfbd4ab8d8ee985612955a4c4dad025970f19eefbfcf62801f3e7aa6b6425a438b2b88e0e2e32f6c1ffd38331e71ed67bde79365af2d950633d4c1b7978fa69e542f0b27796a878f744fe7eef69a4a5f8ee512f1d950a8cdd2c8e283382dc44d20a918cdd04c6"], 0x2c}}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_KEY(0xffffffffffffffff, 0x0, 0x0)

33.568331473s ago: executing program 0 (id=824):
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000001180)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72740e006d653d6c6f7765722c73686f72746e616d653d6c6f7765722c696f636861727365743d69736f383835392d332c757466383d302c73686f72746e616d653d6d697865642c726f6469722c73686f72746e616d653d6d697865642c636865636b3d7374726963742c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c726f6469722c757466383d312c757466383d302c6572726f72733d72656d6f756e742d726f2c736d61636b6673666c6f6f723d756e695f789afd74653d312c00"], 0x6, 0x2d0, &(0x7f00000003c0)="$eJzs3b1uHFUUAOAz653ZBYp1QYWQGAkKqihOS7MWSiSEKyIXQAGGJBLyrpBiyRI/YklFS0NBwRNQ8SA0iBdAokWiI0iRLprZmf1xJhstYRMg39f4+N5z5p67O7bHha/ff3F6eqOMW3c+/yWGwyx64xjH3Sz2oxetL2PN+OsAAP7L7qYUv6e5beqyiBjuri0AYIe2/vn/w85bAgB27Prb77x5eHR09a2yHMa16Vfnx9Vv9tXH+fzhrfgoJnEzLsco7kXUDwp51E8LVXgtpTTrl5X9eGU6Oz+uKqfv/dhc//C3iLr+IEaxXw8tnjbq+jeOrh6Ucyv1s6qPZ5v1x1X9lRjF84vitforHfVxXMSrL6/0fylG8dOH8XFM4kbdxLL+i4OyfD1988dn71btVfXZ7Px4UOctpb3H/NYAAAAAAAAAAAAAAAAAAAAAAPA/dqk5O2cQ9fk91VBz/s7eveqTPMrW/vr5PPP6rL3Q6vlAKaVZiu/a83Uul2WZmsRlfT9e6Ef/yewaAAAAAAAAAAAAAAAAAAAA/l3OPvn09GQyuXn7Hwna0wD6EfHn9Yi/e53xyshLsTl50Kx5Mpn0mnA9pz9YGYm9NieL2NhGtYnuqZStLtF79Nfwmft6boLvP8i3vODw4Tl591oXg/4j7Ku9u05Psu7XcBDtyLC5Sb4tIpY5RTxkifZdLx6Uk2Kb26/onBptvffiuTqYbciJbFNjr/0631czkl3cRVG/qp3leRNEHt1fMsMH3M/dwf3fKzKndQAAAAAAAAAAAAAAAAAAwE5liz/67Zi8s7G0lwY7awsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHquzxf//XwQ/5xGLkXxtqglmTXHH1MWgiNtnT3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAX+CgAA//8wK1Yb")
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
chdir(&(0x7f0000001100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00')
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0x2}, 0x90)
socket$packet(0x11, 0x0, 0x300)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000500)={0x24, 0x4, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_L4PROTO={0x5}]}, 0x24}}, 0x0)
prctl$PR_SET_KEEPCAPS(0x8, 0xfdfffffffffffffb)
sendmsg$TIPC_CMD_SET_LINK_TOL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000f80)=ANY=[@ANYBLOB="a000c860b4f62b0f83eab542020016", @ANYRES16=0x0, @ANYBLOB="10002cbd7000ffdbdf25010000000000000007410000004c001800000001696200"/98], 0x68}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b"], 0xfc)
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000f40)='./file0\x00', 0xa00010, &(0x7f0000001000)=ANY=[@ANYBLOB="646d6f64653d303030303030303030308a30303030303030e410dada884e36cafc4e4fdfda4f30303737372c6e6f7374726963742c7569603d666f726765742c6e6f6164696e6963622c756e686964652c706172746974696f6e3d30303030303030b03030303030303030303531312c756e64656c6574652c75"], 0x1, 0xc43, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==")
symlink(0x0, &(0x7f0000001d40)='./file0\x00')
syz_emit_vhci(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001d80)=ANY=[@ANYRESDEC=r0, @ANYRESDEC], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000e40), 0x10, 0x0, r1}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000e80)='xen_mmu_write_cr3\x00', r2}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r3 = open(&(0x7f0000000180)='./bus\x00', 0xa37e, 0x0)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x46342, 0x0)
ftruncate(r4, 0x2088002)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8088e3ad122bc192, 0x4002011, r3, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
read(0xffffffffffffffff, &(0x7f0000000000), 0x2000)

32.060995057s ago: executing program 0 (id=836):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r1}, 0x10)
request_key(&(0x7f00000000c0)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x2}, &(0x7f0000000140)='\\\\@[\x01\x00\x00\x00', 0xfffffffffffffffe)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x5008000, &(0x7f00000000c0)=ANY=[@ANYBLOB='y'], 0x1, 0x27c, &(0x7f0000000200)="$eJzs3TFrG2cYB/BHlmrJhiINBdNSqEqXTsZ26S5TXCgVtLRoaKeaWqbFcg02GOrB9ubkOyRfIdmSNZDBZM0XCIHgBLLYmTwEFJSTLMlRZJREuRD/fosf3nv+fl+djzs83Ku/vlxfW9nYWj05OYpCIRO5SlTiNBOlmIhsJPYDAPiYnDabcdxMpL0WAOD98PwHgMtnwPN/onMss3829ms6qwMAxuGt/v+fGMuSAIAx+/2PP39erFaXfiuXCxHrB9u17VryMzm+uBr/RiPqMRfFeB7RPJPUP/5UXZortzwuRWF9r53f265l+/PzUYzS4Px8ORG13vwnMd3OP5iOeiwcZuKzwfmFgfnJ+Pabnvlnoxj3/46NaMRKtLJJPh8Ru/Pl8g+/VM/l8y/7AAAAAAAAAAAAAAAAAAAAAABgHGbLHYX2SP/+PbPdhlL//jhJd3d/oHxxauj+QOf358nFF7n0PjcAAAAAAAAAAAAAAAAAAAB8SLb+31lbbjTqm8OK/+7duHuUj2hmI5Ybnbf2L0oNLDLt8Gipgzeaa3jx6dePrp0/lIudtfzo5+fdFne+SmHS+mbkRkkdHv3z+XdbM9+/ridyvSNXW5dLX0/rQhrwm3PjOuFPixFjOnU3O0Xl2Ss9nYupvjmVxt+0t5i5Xlm+vfvwSXskGxekhtw0mtmx3IsAAAAAAAAAAAAAAAAAAOCy6770m/ZKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA93e//H7XIR+PWle5Ioa9n8myC42aqnw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFpeBAAA//+dMpIm")
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffffed7a00000800395032303030"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000000740)=ANY=[@ANYBLOB='P'], 0x150)
getresuid(&(0x7f00000000c0), &(0x7f00000001c0), &(0x7f0000000180))
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='devpts\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x104000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1a49002, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x39a72d8, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
syz_open_procfs(0x0, 0x0)
mount_setattr(0xffffffffffffffff, &(0x7f0000001d80)='.\x00', 0x0, &(0x7f0000001dc0)={0x0, 0x0, 0x40000}, 0x20)

31.205124211s ago: executing program 0 (id=847):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x40040, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

30.507267027s ago: executing program 0 (id=859):
socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000440)={[{@noload}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@quota}]}, 0x3, 0x431, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', 0x0, 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="2c17ed519ba7000060aa1a3ff2d3cecc540925f2", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x4, 0x8, 0x8, 0x2}, 0x48)
socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000580)={0x0, 0xdb}, 0xc)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x12, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pselect6(0x40, &(0x7f0000000040), 0x0, &(0x7f0000000140)={0x1fc, 0x3, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="d49f7c07e6306c959054cf35644843bbe30826fb671c10be92afcad5123787acf3ab57e30de13ca1119953088cc07433b5e75994c81308ff1901e14aadb9de92c648a7e923bdbcb0109724b870f3b6986b0b30eac6332352b2857bc164fb3ccf5043a838aca8068a3d7a0b6c5d10b28919f2b73314640a81a1", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_emit_ethernet(0x76, &(0x7f0000000140)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd602e5cea00403c0020010000000000000000000000000000ff0200000000000000000000000000010004000000000000c9"], 0x0)

29.826991681s ago: executing program 3 (id=864):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(0xffffffffffffffff, 0x1, 0x4800003e, r1, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file2\x00', &(0x7f0000000000), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0, 0x133)
mkdirat(r2, &(0x7f0000000340)='./file0\x00', 0x11)
mount$overlay(0x20000f7a, &(0x7f0000000500)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}]})
getsockopt$inet6_tcp_buf(r0, 0x6, 0xb, 0xffffffffffffffff, &(0x7f0000000000))
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800b700000118110000005a0b0219ad05be31c0f12d3f26520dbcbfa83578a9c796ae54ff0acda9d07d03061dd65a40a8e733b725643827e8e42c58220d834385e8f8ca11cbf081f3ebbdb75e3ca28678640dade89f7920d5563a7d91d1aab3c671a6e17521d0096086bedbe7462f8170109447d353d13a8466bbd961a7d246ba9b9a9fb156be1f77680cf43589b3395be7ba6f030ea01c5c6ddd76f43b1019bd61e68afa52d65d245fe7ce7fc88382eadae96c5a60d225b26cb5bc1764ca5a05d5e42f00b5f88ba4a4a948138266527c0a0597030555e769a33c082771ae028020eb71c94c2b7cd51b6c33e9545aca80586657a8172f727e4485419b", @ANYRES8, @ANYBLOB="1d864a1d414120f23fca356239a80a5d7cebd44a36da8610777d0928a13f407b250348e31db6d92e042f5b1fbf8d422d8554053fa699065e816a7c7fb5127827174d59e0e85afec3a4051ffa7caf1cd19eb0d3e228145700da28"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket(0x10, 0x3, 0x9)
connect$netlink(r4, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0x4, 0xb8b3, 0x40, 0x2020, 0x1, 0x342, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x5, 0xb}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000300)='xprtrdma_frwr_alloc\x00'}, 0x10)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r4, &(0x7f0000000000)={&(0x7f0000000a00), 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x1c}, 0x1c}}, 0x4040)
syz_mount_image$xfs(&(0x7f0000009800), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000280)={[{}, {@nolargeio}, {@nouuid}, {}, {@uquota}, {@noalign}, {@pqnoenforce}, {@inode64}]}, 0x1, 0x98e3, &(0x7f0000017300)="$eJzs3QW4ZXXBeP87w9CNhYEMjUU3BqEggoCElNIpKaCEAYggIApICoqAIiWClIiCSHd3d3c3/2eYGRnHBervff/i61rree495+yzz559vp+9972HfTlnxUWWXWhgYJKB4Y28fLPDXvjoMVu9sNDOx11z5POLHrH4MSMmjzX8YsjQEZdTjbicemBgYNCI5QwaPm3wkJNOHjwwzsDA4FGXO8G44w+aYGBg7RE3FxhxOffwiwmvHDnf66PFKzpsNQbtNvxr+D86MDAw7rArTw7MvMKoyxmxXrP83ROVtuKCiy7yptVf3YaN35AR10f9Gmv414QXDwxMeNEAbx+D3tln9Ma/P8k+56608ju8Hv8nWnHBRRcbzX/YvjjGiGlzD9vHR98HjY2+nQ+d+9aRx6BBeOD8P9KKCy6yxMBbH+cHVn3t4C1ef+O4OXi8gYHB4w8MDJ5gYGDwhAMDgycaGBg88TvtUv+z3tGNr6qqqt6RFlxo9oWGvd4b7feBcUb+Xku/F67y6lK3DgwMjDl8nsFzjXwtWFVVVVVVVVX/mS240OwLw+v/Sd7u9f+Jp700Y6//q6qqqqqqqv7vtNiCC80+7HX8aK//J3+71//b3/vcRiP+9n/u4Y967Z19ElVVVVVVVVX1ti3zxTde/48/2uv/oW/3+v+B+Xe9b8R8I/+7waujLHLQKH9P8PIo08cYZf6XRpk+ZJTpo84/1sDA4CEjpr/y5uTB4w277+/nHzzJsPUeMf3FUabP8ub/3zxk2lGmzzrK9OlHmT7biHUdNn2GUabPOcr8M/4zY1tVVVVVVVVVVVVVVVVVVfXv6rVHTzvjzfd8//DAKO/f/tf3cR/xdwGDjj/ziivesRX9z2jQ3/89xPbv9Dr9TxvmPM7RQwcGNln+nV6Vegd6pz+vod7Z8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/cW9x/v+v7/8/xRFrj/x/5uc+bI8pJxr1sRuMcn2cf+tav2P9t57/H9hg0MDACN9JhrkuueAyy804MDAw0ZR7HDbHwF/vm2fYffNPNsaIN0gY/jYI0w3hBW8/4lPRtx8x64hlHP/G8hd7/dAxBo22EqM06SmHH77+is/PMfrl9G/9PAaPvPKeC7deeOR7WQwebaa32k5HLn/kcxndecS6zzhs3WfecuPNZt5im20/scHGa6y3znrrbDLv3HPPM+fcc80728zrbrDROrMM//5WYzb0je/T/DNjNvnoY/bogqOO2ejP7a3GbOjbj9kbSxx779U2HDlmo6/aPxqzad5+zIZuMOIfGjJ0zIHV3xibQQMDQ6Ydc2DrYTdmHXtgYMh0I+adfNi8n5xs8MDAnm8+0WHXxv7rNjho+2HzrLjIsgu9+bH7f//x+2/xefZjDb8YMmJIhkw14nLq4f/MJANvboqDh5x08uBhz/1vhnmCcccfNMHAwNojbi4w4nLeEfdeNnK+t/ic9dFW9I23Wdlt+NdfPcYdduXYpSe+ftTlvAXB/0b/Tz///85rnkF/HahBI75GzDPca8FFF3vz33pjGBYY+Z4ww362DDP5H3yM/T/s79Z36DhvvMntW63v27wv7vDnD9vX9A+fPfR/631x+dixxBvfh/4zx46Btz92jPHm1TenrnPpFKMfOxZ/61X8m/1i5BiNPdpMb3XsmPGABbd749j09seOJTYY8UFDbx47Bg8MDJlm5LFj2IFk+jEH9hx2Y7ZhN2YYc+DIYTdmf+PGuANnDrsx01qbbrT2oDfetmfEcmcZttwFJhv0xpO/YuYFjxljn9dfn3bEuswy2oF1xPYxdNSfjwtONnzYRj6WlnvHlsPvm37Ecmf9F5Y78rG03Hk2H37fDCOWO9toyx3jbZY78rEj94dhs76xP8w46G/+8BP230VG238HjTysj/KQkV9jDf+a8OKRnw0F+8u/dNyh/XeSt1nft/lcK9zehk3bcclLT/vf+lwrWt9x3n593+pzuN9yfTccd+ul/hfWd9Ao6/s329lm8w3fVmYcsZ3N+S9svyMfO/pxbMw37h3OMOM/cxxb4O+OYzuMMXi0lR+lt/odaG2Yf/j1yf+6tHmPGmPikWM/5mjL/Ue/A8349sexSTYY7XGLHDIwaOSYLzDKmD/wyOHrj/0PxnzMgb/9XX3kmI987NuN+Qx/P+aD/m7M53n7Mf9nf++ccZrh94/xNmM+eJctlhw55mP9i2M+w7865gsMjEHb+Z4HDh+3tzuevtWYj3zs3475kIHPDQwMTDtizKf/Z7bzWf53tvPxYP7h1+/966QLpzh991GOMYP+lTGf/l8d86F/3c6nfeO+qQcPjDXWwNZrbLnl5rMO/z7y5mzDv/Ox6Il7ho/z2/0sfSujkY99u/1i2n/GaOj/jtEHhvz9/CNfdIy8vfyZx076/3osmvZfMxq0yMCbx6JRx/zU84eP29v9XvRWYz7ysfRzcOgojx/9dd3bvB8lPqdh0/Y/YN9bRi5yxMN6P8p/vr/ZbEf+N74NRj/I139r/fd/d/m7y99d/u7yF/cW5///+v7/D0yy7MMjXiSPudd86631Tq/vO9x/9fn/Eb5/c/5/rfXm22vYS8ER973t+dnh8/xHnp+de/jFhFeOnG/084O8om99fnaGvWdaZuDfc372/6mR++o/8Tq+47+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8tf3Fuc/x/5N8pDD3r1nu1HnAgdc79913r1nV7fd7j/6vP/I3z/5vz/q2vtu9/ggb/e97bn/4fP4zj/v9RB+5w88B98/n/kvtr5//oH5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+4t7i/P8CI/8OYK7V1t1t5N8DbDLrZ3Z6p9f3He6/9fx/n//vreO/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvLX9yI8/8Do32s49JtFxic//+/3Vv4fyl/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP5fzh+z+K+QP2bxXzF/zOK/Uv6YxX/l/DGL/yr5Yxb/r+SPWfy/mj9m8V81f8ziv1r+mMV/9fwxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOK/Xv6YxX/9/DGL/wb5Yxb/r+WPWfw3zB+z+G+UP2bx3zh/zOK/Sf6YxX/T/DGL/2b5Yxb/r+ePWfw3zx+z+G+RP2bx3zJ/zOL/jfwxi/8388cs/lvlj1n8t84fs/hvkz9m8d82f8zi/638MYv/t/PHLP7fGd1/xS3+vev1H5rF/7vt/5jFf7v8MYv/9vljFv8d8scs/t/LH7P475g/ZvH/fv6YxX+n/DGL/875Yxb/H+SPWfx3yR+z+O+aP2bx3y1/zOL/w/wxi//u+WMW/x/lj1n8f5w/ZvHfI3/qNYv/nvljFv+98scs/j/JH7P4750/ZvHfJ3/M4r9v/pjFf7/8MYv//vljFv8D8scs/j/NH7P4H5g/ZvE/KH/M4v+z/DGL/8/zxyz+B+ePWfx/kT9m8T8kf8zif2j+mMX/sPwxi/8v88cs/r/KH7P4H54/ZvH/df6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/I/JH7P4/yZ/zOJ/bP6Yxf+3Uv/B/+B+i/9xUv9/lMX/+Pwxi//v8scs/ifkj1n8T8wfs/iflD9m8T85f8zif0r+mMX/9/ljFv9T88cs/n/IH7P4n5Y/ZvH/Y/6Yxf9P+WMW/9Pzxyz+Z+SPWfz/nD9m8T8zf8zi/5f8MYv/WfljFv+z88cs/ufkj1n8z80fs/iflz9m8T8/f8zif0H+mMX/wvwxi/9F+WMW/4vzxyz+l+SPWfwvzR+z+F+WP2bxvzx/zOJ/Rf6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/TOI/aCB/zOI/KH/M4j84f8ziP0b+mMV/SP6YxX/M/DGL/1j5Yxb/sfPHLP7j5I9Z/MfNH7P4j5c/ZvEfP3/M4j9B/pjFf8L8MYv/RPljFv+J88cs/pPkj1n8J80fs/hPlj9m8X9X/pjF/935Yxb/9+SPWfzfmz9m8X9f/pjFf/L8MYv/+/PHLP4fyB+z+H8wf8zi/6H8MYv/FPljFv8P549Z/KfMH7P4D80fs/hPlT9m8Z86f8ziP03+mMV/2vwxi/90+WMW/+nzxyz+M+SPWfxnzB+z+H8kf8zi/9H8MYv/x/LHLP4fzx+z+H8if8ziP1P+mMV/5vwxi/8s+WMW/1nzxyz+s+WPWfxnzx+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4fzJ/zOL/qbf2H+ffsl7/oVn8P93+j1n8P5M/ZvFfIH/M4r9g/pjFf6H8MYv/wvljFv/P5o9Z/D+XP2bxXyR/zOK/aP6Yxf/z+WMW/8Xyxyz+X8gfs/gvnj9m8V8if8zi/8X8MYv/kvljFv+l8scs/kvnj1n8v5Q/ZvFfJn/M4r9s/pjFf7n8MYv/8vljFv8v549Z/FfIH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/V/LHLP5fzR+z+K+aP2bxXy1/zOK/ev6YxX+N/DGL/5r5Yxb/tfLHLP5r549Z/NfJH7P4r5s/ZvFfL3/M4r9+/pjFf4P8MYv/1/LHLP4b5o9Z/DfKH7P4b5w/ZvHfJH/M4r9p/pjFf7P8MYv/1/PHLP6b549Z/LfIH7P4b5k/ZvH/Rv6Yxf+b+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx/1b+mMX/2/ljFv/v5I9Z/L+bP2bx3y5/zOK/ff6YxX+H/DGL//fyxyz+O+aPWfy/nz9m8d8pf8ziv3P+mMX/B/ljFv9d8scs/rvmj1n8d8sfs/j/MH/M4r97/pjF/0f5Yxb/H+ePWfz3yB+z+O+ZP2bx3yt/zOL/k/wxi//e+WMW/33yxyz+++aPWfz3yx+z+O+fP2bxPyB/zOL/0/wxi/+B+WMW/4Pyxyz+P8sfs/j/PH/M4n9w/pjF/xf5Yxb/Q/LHLP6H5o9Z/A/LH7P4/zJ/zOL/q/wxi//h+WMW/1/nj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/9v8scs/sfmj1n8f5s/ZvE/Ln/M4n98/pjF/3f5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4v/7/DGL/6n5Yxb/P+SPWfxPyx+z+P8xf8zi/6f8MYv/6fljFv8z8scs/n/OH7P4n5k/ZvH/S/6Yxf+s/DGL/9n5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4n9h/pjF/6L8MYv/xfljFv9L8scs/pfmj1n8L8sfs/hfnj9m8b8if8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfs/i/nj8m8X/jav5/n8V/UP6YxX9w/pjFf4z8MYv/kPwxi/+Y+WMW/7Hyxyz+Y+ePWfzHyR+z+I+bP2bxHy9/zOI/fv6YxX+C/DGL/4T5Yxb/ifLHLP4T549Z/CfJH7P4T5o/ZvGfLH/M4v+u/DGL/7vzxyz+78kfs/i/N3/M4v++/DGL/+T5Yxb/9+ePWfw/kD9m8f9g/pjF/0P5Yxb/KfLHLP4fzh+z+E+ZP2bxH5o/ZvGfKn/M4j91/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/jPmD9m8f9I/pjF/6P5Yxb/j+WPWfw/nj9m8f9E/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8Z8sfs/jPnj9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bx/2T+mMX/U/ljFv9P549Z/D+TP2bxXyB/zOK/YP6YxX+h/DGL/8L5Yxb/z+aPWfw/lz9m8V8kf8ziv2j+mMX/8/ljFv/F8scs/l/IH7P4L54/ZvFfIn/M4v/F/DGL/5L5Yxb/pfLHLP5L549Z/L+UP2bxXyZ/zOK/bP6YxX+5/DGL//L5Yxb/L+ePWfxXyB+z+K+YP2bxXyl/zOK/cv6YxX+V/DGL/1fyxyz+X80fs/ivmj9m8V8tf8ziv3r+mMV/jfwxi/+a+WMW/7Xyxyz+a+ePWfzXyR+z+K+bP2bxXy9/zOK/fv6YxX+D/DGL/9fyxyz+G+aPWfw3yh+z+G+cP2bx3yR/zOK/af6YxX+z/DGL/9fzxyz+m+ePWfy3yB+z+G+ZP2bx/0b+mMX/m/ljFv+t8scs/lvnj1n8t8kfs/hvmz9m8f9W/pjF/9v5Yxb/7+SPWfy/mz9m8d8uf8ziv33+mMV/h/wxi//38scs/jvmj1n8v58/ZvHfKX/M4r9z/pjF/wf5Yxb/XfLHLP675o9Z/HfLH7P4/zB/zOK/e/6Yxf9H+WMW/x/nj1n898gfG8V/zIH/Yv8988cs+/9e+WMW/5/kj1n8984fs/jvkz9m8d83f8ziv1/+mMV///wxi/8B+WMW/5/mj1n8D8wfs/gflD9m8f9Z/pjF/+f5Yxb/g/PHLP6/yB+z+B+SP2bxPzR/zOJ/WP6Yxf+X+WMW/1/lj1n8D88fs/j/On/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8f5M/ZvE/Nn/M4v/b/DGL/3H5Yxb/4/PHLP6/yx+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/3+ePWfxPzR+z+P8hf8zif1r+mMX/j/ljFv8/5Y9Z/E/PH7P4n5E/ZvH/c/6Yxf/M/DGL/1/yxyz+Z+WPWfzPzh+z+J+TP2bxPzd/zOJ/Xv6Yxf/8/DGL/wX5Yxb/C/PHLP4X5Y9Z/C/OH7P4X5I/ZvG/NH/M4n9Z/pjF//L8MYv/FfljFv8r88cs/lflj1n8r84fs/hfkz9m8b82f8zif13+mMX/+vwxi/8N+WMW/xvzxyz+N+WPWfxvzh+z+N+SP2bxvzV/zOJ/W/6Yxf/2/DGL/x35Yxb/O9/Gf/p/x3r9h2bxv6v9H7P4350/ZvG/J3/M4n9v/pjF/778MYv//fljFv8H8scs/g/mj1n8H8ofs/g/nD9m8X8kf8zi/2j+mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH7P4v5w/ZvF/JX/M4v9q/pjF/7X8MYv/6/ljEv8xBvLHLP6D8scs/oPzxyz+Y+SPWfyH5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv/x88cs/hPkj1n8J8wfs/hPlD9m8Z84f8ziP0n+mMV/0vwxi/9k+WMW/3flj1n8350/ZvF/T/6Yxf+9+WMW//flj1n8J88fs/i/P3/M4v+B/DGL/wfzxyz+H8ofs/hPkT9m8f9w/pjFf8r8MYv/0Pwxi/9U+WMW/6nzxyz+0+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6YxX/G/DGL/0fyxyz+H80fs/h/LH/M4v/x/DGL/yfyxyz+M+WPWfxnzh+z+M+SP2bxnzV/zOI/W/6YxX/2/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/J/PHLP6fyh+z+H86f8zi/5n8MYv/AvljFv8F88cs/gvlj1n8F84fs/h/Nn/M4v+5/DGL/yL5Yxb/RfPHLP6fzx+z+C+WP2bx/0L+mMV/8fwxi/8S+WMW/y/mj1n8l8wfs/gvlT9m8V86f8zi/6U3/V96fXjvyOr9p2XxX6b9H7P4L5s/ZvFfLn/M4r98/pjF/8v5Yxb/FfLHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4v+V/DGL/1fzxyz+q+aPWfxXyx+z+K+eP2bxXyN/zOK/Zv6YxX+t/DGL/9r5Yxb/dfLHLP7r5o9Z/NfLH7P4r58/ZvHfIH/M4v+1/DGL/4b5Yxb/jfLHLP4b549Z/DfJH7P4b5o/ZvHfLH/M4v/1/DGL/+b5Yxb/LfLHLP5b5o9Z/L+RP2bx/2b+mMV/q/wxi//W+WMW/23yxyz+2+aPWfy/lT9m8f92/pjF/zv5Yxb/7+aPWfy3yx+z+G+fP2bx3yF/zOL/vfwxi/+O+WMW/+/nj1n8d8ofs/jvnD9m8f9B/pjFf5f8MYv/rvljFv/d8scs/j/MH7P4754/ZvH/Uf6Yxf/H+WMW/z3yxyz+e+aPWfz3yh+z+P8kf8ziv3f+mMV/n/wxi/+++WMW//3yxyz+++ePWfwPyB+z+P80f8zif2D+mMX/oPwxi//P8scs/j/PH7P4H5w/ZvH/Rf6Yxf+Q/DGL/6H5Yxb/w/LHLP6/zB+z+P8qf8zif3j+mMX/1/ljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zi/5v8MYv/sfljFv/f5o9Z/I/LH7P4H58/ZvH/Xf6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4/z5/zOJ/av6Yxf8P+WMW/9Pyxyz+f8wfs/j/KX/M4n96/pjF/4z8MYv/n/PHLP5n5o9Z/P+SP2bxPyt/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4X5g/ZvG/KH/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+jVv9x3/5ui/9jVv9/kMX/8fwxi/8T+WMW/yfzxyz+T+WPWfyfzh+z+D+TP2bxfzZ/zOL/XP6Yxf/5/DGL/wv5Yxb/F/PHLP4v5Y9Z/F/OH7P4v5I/ZvF/NX/M4v9a/pjF//X8MYn/kIH8MYv/oPwxi//g/DGL/xj5Yxb/IfljFv8x88cs/mPlj1n8x84fs/iPkz9m8R83f8ziP17+mMV//Pwxi/8E+WMW/wnzxyz+E+WPWfwnzh+z+E+SP2bxnzR/zOI/Wf6Yxf9d+WMW/3fnj1n835M/ZvF/b/6Yxf99+WMW/8nzxyz+788fs/h/IH/M4v/B/DGL/4fyxyz+U+SPWfw/nD9m8Z8yf8ziPzR/zOI/Vf6YxX/q/DGL/zT5Yxb/afPHLP7T5Y9Z/KfPH7P4z5A/ZvGfMX/M4v+R/DGL/0fzxyz+H8sfs/h/PH/M4v+J/DGL/0z5Yxb/mfPHLP6z5I9Z/GfNH7P4z5Y/ZvGfPX/M4j9H/pjFf878MYv/XPljFv+588cs/vPkj1n8580fs/jPlz9m8Z8/f8zi/8n8MYv/p/LHLP6fzh+z+H8mf8ziv0D+mMV/wfwxi/9C+WMW/4Xzxyz+n80fs/h/Ln/M4r9I/pjFf9H8MYv/5/PHLP6L5Y9Z/L+QP2bxXzx/zOK/RP6Yxf+L+WMW/yXzxyz+S+WPWfyXzh+z+H8pf8ziv0z+mMV/2fwxi/9y+WMW/+Xzxyz+X84fs/ivkD9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/6/kj1n8v5o/ZvFfNX/M4r9a/pjFf/X8MYv/GvljFv8188cs/mvlj1n8184fs/ivkz9m8V83f8ziv17+mMV//fwxi/8G+WMW/6/lj1n8N8wfs/hvlD9m8d84f8ziv0n+mMV/0/wxi/9m+WMW/6/nj1n8N88fs/hvkT9m8d8yf8zi/438MYv/N/PHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4v+t/DGL/7fzxyz+38kfs/h/N3/M4r9d/pjFf/v8MYv/DvljFv/v5Y9Z/HfMH7P4fz9/zOK/U/6YxX/n/DGL/w/yxyz+u+SPWfx3zR+z+O+WP2bx/2H+mMV/9/wxi/+P8scs/j/OH7P475E/ZvHfM3/M4r9X/pjF/yf5Yxb/vfPHLP775I9Z/PfNH7P475c/ZvHfP3/M4n9A/pjF/6f5Yxb/A/PHLP4H5Y9Z/H+WP2bx/3n+mMX/4Pwxi/8v8scs/ofkj1n8D80fs/gflj9m8f9l/pjF/1f5Yxb/w/PHLP6/zh+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/3+SPWfyPzR+z+P82f8zif1z+mMX/+Pwxi//v8scs/ifkj1n8T8wfs/iflD9m8T85f8zif0r+mMX/9/ljFv9T88cs/n/IH7P4n5Y/ZvH/Y/6Yxf9P+WMW/9Pzxyz+Z+SPWfz/nD9m8T8zf8zi/5f8MYv/WfljFv+z88cs/ufkj1n8z80fs/iflz9m8T8/f8zif0H+mMX/wvwxi/9F+WMW/4vzxyz+l+SPWfwvzR+z+F+WP2bxvzx/zOJ/Rf6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/TOI/5kD+mMV/UP6YxX9w/pjFf4z8MYv/kPwxi/+Y+WMW/7Hyxyz+Y+ePWfzHyR+z+I+bP2bxHy9/zOI/fv6YxX+C/DGL/4T5Yxb/ifLHLP4T549Z/CfJH7P4T5o/ZvGfLH/M4v+u/DGL/7vzxyz+78kfs/i/N3/M4v++/DGL/+T5Yxb/9+ePWfw/kD9m8f9g/pjF/0P5Yxb/KfLHLP4fzh+z+E+ZP2bxH5o/ZvGfKn/M4j91/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/jPmD9m8f9I/pjF/6P5Yxb/j+WPWfw/nj9m8f9E/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8Z8sfs/jPnj9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bx/2T+mMX/U/ljFv9P549Z/D+TP2bxXyB/zOK/YP6YxX+h/DGL/8L5Yxb/z+aPWfw/lz9m8V8kf8ziv2j+mMX/8/ljFv/F8scs/l/IH7P4L54/ZvFfIn/M4v/F/DGL/5L5Yxb/pfLHLP5L549Z/L+UP2bxXyZ/zOK/bP6YxX+5/DGL//L5Y4MGJlH4fzl/zLL/r5A/ZvFfMX/M4r9S/pjFf+X8MYv/KvljFv+v5I9Z/L+aP2bxXzV/zOK/Wv6YxX/1/DGL/xr5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvFfN3/M4r9e/pjFf/38MYv/BvljFv+v5Y9Z/DfMH7P4b5Q/ZvHfOH/M4r9J/pjFf9P8MYv/ZvljFv+v549Z/DfPH7P4b5E/ZvHfMn/M4v+N/DGL/zfzxyz+W+WPWfy3zh+z+G+TP2bx3zZ/zOL/rfwxi/+388cs/t/JH7P4fzd/zOK/Xf6YxX/7/DGL/w75Yxb/7+WPWfx3zB+z+H8/f8ziv1P+mMV/5/wxi/8P8scs/rvkj1n8d80fs/jvlj9m8f9h/pjFf/f8MYv/j/LHLP4/zh+z+O+RP2bx3zN/zOK/V/6Yxf8n+WMW/73zxyz+++SPWfz3zR+z+O+XP2bx3z9/zOJ/QP6Yxf+n+WMW/wPzxyz+B+WPWfx/lj9m8f95/pjF/+D8MYv/L/LHLP6H5I9Z/A/NH7P4H5Y/ZvH/Zf6Yxf9X+WMW/8Pzxyz+v84fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/9/kj1n8j80fs/j/Nn/M4n9c/pjF//j8MYv/7/LHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF//f5Yxb/U/PHLP5/yB+z+J+WP2bx/2P+mMX/T/ljFv/T88cs/mfkj1n8/5w/ZvE/M3/M4v+X/DGL/1n5Yxb/s/PHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF/8L8MYv/RfljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/6vzxyz+1+SPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMX/wfwxi/9D+WMW/4fzxyz+j+SPWfwfzR+z+D+WP2bxfzx/zOL/RP6Yxf/J/DGL/1P5Yxb/p/PHLP7P5I9Z/J/NH7P4P5c/ZvF/Pn/M4v9C/pjF/8X8MYv/S/ljFv+X88cs/q/kj1n8X80fs/i/lj9m8X89f0ziP9ZA/pjFf1D+mMV/cP6YxX+M/DGL/5D8MYv/mPljFv+x8scs/mPnj1n8x8kfs/iPmz9m8R8vf8ziP37+mMV/gvwxi/+E+WMW/4nyxyz+E+ePWfwnyR+z+E+aP2bxnyx/zOL/rvwxi/+788cs/u/JH7P4vzd/zOL/vvwxi//k+WMW//fnj1n8P5A/ZvH/YP6Yxf9D+WMW/ynyxyz+H84fs/hPmT9m8R+aP2bxnyp/zOI/df6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/SP6Yxf+j+WMW/4/lj1n8P54/ZvH/RP6YxX+m/DGL/8z5Yxb/WfLHLP6z5o9Z/GfLH7P4z54/ZvGfI3/M4j9n/pjFf678MYv/3PljFv958scs/vPmj1n858sfG81/7Hd6ff7HvYX//Pljlv3/k/ljFv9P5Y9Z/D+dP2bx/0z+mMV/gfwxi/+C+WMW/4Xyxyz+C+ePWfw/mz9m8f9c/pjFf5H8MYv/ovljFv/P549Z/BfLH7P4fyF/zOK/eP6YxX+J/DGL/xfzxyz+S+aPWfyXyh+z+C+dP2bx/1L+mMV/mfwxi/+y+WMW/+Xyxyz+y+ePWfy/nD9m8V8hf8ziv2L+mMV/pfwxi//K+WMW/1Xyxyz+X8kfs/h/NX/M4r9q/pjFf7X8MYv/6vljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8ziv27+mMV/vfwxi//6+WMW/w3yxyz+X8sfs/hvmD9m8d8of8ziv3H+mMV/k/wxi/+m+WMW/83yxyz+X88fs/hvnj9m8d8if8ziv2X+mMX/G/ljFv9v5o9Z/LfKH7P4b50/ZvHfJn/M4r9t/pjF/1v5Yxb/b+ePWfy/kz9m8f9u/pjFf7v8MYv/9vljFv8d8scs/t/LH7P475g/ZvH/fv6YxX+n/DGL/875Yxb/H+SPWfx3yR+z+O+aP2bx3y1/zOL/w/wxi//u4H/lv3O9/kOz+P+o/R+z+P84f8ziv0f+mMV/z/wxi/9e+WMW/5/kj1n8984fs/jvkz9m8d83f8ziv1/+mMV///wxi/8B+WMW/5/mj1n8D8wfs/gfpPH/156lxf9nGv9/LYv/z/PHLP4H549Z/H+RP2bxPyR/zOJ/aP6Yxf+w/DGL/y/zxyz+v8ofs/gfnj9m8f91/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8j8kfs/j/Jn/M4n9s/pjF/7f5Yxb/4/LHLP7H549Z/H+XP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/U/LHLP6/zx+z+J+aP2bx/0P+mMX/tPwxi/8f88cs/n/KH7P4n54/ZvE/I3/M4v/n/DGL/5n5Yxb/v+SPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP4X5o9Z/C/KH7P4X5w/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/hfnT9m8b8mf8zif23+mMX/uvwxi//1+WMW/xvyxyz+N+aPWfxvyh+z+N+cP2bxvyV/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP535o9Z/O/KH7P4350/ZvG/J3/M4n9v/pjF/778MYv//fljFv8H8scs/g/mj1n8H8ofs/g/nD9m8X8kf8zi/2j+mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH7P4v5w/ZvF/JX/M4v9q/pjF/7X8MYv/6/ljEv+xB/LHLP6D8scs/oPzxyz+Y+SPWfyH5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv/x88cs/hPkj1n8J8wfs/hPlD9m8Z84f8ziP0n+mMV/0vwxi/9k+WMW/3flj1n8350/ZvF/T/6Yxf+9+WMW//flj1n8J88fs/i/P3/M4v+B/DGL/wfzxyz+H8ofs/hPkT9m8f9w/pjFf8r8MYv/0Pwxi/9U+WMW/6nzxyz+0+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6YxX/G/DGL/0fyxyz+H80fs/h/LH/M4v/x/DGL/yfyxyz+M+WPWfxnzh+z+M+SP2bxnzV/zOI/W/6YxX/2/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/J/PHLP6fyh+z+H86f8zi/5n8MYv/AvljFv8F88cs/gvlj1n8F84fs/h/Nn/M4v+5/DGL/yL5Yxb/RfPHLP6fzx+z+C+WP2bx/0L+mMV/8fwxi/8S+WMW/y/mj1n8l8wfs/gvlT9m8V86f8zi/6X8MYv/MvljFv9l88cs/svlj1n8l88fs/h/OX/M4r9C/pjFf8X8MYv/SvljFv+V88cs/qvkj1n8v5I/ZvH/av6YxX/V/DGL/2r5Yxb/1fPHLP5r5D9aN7zx3eK/Zv6YxX+t/DGL/9r5Yxb/dfLHLP7r5o9Z/NfLH7P4r58/ZvHfIH/M4v+1/DGL/4b5Yxb/jfLHLP4b549Z/DfJH7P4b5o/ZvHfLH/M4v/1/DGL/+b5Yxb/LfLHLP5b5o9Z/L+RP2bx/2b+mMV/q/wxi//W+WMW/23yxyz+2+aPWfy/lT9m8f92/pjF/zv5Yxb/7+aPWfy3yx+z+G+fP2bx3yF/zOL/vfwxi/+O+WMW/+/nj1n8d8ofs/jvnD9m8f9B/pjFf5f8MYv/rvljFv/d8scs/j/MH7P4754/ZvH/Uf6Yxf/H+WMW/z3yxyz+e+aPWfz3yh+z+P8kf8ziv3f+mMV/n/wxi/+++WMW//3yxyz+++ePWfwPyB+z+P80f8zif2D+mMX/oPwxi//P8scs/j/PH7P4H5w/ZvH/Rf6Yxf+Q/DGL/6H5Yxb/w/LHLP6/zB+z+P8qf8zif3j+mMX/1/ljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zi/5v8MYv/sfljFv/f5o9Z/I/LH7P4H58/ZvH/Xf6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4/z5/zOJ/av6Yxf8P+WMW/9Pyxyz+f8wfs/j/KX/M4n96/pjF/4z8MYv/n/PHLP5n5o9Z/P+SP2bxPyt/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4X5g/ZvG/KH/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+j+WMW/8fyxyz+j+ePWfyfyB+z+D+ZP2bxfyp/zOL/dP6Yxf+Z/DGL/7P5Yxb/5/LHLP7P549Z/F/IH7P4v5g/ZvF/KX/M4v9y/pjF/5X8MYv/q/ljFv/X8scs/q/nj0n8xxnIH7P4D8ofs/gPzh+z+I+RP2bxH5I/ZvEfM3/M4j9W/pjFf+z8MYv/OPljFv9x88cs/uPlj1n8x88fs/hPkD9m8Z8wf8ziP1H+mMV/4vwxi/8k+WMW/0nzxyz+k+WPWfzflT9m8X93/pjF/z35Yxb/9+aPWfzflz9m8Z88f8zi//78MYv/B/LHLP4fzB+z+H8of8ziP0X+mMX/w/ljFv8p88cs/kPzxyz+U+WPWfynzh+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/GfPHLP4fyR+z+H80f8zi/7H8MYv/x/PHLP6fyB+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/2z5Yxb/2fPHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/p/MH7P4fyp/zOL/6fwxi/9n8scs/gvkj1n8F8wfs/gvlD9m8V84f8zi/9n8MYv/5/LHLP6L5I9Z/BfNH7P4fz5/zOK/WP6Yxf8L+WMW/8Xzxyz+S+SPWfy/mD9m8V8yf8ziv1T+mMV/6fwxi/+X8scs/svkj1n8l80fs/gvlz9m8V8+f8zi/+X8MYv/CvljFv8V88cs/ivlj1n8V84fs/ivkj9m8f9K/pjF/6v5Yxb/VfPHLP6r5Y9Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv9188cs/uvlj1n8188fs/hvkD9m8f9a/pjFf8P8MYv/RvljFv+N88cs/pvkj1n8N80fs/hvlj9m8f96/pjFf/P8MYv/FvljFv8t88cs/t/IH7P4fzN/zOK/Vf6YxX/r/DGL/zb5Yxb/bfPHLP7fyh+z+H87f8zi/538MYv/d/PHLP7b5Y9Z/LfPH7P475A/ZvH/Xv6YxX/H/DGL//fzxyz+O+WPWfx3zh+z+P8gf8ziv0v+mMV/1/wxi/9u+WMW/x/mj1n8d88fs/j/KH/M4v/j/DGL/x75Yxb/PfPHLP575Y9Z/H+SP2bx3zt/zOK/T/6YxX/f/DGL/375Yxb//fPHLP4H5I9Z/H+aP2bxPzB/zOJ/UP6Yxf9n+WMW/5/nj1n8D84fs/j/In/M4n9I/pjF/9D8MYv/YfljFv9f5o9Z/H+VP2bxPzx/zOL/6/wxi/8R+WMW/yPzxyz+R+WPWfyPzh+z+B+TP2bx/03+mMX/2Pwxi/9v88cs/sflj1n8j88fs/j/Ln/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8f58/ZvE/NX/M4v+H/DGL/2n5Yxb/P+aPWfz/lD9m8T89f8zif0b+mMX/z/ljFv8z88cs/n/JH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8L8wfs/hflD9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bxvzp/zOJ/Tf6Yxf/a/DGL/3X5Yxb/6/PHLP435I9Z/G/MH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/bfljFv/b88dG+r8+4vZ/q/8d+WOW/f/O/DGL/135Yxb/u/PHLP735I9Z/O/NH7P435c/ZvG/P3/M4v9A/pjF/8H8MYv/Q/ljFv+H88cs/o/kj1n8H80fs/g/lj9m8X88f8zi/0T+mMX/yfwxi/9T+WMW/6fzxyz+z+SPWfyfzR+z+D+XP2bxfz5/zOL/Qv6Yxf/F/DGL/0v5Yxb/l/PHLP6v5I9Z/F/NH7P4v5Y/ZvF/PX9M4j/uQP6YxX9Q/pjFf3D+mMV/jPwxi/8Quf/2bzHd4j+m3P+tsviPlT9m8R87f8ziP07+mMV/3Pwxi/94+WMW//Hzxyz+E+SPWfwnzB+z+E+UP2bxnzh/zOI/Sf6YxX/S/DGL/2T5Yxb/d+WPWfzfnT9m8X9P/pjF/735Yxb/9+WPWfwnzx+z+L8/f8zi/4H8MYv/B/PHLP4fyh+z+E+RP2bx/3D+mMV/yvwxi//Q/DGL/1T5Yxb/qfPHLP7T5I9Z/KfNH7P4T5c/ZvGfPn/M4j9D/pjFf8b8MYv/R/LHLP4fzR+z+H8sf8zi//H8MYv/J/LHLP4z5Y9Z/GfOH7P4z5I/ZvGfNX/M4j9b/pjFf/b8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz9m8Z83f8ziP1/+mMV//vwxi/8n88cs/p/KH7P4fzp/zOL/mfwxi/8C+WMW/wXzxyz+C+WPWfwXzh+z+H82f8zi/7n8MYv/IvljFv9F88cs/p/PH7P4L5Y/ZvH/wj/jP/j/x/X6D83iv3j7P2bxXyJ/zOL/xfwxi/+S+WMW/6Xyxyz+S+ePWfy/lD9m8V8mf8ziv2z+mMV/ufwxi//y+WMW/y/nj1n8V8gfs/ivmD9m8V8pf8ziv3L+mMV/lfwxi/9X8scs/l/NH7P4r5o/ZvFfLX/M4r96/pjFf438MYv/mvljFv+18scs/mvnj1n818kfs/ivmz9m8V8vf8ziv37+mMV/g/wxi//X8scs/hvmj1n8N8ofs/hvnD9m8d8kf8ziv2n+mMV/s/wxi//X88cs/pvnj1n8t8gfs/hvmT9m8f9G/pjF/5v5Yxb/rfLHLP5b54/9l/q/QT2q/zb5Y/+l/m80qv+2+WMW/2/lj1n8v50/ZvH/Tv6Yxf+7+WMW/+3yxyz+2+ePWfx3yB+z+H8vf8ziv2P+mMX/+/ljFv+d8scs/jvnj1n8f5A/ZvHfJX/M4r9r/pjFf7f8MYv/D/PHLP67549Z/H+UP2bx/3H+mMV/j/wxi/+e+WMW/73yxyz+P8kfs/jvnT9m8d8nf8ziv2/+mMV/v/wxi//++WMW/wPyxyz+P31bf++WYfE/UK381ln8D8ofs/j/LH/M4v/z/DGL/8H5Yxb/X+SPWfwPyR+z+B+aP2bxPyx/zOL/y/wxi/+v8scs/ofnj1n8f50/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/r/JH7P4H5s/ZvH/bf6Yxf+4/DGL//H5Yxb/3+WPWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/+/zxyz+p+aPWfz/kD9m8T8tf8zi/8f8MYv/n/LHLP6n549Z/M/IH7P4/zl/zOJ/Zv6Yxf8v+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGL/4X5Yxb/i/LHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/lfljFv+r8scs/lfnj1n8r8kfs/hfmz9m8b8uf8zif33+mMX/hvwxi/+N+WMW/5vyxyz+N+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf+O/DGL/535Yxb/u/LHLP53549Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH7P4v5o/ZvF/LX/M4v96/pjEf7yB/DGL/6D8MYv/4Pwxi/8Y+WMW/yH5Yxb/MfPHLP5j5Y9Z/MfOH7P4j5M/ZvEfN3/M4j9e/pjFf/z8MYv/BPljFv8J88cs/hPlj1n8J84fs/hPkj9m8Z80f8ziP1n+mMX/XfljFv93549Z/N+TP2bxf2/+mMX/ffljFv/J88cs/u/PH7P4fyB/zOL/wfwxi/+H8scs/lPkj1n8P5w/ZvGfMn/M4j80f8ziP1X+mMV/6vwxi/80+WMW/2nzxyz+0+WPWfynzx+z+M+QP2bxnzF/zOL/kfwxi/9H88cs/h/LH7P4fzx/zOL/ifwxi/9M+WMW/5nzxyz+s+SPWfxnzR+z+M+WP2bxnz1/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4v/J/DGL/6fyxyz+n84fs/h/Jn/M4r9A/pjFf8H8MYv/QvljFv+F88cs/p/NH7P4fy5/zOK/SP6YxX/R/DGL/+fzxyz+i+WPWfy/kD9m8V88f8ziv0T+mMX/i/ljFv8l88cs/kvlj1n8l84fs/h/KX/M4r9M/pjFf9n8MYv/cvljFv/l88cs/l/OH7P4r5A/ZvFfMX/M4r9S/pjFf+X8MYv/KvljFv+v5I9Z/L+aP2bxXzV/zOK/Wv6YxX/1/DGL/xr5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvFfN3/M4r9e/pjFf/38MYv/BvljFv+v5Y9Z/DfMH7P4b5Q/ZvHfOH/M4r9J/pjFf9P8MYv/ZvljFv+v549Z/DfPH7P4b5E/ZvHfMn/M4v+N/DGL/zfzxyz+W+WPWfy3zh+z+G+TP2bx3zZ/zOL/rfwxi/+388cs/t/JH7P4fzd/zOK/Xf6YxX/7/DGL/w75Yxb/7+WPWfx3zB+z+H8/f8ziv1P+mMV/5/wxi/8P8scs/rvkj1n8d80fs/jvlj9m8f9h/pjFf/f8MYv/j/LHLP4/zh+z+O+RP2bx3zN/zOK/V/6Yxf8n+WMW/73zxyz+++SPWfz3zR+z+O+XP2bx3z9/zOJ/QP6Yxf+n+WMW/wPzxyz+B+WPWfx/lj9m8f95/pjF/+D8MYv/L/LHLP6H5I9Z/A/NH7P4H5Y/ZvH/Zf6Yxf9X+WMW/8Pzxyz+v84fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/9/kj1n8j80fs/j/Nn/M4n9c/pjF//j8MYv/7/LHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF//f5Yxb/U/PHLP5/yB+z+J+WP2bx/2P+mMX/T/ljFv/T88cs/mfkj1n8/5w/ZvE/M3/M4v+X/DGL/1n5Yxb/s/PHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF/8L8MYv/RfljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/6vzxyz+1+SPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMX/Qa3/iGe9/VvcK/F/SOv/9ln8H84fs/g/kj9m8X80f8zi/1j+mMX/8fwxi/8T+WMW/yfzxyz+T+WPWfyfzh+z+D+TP2bxfzZ/zOL/XP6Yxf/5/DGL/wv5Yxb/F/PHLP4v5Y9Z/F/OH7P4v5I/ZvF/NX/M4v9a/pjF//X8MYn/+AP5Yxb/QfljFv/B+WMW/zHyxyz+Q/LHLP5j5o9Z/MfKH7P4j50/ZvEfJ3/M4j9u/pjFf7z8MYv/+PljFv8J8scs/hPmj1n8J8ofs/hPnD9m8Z8kf8ziP2n+mMV/svwxi/+78scs/u/OH7P4vyd/zOL/3vwxi//78scs/pPnj1n8358/ZvH/QP6Yxf+D+WMW/w/lj1n8p8gfs/h/OH/M4j9l/pjFf2j+mMV/qvwxi//U+WMW/2nyxyz+0+aPWfynyx+z+E+fP2bxnyF/zOI/Y/6Yxf8j+WMW/4/mj1n8P5Y/ZvH/eP6Yxf8T+WMW/5nyxyz+M+ePWfxnyR+z+M+aP2bxny1/zOI/e/6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjF/5P5Yxb/T+WPWfw/nT9m8f9M/pjFf4H8MYv/gvljFv+F8scs/gvnj1n8P5s/ZvH/XP6YxX+R/DGL/6L5Yxb/z+ePWfwXyx+z+H8hf8ziv3j+mMV/ifwxi/8X88cs/kvmj1n8l8ofs/gvnT9m8f9S/pjFf5n8MYv/svljFv/l/sZ/iTX//Sv2n5nFf/n2f8zi/+X8MYv/CvljFv8V88cs/ivlj1n8V84fs/ivkj9m8f9K/pjF/6v5Yxb/VfPHLP6r5Y9Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv9188cs/uvlj1n8188fs/hvkD9m8f9a/pjFf8P8MYv/RvljFv+N88cs/pvkj1n8N80fs/hvlj9m8f96/pjFf/P8MYv/FvljFv8t88cs/t/IH7P4fzN/zOK/Vf6YxX/r/DGL/zb5Yxb/bfPHLP7fyh+z+H87f8zi/538MYv/d/PHLP7b5Y9Z/LfPH7P475A/ZvH/Xv6YxX/H/DGL//fzxyz+O+WPWfx3zh+z+P8gf8ziv0v+mMV/1/wxi/9u+WMW/x/mj1n8d88fs/j/KH/M4v9jo/9Y/3gWi/8eRv9/Iov/nvljFv+98scs/j/JH7P4750/ZvHfJ3/M4r9v/pjFf7/8MYv//vljFv8D8scs/j/NH7P4H5g/ZvE/KH/M4v+z/DGL/8/zxyz+B+ePWfx/kT9m8T8kf8zif2j+mMX/sPwxi/8v88cs/r/KH7P4H54/ZvH/df6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/I/JH7P4/yZ/zOJ/bP6Yxf+3+WMW/+Pyxyz+x+ePWfx/lz9m8T8hf8zif2L+mMX/pPwxi//J+WMW/1Pyxyz+v88fs/ifmj9m8f9D/pjF/7T8MYv/H/PHLP5/yh+z+J+eP2bxPyN/zOL/5/wxi/+Z+WMW/7/kj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+F+aPWfwvyh+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/K/KH7P4X50/ZvG/Jn/M4n9t/pjF/7r8MYv/9fljFv8b8scs/jfmj1n8b8ofs/jfnD9m8b8lf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+d+aPWfzvyh+z+N+dP2bxvyd/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP4P5o9Z/B/KH7P4P5w/ZvF/JH/M4v9o/pjF/7H8MYv/4/ljFv8n8scs/k/mj1n8n8ofs/g/nT9m8X8mf8zi/2z+mMX/ufwxi//z+WMW/xfyxyz+L+aPWfxfyh+z+L+cP2bxfyV/zOL/av6Yxf+1/DGL/+v5YxL/CQbyxyz+g/LHLP6D88cs/mPkj1n8h+SPWfzHzB+z+I+VP2bxHzt/zOI/Tv6YxX9cvf9gnGrxH0/vz1n8x88fs/hPkD9m8Z8wf8ziP1H+mMV/4vwxi/8k+WMW/0nzxyz+k+WPWfzflT9m8X93/pjF/z35Yxb/9+aPWfzflz9m8Z88f8zi//78MYv/B/LHLP4fzB+z+H8of8ziP0X+mMX/w/ljFv8p88cs/kPzxyz+U+WPWfynzh+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/GfPHLP4fyR+z+H80f8zi/7H8MYv/x/PHLP6fyB+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/2z5Yxb/2fPHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/p/MH7P4fyp/zOL/6fwxi/9n8scs/gvkj1n8F8wfs/gvlD9m8V84f8zi/9n8MYv/5/LHLP6L5I9Z/BfNH7P4fz5/zOK/WP6Yxf8L+WMW/8Xzxyz+S+SPWfy/mD9m8V8yf8ziv1T+mMV/6fwxi/+X8scs/svkj1n8l80fs/gvlz9m8V8+f8zi/+X8MYv/CvljFv8V88cs/ivlj1n8V84fs/ivkj9m8f9K/pjF/6v5D+/1v71p8V81f8ziv1r+mMV/9fwxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOK/Xv6YxX/9/DGL/wb5Yxb/r+WPWfw3zB+z+G+UP2bx3zh/zOK/Sf6YxX/T/DGL/2b5Yxb/r+ePWfw3zx+z+G+RP2bx3zJ/zOL/jfwxi/8388cs/lvlj1n8t84fs/hvkz9m8d82f8zi/638MYv/t/PHLP7fyR+z+H83f8ziv13+mMV/+/wxi/8O+WMW/+/lj1n8d8wfs/h/P3/M4r9T/pjFf+f8MYv/D/LHLP675I9Z/HfNH7P475Y/ZvH/Yf6YxX/3/DGL/4/yxyz+P84fs/jvkT9m8d8zf8ziv1f+mMX/J/ljFv+988cs/vvkj1n8980fs/jvlz9m8d8/f8zif0D+mMX/p/ljFv8D88cs/gflj1n8f5Y/ZvH/ef6Yxf/g/DGL/y/yxyz+h+SPWfwPzR+z+B+WP2bx/2X+mMX/V/ljFv/D88cs/r/OH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/MfljFv/f5I9Z/I/NH7P4/zZ/zOJ/XP6Yxf/4/DGL/+/yxyz+J+SPvek/7sB/s/+J+WOW/f+k/DGL/8n5Yxb/U/LHLP6/zx+z+J+aP2bx/0P+mMX/tPwxi/8f88cs/n/KH7P4n54/ZvE/I3/M4v/n/DGL/5n5Yxb/v+SPWfzP+of+r/3/u17/oVn8z27/xyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf/C/DGL/0X5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/8r8MYv/VfljFv+r88cs/tfkj1n8r80fs/hflz9m8b8+f8zif0P+mMX/xvwxi/9N+WMW/5vzxyz+t+SPWfxvzR+z+N+WP2bxvz1/zOJ/R/6Yxf/O/DGL/135Yxb/u/PHLP735I9Z/O/NH7P435c/ZvG/P3/M4v9A/pjF/8H8MYv/Q/ljFv+H88cs/o/kj1n8H80fs/g/lj9m8X88f8zi/0T+mMX/yfwxi/9T+WMW/6fzxyz+z+SPWfyfzR+z+D+XP2bxfz5/zOL/Qv6Yxf/F/DGL/0v5Yxb/l/PHLP6v5I9Z/F/NH7P4v5Y/ZvF/PX9M4j/hQP6YxX9Q/pjFf3D+mMV/jPwxi/+Q/DGL/5j5Yxb/sfLHLP5j549Z/MfJH7P4j5s/ZvEfL3/M4j9+/pjFf4L8MYv/hPljFv+J8scs/hPnj1n8J8kfs/hPmj9m8Z8sf8zi/678MYv/u/PHLP7vyR+z+L83f8zi/778MYv/5PljFv/3549Z/D+QP2bx/2D+mMX/Q/ljFv8p8scs/h/OH7P4T5k/ZvEfmj9m8Z8qf8ziP3X+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+M+YP2bx/0j+mMX/o/ljFv+P5Y9Z/D+eP2bx/0T+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfxnyx+z+M+eP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvH/ZP6Yxf9T+WMW/0/nj1n8P5M/ZvFfIH/M4r9g/pjFf6H8MYv/wvljFv/P5o9Z/D+XP2bxXyR/zOK/aP6Yxf/z+WMW/8Xyxyz+X8gfs/gvnj9m8V8if8zi/8X8MYv/kvljFv+l8scs/kvnj1n8v5Q/ZvFfJn/M4r9s/pjFf7n8MYv/8vljFv8v549Z/FfIH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/V/LHLP5fzR+z+K+aP2bxXy1/zOK/ev6YxX+N/DGL/5r5Yxb/tUz+rw9vu39iVov/2ib/fyGL/zr5Yxb/dfPHLP7r5Y9Z/NfPH7P4b5A/ZvH/Wv6YxX/D/DGL/0b5Yxb/jfPHLP6b5I9Z/DfNH7P4b5Y/ZvH/ev6YxX/z/DGL/xb5Yxb/LfPHLP7fyB+z+H8zf8ziv1X+mMV/6/wxi/82+WMW/23zxyz+38ofs/h/O3/M4v+d/DGL/3fzxyz+2+WPWfy3zx+z+O+QP2bx/17+mMV/x/wxi//388cs/jvlj1n8d84fs/j/IH/M4r9L/pjFf9f8MYv/bvljFv8f5o9Z/HfPH7P4/yh/zOL/4/wxi/8e+WMW/z3zxyz+e+WPWfx/kj9m8d87f8ziv0/+mMV/3/wxi/9++WMW//3zxyz+B+SPWfx/mj9m8T8wf8zif1D+mMX/Z/ljFv+f549Z/A/OH7P4/yJ/zOJ/SP7Yf6P/oIGB7QdG8z80f+y/0Z/2/8Pyxyz+v8wfs/j/Kn/M4n94/pjF/9f5Yxb/I/LHLP5H5o9Z/I/KH7P4H50/ZvE/Jn/M4v+b/DGL/7H5Yxb/3+aPWfyPyx+z+B+fP2bx/13+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfxPyR+z+P8+f8zif2r+mMX/D/ljFv/T8scs/n/MH7P4/yl/zOJ/ev6Yxf+M/DGL/5/zxyz+Z+aPWfz/kj9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvG/Kn/M4n91/pjF/5r8MYv/tfljFv/r8scs/tfnj1n8b8gfs/jfmD9m8b8pf8zif3P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfzvyB+z+N+ZP2bxvyt/zOJ/d/6Yxf+e/DGL/735Yxb/+/LHLP73549Z/B/IH7P4P5g/ZvF/KH/M4v9w/pjF/5H8MYv/o/ljFv/H8scs/o/nj1n8n8gfs/g/mT9m8X8qf8zi/3T+mMX/mfwxi/+z+WMW/+fyxyz+z+ePWfxfyB+z+L+YP2bxfyl/zOL/cv6Yxf+V/DGL/6v5Yxb/1/LHLP6v549J/CcayB+z+A/KH7P4D84fs/iPkT9m8R+SP2bxHzN/zOI/Vv6YxX/s/DGL/zj5Yxb/cfPHLP7j5Y9Z/MfPH7P4T5A/ZvGfMH/M4j9R/pjFf+L8MYv/JPljFv9J88cs/pPlj1n835U/ZvF/d/6Yxf89+WMW//fmj1n835c/ZvGfPH/M4v/+/DGL/wfyxyz+H8wfs/h/KH/M4j9F/pjF/8P5Yxb/KfPHLP5D88cs/lPlj1n8p84fs/hPkz9m8Z82f8ziP90/9B9XuXlY/Kdv/8cs/jPkj1n8Z8wfs/h/JH/M4v/R/DGL/8fyxyz+H88fs/h/In/M4j9T/pjFf+b8MYv/LPljFv9Z88cs/rPlj1n8Z88fs/jPkT9m8Z8zf8ziP1f+mMV/7vwxi/88+WMW/3nzxyz+8+WPWfznzx+z+H8yf8zi/6n8MYv/p/PHLP6fyR+z+C+QP2bxXzB/zOK/UP6YxX/h/DGL/2fzxyz+n8sfs/gvkj9m8V80f8zi//n8MYv/YvljFv8v5I9Z/BfPH7P4L5E/ZvH/Yv6YxX/J/DGL/1L5Yxb/pfPHLP5fyh+z+C+TP2bxXzZ/zOK/XP7YCP9xBgYG/qv9l88fs+z/X84fs/ivkD9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/6/kj1n8v5o/ZvFfNX/M4r9a/pjFf/X8MYv/GvljFv8188cs/mvlj1n8184fs/ivkz9m8V83f8ziv17+mMV//fwxi/8G+WMW/6/lj1n8N8wfs/hvlD9m8d84f8ziv0n+mMV/0/wxi/9m+WMW/6/nj1n8N88fs/hvkT9m8d8yf8zi/438MYv/N/PHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4v+t/DGL/7fzxyz+38kfs/h/N3/M4r9d/pjFf/v8MYv/DvljFv/v5Y9Z/HfMH7P4fz9/zOK/U/6YxX/n/DGL/w/yxyz+u+SPWfx3zR+z+O+WP2bx/2H+mMV/9/wxi/+P8scs/j/OH7P475E/ZvHfM3/M4r9X/pjF/yf5Yxb/vfPHLP775I9Z/PfNH7P475c/ZvHfP3/M4n9A/pjF/6f5Yxb/A/PHLP4H5Y9Z/H+WP2bx/3n+mMX/4Pwxi/8v8scs/ofkj1n8D80fs/gflj9m8f9l/pjF/1f5Yxb/w/PHLP6/zh+z+B+RP2bxPzJ/bDT/E/5b/Y/KH7Ps/0fnj1n8j8kfs/j/Jn/M4n9s/pjF/7f5Yxb/4/LHLP7H549Z/H+XP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/U/LHLP6/zx+z+J+aP2bx/0P+mMX/tPwxi/8f88cs/n/KH7P4n54/ZvE/I3/M4v/n/DGL/5n5Yxb/v+SPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP4X5o9Z/C/KH7P4X5w/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/hfnT9m8b8mf8zif23+mMX/uvwxi//1+WMW/xvyxyz+N+aPWfxvyh+z+N+cP2bxvyV/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP535o9Z/O/KH7P4350/ZvG/J3/M4n9v/pjF/778MYv//fljFv8H8scs/g/mj1n8H8ofs/g/nD9m8X8kf8zi/2j+mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH7P4v5w/ZvF/JX/M4v9q/pjF/7X8MYv/6/ljEv+J/z927j3Krrq84/CeyW+SECCBUq0BgzEhEBBISIAQkUtAgSHJgBcUIglECJeSQArRBKoQ8YK2SlGqUlsFuQgUAYWipRYapZRCxaKitsVSWqTUKlSUAq1KuobMxMz4MovZ2d0s8z7PH5k5Z3yPkM9afnMma6z0D2Xp36F/KEv/Tv1DWfqP0D+UpX/RP5Slf5f+oSz9R+ofytJ/lP6hLP1H6x/K0n8z/UNZ+o/RP5Sl/+b6h7L030L/UJb+W+ofytJ/rP6hLP3H6R/K0n8r/UNZ+m+tfyhL/9/QP5Sl/zb6h7L0/039Q1n6v0T/UJb+L9U/lKX/b+kfytL/ZfqHsvQfr38oS/9t9Q9l6b+d/qEs/V+ufyhL/wn6h7L0317/UJb+r9A/lKX/RP1DWfq/Uv9Qlv6T9A9l6T9Z/1CW/jvoH8rSf4r+oSz9d9Q/lKX/TvqHsvSfqn8oS/+d9Q9l6b+L/qEs/V+lfyhL/131D2Xpv5v+oSz9d9c/lKX/NP1DWfpP1z+Upf8e+oey9J+hf2hT7z9y3afjZuof2tT79xm3p/6hLP330j+Upf/e+oey9J+lfyhL/330D2XpP1v/UJb+r9Y/lKX/vvqHsvR/jf6hLP330z+Upf/++oey9D9A/1CW/gfqH8rSf47+oSz9D9I/lKX/wfqHsvR/rf6hLP1fp38oS/9D9A9l6X+o/qEs/Q/TP5Slf7f+oSz9D9c/lKX/XP1DWfrP0z+Upf98/UNZ+vfoH8rS/wj9Q1n6H6l/KEv/1+sfytL/DfqHsvR/o/6hLP3fpH8oS/+j9A9l6f9m/UNZ+r9F/1CW/kfrH8rS/xj9Q1n6L9A/lKX/W/UPZel/rP6hLP0X6h/K0n+R/qEs/Y/TP5Sl//H6h7L0X6x/KEv/t+kfytL/BP1DWfqfqH8oS/8l+oey9D9J/1CW/ifrH8rS/xT9Q1n6n6p/KEv/39Y/lKX/afqHsvRfqn8oS/9l+oey9D9d/1CW/mfoH8rSf7n+oSz9f0f/UJb+Z+ofytL/LP1DWfqv0D+Upf/b9Q9l6f8O/UNZ+q/UP5Sl/yr9Q1n6n61/KEv/c/QPZen/u/qHsvR/p/6hLP3fpX8oS/9z9Q9l6X+e/qEs/VfrH8rS/936h7L0P1//UJb+79E/lKX/e/UPZen/Pv1DWfq/X/9Qlv4X6B/K0v8D+oey9P+g/qEs/X9P/1CW/r+vfyhL/w/pH8rS/8P6h7L0v1D/UJb+f6B/KEv/i/QPZen/Ef1DWfp/VP9Qlv4X6x/K0v8P9Q9l6f8x/UNZ+n9c/1CW/p/QP5Sl/yX6h7L0/yP9Q1n6f1L/UJb+f6x/KEv/P9E/lKX/p/QPZen/af1DWfpfqn8oS//L9A9l6f8Z/UNZ+l+ufyhL/yv0D2Xpf6X+oSz9r9I/lKX/Z/UPZel/tf6hLP2v0T+Upf+1+oey9P9T/UNZ+l+nfyhL/8/pH8rS/3r9Q1n636B/KEv/G/UPZen/ef1DWfp/Qf9Qlv436R/K0v9m/UNZ+v+Z/qEs/W/RP5Sl/xf1D2Xp/yX9Q1n6/7n+oSz9b9U/lKX/X+gfytL/y/qHsvT/S/1DWfrfpn8oS//b9Q9l6f9X+oey9F+jfyhL/6/oH8rS/6v6h7L0v0P/UJb+f61/KEv/O/UPZen/N/qHsvS/S/9Qlv5/q38oS/+79Q9l6X+P/qEs/f9O/1CW/l/TP5Sl/736h7L0/7r+oSz9/17/UJb+9+kfytL/G/qHsvT/pv6hLP2/pX8oS//79Q9l6f9t/UNZ+n9H/1CW/t/VP5Sl/z/oH8rS/x/1D2Xp/0/6h7L0f0D/UJb+39M/lKX/P+sfytL/Qf1DWfr/i/6hLP0f0j+Upf+/6h/K0v/f9A9l6f+w/qEs/b+vfyhL/0f0D2Xp/+/6h7L0f1T/UJb+/6F/KEv/H+gfytL/P/UPZen/Q/1DWfr/SP9Qlv6P6R/K0v9x/UNZ+v+X/qEs/X+sfyhL/yf0D2Xp/xP9Q1n6/1T/UJb+T+ofytL/v/UPZen/lP6hLP2f1j+Upf8z+oey9P8f/UNZ+v+v/qEs/X+mfyhL/5/rH8rS/xf6h7L0f1b/UJb+a/UPJem/VaV/KEv/Dv1DWfp36h/K0n+E/qEs/Yv+oSz9u/QPZek/Uv9Qlv6j9A9l6T9a/1CW/pvpH8rSf4z+oSz9N9c/lKX/FvqHsvTfUv9Qlv5j9Q9l6T9O/9Am1x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqKrunjmPjegY8NSIDR9MuHfJcx/3fProU6666otb93/s+/Lc4CU7N3ywdu3atZ1PVl/reziqqqre/7at+h6PHnzc+/rnzblk6rpHZeLlz+xy3cpnDnr/jfdf8/ShV8+9ruu5Z7uq4086demS6Z1VVSZ3Vat6H+zRUVVlx67qot4HM3of7NRVXdP7YOZzDzar1vQ+2P2EM5ae2PvE1Nq/ZwDw6667Z3U1YsBiVwP+NLDh/p835+bV/R+HeMn+VytV3/7fetM27xj0tX7Ps//9r19eOXj/h/0vCAD8iuHt/x0T+z8O8ZK/8v5//ukfvz/62vPvf//rl0n2HwCaF3z/f8BGD/6+/6Dv/0d/Dlh/f9pxF4/q3f+rnz5qRd9T5YV8//+Xr18mD97/zgHf/++oqrJD//f/R1VVmbKRvx0AkEJ3z7sfG+r9/9D7X7YddNOx4f5vff2ao3r3/8ExN76076muYe7/DkO9/z9k0D8rAPDCdPd8Zu2g9//D2P9qx+Al1+//wavufknv/n/jwe9P3OBrw9n/KYP3f9qKZcunnXX2ObudumzxyUtOXnL67Fmz9tlr1t6zZ0x77jsC637dyN8UANjEbdz7/2rMoJuOqnpk/f2Hbptwd+/+z/jkYaf0PTV6mPu/45Dv/yd6/w8AA0zqrEaOrFYtXrHizD3W/dr/cMa6X9f9x4L9H8bf/0/u/yG6/p8Z7Kiql62/7znrA529+3/F5G1v63tq5DD3f6ch9//AgT+rCAC8MBv5/v/EQTcD9n/ciGtn9+7/4VN2vqDvqeH+/f/UIff/Mu//AaCO7p7q//VNdO/+n7/FLy6td1129vN/ANC8Nvb/8QnvmVTvuuxi/wGgeW3s/5IDtryl3nV5lf0HgOa1sf93dV+8sN512dX+A0Dz2tj/eadNuKfeddnN/gNA89rY/4nnnLCy3nXZ3f4DQPPa2P/rjn7soXrXZZr9B4DmtbH/x45+8Il612W6/QeA5rWx/9/d5ciT6l2XPew/ADSvjf3/8r67P1Dvusyw/wDQvDb2f/r4y+bVuy4z7T8ANK+N/f/oGftfWe+67Gn/AaB5bez/+Pmfn1nvuuxl/wGgeW3s/9uP/fqF9a7L3vYfAJrXxv4/e+6B4+tdl1n2HwCa18b+r7lr+wX1rss+9h8AmtfG/s995KJ7612X2fYfAJrXxv7v9OTjy+tdl1fbfwBoXhv7/7nvHP9oveuyr/0HgOa1sf9jL3t2XL3r8hr7DwDNa2P/33f+8kvqXZf97D8ANK+N/f/BxWOn1Lsu+9t/AGheG/v/ti+svqnedTnA/gNA89rY/28+PHNuvetyoP0HgOa1sf/HfOW279W7LnPsPwA0r4393+u+OxbXuy4H2X8AaF4b+3/7T+Y/Ve+6HGz/AaB5bez/y9/7re3rXZfX2n8AaF4b+/+Jzy78YL3r8jr7DwDNa2P/f/alyXvWuy6H2H8AaF4b+7/8Y9dfUe+6HGr/AaB5bex/z64/fajedTnM/gNA89rY/zvHvmtlvevSbf8BoHlt7P+1rxhxT73rcrj9B4DmtbH/k/b78MJ612Wu/QeA5rWx/6vnbnNLvesyz/4DQPPa2P/NT/3UpHrXZb79B4DmtbH/J696+NJ616XH/gNA89rY/x8tWDa63nU5wv4DQPPa2P/txiwaX++6HGn/AaB5bez/RVPvu7DedXm9/QeA5rWx/z+ffcPMetflDfYfAJrXxv6v3G7ilfWuyxvtPwA0r439//ay2+fVuy5vsv8A0Lw29n/REdMfqHddjrL/ANC8NvZ/xqKek+pdlzfbfwBoXhv7f+s71zxR77q8xf4DQPPa2P8L7vz0TfWuy9H2HwCa18b+b/HoVlPqXZdj7D8ANK+N/T/+qdMvqXddFth/AGheG/v/w/sfGlfvurzV/gNA89rY/+7Lz3203nU51v4DQPPa2P+vrv7x8nrXZaH9B4DmtbH/N3zkwnvrXZdF9h8AmtfG/k+5uVpQ77ocZ/8BoHlnnX3OaYuXLl1ypk984hOfrP/kxf5fJgAAoGm//EP/i/1PAgAAAAAAAAAAAAAAAAAAAHm18X8n9mL/OwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAACPK3XmGAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CsAAP//KvjdGQ==")
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="73797a30a674be0e2155351342d7409b90c2d1beb8d1c07a2940ad8e269184a698300335386f19085187c35b1ef8c49c62ebdf9cb134866e9524da7b758c9436bcb74dc8e550436900445af1be6c1f0f268f7fc07cf97ae4dc7b8a43adf9537f2b104af8251492cb70568d6f4c3d739f31ad330efda65faeddb83507cfe532bd59bebd4c66b133a653c224431674f3095a923f7b6c7db38b1d7a7db725184539a5ddc9e7fd41ad0d282af8283ac3b22a6af78193025a6bd96640fda5cc93da8723e1c69fc224c80ac24c26b3607d75ff0300008d43ff59d5891837bde8247ae6ac57a5badf3b63cbfe16536055481f9c2f3f81b78b7cbfd5f01ca32b9af3775f84398918f2ed0e6d927b36fc06121e4ea7d74790fe17ab74cc06a705e2bf0efd015efc4fdc0993eaeabcbab9e1a37d160c301c3e6320c486f001e560953534b8966619642c3b04e790b5a7a8c166ee215bbf097300"], 0x68)
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000240)=@loop={'/dev/loop', 0x0}, 0xee00, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xaa1})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file2\x00', 0x804c1, 0x2)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/schedstat\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000006140)={0x2020, 0x0, 0x0, <r7=>0x0}, 0x2020)
fchown(r5, r7, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='kmem_cache_free\x00', r3}, 0x10)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
openat$cgroup_netprio_ifpriomap(r8, &(0x7f00000003c0), 0x2, 0x0)
syz_open_procfs$pagemap(0x0, 0x0)

28.249312703s ago: executing program 1 (id=882):
openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)

28.045171722s ago: executing program 1 (id=884):
set_mempolicy(0x3, &(0x7f00000000c0)=0x5, 0xa)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000340)={0x400000100002f})
write$uinput_user_dev(r0, &(0x7f0000000800)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(r0, 0x5501)

27.873429149s ago: executing program 1 (id=885):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r2, &(0x7f00000000c0)="3f03fe7f0312120006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)

27.491127832s ago: executing program 1 (id=888):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)

27.161130955s ago: executing program 1 (id=889):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
chroot(&(0x7f00000000c0)='./file0\x00')

27.020540098s ago: executing program 1 (id=891):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r3, &(0x7f0000000700)="09028a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f9111a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)
close_range(r2, 0xffffffffffffffff, 0x0)

26.728453668s ago: executing program 3 (id=893):
r0 = openat$incfs(0xffffffffffffff9c, &(0x7f00000001c0)='.pending_reads\x00', 0x40140, 0x0)
close(r0)
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0xb, 0x0, &(0x7f0000000040))

26.728063299s ago: executing program 4 (id=894):
poll(0x0, 0x0, 0x401)
pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r0, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0x541b, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
rt_sigreturn()
r3 = msgget$private(0x0, 0x0)
msgrcv(r3, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
mlockall(0x1)
setsockopt$inet_mtu(r2, 0x0, 0xa, 0x0, 0x0)

26.452636535s ago: executing program 4 (id=896):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
write$binfmt_script(r2, &(0x7f0000000340), 0xffffff46)
dup3(r2, r1, 0x0)
sendmsg$netlink(r1, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)=ANY=[], 0x10}], 0x1}, 0x0)
rt_sigreturn()
close(r1)
socket$inet_udp(0x2, 0x2, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000001300)={&(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @local}, 0x80, 0x0}, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
poll(0x0, 0x0, 0x64)

26.079575862s ago: executing program 4 (id=897):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
stat(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='.\x00', 0x0, 0x0)
faccessat2(r1, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)

25.158184677s ago: executing program 4 (id=901):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
mount(0x0, &(0x7f0000004580)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
fcntl$setstatus(r1, 0x4, 0x4c00)
dup3(r1, r0, 0x0)
io_setup(0x6, &(0x7f0000000240)=<r2=>0x0)
removexattr(0x0, 0x0)
io_submit(r2, 0x3f0a, &(0x7f0000000540)=[&(0x7f00000000c0)={0xf04aef, 0x3d8, 0x8, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a07, 0x0, 0x0, 0xd00}])

24.963772182s ago: executing program 3 (id=902):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000980)='./file1\x00', 0x280809a, &(0x7f0000000f40)=ANY=[], 0xd, 0x2b2, &(0x7f00000006c0)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRhC7UiKoCw3ODEgSBqYQmArGruYTuPR7+BHcuPEbDLgV3E0XlSfvX/7ga402VXR+v9Xh3nfuPXm3TbLJeZ+/Mh3ffZDE2dMnkaZJdI7iKM6T2I9ONL6JbgAA/x/neR6/5mWY5JUNM7udGy0MALgx1ef/X/rgBwD+4z78+JP3B8fHdz7IsjRe6j+eDZOImD6eDav5wf34MiZxL25HPy4i8oUqfve94zvRzQr78fp0PhsWmdPPfqzXH/wSUeYfRj/22/MPs8pK/nw23I3nI4vB/d2m1H682J7/Zkt+DHvxxmsr9R9EP376Ih7EJO5GkbvM//owy97Jv3361afFNkV+0onhXnldKfcFCQAAAAAAAAAAAAAAAAAAAACA7TrIsqRq31P27ymG6v47Oxfl/EHW2F/vz1PlJ81CVX+gvOmWM8/ju6a/zu0sy/L6wmV+N17uerAAAAAAAAAAAAAAAAAAAAAAFE4ePbk1mkzuPTx5dDq+dtB0A2h+1v931zlaGXk1TsejncsX3Nt8r9VuA0WtV14c3W5s6ba0B2eLkeeKera+xV4sRj6KKmgOZqt7vfB2tejpeJTVU81NHo+SP9srbQ7u+9WpXly3sLz8k7jI1880XZS6ntXb0t3o3Wqd+i3P883Weevn6ozqkaRssbHZ7rt10PoCiyAtziJd/OMXUz9cvuClbxk7137TAQAAAAAAAAAAAAAAAAAAWi1/9NsyeXZlaufGigIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9jy+f9NkEbE+sgfgnmdfNU1ddCLhyf/8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfB7AAAA//8rlFqg")
r0 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0)
r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706", 0x200)
sendfile(r0, r1, 0x0, 0xe065)
syz_open_dev$MSR(0x0, 0x5, 0x0)
sendfile(r0, r1, 0x0, 0xffff)
read(0xffffffffffffffff, &(0x7f0000019440)=""/102391, 0x18ff7)
openat$cgroup(0xffffffffffffffff, &(0x7f0000000180)='syz1\x00', 0x200002, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
read(r2, &(0x7f0000000200)=""/209, 0xd1)

24.450198286s ago: executing program 4 (id=903):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x7ffc2001}]})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSMRU1(r1, 0x80047458, &(0x7f00000000c0))
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r4, @ANYBLOB="100052800c0003800500070006000400394802036b2da3047f283f7f710f1d969e4e647f410913b2f2193b3d9d82301537d591ba43220fce0d4462324fc3b443bf1201528e2e21d90c300882fc1c305efb14fbc4ecc8ae9ba3097caf85b2553b4df83a36087f2a2fb82a284461cfbfad8c34e5e9adbd47d61e681cf5dc447c5048e720"], 0x2c}}, 0x0)
r5 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x0)
r6 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
accept$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @private1}, &(0x7f00000000c0)=0x1c)
pwritev(r6, &(0x7f0000000600)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000380)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb52203454a05646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb5ef95d5505f6d67dc42c4eeacc54f1b90b36f6e9205469da4c37407584891e748eaaef6008b191c329ea83c6d68d85792e0000000000000053caba1870d9d9ca89b023ac43ccdcdc", 0x81}, {&(0x7f0000001140)="5016cf957341f1309660144f05a4c852b7c91d465959679f46274313d42623a941d53dda228a21cfe2d24324e88452b9a5826f74c9aa4fa5812d9b4d91a93f16302922eceea74ecda30ce05b11ef5a2bff7c1b3c24d3", 0x56}], 0x5, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r5, 0x4c00, r6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000540)={0x3, &(0x7f0000000500)=[{0x8000, 0x1, 0x5, 0x1}, {0x24f, 0x2, 0xe, 0x401}, {0x6, 0x8, 0x7, 0x5}]})
ioctl$LOOP_SET_BLOCK_SIZE(r5, 0x4c09, 0x800)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f00000001c0)=ANY=[@ANYBLOB="706172743d3078300002a27f9edc6b44900000c63d5f852c6769643d", @ANYRESHEX, @ANYRES32, @ANYRES64=0x0, @ANYRESOCT=r1, @ANYRESHEX, @ANYBLOB="2c6e03d465636f6d706f73652c6769643d29ab72f4a2f73b811c7fd9bae7ecd520839bd791f81b6637f549a77ac6cb621635f9c08b2615964a3c43b727df50d049dc760465dea7349206240e6fb4756f276c72f20bab7d507fe4853b18ebe583cbf9009044b021249834326e80399ca072639251325e38177eef4f05093acfe76553919ecca99460ea4ebdbcef9c4e0ed3f10f86889116979b7aa52b38442546b806d6b8964f99a04195ad43adb611", @ANYRES16, @ANYRES16], 0x1, 0x70a, &(0x7f0000001840)="$eJzs3UtoHOcdAPD/rFaPVcGREz/SEsgSQ1oqaksWSqte6pZSdAglpIeehS3Hwms5SEqRTWmUPu495NRTetChEHoo6d3QnhsCJT3qGCjk4pNuKjM7sy/NPmRbD7u/nz0z38z3mG/+89rdQUwA/7eWZ6P6KJJYnn17O53f211ojO0uTObZjYiYiIhKRDUiSRcl65Hl3siH+GbkOR3TQz5eW3r3y8d7XzXnqvmQla8Mqldi4vCinXyIekSM5dPDxvu0+Fnv6rvau9m3vVElrS1MA3alCFz86alahad2cMhOK+/Tf2fjVpmS6kc5b4EzKmneN3PtU30mYjoipiKad/386lA5+R4+Wzun3QEAAAA4qtrRq7y0H/uxHeeOozsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwosrf/5/kQ6VI1yMp3v8/kS+LPH0GDX8R4heTzemj4+8MAAAAAAAAAByLzof2r+/HfmzHuWL+IMme+b/R8Yz/G/FBbMZqbMTV2I6V2Iqt2Ij5iJjpbHR7ZWtrYz6rGXFhQM3r8XlJzev9+3ujezZ5mm0HAAAAAAAAgOfA1JD8u+OHl/02ltvP/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CxIIsaak2y4UKRnolKNiKmi3E7E5xExkf1/PiRlCx+dfD8AAADgqUx1zyZTI9R56cPYj+04V8wfJNl3/kvZ9+Wp+CDWYyvWYisasRq3opIVSr/yV/Z2Fxp7uwv30uFwuz/++khdz1qM5m8P5Wt+NStRi9uxli25GjcjiYNMJW/l1b3dhXR6r7xfH6V9Sn6UG9CbsY70rXR0+bMs/cfuXxGqR9rEEfU2WulbcibLHW9FZC7vW1rjfBGB8kh07Z2yzagOXNN8VFo/+1wYvKbymH80OAbTPaVKf7k5Fb2RuB6V1h66NDgSEd/++6e/vNNYv3vn9ubs2dmkUh8OLdEbiYWOSFx+gSIx3FwWiYut+eX4WfwiZuPryXdiI9biV7ESW7FaL/JX8uM5Hc8MjtQX051z7wzrSXpO1lvXr7I+1aOrT1GPn2aplXgj26fnYi2SuB8Rq/FW9u96zLeuBu09fHGEs74ywpW2w5XvZJNWmKLWv+xfR2vyWUnjer4Z14Pea+5Mlte5pB2ll0ujVNzrRr8fdah+K0+kLfxu4P3hpPVGYr4jEq/0O16ah+qfD9LxZmP97sadlfdHXN+b+TQ9j/4w4C5xLLfpgdI9/HJM5Rt3Phsn2Tk1l+W90upVEa//rEXMZ3kXWq1033HTvIutes0z9edxP251nanfj8VYjKWs9KWs9PihO1aad7nVUvc1PM1LP2lVW091Oj9v3Y9G8/NQxM5zf9kGeJFNf3d6ovbf2r9qn9R+X7tTe3vqJ5M/mHxtIsb/Of7D6tzYm5XXkr/FJ/Gb9vd/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgyW0+eHh3pdFY3ShPVMqzksG1VhoHxYvEBpTpSiT5q3JGKJxsPnh4MLTBwYnJvHtPWP1ZJoq3NQ4vXD/GbiQ7vftravi+KN7yNMIqkvw1lR2HVkQ8cZ+LNbeXjJ+BXdmbqB+5Vv3QduWJ4oDtKHz0o7dWtr/GIqKs8JALx9gzuPgAp+ra1r33r20+ePi9tXsr762+t7o+vri4NLe0+NbCtdtrjdW55rijwsm/VQ84Jp0fJ1omIuL14XUHvKgVAAAAAAAAAAAAOEYn8bcQp72NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPNteTaqjyKJ+bmrc+n83u5CIx2KdLtkNSIqEZH8OiL5R8SNaA4x09Fc0m89H68tvfvl472v2m1Vi/KViJ2+9Qa12baTD1GPiLF8Gn8ZXnGU9m4W7fU30U5OlmQnra1IA3alCByctv8FAAD//2mP9Pg=")
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4400ae8f, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x8000002, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x9})
ioctl$KVM_SET_IRQCHIP(r8, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xf58, 0x0, [{}, {}, {}, {}, {}, {}, {0xff}, {}, {}, {}, {0x3e}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x4}]}})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r6, 0xc0709411, 0x0)
ioctl$LOOP_SET_STATUS(r5, 0x4c02, &(0x7f0000000200)={0x0, {}, 0x0, {}, 0x0, 0x4, 0xc, 0x11, "4b8b3ea46929dfed0b2f34380d308f95a023d009852471dd5a94a9fe9549918ae7fd1f0ece5b861375b108403362cfe0f4fccffb1b6a2115354d4df15d017a3f", "2363f18d9acc6c25af21ca2af6d2e80e4caadd6d126cfb80c92dc817d44dcdec", [0x1, 0x616]})
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r6, 0x4008941a, &(0x7f0000000040)=0x2)
ioctl$LOOP_CLR_FD(r5, 0x4c01)
ioctl$LOOP_CHANGE_FD(r5, 0x4c06, 0xffffffffffffffff)

23.899457359s ago: executing program 3 (id=904):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li")
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90500000000000000c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"})

23.409255424s ago: executing program 3 (id=905):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc))
pipe2(&(0x7f0000000140)={<r1=>0xffffffffffffffff}, 0x0)
read$char_usb(r1, &(0x7f0000000840)=""/160, 0xa0)
close(r1)
rt_sigreturn()
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
mlockall(0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSPGRP(r2, 0x5410, 0x0)

19.88310466s ago: executing program 4 (id=914):
r0 = gettid()
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x3938700}}, 0x0)
mlockall(0x1)
r1 = socket(0x2, 0x3, 0x6)
recvfrom$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

19.273079176s ago: executing program 3 (id=916):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = signalfd(0xffffffffffffffff, &(0x7f0000000000), 0x8)
readv(r1, 0x0, 0x0)
close(r1)
timer_settime(0x0, 0x0, &(0x7f00000000c0)={{}, {0x0, 0x3938700}}, 0x0)
rt_sigreturn()
mknod(&(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

2.617821936s ago: executing program 2 (id=954):
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, 0x0)

2.460445984s ago: executing program 2 (id=955):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)={0x28, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}]}, 0x28}}, 0x0)

2.274633044s ago: executing program 2 (id=956):
r0 = socket$alg(0x26, 0x5, 0x0)
syz_emit_ethernet(0x3be, &(0x7f0000000ec0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0088a827008100230086dd6000000003803afffe8000000000000000000000000000bbff02000000000000000000000000000186009078000000000000000000000000000aa78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af030200010000000500000000260004000318fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409eb1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cabea2af9d7ebe668177304c5fd4698c934de4731f3f61effc978001d06aa6d616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b03452dccf81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b104185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000000b17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f40b032107b8a3e100908f61640000006f00fcc0ffff00000000000000ff0bc0fe000010000000000002000002d9a0274500040000000013eaf4000000145e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c0005d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"], 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000540)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000100)="3a10bd003aba0c70", 0x8}], 0x1, &(0x7f0000000740)=ANY=[@ANYBLOB="300000000000000017e2ffff010000001800000045f43a7ce45002bdb85e47ab3e39597e422ffab456dd963a000000001800000000000000170100000400000006020000004000001800000000000000170100000300000001"], 0x60}], 0x1, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r1, 0x11, 0x1, &(0x7f0000000040)=0x3d, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, 0x3b, 0x107, 0x0, 0x0, {0x4}, [@typed={0x4}, @nested={0x4, 0x8}]}, 0x1c}}, 0x0)
write$binfmt_script(r2, &(0x7f0000000140), 0x208e24b)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-384-generic\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x3d, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbacf01416ac141416440809114d2f87e5940c05ab840c13f2325f1a39014402038da188", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_open_dev$video(&(0x7f0000000040), 0x0, 0x0)
sendfile(r5, r2, 0x0, 0x7ffff000)

1.356256871s ago: executing program 2 (id=957):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240))
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)
close(r0)

975.328088ms ago: executing program 2 (id=958):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x44})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r1, 0x0)

0s ago: executing program 2 (id=959):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r0}, 0x10)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)={0x28, r2, 0x7, 0x0, 0x0, {{0x2}, {@val={0x8, 0x2}, @void, @val={0xc, 0x99, {0x1}}}}}, 0x28}}, 0x0)

kernel console output (not intermixed with test programs):

usb8: usbfs: interface 0 claimed by hub while 'syz.0.580' sets config #0
[  255.917825][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  255.924590][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  256.210768][ T7607] loop0: detected capacity change from 0 to 256
[  256.245877][ T7607] vfat: Unknown parameter 'short'
[  256.436339][ T5107] Bluetooth: hci1: Malformed LE Event: 0x0b
[  256.539991][ T7612] loop0: detected capacity change from 0 to 2048
[  256.555421][   T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  256.583163][ T7612] udf: Bad value for 'dmode'
[  256.604100][ T7615] loop4: detected capacity change from 0 to 128
[  257.214372][ T2481] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  257.618257][ T7614] loop4: detected capacity change from 0 to 2048
[  257.675348][ T7614] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.604400][ T7630] netlink: 44 bytes leftover after parsing attributes in process `syz.1.587'.
[  258.763828][ T7635] loop3: detected capacity change from 0 to 128
[  258.865276][ T5110] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.006860][ T7635] loop3: detected capacity change from 0 to 2048
[  259.154629][ T7635] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.802985][ T7026] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.870163][ T7649] usb usb8: usbfs: interface 0 claimed by hub while 'syz.1.592' sets config #0
[  259.962803][    T8] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  260.166006][    T8] usb 1-1: Using ep0 maxpacket: 8
[  260.245077][    T8] usb 1-1: New USB device found, idVendor=0830, idProduct=0080, bcdDevice=46.ac
[  260.262521][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.296317][    T8] usb 1-1: Product: syz
[  260.306633][    T8] usb 1-1: Manufacturer: syz
[  260.329124][    T8] usb 1-1: SerialNumber: syz
[  260.346087][    T8] usb 1-1: config 0 descriptor??
[  260.379025][    T8] kl5kusb105 1-1:0.0: KL5KUSB105D / PalmConnect converter detected
[  260.443737][    T8] usb 1-1: KL5KUSB105D / PalmConnect converter now attached to ttyUSB0
[  260.787645][ T5112] usb 1-1: USB disconnect, device number 8
[  260.840681][ T5112] kl5kusb105d ttyUSB0: KL5KUSB105D / PalmConnect converter now disconnected from ttyUSB0
[  260.901736][ T5112] kl5kusb105 1-1:0.0: device disconnected
[  261.001194][ T7663] 9pnet_fd: Insufficient options for proto=fd
[  262.342106][ T2512] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  262.473197][ T7673] FAULT_INJECTION: forcing a failure.
[  262.473197][ T7673] name failslab, interval 1, probability 0, space 0, times 0
[  262.486553][ T7673] CPU: 1 UID: 0 PID: 7673 Comm: syz.3.599 Not tainted 6.10.0-next-20240719-syzkaller #0
[  262.496297][ T7673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  262.506341][ T7673] Call Trace:
[  262.509606][ T7673]  <TASK>
[  262.512526][ T7673]  dump_stack_lvl+0x241/0x360
[  262.517195][ T7673]  ? __pfx_dump_stack_lvl+0x10/0x10
[  262.522379][ T7673]  ? __pfx__printk+0x10/0x10
[  262.526963][ T7673]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  262.532932][ T7673]  ? __pfx___might_resched+0x10/0x10
[  262.538208][ T7673]  should_fail_ex+0x3b0/0x4e0
[  262.542873][ T7673]  should_failslab+0xac/0x100
[  262.547534][ T7673]  ? __alloc_skb+0x1c3/0x440
[  262.552110][ T7673]  kmem_cache_alloc_node_noprof+0x71/0x320
[  262.557905][ T7673]  ? aa_label_sk_perm+0x4f0/0x6d0
[  262.562920][ T7673]  __alloc_skb+0x1c3/0x440
[  262.567327][ T7673]  ? __pfx___alloc_skb+0x10/0x10
[  262.572261][ T7673]  pfkey_sendmsg+0x1da/0x1050
[  262.576929][ T7673]  ? __pfx___might_resched+0x10/0x10
[  262.582209][ T7673]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  262.587316][ T7673]  ? aa_sk_perm+0x96d/0xab0
[  262.591814][ T7673]  ? __pfx_aa_sk_perm+0x10/0x10
[  262.596656][ T7673]  ? __might_fault+0xaa/0x120
[  262.601322][ T7673]  ? __pfx_lock_release+0x10/0x10
[  262.606338][ T7673]  ? __import_iovec+0x536/0x820
[  262.611175][ T7673]  ? aa_sock_msg_perm+0x91/0x160
[  262.616101][ T7673]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  262.621369][ T7673]  ? security_socket_sendmsg+0x87/0xb0
[  262.626821][ T7673]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  262.631917][ T7673]  __sock_sendmsg+0x221/0x270
[  262.636588][ T7673]  ____sys_sendmsg+0x525/0x7d0
[  262.641346][ T7673]  ? __pfx_____sys_sendmsg+0x10/0x10
[  262.646651][ T7673]  __sys_sendmsg+0x2b0/0x3a0
[  262.651231][ T7673]  ? __pfx___sys_sendmsg+0x10/0x10
[  262.656338][ T7673]  ? vfs_write+0x7c4/0xc90
[  262.660770][ T7673]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  262.667086][ T7673]  ? do_syscall_64+0x100/0x230
[  262.671835][ T7673]  ? do_syscall_64+0xb6/0x230
[  262.676500][ T7673]  do_syscall_64+0xf3/0x230
[  262.680987][ T7673]  ? clear_bhb_loop+0x35/0x90
[  262.685662][ T7673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.691557][ T7673] RIP: 0033:0x7f73e9375f19
[  262.695960][ T7673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.715560][ T7673] RSP: 002b:00007f73ea068048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  262.723961][ T7673] RAX: ffffffffffffffda RBX: 00007f73e9506110 RCX: 00007f73e9375f19
[  262.731916][ T7673] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000005
[  262.739870][ T7673] RBP: 00007f73ea0680a0 R08: 0000000000000000 R09: 0000000000000000
[  262.747830][ T7673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.755784][ T7673] R13: 000000000000006e R14: 00007f73e9506110 R15: 00007ffff50e07f8
[  262.763751][ T7673]  </TASK>
[  262.967759][ T2512] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  263.287889][ T7676] loop0: detected capacity change from 0 to 128
[  263.543843][ T7675] loop0: detected capacity change from 0 to 2048
[  263.612150][ T7675] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  263.801099][    C0] eth0: bad gso: type: 1, size: 1408
[  263.982973][ T7141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.994996][ T7687] loop2: detected capacity change from 0 to 256
[  264.021281][ T7687] vfat: Unknown parameter 'short'
[  264.116226][ T7691] loop3: detected capacity change from 0 to 256
[  264.159971][ T5107] Bluetooth: hci6: Malformed LE Event: 0x0b
[  264.238352][ T7691] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.604' sets config #0
[  264.297196][ T7693] loop2: detected capacity change from 0 to 2048
[  264.349355][ T7693] udf: Bad value for 'dmode'
[  265.824713][ T7713] usb usb8: usbfs: interface 0 claimed by hub while 'syz.1.608' sets config #0
[  266.083249][ T7715] loop2: detected capacity change from 0 to 1024
[  266.603389][ T7715] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.763433][ T7715] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  266.819777][ T7721] 9pnet_fd: Insufficient options for proto=fd
[  266.892017][ T7724] loop3: detected capacity change from 0 to 256
[  266.943037][ T7724] vfat: Unknown parameter 'short'
[  267.042698][ T5107] Bluetooth: hci0: Malformed LE Event: 0x0b
[  267.148418][ T6893] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.589669][ T7732] loop2: detected capacity change from 0 to 512
[  267.626798][ T7732] EXT4-fs error (device loop2): ext4_orphan_get:1391: comm syz.2.616: inode #13: comm syz.2.616: iget: illegal inode #
[  267.662628][    T9] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  267.662633][ T7732] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.616: couldn't read orphan inode 13 (err -117)
[  267.664817][ T7732] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.872617][    T9] usb 5-1: Using ep0 maxpacket: 32
[  267.881910][ T6893] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.040773][ T7736] loop2: detected capacity change from 0 to 256
[  268.041570][    T9] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  268.075240][ T2512] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  268.118812][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  268.135503][ T7736] usb usb8: usbfs: interface 0 claimed by hub while 'syz.2.617' sets config #0
[  268.228719][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  268.262232][ T7741] loop0: detected capacity change from 0 to 128
[  268.311098][    T9] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  268.340494][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.379132][    T9] usb 5-1: Product: syz
[  268.395022][    T9] usb 5-1: Manufacturer: syz
[  268.399646][    T9] usb 5-1: SerialNumber: syz
[  268.411150][ T7741] loop0: detected capacity change from 0 to 2048
[  268.439218][    T9] usb 5-1: config 0 descriptor??
[  268.467081][ T7730] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  268.487828][    T9] hub 5-1:0.0: bad descriptor, ignoring hub
[  268.509330][    T9] hub 5-1:0.0: probe with driver hub failed with error -5
[  268.534592][ T7741] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.599614][    T9] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input8
[  268.654226][    C0] eth0: bad gso: type: 1, size: 1408
[  268.719824][   T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  268.862529][ T5107] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  268.888558][ T2475] usb 5-1: USB disconnect, device number 14
[  268.888714][    C0] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  269.138352][ T7141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.561275][ T7771] loop4: detected capacity change from 0 to 256
[  270.592870][ T7773] loop3: detected capacity change from 0 to 512
[  270.601600][ T7771] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.629' sets config #0
[  270.649540][ T7773] journal_path: Lookup failure for './file0'
[  270.713139][ T7773] EXT4-fs: error: could not find journal device path
[  270.813468][ T7777] loop4: detected capacity change from 0 to 256
[  270.894843][ T7777] vfat: Unknown parameter 'short'
[  270.963682][ T7780] loop3: detected capacity change from 0 to 1024
[  271.018459][ T7780] hfsplus: unable to parse mount options
[  271.068311][ T5107] Bluetooth: hci4: Malformed LE Event: 0x0b
[  272.192059][ T7772] loop0: detected capacity change from 0 to 32768
[  272.365175][   T29] audit: type=1800 audit(1721755092.425:9): pid=7767 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.627" name="bus" dev="loop0" ino=7 res=0 errno=0
[  272.780306][ T7793] loop4: detected capacity change from 0 to 128
[  273.020307][ T7793] loop4: detected capacity change from 0 to 2048
[  273.154180][ T7793] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  273.479659][ T7798] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  273.853775][ T2862] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  274.261890][ T5110] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.656126][   T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  274.893522][ T7787] usb usb8: usbfs: interface 0 claimed by hub while 'syz.1.631' sets config #0
[  275.102001][ T7817] netlink: 'syz.4.639': attribute type 1 has an invalid length.
[  275.559249][ T7817] bond1: (slave gre1): The slave device specified does not support setting the MAC address
[  275.581915][ T7817] bond1: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  275.605935][ T7822] loop3: detected capacity change from 0 to 256
[  275.619219][ T7817] bond1: (slave gre1): making interface the new active one
[  275.653704][ T7817] bond1: (slave gre1): Enslaving as an active interface with an up link
[  275.738745][ T7822] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.640' sets config #0
[  276.287132][ T7834] loop0: detected capacity change from 0 to 1024
[  276.376125][ T7834] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  276.534227][ T7834] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  276.547340][ T7843] loop4: detected capacity change from 0 to 128
[  276.706104][ T7840] loop4: detected capacity change from 0 to 2048
[  276.757292][ T7141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.111293][ T7840] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.587116][ T7852] netlink: 'syz.2.650': attribute type 2 has an invalid length.
[  277.669680][ T5110] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.686429][ T7854] loop0: detected capacity change from 0 to 128
[  277.810648][ T7854] loop0: detected capacity change from 0 to 2048
[  277.921439][ T7854] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.949952][ T7861] loop4: detected capacity change from 0 to 256
[  277.985776][ T7861] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.652' sets config #0
[  278.177036][ T7141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.186522][ T5153] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  278.372631][ T5153] usb 3-1: Using ep0 maxpacket: 32
[  278.386762][ T5153] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  278.484963][ T5153] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  278.512581][ T5153] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  278.560264][ T5153] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  278.592525][ T5153] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.633944][ T5153] usb 3-1: Product: syz
[  278.638136][ T5153] usb 3-1: Manufacturer: syz
[  278.708081][ T5153] usb 3-1: SerialNumber: syz
[  278.774230][ T5153] usb 3-1: config 0 descriptor??
[  278.802374][ T7864] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  278.861858][ T5153] hub 3-1:0.0: bad descriptor, ignoring hub
[  278.921350][ T5153] hub 3-1:0.0: probe with driver hub failed with error -5
[  278.978521][ T5153] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input9
[  279.195502][ T7884] loop0: detected capacity change from 0 to 1024
[  279.240166][ T5107] Bluetooth: hci6: Received unexpected HCI Event 0x00
[  279.250720][ T5153] usb 3-1: USB disconnect, device number 10
[  279.256655][    C0] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  279.301056][ T7884] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.487659][ T7884] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  279.596146][   T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  279.624647][ T7141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.246557][ T2481] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  280.391599][ T7893] loop0: detected capacity change from 0 to 256
[  280.733496][ T7901] loop4: detected capacity change from 0 to 256
[  280.785522][ T7901] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.665' sets config #0
[  280.860148][ T7904] loop3: detected capacity change from 0 to 128
[  280.922965][    T8] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  281.135628][    T8] usb 2-1: Using ep0 maxpacket: 8
[  281.156009][ T7902] loop3: detected capacity change from 0 to 2048
[  281.157666][    T8] usb 2-1: New USB device found, idVendor=0830, idProduct=0080, bcdDevice=46.ac
[  281.185322][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.213745][    T8] usb 2-1: Product: syz
[  281.226148][    T8] usb 2-1: Manufacturer: syz
[  281.236430][    T8] usb 2-1: SerialNumber: syz
[  281.254356][    T8] usb 2-1: config 0 descriptor??
[  281.271767][    T8] kl5kusb105 2-1:0.0: KL5KUSB105D / PalmConnect converter detected
[  281.282950][ T7902] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  281.341559][    T8] usb 2-1: KL5KUSB105D / PalmConnect converter now attached to ttyUSB0
[  281.612683][ T7913] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  281.636689][ T5112] usb 2-1: USB disconnect, device number 7
[  281.647684][ T7026] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.654543][ T5112] kl5kusb105d ttyUSB0: KL5KUSB105D / PalmConnect converter now disconnected from ttyUSB0
[  281.688993][ T7916] usb usb8: usbfs: interface 0 claimed by hub while 'syz.0.661' sets config #0
[  281.693762][ T5112] kl5kusb105 2-1:0.0: device disconnected
[  282.186483][    C0] eth0: bad gso: type: 1, size: 1408
[  282.704407][ T7937] 9pnet_fd: Insufficient options for proto=fd
[  283.375638][ T7940] loop0: detected capacity change from 0 to 256
[  283.530224][ T7940] usb usb8: usbfs: interface 0 claimed by hub while 'syz.0.676' sets config #0
[  283.706276][ T7953] loop2: detected capacity change from 0 to 128
[  283.880779][ T7946] loop2: detected capacity change from 0 to 2048
[  283.957449][ T7946] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.156029][ T6893] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.156537][ T7934] loop3: detected capacity change from 0 to 32768
[  284.233731][ T5107] Bluetooth: hci7: Malformed LE Event: 0x0b
[  284.260627][   T29] audit: type=1800 audit(1721755104.315:10): pid=7934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.673" name="bus" dev="loop3" ino=7 res=0 errno=0
[  284.690812][ T7972] loop2: detected capacity change from 0 to 256
[  284.715659][ T2862] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  284.731414][ T7971] loop4: detected capacity change from 0 to 1024
[  284.798079][ T7971] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  284.952023][ T7969] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  285.124382][ T5110] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.262609][    T8] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  285.340862][ T7979] batadv_slave_1: entered promiscuous mode
[  285.460698][ T7979] loop4: detected capacity change from 0 to 2048
[  285.493398][    T8] usb 4-1: Using ep0 maxpacket: 8
[  285.501977][   T29] audit: type=1326 audit(1721755105.555:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7981 comm="syz.0.689" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce41175f19 code=0x0
[  285.527839][ T2862] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  285.536237][    T8] usb 4-1: New USB device found, idVendor=0830, idProduct=0080, bcdDevice=46.ac
[  285.564146][ T7983] usb usb8: usbfs: interface 0 claimed by hub while 'syz.2.686' sets config #0
[  285.570167][ T7979] UDF-fs: warning (device loop4): udf_fill_super: No fileset found
[  285.585810][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.607592][    T8] usb 4-1: Product: syz
[  285.617981][    T8] usb 4-1: Manufacturer: syz
[  285.636067][    T8] usb 4-1: SerialNumber: syz
[  285.651971][    T8] usb 4-1: config 0 descriptor??
[  285.666359][ T7978] batadv_slave_1: left promiscuous mode
[  285.675540][    T8] kl5kusb105 4-1:0.0: KL5KUSB105D / PalmConnect converter detected
[  285.727805][    T8] usb 4-1: KL5KUSB105D / PalmConnect converter now attached to ttyUSB0
[  285.850920][ T7989] loop4: detected capacity change from 0 to 256
[  285.899903][ T7989] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.690' sets config #0
[  286.115585][ T5104] usb 4-1: USB disconnect, device number 4
[  286.557364][ T5104] kl5kusb105d ttyUSB0: KL5KUSB105D / PalmConnect converter now disconnected from ttyUSB0
[  286.570312][ T5104] kl5kusb105 4-1:0.0: device disconnected
[  286.821435][ T7999] loop0: detected capacity change from 0 to 128
[  286.997349][ T7999] loop0: detected capacity change from 0 to 2048
[  287.054262][ T7999] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  287.360209][ T7141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.515997][ T8021] loop2: detected capacity change from 0 to 256
[  287.582264][ T8021] usb usb8: usbfs: interface 0 claimed by hub while 'syz.2.701' sets config #0
[  288.194453][ T8034] loop0: detected capacity change from 0 to 256
[  288.201730][ T8034] vfat: Unknown parameter 'short'
[  288.289171][ T5107] Bluetooth: hci1: Malformed LE Event: 0x0b
[  288.423181][ T8036] loop0: detected capacity change from 0 to 2048
[  288.475462][ T8036] udf: Bad value for 'dmode'
[  289.037980][ T5153] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  289.256807][ T8050] loop4: detected capacity change from 0 to 256
[  289.813956][ T8058] loop0: detected capacity change from 0 to 128
[  289.922689][ T8060] netlink: 'syz.2.711': attribute type 2 has an invalid length.
[  289.948807][ T8062] usb usb8: usbfs: interface 0 claimed by hub while 'syz.1.712' sets config #0
[  289.972854][ T8058] loop0: detected capacity change from 0 to 2048
[  290.039691][ T8058] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.163307][ T8052] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.708' sets config #0
[  290.337119][ T7141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.476018][ T2481] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  290.637174][ T2481] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  291.386979][ T5107] Bluetooth: hci7: Malformed LE Event: 0x0b
[  291.624895][ T8077] loop0: detected capacity change from 0 to 32768
[  291.708826][   T29] audit: type=1800 audit(1721755111.765:12): pid=8077 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.715" name="bus" dev="loop0" ino=7 res=0 errno=0
[  292.317246][ T8103] netlink: 'syz.4.724': attribute type 2 has an invalid length.
[  292.539314][ T8106] loop0: detected capacity change from 0 to 256
[  292.627258][ T8106] usb usb8: usbfs: interface 0 claimed by hub while 'syz.0.723' sets config #0
[  292.838970][ T8109] FAULT_INJECTION: forcing a failure.
[  292.838970][ T8109] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  292.869515][ T8114] loop2: detected capacity change from 0 to 128
[  292.879153][ T8109] CPU: 0 UID: 0 PID: 8109 Comm: syz.4.726 Not tainted 6.10.0-next-20240719-syzkaller #0
[  292.888902][ T8109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  292.898980][ T8109] Call Trace:
[  292.902272][ T8109]  <TASK>
[  292.905219][ T8109]  dump_stack_lvl+0x241/0x360
[  292.909917][ T8109]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.915138][ T8109]  ? __pfx__printk+0x10/0x10
[  292.919767][ T8109]  ? snprintf+0xda/0x120
[  292.924026][ T8109]  should_fail_ex+0x3b0/0x4e0
[  292.928724][ T8109]  _copy_to_user+0x2f/0xb0
[  292.933153][ T8109]  simple_read_from_buffer+0xca/0x150
[  292.938528][ T8109]  proc_fail_nth_read+0x1ec/0x260
[  292.943549][ T8109]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  292.949086][ T8109]  ? rw_verify_area+0x520/0x6b0
[  292.953930][ T8109]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  292.959465][ T8109]  vfs_read+0x204/0xbc0
[  292.963610][ T8109]  ? __pfx_lock_release+0x10/0x10
[  292.968630][ T8109]  ? __pfx_vfs_read+0x10/0x10
[  292.973296][ T8109]  ? __might_fault+0xc6/0x120
[  292.977960][ T8109]  ? __fget_files+0x29/0x470
[  292.982543][ T8109]  ? __fget_files+0x3f6/0x470
[  292.987224][ T8109]  ksys_read+0x1a0/0x2c0
[  292.991461][ T8109]  ? __pfx_ksys_read+0x10/0x10
[  292.996217][ T8109]  ? do_syscall_64+0x100/0x230
[  293.000974][ T8109]  ? do_syscall_64+0xb6/0x230
[  293.005639][ T8109]  do_syscall_64+0xf3/0x230
[  293.010131][ T8109]  ? clear_bhb_loop+0x35/0x90
[  293.014803][ T8109]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.020683][ T8109] RIP: 0033:0x7f63b37749fc
[  293.025085][ T8109] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  293.044680][ T8109] RSP: 002b:00007f63b4601040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  293.053085][ T8109] RAX: ffffffffffffffda RBX: 00007f63b3906038 RCX: 00007f63b37749fc
[  293.061046][ T8109] RDX: 000000000000000f RSI: 00007f63b46010b0 RDI: 0000000000000006
[  293.069002][ T8109] RBP: 00007f63b46010a0 R08: 0000000000000000 R09: 0000000000000000
[  293.076959][ T8109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  293.084914][ T8109] R13: 000000000000006e R14: 00007f63b3906038 R15: 00007ffce87e8228
[  293.092886][ T8109]  </TASK>
[  293.219744][ T8121] loop0: detected capacity change from 0 to 512
[  293.308410][ T8122] loop2: detected capacity change from 0 to 2048
[  293.346977][ T8121] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  293.360151][ T8121] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  293.424422][ T8122] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.793954][ T6893] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.209962][ T8146] usb usb8: usbfs: interface 0 claimed by hub while 'syz.1.732' sets config #0
[  294.369698][ T8148] loop4: detected capacity change from 0 to 256
[  294.393182][ T8150] netlink: 'syz.2.736': attribute type 2 has an invalid length.
[  294.414229][ T8148] vfat: Unknown parameter 'short'
[  294.517632][ T5107] Bluetooth: hci4: Malformed LE Event: 0x0b
[  294.580483][ T7141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  294.637872][ T8153] loop4: detected capacity change from 0 to 2048
[  294.686551][ T8153] udf: Bad value for 'dmode'
[  294.709573][ T8155] loop0: detected capacity change from 0 to 256
[  294.806867][ T8155] usb usb8: usbfs: interface 0 claimed by hub while 'syz.0.737' sets config #0
[  295.221702][    C0] eth0: bad gso: type: 1, size: 1408
[  295.596568][   T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  295.920339][ T8140] loop3: detected capacity change from 0 to 32768
[  296.074162][   T29] audit: type=1800 audit(1721755116.135:13): pid=8137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.733" name="bus" dev="loop3" ino=7 res=0 errno=0
[  296.109064][ T8170] loop4: detected capacity change from 0 to 128
[  296.155379][ T8137] jfs: Unrecognized mount option "ÿÿÿÿÿÿÿÿÿÿ¤	Z*¬ð¿Ë m˜.Dc�8�'ñ@Ø×C9Gö9œùõ?À9†Så¦{»1Ÿ¿JÆöÌÕ¬¿á5æÒÔŒöÀ‰Ýöqqÿ³±Yˆç³”ÅÚóá" or missing value
[  296.234903][   T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  296.319261][ T8170] loop4: detected capacity change from 0 to 2048
[  296.431419][ T8170] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.496385][ T8183] loop0: detected capacity change from 0 to 128
[  296.675409][ T8175] loop0: detected capacity change from 0 to 2048
[  296.764617][ T8175] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.815408][ T5110] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.120524][ T7141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.456416][ T8197] xt_CT: You must specify a L4 protocol and not use inversions on it
[  297.537393][ T5107] Bluetooth: hci7: Malformed LE Event: 0x0b
[  297.882262][ T8207] loop3: detected capacity change from 0 to 256
[  298.806714][ T8213] 9pnet_fd: Insufficient options for proto=fd
[  299.866151][ T8228] netlink: 28 bytes leftover after parsing attributes in process `syz.0.759'.
[  299.894549][ T8228] netlink: 28 bytes leftover after parsing attributes in process `syz.0.759'.
[  299.961170][ T8218] loop2: detected capacity change from 0 to 32768
[  300.023763][ T8235] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.753' sets config #0
[  300.091375][ T8218] jfs: Unrecognized mount option "ÿÿÿÿÿÿÿÿÿÿ¤	Z*¬ð¿Ë m˜.Dc�8�'ñ@Ø×C9Gö9œùõ?À9†Så¦{»1Ÿ¿JÆöÌÕ¬¿á5æÒÔŒöÀ‰Ýöqqÿ³±Yˆç³”ÅÚóá" or missing value
[  300.187600][   T29] audit: type=1800 audit(1721755120.225:14): pid=8215 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.756" name="bus" dev="loop2" ino=7 res=0 errno=0
[  300.207588][    C0] vkms_vblank_simulate: vblank timer overrun
[  301.149913][ T8236] loop0: detected capacity change from 0 to 32768
[  301.212933][ T8236] jfs: Unrecognized mount option "nðB`
[  301.212933][ T8236] îIp[odiscard" or missing value
[  301.353743][   T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  302.012910][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  302.096713][ T8255] loop4: detected capacity change from 0 to 256
[  302.150429][ T8261] bond_slave_0: entered promiscuous mode
[  302.156554][ T8261] bond_slave_1: entered promiscuous mode
[  302.165002][ T8255] vfat: Unknown parameter 'short'
[  302.220337][ T8263] 9pnet_fd: Insufficient options for proto=fd
[  302.260406][ T5107] Bluetooth: hci4: Malformed LE Event: 0x0b
[  302.328639][ T8266] loop4: detected capacity change from 0 to 2048
[  302.351198][ T8266] udf: Bad value for 'dmode'
[  302.541211][ T8269] bond_slave_0: entered promiscuous mode
[  302.546973][ T8269] bond_slave_1: entered promiscuous mode
[  302.625149][ T8261] bond_slave_0: left promiscuous mode
[  302.631037][ T8261] bond_slave_1: left promiscuous mode
[  302.766183][ T8269] bond_slave_0: left promiscuous mode
[  302.771675][ T8269] bond_slave_1: left promiscuous mode
[  303.087404][ T8274] loop3: detected capacity change from 0 to 256
[  303.243906][    C0] eth0: bad gso: type: 1, size: 1408
[  304.054066][ T8278] loop2: detected capacity change from 0 to 32768
[  304.109673][   T29] audit: type=1800 audit(1721755124.165:15): pid=8278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.772" name="bus" dev="loop2" ino=7 res=0 errno=0
[  304.150374][ T8278] jfs: Unrecognized mount option "ÿÿÿÿÿÿÿÿÿÿ¤	Z*¬ð¿Ë m˜.Dc�8�'ñ@Ø×C9Gö9œùõ?À9†Så¦{»1Ÿ¿JÆöÌÕ¬¿á5æÒÔŒöÀ‰Ýöqqÿ³±Yˆç³”ÅÚóá" or missing value
[  304.168091][ T8296] loop4: detected capacity change from 0 to 32768
[  304.179223][ T8296] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.778 (8296)
[  304.206387][ T8296] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  304.218724][ T8296] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  304.227564][ T8296] BTRFS info (device loop4): using free-space-tree
[  305.359388][ T5110] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  305.452953][ T8325] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.771' sets config #0
[  307.447118][ T2481] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  307.582100][ T8340] netlink: 'syz.4.785': attribute type 2 has an invalid length.
[  307.652389][ T8342] loop0: detected capacity change from 0 to 128
[  307.754711][   T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  307.822338][ T8342] loop0: detected capacity change from 0 to 2048
[  307.932723][    T8] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  307.966076][ T8342] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  308.317725][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  308.380204][    T8] usb 4-1: New USB device found, idVendor=8086, idProduct=0630, bcdDevice=83.b4
[  308.414652][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.422257][ T7141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.443093][ T8358] loop4: detected capacity change from 0 to 256
[  308.450033][ T8358] exfat: Deprecated parameter 'namecase'
[  308.455772][ T8358] exfat: Deprecated parameter 'utf8'
[  308.462649][ T8358] exfat: Deprecated parameter 'namecase'
[  308.483573][    T8] usb 4-1: Product: syz
[  308.495400][    T8] usb 4-1: Manufacturer: syz
[  308.512300][    T8] usb 4-1: SerialNumber: syz
[  308.528957][    T8] usb 4-1: config 0 descriptor??
[  308.550801][ T8358] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  308.584900][    T8] gspca_main: spca500-2.14.0 probing 8086:0630
[  308.874298][ T8361] 9pnet_fd: Insufficient options for proto=fd
[  309.539582][ T8368] loop4: detected capacity change from 0 to 256
[  310.188797][ T8371] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.793' sets config #0
[  310.392729][    T8] usb 4-1: USB disconnect, device number 5
[  310.563642][ T8380] netlink: 'syz.2.798': attribute type 2 has an invalid length.
[  311.374309][ T8391] block device autoloading is deprecated and will be removed.
[  312.130458][ T8402] loop2: detected capacity change from 0 to 128
[  312.198496][ T8403] 9pnet_fd: Insufficient options for proto=fd
[  312.227629][ T8402] msdos: Bad value for 'dmask'
[  312.496829][ T8402] netlink: 12 bytes leftover after parsing attributes in process `syz.2.804'.
[  312.635532][ T2481] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  313.512846][   T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  313.682661][    T8] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  313.716742][ T8418] loop4: detected capacity change from 0 to 1024
[  313.792412][ T8418] hfsplus: failed to load root directory
[  313.899734][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  313.986305][    T8] usb 2-1: New USB device found, idVendor=8086, idProduct=0630, bcdDevice=83.b4
[  314.023207][ T8423] netlink: 'syz.2.811': attribute type 2 has an invalid length.
[  314.035961][ T5109] Bluetooth: hci4: unexpected subevent 0x01 length: 78 > 18
[  314.043336][ T5109] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  314.075575][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.166758][    T8] usb 2-1: Product: syz
[  314.170954][    T8] usb 2-1: Manufacturer: syz
[  314.189297][ T8424] loop4: detected capacity change from 0 to 1024
[  314.195516][    T8] usb 2-1: SerialNumber: syz
[  314.239775][    T8] usb 2-1: config 0 descriptor??
[  314.253391][ T8424] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  314.266380][    T8] gspca_main: spca500-2.14.0 probing 8086:0630
[  314.319418][ T4502] Bluetooth: hci6: command 0x0406 tx timeout
[  314.918515][ T8441] loop2: detected capacity change from 0 to 256
[  315.261876][ T8444] dummy0: entered promiscuous mode
[  315.278283][ T8444] dummy0: left promiscuous mode
[  315.737909][ T8450] loop4: detected capacity change from 0 to 256
[  315.744644][ T8450] exfat: Deprecated parameter 'namecase'
[  315.750323][ T8450] exfat: Deprecated parameter 'utf8'
[  315.755701][ T8450] exfat: Deprecated parameter 'namecase'
[  315.765495][ T8450] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  316.217144][ T8456] usb usb8: usbfs: interface 0 claimed by hub while 'syz.2.815' sets config #0
[  316.351321][ T5112] usb 2-1: USB disconnect, device number 9
[  316.351662][    C0] eth0: bad gso: type: 1, size: 1408
[  316.942994][ T5112] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  317.098698][ T8470] loop0: detected capacity change from 0 to 256
[  317.109288][ T8470] vfat: Unknown parameter 'short'
[  317.154619][ T8468] loop3: detected capacity change from 0 to 256
[  317.174948][ T5112] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  317.220385][ T5107] Bluetooth: hci1: Malformed LE Event: 0x0b
[  317.244277][ T5112] usb 2-1: New USB device found, idVendor=8086, idProduct=0630, bcdDevice=83.b4
[  317.272942][ T5112] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  317.281149][ T5112] usb 2-1: Product: syz
[  317.291308][ T5112] usb 2-1: Manufacturer: syz
[  317.298445][ T5112] usb 2-1: SerialNumber: syz
[  317.316185][ T5112] usb 2-1: config 0 descriptor??
[  317.344331][ T5112] gspca_main: spca500-2.14.0 probing 8086:0630
[  317.373430][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  317.379734][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  317.401143][ T8468] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.823' sets config #0
[  317.411615][ T8473] loop0: detected capacity change from 0 to 2048
[  317.463320][ T8473] udf: Bad value for 'dmode'
[  317.527847][ T5154] usb 2-1: USB disconnect, device number 10
[  317.993976][ T2481] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  318.196198][ T8488] input: syz1 as /devices/virtual/input/input10
[  318.220884][ T8490] raw_sendmsg: syz.2.832 forgot to set AF_INET. Fix it!
[  318.234663][ T8486] loop3: detected capacity change from 0 to 512
[  318.277837][ T8486] EXT4-fs: Ignoring removed nobh option
[  318.312310][ T8486] EXT4-fs: quotafile must be on filesystem root
[  318.658858][ T8501] loop2: detected capacity change from 0 to 512
[  318.708609][ T8501] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.817808][ T8501] ext4 filesystem being mounted at /96/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  318.850665][ T8510] netlink: 20 bytes leftover after parsing attributes in process `syz.1.841'.
[  318.959023][ T8514] loop0: detected capacity change from 0 to 256
[  319.001472][ T8514] vfat: Unknown parameter 'yns_resolver'
[  319.029789][ T6893] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.253923][    C0] eth0: bad gso: type: 1, size: 1408
[  319.274081][   T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  319.853369][ T8540] overlayfs: missing 'lowerdir'
[  320.086265][ T8548] loop2: detected capacity change from 0 to 512
[  320.210898][ T8548] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.259941][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.325202][ T8548] ext4 filesystem being mounted at /100/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  320.494068][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.661938][ T6893] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.675756][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.910817][ T8564] overlayfs: failed to resolve './file0': -2
[  321.064710][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.539241][   T11] bridge_slave_1: left allmulticast mode
[  321.551317][ T4502] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  321.570839][ T4502] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  321.572319][   T11] bridge_slave_1: left promiscuous mode
[  321.603782][ T4502] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  321.614728][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.623543][ T4502] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  321.633654][ T4502] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  321.642739][ T4502] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  321.779662][   T11] bridge_slave_0: left allmulticast mode
[  321.815121][   T11] bridge_slave_0: left promiscuous mode
[  321.820919][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.209102][ T8597] overlayfs: failed to resolve './file0': -2
[  322.596056][ T8607] loop4: detected capacity change from 0 to 128
[  322.603945][ T8601] netlink: 20 bytes leftover after parsing attributes in process `syz.2.881'.
[  322.736737][ T8607] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  322.752217][ T8607] ext4 filesystem being mounted at /215/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  322.761040][ T8564] loop3: detected capacity change from 0 to 32768
[  322.885409][ T8564] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  323.075533][ T8622] loop2: detected capacity change from 0 to 512
[  323.116227][ T8622] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  323.123877][ T5110] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  323.208921][ T8622] EXT4-fs (loop2): 1 truncate cleaned up
[  323.215649][ T8626] overlayfs: missing 'lowerdir'
[  323.243784][ T8622] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  323.454795][ T8564] XFS (loop3): Ending clean mount
[  323.495879][ T8564] XFS (loop3): Quotacheck needed: Please wait.
[  323.690482][ T8564] XFS (loop3): Quotacheck: Done.
[  323.743267][ T8636] 9pnet_fd: Insufficient options for proto=fd
[  323.755092][   T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  323.766611][ T4502] Bluetooth: hci1: command tx timeout
[  323.896020][ T7026] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  323.925903][ T8622] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.400817][   T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  324.554572][ T4502] Bluetooth: hci0: command 0x0406 tx timeout
[  324.738392][ T5109] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  324.752010][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  324.771604][ T5109] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  324.783931][ T5109] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  324.799238][ T5109] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  324.811883][ T5109] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  324.819414][ T5109] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  324.870708][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  324.904447][   T11] bond0 (unregistering): Released all slaves
[  325.427597][    C0] eth0: bad gso: type: 1, size: 1408
[  325.632337][ T8669] loop4: detected capacity change from 0 to 2048
[  325.749192][ T8669] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  325.838525][ T4502] Bluetooth: hci1: command tx timeout
[  325.857630][ T8679] loop3: detected capacity change from 0 to 256
[  325.938077][   T29] audit: type=1804 audit(1721755145.995:16): pid=8679 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.902" name="/newroot/58/file1/file0" dev="loop3" ino=1048653 res=1 errno=0
[  326.035869][   T11] hsr_slave_0: left promiscuous mode
[  326.050053][   T11] hsr_slave_1: left promiscuous mode
[  326.191712][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  326.203233][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  326.316044][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  326.328157][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  326.392305][   T11] veth1_macvtap: left promiscuous mode
[  326.419298][   T11] veth0_macvtap: left promiscuous mode
[  326.436748][   T11] veth1_vlan: left promiscuous mode
[  326.454315][   T11] veth0_vlan: left promiscuous mode
[  326.874786][ T4502] Bluetooth: hci5: command tx timeout
[  326.898722][ T8690] loop3: detected capacity change from 0 to 128
[  326.982634][   T29] audit: type=1800 audit(1721755147.035:17): pid=8690 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.904" name="bus" dev="loop3" ino=1048654 res=0 errno=0
[  327.244667][ T7026] VFS: Lookup of '.  ' in vfat loop3 would have caused loop
[  327.284024][ T7026] VFS: Lookup of '.  ' in vfat loop3 would have caused loop
[  327.920423][ T4502] Bluetooth: hci1: command tx timeout
[  328.365332][   T11] team0 (unregistering): Port device team_slave_1 removed
[  328.542063][   T11] team0 (unregistering): Port device team_slave_0 removed
[  328.952741][ T4502] Bluetooth: hci5: command tx timeout
[  329.506622][ T8711] loop2: detected capacity change from 0 to 256
[  329.518263][ T2448] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  329.604747][   T29] audit: type=1804 audit(1721755149.625:18): pid=8711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.912" name="/newroot/119/file1/file0" dev="loop2" ino=1048664 res=1 errno=0
[  329.994667][ T4502] Bluetooth: hci1: command tx timeout
[  330.152975][   T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  330.594963][ T5110] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.038405][ T4502] Bluetooth: hci5: command tx timeout
[  331.207742][ T8578] chnl_net:caif_netlink_parms(): no params data found
[  331.319124][ T8651] chnl_net:caif_netlink_parms(): no params data found
[  331.874050][ T8578] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.881273][ T8578] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.920924][ T8578] bridge_slave_0: entered allmulticast mode
[  331.974117][ T8578] bridge_slave_0: entered promiscuous mode
[  332.106465][ T8578] bridge0: port 2(bridge_slave_1) entered blocking state
[  332.116223][ T8578] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.161322][ T8578] bridge_slave_1: entered allmulticast mode
[  332.181939][ T5109] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  332.191288][ T8578] bridge_slave_1: entered promiscuous mode
[  332.194820][ T5109] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  332.207676][ T5109] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  332.216493][ T5109] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  332.224838][ T5109] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  332.232256][ T5109] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  332.405658][ T4502] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  332.416486][ T4502] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  332.432227][ T4502] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  332.450596][ T4502] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  332.451945][ T8651] bridge0: port 1(bridge_slave_0) entered blocking state
[  332.472731][ T4502] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  332.482788][ T4502] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  332.541171][ T8651] bridge0: port 1(bridge_slave_0) entered disabled state
[  332.592709][ T8651] bridge_slave_0: entered allmulticast mode
[  332.627072][ T8651] bridge_slave_0: entered promiscuous mode
[  332.663665][ T8651] bridge0: port 2(bridge_slave_1) entered blocking state
[  332.670849][ T8651] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.703284][ T8651] bridge_slave_1: entered allmulticast mode
[  332.742772][ T8651] bridge_slave_1: entered promiscuous mode
[  332.805200][ T8578] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  333.114023][ T8578] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  333.133324][ T5109] Bluetooth: hci5: command tx timeout
[  333.335771][ T8651] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  333.400135][ T8651] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  333.500745][ T8578] team0: Port device team_slave_0 added
[  333.724228][ T8578] team0: Port device team_slave_1 added
[  333.898964][ T8651] team0: Port device team_slave_0 added
[  334.196028][   T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.322778][ T5109] Bluetooth: hci0: command tx timeout
[  334.348608][ T8651] team0: Port device team_slave_1 added
[  334.362353][ T8578] batman_adv: batadv0: Adding interface: batadv_slave_0
[  334.402350][ T8578] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.476753][ T8578] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  334.552653][ T5109] Bluetooth: hci4: command tx timeout
[  334.659060][   T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.868201][ T8578] batman_adv: batadv0: Adding interface: batadv_slave_1
[  334.890447][ T8578] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.890835][ T8780] dccp_invalid_packet: P.Data Offset(172) too large
[  334.954236][ T8578] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  335.124974][   T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.175937][ T8651] batman_adv: batadv0: Adding interface: batadv_slave_0
[  335.197003][ T8651] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.244817][ T8651] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  335.270434][ T8651] batman_adv: batadv0: Adding interface: batadv_slave_1
[  335.278519][ T2512] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  335.286172][ T8651] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.352515][ T8651] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  335.442174][ T8783] netlink: 52 bytes leftover after parsing attributes in process `syz.2.926'.
[  335.451271][ T8783] netlink: 52 bytes leftover after parsing attributes in process `syz.2.926'.
[  335.479158][ T8783] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  335.595966][   T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.932888][   T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  335.985728][ T8578] hsr_slave_0: entered promiscuous mode
[  335.990858][ T8790] 9pnet_fd: Insufficient options for proto=fd
[  336.012197][ T8578] hsr_slave_1: entered promiscuous mode
[  336.062063][ T8578] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  336.072944][ T8578] Cannot create hsr debugfs directory
[  336.197355][ T8651] hsr_slave_0: entered promiscuous mode
[  336.221712][ T8651] hsr_slave_1: entered promiscuous mode
[  336.234878][ T8651] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  336.257286][ T8651] Cannot create hsr debugfs directory
[  336.392641][ T5109] Bluetooth: hci0: command tx timeout
[  336.532981][   T29] audit: type=1326 audit(1721755156.585:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8798 comm="syz.2.932" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff8b0d75f19 code=0x0
[  336.576740][ T8743] chnl_net:caif_netlink_parms(): no params data found
[  336.632995][ T5109] Bluetooth: hci4: command tx timeout
[  337.119721][ T8740] chnl_net:caif_netlink_parms(): no params data found
[  337.447570][   T29] audit: type=1326 audit(1721755157.505:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8818 comm="syz.2.933" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff8b0d75f19 code=0x0
[  337.584157][   T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.791006][ T8743] bridge0: port 1(bridge_slave_0) entered blocking state
[  337.805764][ T8743] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.833665][ T8743] bridge_slave_0: entered allmulticast mode
[  337.859347][ T8743] bridge_slave_0: entered promiscuous mode
[  337.877361][ T8743] bridge0: port 2(bridge_slave_1) entered blocking state
[  337.892343][ T8743] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.908646][ T8743] bridge_slave_1: entered allmulticast mode
[  337.923851][ T8743] bridge_slave_1: entered promiscuous mode
[  338.018122][   T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.339365][ T8823] loop2: detected capacity change from 0 to 128
[  338.437442][   T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.481175][ T5109] Bluetooth: hci0: command tx timeout
[  338.681807][ T8743] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  338.716935][ T5109] Bluetooth: hci4: command tx timeout
[  338.726543][ T8743] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  338.892882][   T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.011817][ T8740] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.032993][ T8740] bridge0: port 1(bridge_slave_0) entered disabled state
[  339.040192][ T8740] bridge_slave_0: entered allmulticast mode
[  339.094002][ T8740] bridge_slave_0: entered promiscuous mode
[  339.173569][ T8743] team0: Port device team_slave_0 added
[  339.205209][ T8743] team0: Port device team_slave_1 added
[  339.283175][ T8740] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.290321][ T8740] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.315093][ T8740] bridge_slave_1: entered allmulticast mode
[  339.332628][ T8740] bridge_slave_1: entered promiscuous mode
[  339.466129][ T8651] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.616025][ T8743] batman_adv: batadv0: Adding interface: batadv_slave_0
[  339.639096][ T8743] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  339.730478][ T8743] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  339.873604][ T8740] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  339.970455][ T8651] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.033387][ T8743] batman_adv: batadv0: Adding interface: batadv_slave_1
[  340.040363][ T8743] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  340.132825][ T8743] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  340.132930][ T8854] loop2: detected capacity change from 0 to 1024
[  340.206434][ T8740] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  340.792820][ T5109] Bluetooth: hci0: command tx timeout
[  340.792973][ T4502] Bluetooth: hci4: command tx timeout
[  340.860679][ T8651] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.017528][ T8740] team0: Port device team_slave_0 added
[  341.033528][   T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  341.054988][ T8740] team0: Port device team_slave_1 added
[  341.146231][ T8651] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.487323][ T8740] batman_adv: batadv0: Adding interface: batadv_slave_0
[  341.513220][ T8740] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  341.586795][ T8740] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  341.625009][ T8740] batman_adv: batadv0: Adding interface: batadv_slave_1
[  341.651191][ T8740] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  341.679401][   T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  341.717874][ T8740] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  341.797968][ T8743] hsr_slave_0: entered promiscuous mode
[  341.823032][ T8743] hsr_slave_1: entered promiscuous mode
[  341.846050][ T8743] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  341.867812][ T8743] Cannot create hsr debugfs directory
[  342.058475][   T11] bridge_slave_1: left allmulticast mode
[  342.082843][   T11] bridge_slave_1: left promiscuous mode
[  342.089238][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.186288][   T11] bridge_slave_0: left allmulticast mode
[  342.212515][   T11] bridge_slave_0: left promiscuous mode
[  342.218309][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.294566][   T11] bridge_slave_1: left allmulticast mode
[  342.300232][   T11] bridge_slave_1: left promiscuous mode
[  342.331893][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.403495][   T11] bridge_slave_0: left allmulticast mode
[  342.409156][   T11] bridge_slave_0: left promiscuous mode
[  342.424293][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.458721][   T11] bridge_slave_1: left allmulticast mode
[  342.464648][   T11] bridge_slave_1: left promiscuous mode
[  342.470367][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.554344][   T11] bridge_slave_0: left allmulticast mode
[  342.560875][   T11] bridge_slave_0: left promiscuous mode
[  342.577649][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  343.002536][ T5104] libceph: connect (1)[c::]:6789 error -101
[  343.009266][ T5104] libceph: mon0 (1)[c::]:6789 connect error
[  343.150667][ T8870] ceph: No mds server is up or the cluster is laggy
[  343.853747][   T11] bond1 (unregistering): (slave gre1): Releasing backup interface
[  344.592413][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  344.616459][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  344.685061][   T11] bond0 (unregistering): Released all slaves
[  345.031464][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  345.072818][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  345.102269][   T11] bond0 (unregistering): Released all slaves
[  345.121666][   T11] bond1 (unregistering): Released all slaves
[  345.503128][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  345.532676][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  345.555565][   T11] bond0 (unregistering): Released all slaves
[  345.647624][ T8740] hsr_slave_0: entered promiscuous mode
[  345.679622][ T8740] hsr_slave_1: entered promiscuous mode
[  345.699507][ T8740] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  345.713473][ T8740] Cannot create hsr debugfs directory
[  346.156760][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  346.607897][ T8651] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  346.644052][ T8651] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  346.726049][ T8885] [U] 
[  346.953048][ T8651] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  347.006888][ T8651] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  347.289431][ T8894] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  347.438161][ T2448] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  347.659289][ T8578] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  347.727299][ T8578] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  347.924415][ T8578] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  347.954188][ T8578] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  348.500766][   T11] hsr_slave_0: left promiscuous mode
[  348.553123][   T11] hsr_slave_1: left promiscuous mode
[  348.563864][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  348.571309][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  348.642888][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  348.650310][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  348.697834][   T11] hsr_slave_0: left promiscuous mode
[  348.751781][   T11] hsr_slave_1: left promiscuous mode
[  348.771572][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  348.812558][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  348.849668][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  348.874787][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  348.919379][   T11] hsr_slave_0: left promiscuous mode
[  348.933211][   T11] hsr_slave_1: left promiscuous mode
[  348.978409][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  348.992518][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  349.003705][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  349.011123][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  349.199468][   T11] veth1_macvtap: left promiscuous mode
[  349.226587][   T11] veth0_macvtap: left promiscuous mode
[  349.252780][   T11] veth1_vlan: left promiscuous mode
[  349.259700][   T11] veth0_vlan: left promiscuous mode
[  349.284414][   T11] veth1_macvtap: left promiscuous mode
[  349.289959][   T11] veth0_macvtap: left promiscuous mode
[  349.302747][   T11] veth1_vlan: left promiscuous mode
[  349.323199][   T11] veth0_vlan: left promiscuous mode
[  349.381102][   T11] veth1_macvtap: left promiscuous mode
[  349.402671][   T11] veth0_macvtap: left promiscuous mode
[  349.408320][   T11] veth1_vlan: left promiscuous mode
[  349.442648][   T11] veth0_vlan: left promiscuous mode
[  349.562887][ T8919] [U] 
[  351.174320][   T11] team0 (unregistering): Port device team_slave_1 removed
[  351.282756][   T11] team0 (unregistering): Port device team_slave_0 removed
[  351.924295][   T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  352.553858][ T2862] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  353.406601][   T11] team0 (unregistering): Port device team_slave_1 removed
[  353.560053][   T11] team0 (unregistering): Port device team_slave_0 removed
[  354.322538][    C1] DEBUG: waiting rtnl_mutex for 504 jiffies.
[  354.328965][    C1] task:kworker/0:3     state:D stack:19928 pid:5104  tgid:5104  ppid:2      flags:0x00004000
[  354.339219][    C1] Workqueue: events linkwatch_event
[  354.344486][    C1] Call Trace:
[  354.347784][    C1]  <TASK>
[  354.350735][    C1]  __schedule+0x1800/0x4a60
[  354.355331][    C1]  ? __pfx___schedule+0x10/0x10
[  354.360215][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  354.366268][    C1]  ? __pfx_lock_release+0x10/0x10
[  354.371316][    C1]  ? kick_pool+0x45c/0x620
[  354.375797][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  354.381020][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  354.386290][    C1]  ? schedule+0x90/0x320
[  354.390555][    C1]  schedule+0x14b/0x320
[  354.394785][    C1]  schedule_preempt_disabled+0x13/0x30
[  354.400267][    C1]  __mutex_lock+0x6a4/0xd70
[  354.404843][    C1]  ? __mutex_lock+0x527/0xd70
[  354.409548][    C1]  ? linkwatch_event+0xe/0x60
[  354.414292][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  354.419347][    C1]  ? get_rtnl_holder+0x144/0x190
[  354.424330][    C1]  ? process_scheduled_works+0x945/0x1830
[  354.430067][    C1]  linkwatch_event+0xe/0x60
[  354.434622][    C1]  process_scheduled_works+0xa2c/0x1830
[  354.440222][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  354.446285][    C1]  ? assign_work+0x364/0x3d0
[  354.450903][    C1]  worker_thread+0x86d/0xd40
[  354.455550][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  354.461476][    C1]  ? __kthread_parkme+0x169/0x1d0
[  354.466556][    C1]  ? __pfx_worker_thread+0x10/0x10
[  354.471689][    C1]  kthread+0x2f0/0x390
[  354.475798][    C1]  ? __pfx_worker_thread+0x10/0x10
[  354.480937][    C1]  ? __pfx_kthread+0x10/0x10
[  354.485573][    C1]  ret_from_fork+0x4b/0x80
[  354.490027][    C1]  ? __pfx_kthread+0x10/0x10
[  354.494684][    C1]  ret_from_fork_asm+0x1a/0x30
[  354.499489][    C1]  </TASK>
[  354.502549][    C1] DEBUG: waiting rtnl_mutex for 607 jiffies.
[  354.508534][    C1] task:syz-executor    state:D stack:21728 pid:8578  tgid:8578  ppid:8556   flags:0x00004000
[  354.518763][    C1] Call Trace:
[  354.522047][    C1]  <TASK>
[  354.525016][    C1]  __schedule+0x1800/0x4a60
[  354.529561][    C1]  ? __pfx___schedule+0x10/0x10
[  354.534460][    C1]  ? __pfx_lock_release+0x10/0x10
[  354.539505][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  354.545023][    C1]  ? schedule+0x90/0x320
[  354.549287][    C1]  schedule+0x14b/0x320
[  354.553491][    C1]  schedule_preempt_disabled+0x13/0x30
[  354.558971][    C1]  __mutex_lock+0x6a4/0xd70
[  354.563530][    C1]  ? __mutex_lock+0x527/0xd70
[  354.568231][    C1]  ? rtnetlink_rcv_msg+0x6eb/0xd00
[  354.573396][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  354.578455][    C1]  ? get_rtnl_holder+0x144/0x190
[  354.583452][    C1]  rtnetlink_rcv_msg+0x6eb/0xd00
[  354.588410][    C1]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[  354.593572][    C1]  ? __lock_acquire+0x1384/0x2050
[  354.598617][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  354.604145][    C1]  netlink_rcv_skb+0x1e3/0x430
[  354.608923][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  354.614435][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  354.619756][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  354.624999][    C1]  netlink_unicast+0x7f6/0x990
[  354.629795][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  354.635129][    C1]  ? __virt_addr_valid+0x183/0x530
[  354.640258][    C1]  ? __check_object_size+0x49c/0x900
[  354.645586][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  354.650723][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  354.655555][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  354.660853][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  354.666880][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  354.671842][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  354.677170][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  354.682690][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  354.687990][    C1]  __sock_sendmsg+0x221/0x270
[  354.692719][    C1]  __sys_sendto+0x3a4/0x4f0
[  354.697243][    C1]  ? __pfx___sys_sendto+0x10/0x10
[  354.702314][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  354.708358][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  354.714775][    C1]  __x64_sys_sendto+0xde/0x100
[  354.719569][    C1]  do_syscall_64+0xf3/0x230
[  354.724119][    C1]  ? clear_bhb_loop+0x35/0x90
[  354.728816][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.734753][    C1] RIP: 0033:0x7f12d0b77cac
[  354.739179][    C1] RSP: 002b:00007ffc100ea9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  354.747649][    C1] RAX: ffffffffffffffda RBX: 00007f12d1834620 RCX: 00007f12d0b77cac
[  354.755663][    C1] RDX: 0000000000000020 RSI: 00007f12d1834670 RDI: 0000000000000003
[  354.763669][    C1] RBP: 0000000000000000 R08: 00007ffc100eaa14 R09: 000000000000000c
[  354.771651][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  354.779666][    C1] R13: 0000000000000000 R14: 00007f12d1834670 R15: 0000000000000000
[  354.787699][    C1]  </TASK>
[  354.790727][    C1] DEBUG: holding rtnl_mutex for 633 jiffies.
[  354.796732][    C1] task:kworker/u8:0    state:D stack:20824 pid:11    tgid:11    ppid:2      flags:0x00004000
[  354.806948][    C1] Workqueue: netns cleanup_net
[  354.811735][    C1] Call Trace:
[  354.815053][    C1]  <TASK>
[  354.818000][    C1]  __schedule+0x1800/0x4a60
[  354.822576][    C1]  ? __pfx___schedule+0x10/0x10
[  354.827447][    C1]  ? __pfx_lock_release+0x10/0x10
[  354.832519][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  354.838436][    C1]  ? kthread_data+0x52/0xd0
[  354.842990][    C1]  ? wq_worker_sleeping+0x66/0x240
[  354.848127][    C1]  ? schedule+0x90/0x320
[  354.852390][    C1]  schedule+0x14b/0x320
[  354.856596][    C1]  synchronize_rcu_expedited+0x684/0x830
[  354.862245][    C1]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  354.868453][    C1]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  354.873778][    C1]  ? __pfx___might_resched+0x10/0x10
[  354.879078][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  354.885110][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[  354.891215][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  354.897611][    C1]  synchronize_rcu+0x11b/0x360
[  354.902390][    C1]  ? __pfx_synchronize_rcu+0x10/0x10
[  354.907733][    C1]  lockdep_unregister_key+0x4b7/0x540
[  354.913155][    C1]  ? __pfx_lockdep_unregister_key+0x10/0x10
[  354.919074][    C1]  ? rcu_is_watching+0x15/0xb0
[  354.923883][    C1]  ? qdisc_reset+0x3bf/0x5b0
[  354.928495][    C1]  __qdisc_destroy+0x165/0x410
[  354.933307][    C1]  dev_shutdown+0x357/0x450
[  354.937824][    C1]  unregister_netdevice_many_notify+0x97b/0x1c40
[  354.944228][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  354.951029][    C1]  ? unregister_netdevice_queue+0x26b/0x370
[  354.957011][    C1]  ? batadv_softif_destroy_netlink+0x1e3/0x270
[  354.963230][    C1]  default_device_exit_batch+0xa0f/0xa90
[  354.968895][    C1]  ? __pfx___might_resched+0x10/0x10
[  354.974256][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  354.980430][    C1]  ? cfg802154_pernet_exit+0xc3/0xe0
[  354.985766][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  354.991940][    C1]  cleanup_net+0x89d/0xcc0
[  354.996427][    C1]  ? __pfx_cleanup_net+0x10/0x10
[  355.001396][    C1]  ? process_scheduled_works+0x945/0x1830
[  355.007187][    C1]  process_scheduled_works+0xa2c/0x1830
[  355.012818][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  355.018833][    C1]  ? assign_work+0x364/0x3d0
[  355.023491][    C1]  worker_thread+0x86d/0xd40
[  355.028113][    C1]  ? __kthread_parkme+0x169/0x1d0
[  355.033206][    C1]  ? __pfx_worker_thread+0x10/0x10
[  355.038343][    C1]  kthread+0x2f0/0x390
[  355.042420][    C1]  ? __pfx_worker_thread+0x10/0x10
[  355.047602][    C1]  ? __pfx_kthread+0x10/0x10
[  355.052235][    C1]  ret_from_fork+0x4b/0x80
[  355.056720][    C1]  ? __pfx_kthread+0x10/0x10
[  355.061329][    C1]  ret_from_fork_asm+0x1a/0x30
[  355.066189][    C1]  </TASK>
[  355.069219][    C1] DEBUG: waiting rtnl_mutex for 661 jiffies.
[  355.075240][    C1] task:syz-executor    state:D stack:21728 pid:8651  tgid:8651  ppid:8637   flags:0x00000000
[  355.085477][    C1] Call Trace:
[  355.088773][    C1]  <TASK>
[  355.091721][    C1]  __schedule+0x1800/0x4a60
[  355.096313][    C1]  ? __pfx___schedule+0x10/0x10
[  355.101193][    C1]  ? __pfx_lock_release+0x10/0x10
[  355.106293][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  355.111788][    C1]  ? schedule+0x90/0x320
[  355.116100][    C1]  schedule+0x14b/0x320
[  355.120280][    C1]  schedule_preempt_disabled+0x13/0x30
[  355.125807][    C1]  __mutex_lock+0x6a4/0xd70
[  355.130336][    C1]  ? __mutex_lock+0x527/0xd70
[  355.135089][    C1]  ? rtnetlink_rcv_msg+0x6eb/0xd00
[  355.140229][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  355.145333][    C1]  ? get_rtnl_holder+0x144/0x190
[  355.150289][    C1]  rtnetlink_rcv_msg+0x6eb/0xd00
[  355.155280][    C1]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[  355.160418][    C1]  ? __lock_acquire+0x1384/0x2050
[  355.165508][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  355.171005][    C1]  netlink_rcv_skb+0x1e3/0x430
[  355.175813][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  355.181296][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  355.186649][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  355.191867][    C1]  netlink_unicast+0x7f6/0x990
[  355.196701][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  355.202009][    C1]  ? __virt_addr_valid+0x183/0x530
[  355.207194][    C1]  ? __check_object_size+0x49c/0x900
[  355.212530][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  355.217664][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  355.222513][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  355.227809][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  355.233920][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  355.238883][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  355.244226][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  355.249715][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  355.255045][    C1]  __sock_sendmsg+0x221/0x270
[  355.259757][    C1]  __sys_sendto+0x3a4/0x4f0
[  355.264337][    C1]  ? __pfx___sys_sendto+0x10/0x10
[  355.269405][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  355.275441][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  355.281800][    C1]  __x64_sys_sendto+0xde/0x100
[  355.286630][    C1]  do_syscall_64+0xf3/0x230
[  355.291165][    C1]  ? clear_bhb_loop+0x35/0x90
[  355.295914][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.301832][    C1] RIP: 0033:0x7f8c21b77cac
[  355.306314][    C1] RSP: 002b:00007ffc30d58af0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  355.314788][    C1] RAX: ffffffffffffffda RBX: 00007f8c22834620 RCX: 00007f8c21b77cac
[  355.322856][    C1] RDX: 0000000000000040 RSI: 00007f8c22834670 RDI: 0000000000000003
[  355.330856][    C1] RBP: 0000000000000000 R08: 00007ffc30d58b44 R09: 000000000000000c
[  355.338892][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  355.346910][    C1] R13: 0000000000000000 R14: 00007f8c22834670 R15: 0000000000000000
[  355.354958][    C1]  </TASK>
[  355.357998][    C1] DEBUG: waiting rtnl_mutex for 686 jiffies.
[  355.364035][    C1] task:syz-executor    state:D stack:21728 pid:8743  tgid:8743  ppid:8724   flags:0x00004002
[  355.374260][    C1] Call Trace:
[  355.377553][    C1]  <TASK>
[  355.380498][    C1]  __schedule+0x1800/0x4a60
[  355.385088][    C1]  ? __pfx___schedule+0x10/0x10
[  355.389970][    C1]  ? __pfx_lock_release+0x10/0x10
[  355.395185][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  355.400698][    C1]  ? schedule+0x90/0x320
[  355.405021][    C1]  schedule+0x14b/0x320
[  355.409205][    C1]  schedule_preempt_disabled+0x13/0x30
[  355.414734][    C1]  __mutex_lock+0x6a4/0xd70
[  355.419265][    C1]  ? __mutex_lock+0x527/0xd70
[  355.423998][    C1]  ? unregister_nexthop_notifier+0x17/0x40
[  355.429842][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  355.434933][    C1]  ? synchronize_rcu+0x11b/0x360
[  355.439890][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  355.446302][    C1]  ? get_rtnl_holder+0x144/0x190
[  355.451280][    C1]  unregister_nexthop_notifier+0x17/0x40
[  355.456988][    C1]  nsim_fib_destroy+0x89/0x180
[  355.461781][    C1]  nsim_dev_reload_destroy+0x2e3/0x490
[  355.467329][    C1]  ? __pfx_nsim_bus_remove+0x10/0x10
[  355.472671][    C1]  nsim_drv_remove+0x58/0x160
[  355.477386][    C1]  device_release_driver_internal+0x4a9/0x7c0
[  355.483561][    C1]  bus_remove_device+0x34f/0x420
[  355.488521][    C1]  device_del+0x57a/0x9b0
[  355.492919][    C1]  ? __pfx_device_del+0x10/0x10
[  355.497812][    C1]  device_unregister+0x20/0xc0
[  355.502655][    C1]  del_device_store+0x363/0x480
[  355.507526][    C1]  ? __pfx_del_device_store+0x10/0x10
[  355.512955][    C1]  ? sysfs_kf_write+0x182/0x2a0
[  355.517840][    C1]  ? bus_attr_store+0x4f/0xa0
[  355.522601][    C1]  ? __pfx_sysfs_kf_write+0x10/0x10
[  355.527820][    C1]  kernfs_fop_write_iter+0x3a1/0x500
[  355.533167][    C1]  vfs_write+0xa72/0xc90
[  355.537439][    C1]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  355.543315][    C1]  ? __pfx_vfs_write+0x10/0x10
[  355.548116][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  355.553369][    C1]  ? blkcg_maybe_throttle_current+0x1ab/0xb80
[  355.559479][    C1]  ksys_write+0x1a0/0x2c0
[  355.563893][    C1]  ? __pfx_ksys_write+0x10/0x10
[  355.568770][    C1]  ? do_syscall_64+0x100/0x230
[  355.573592][    C1]  ? do_syscall_64+0xb6/0x230
[  355.578293][    C1]  do_syscall_64+0xf3/0x230
[  355.582860][    C1]  ? clear_bhb_loop+0x35/0x90
[  355.587561][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.593510][    C1] RIP: 0033:0x7f06f6374a9f
[  355.597941][    C1] RSP: 002b:00007ffe39e4ab70 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  355.606423][    C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f06f6374a9f
[  355.614448][    C1] RDX: 0000000000000001 RSI: 00007ffe39e4abc0 RDI: 0000000000000005
[  355.622489][    C1] RBP: 00007f06f63e45b2 R08: 0000000000000000 R09: 00007ffe39e4a9c7
[  355.630480][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  355.638512][    C1] R13: 00007ffe39e4abc0 R14: 00007f06f7034620 R15: 0000000000000003
[  355.646553][    C1]  </TASK>
[  355.649586][    C1] DEBUG: waiting rtnl_mutex for 712 jiffies.
[  355.655613][    C1] task:kworker/u8:1    state:D stack:21008 pid:12    tgid:12    ppid:2      flags:0x00004000
[  355.665829][    C1] Workqueue: ipv6_addrconf addrconf_dad_work
[  355.671848][    C1] Call Trace:
[  355.675173][    C1]  <TASK>
[  355.678122][    C1]  __schedule+0x1800/0x4a60
[  355.682725][    C1]  ? __pfx___schedule+0x10/0x10
[  355.687606][    C1]  ? __pfx_lock_release+0x10/0x10
[  355.692702][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  355.698186][    C1]  ? kthread_data+0x52/0xd0
[  355.702764][    C1]  ? schedule+0x90/0x320
[  355.707035][    C1]  ? wq_worker_sleeping+0x66/0x240
[  355.712178][    C1]  ? schedule+0x90/0x320
[  355.716488][    C1]  schedule+0x14b/0x320
[  355.720671][    C1]  schedule_preempt_disabled+0x13/0x30
[  355.726201][    C1]  __mutex_lock+0x6a4/0xd70
[  355.730730][    C1]  ? mark_lock+0x9a/0x360
[  355.735134][    C1]  ? __mutex_lock+0x527/0xd70
[  355.739837][    C1]  ? addrconf_dad_work+0xd0/0x16f0
[  355.745020][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  355.750083][    C1]  ? get_rtnl_holder+0x144/0x190
[  355.755091][    C1]  addrconf_dad_work+0xd0/0x16f0
[  355.760061][    C1]  ? __pfx_addrconf_dad_work+0x10/0x10
[  355.765581][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  355.771947][    C1]  ? process_scheduled_works+0x945/0x1830
[  355.777743][    C1]  process_scheduled_works+0xa2c/0x1830
[  355.783375][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  355.789396][    C1]  ? assign_work+0x364/0x3d0
[  355.794063][    C1]  worker_thread+0x86d/0xd40
[  355.798688][    C1]  ? __kthread_parkme+0x169/0x1d0
[  355.803772][    C1]  ? __pfx_worker_thread+0x10/0x10
[  355.808907][    C1]  kthread+0x2f0/0x390
[  355.813045][    C1]  ? __pfx_worker_thread+0x10/0x10
[  355.818177][    C1]  ? __pfx_kthread+0x10/0x10
[  355.822820][    C1]  ret_from_fork+0x4b/0x80
[  355.827258][    C1]  ? __pfx_kthread+0x10/0x10
[  355.831862][    C1]  ret_from_fork_asm+0x1a/0x30
[  355.836713][    C1]  </TASK>
[  355.839746][    C1] DEBUG: waiting rtnl_mutex for 727 jiffies.
[  355.845781][    C1] task:dhcpcd          state:D stack:20672 pid:4771  tgid:4771  ppid:4770   flags:0x00000002
[  355.856001][    C1] Call Trace:
[  355.859298][    C1]  <TASK>
[  355.862243][    C1]  __schedule+0x1800/0x4a60
[  355.866837][    C1]  ? __pfx___schedule+0x10/0x10
[  355.871720][    C1]  ? __pfx_lock_release+0x10/0x10
[  355.876816][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  355.882308][    C1]  ? schedule+0x90/0x320
[  355.886629][    C1]  schedule+0x14b/0x320
[  355.890810][    C1]  schedule_preempt_disabled+0x13/0x30
[  355.896342][    C1]  __mutex_lock+0x6a4/0xd70
[  355.900879][    C1]  ? __mutex_lock+0x527/0xd70
[  355.905607][    C1]  ? rtnetlink_rcv_msg+0x6eb/0xd00
[  355.910748][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  355.915858][    C1]  ? get_rtnl_holder+0x144/0x190
[  355.920817][    C1]  rtnetlink_rcv_msg+0x6eb/0xd00
[  355.925811][    C1]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[  355.930956][    C1]  ? __lock_acquire+0x1384/0x2050
[  355.936054][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  355.941556][    C1]  netlink_rcv_skb+0x1e3/0x430
[  355.946372][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  355.951864][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  355.957243][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  355.962500][    C1]  netlink_unicast+0x7f6/0x990
[  355.967298][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  355.972634][    C1]  ? __virt_addr_valid+0x183/0x530
[  355.977770][    C1]  ? __check_object_size+0x49c/0x900
[  355.983114][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  355.988350][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  355.993203][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  355.998514][    C1]  ? __import_iovec+0x536/0x820
[  356.003438][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  356.008395][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  356.013728][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  356.019218][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  356.024562][    C1]  __sock_sendmsg+0x221/0x270
[  356.029278][    C1]  ____sys_sendmsg+0x525/0x7d0
[  356.034186][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  356.039504][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  356.045488][    C1]  __sys_sendmsg+0x2b0/0x3a0
[  356.050107][    C1]  ? __pfx___sys_sendmsg+0x10/0x10
[  356.055271][    C1]  ? netlink_bind+0xaeb/0xc90
[  356.060000][    C1]  ? __pfx___sys_bind+0x10/0x10
[  356.064908][    C1]  ? fd_install+0x35c/0x5d0
[  356.069444][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  356.075843][    C1]  ? do_syscall_64+0x100/0x230
[  356.080629][    C1]  ? do_syscall_64+0xb6/0x230
[  356.085368][    C1]  do_syscall_64+0xf3/0x230
[  356.089895][    C1]  ? clear_bhb_loop+0x35/0x90
[  356.094649][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.100565][    C1] RIP: 0033:0x7fe66112ea4b
[  356.105041][    C1] RSP: 002b:00007ffef51fbdf8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  356.113518][    C1] RAX: ffffffffffffffda RBX: 00007fe6610566c0 RCX: 00007fe66112ea4b
[  356.121505][    C1] RDX: 0000000000000000 RSI: 00007ffef520ffa8 RDI: 000000000000000e
[  356.129536][    C1] RBP: 000000000000000e R08: 0000000000000000 R09: 00007ffef520ffa8
[  356.137554][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
[  356.145582][    C1] R13: 00007ffef520ffa8 R14: 0000000000000048 R15: 0000000000000001
[  356.153617][    C1]  </TASK>
[  356.156649][    C1] 
[  356.156649][    C1] Showing all locks held in the system:
[  356.164411][    C1] 5 locks held by kworker/u8:0/11:
[  356.169917][    C1]  #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  356.180877][    C1]  #1: ffffc90000107d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  356.191498][    C1]  #2: ffffffff8f5fddd0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  356.200988][    C1]  #3: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90
[  356.211093][    C1]  #4: ffffffff8e33ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  356.222088][    C1] 3 locks held by kworker/u8:1/12:
[  356.227233][    C1]  #0: ffff88802a28e948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  356.238886][    C1]  #1: ffffc90000117d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  356.251784][    C1]  #2: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0
[  356.261282][    C1] 2 locks held by kswapd0/88:
[  356.266042][    C1] 1 lock held by dhcpcd/4771:
[  356.270731][    C1]  #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  356.280221][    C1] 2 locks held by getty/4857:
[  356.284951][    C1]  #0: ffff88802adeb0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  356.294775][    C1]  #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  356.304965][    C1] 1 lock held by syz-executor/5089:
[  356.310164][    C1]  #0: ffff88807d6fc168 (mapping.invalidate_lock){++++}-{3:3}, at: filemap_fault+0xb5b/0x1760
[  356.320515][    C1] 3 locks held by kworker/0:3/5104:
[  356.325765][    C1]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  356.336814][    C1]  #1: ffffc9000391fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  356.347872][    C1]  #2: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  356.356925][    C1] 4 locks held by syz.3.155/5786:
[  356.361962][    C1]  #0: ffff88801d4afc40 (mapping.invalidate_lock#2){.+.+}-{3:3}, at: page_cache_ra_unbounded+0xf7/0x7f0
[  356.373225][    C1]  #1: ffff8880b9537dc8 (lock#4){+.+.}-{2:2}, at: folio_add_lru+0x357/0xd70
[  356.381989][    C1]  #2: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[  356.392193][    C1]  #3: ffffffff8e337a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  356.402130][    C1] 1 lock held by syz-executor/8578:
[  356.407378][    C1]  #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  356.416865][    C1] 1 lock held by syz-executor/8651:
[  356.422072][    C1]  #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  356.431574][    C1] 4 locks held by syz-executor/8740:
[  356.436899][    C1]  #0: ffff88807b444420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90
[  356.445887][    C1]  #1: ffff88802f366488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[  356.455709][    C1]  #2: ffff888022bd31e8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[  356.465815][    C1]  #3: ffffffff8ef0c528 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[  356.476179][    C1] 7 locks held by syz-executor/8743:
[  356.481474][    C1]  #0: ffff88807b444420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90
[  356.490483][    C1]  #1: ffff8880163a5488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[  356.500326][    C1]  #2: ffff888022bd31e8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[  356.510447][    C1]  #3: ffffffff8ef0c528 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[  356.520801][    C1]  #4: ffff88807e9020e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0
[  356.531438][    C1]  #5: ffff88807e903250 (&devlink->lock_key#4){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160
[  356.541541][    C1]  #6: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: unregister_nexthop_notifier+0x17/0x40
[  356.551745][    C1] 2 locks held by syz.2.959/8923:
[  356.556800][    C1]  #0: ffffffff8f670390 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  356.565074][    C1]  #1: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0
[  356.574406][    C1] 
[  356.576732][    C1] =============================================
[  356.576732][    C1] 
[  357.604710][    C1] DEBUG: waiting rtnl_mutex for 833 jiffies.
[  357.610735][    C1] task:kworker/0:3     state:D stack:19928 pid:5104  tgid:5104  ppid:2      flags:0x00004000
[  357.620979][    C1] Workqueue: events linkwatch_event
[  357.626233][    C1] Call Trace:
[  357.629525][    C1]  <TASK>
[  357.632515][    C1]  __schedule+0x1800/0x4a60
[  357.637068][    C1]  ? __pfx___schedule+0x10/0x10
[  357.641932][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  357.647962][    C1]  ? __pfx_lock_release+0x10/0x10
[  357.653045][    C1]  ? kick_pool+0x45c/0x620
[  357.657494][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  357.662751][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  357.667984][    C1]  ? schedule+0x90/0x320
[  357.672243][    C1]  schedule+0x14b/0x320
[  357.676468][    C1]  schedule_preempt_disabled+0x13/0x30
[  357.681947][    C1]  __mutex_lock+0x6a4/0xd70
[  357.686516][    C1]  ? __mutex_lock+0x527/0xd70
[  357.691220][    C1]  ? linkwatch_event+0xe/0x60
[  357.695959][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  357.701026][    C1]  ? get_rtnl_holder+0x144/0x190
[  357.706027][    C1]  ? process_scheduled_works+0x945/0x1830
[  357.711768][    C1]  linkwatch_event+0xe/0x60
[  357.716319][    C1]  process_scheduled_works+0xa2c/0x1830
[  357.721915][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  357.727972][    C1]  ? assign_work+0x364/0x3d0
[  357.732616][    C1]  worker_thread+0x86d/0xd40
[  357.737235][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  357.743181][    C1]  ? __kthread_parkme+0x169/0x1d0
[  357.748233][    C1]  ? __pfx_worker_thread+0x10/0x10
[  357.753412][    C1]  kthread+0x2f0/0x390
[  357.757497][    C1]  ? __pfx_worker_thread+0x10/0x10
[  357.762656][    C1]  ? __pfx_kthread+0x10/0x10
[  357.767259][    C1]  ret_from_fork+0x4b/0x80
[  357.771693][    C1]  ? __pfx_kthread+0x10/0x10
[  357.776337][    C1]  ret_from_fork_asm+0x1a/0x30
[  357.781142][    C1]  </TASK>
[  357.784218][    C1] DEBUG: waiting rtnl_mutex for 710 jiffies.
[  357.790201][    C1] task:syz.2.959       state:D stack:23800 pid:8923  tgid:8922  ppid:6893   flags:0x00000004
[  357.800415][    C1] Call Trace:
[  357.803728][    C1]  <TASK>
[  357.806669][    C1]  __schedule+0x1800/0x4a60
[  357.811218][    C1]  ? __pfx___schedule+0x10/0x10
[  357.816140][    C1]  ? __pfx_lock_release+0x10/0x10
[  357.821193][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  357.826727][    C1]  ? schedule+0x90/0x320
[  357.831000][    C1]  schedule+0x14b/0x320
[  357.835208][    C1]  schedule_preempt_disabled+0x13/0x30
[  357.840687][    C1]  __mutex_lock+0x6a4/0xd70
[  357.845264][    C1]  ? __mutex_lock+0x527/0xd70
[  357.849973][    C1]  ? nl80211_pre_doit+0x5f/0x8b0
[  357.854997][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  357.860049][    C1]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  357.866344][    C1]  ? get_rtnl_holder+0x144/0x190
[  357.871299][    C1]  nl80211_pre_doit+0x5f/0x8b0
[  357.876134][    C1]  genl_rcv_msg+0xaaa/0xec0
[  357.880653][    C1]  ? mark_lock+0x9a/0x360
[  357.885035][    C1]  ? __pfx_genl_rcv_msg+0x10/0x10
[  357.890110][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  357.895201][    C1]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  357.900587][    C1]  ? __pfx_nl80211_set_wiphy+0x10/0x10
[  357.906084][    C1]  ? __pfx_nl80211_post_doit+0x10/0x10
[  357.911563][    C1]  ? __pfx___might_resched+0x10/0x10
[  357.916903][    C1]  netlink_rcv_skb+0x1e3/0x430
[  357.921698][    C1]  ? __pfx_genl_rcv_msg+0x10/0x10
[  357.926791][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  357.932129][    C1]  genl_rcv+0x28/0x40
[  357.936176][    C1]  netlink_unicast+0x7f6/0x990
[  357.940976][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  357.946298][    C1]  ? __virt_addr_valid+0x183/0x530
[  357.951425][    C1]  ? __check_object_size+0x49c/0x900
[  357.956757][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  357.961896][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  357.966735][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  357.972038][    C1]  ? __import_iovec+0x536/0x820
[  357.976934][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  357.981895][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  357.987238][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  357.992752][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  357.998052][    C1]  __sock_sendmsg+0x221/0x270
[  358.002789][    C1]  ____sys_sendmsg+0x525/0x7d0
[  358.007579][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  358.012926][    C1]  __sys_sendmsg+0x2b0/0x3a0
[  358.017546][    C1]  ? __pfx___sys_sendmsg+0x10/0x10
[  358.022723][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  358.028682][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  358.035063][    C1]  ? do_syscall_64+0x100/0x230
[  358.039839][    C1]  ? do_syscall_64+0xb6/0x230
[  358.044579][    C1]  do_syscall_64+0xf3/0x230
[  358.049096][    C1]  ? clear_bhb_loop+0x35/0x90
[  358.053830][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.059743][    C1] RIP: 0033:0x7ff8b0d75f19
[  358.064216][    C1] RSP: 002b:00007ff8b1a8c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  358.072677][    C1] RAX: ffffffffffffffda RBX: 00007ff8b0f05f60 RCX: 00007ff8b0d75f19
[  358.080664][    C1] RDX: 0000000000000000 RSI: 0000000020000580 RDI: 0000000000000006
[  358.088694][    C1] RBP: 00007ff8b0de4e68 R08: 0000000000000000 R09: 0000000000000000
[  358.096703][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  358.104710][    C1] R13: 000000000000000b R14: 00007ff8b0f05f60 R15: 00007ffdefe3cf58
[  358.112744][    C1]  </TASK>
[  358.115773][    C1] DEBUG: waiting rtnl_mutex for 969 jiffies.
[  358.121752][    C1] task:syz-executor    state:D stack:21728 pid:8578  tgid:8578  ppid:8556   flags:0x00004000
[  358.131993][    C1] Call Trace:
[  358.135306][    C1]  <TASK>
[  358.138249][    C1]  __schedule+0x1800/0x4a60
[  358.142827][    C1]  ? __pfx___schedule+0x10/0x10
[  358.147701][    C1]  ? __pfx_lock_release+0x10/0x10
[  358.152787][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  358.158265][    C1]  ? schedule+0x90/0x320
[  358.162559][    C1]  schedule+0x14b/0x320
[  358.166737][    C1]  schedule_preempt_disabled+0x13/0x30
[  358.172212][    C1]  __mutex_lock+0x6a4/0xd70
[  358.176791][    C1]  ? __mutex_lock+0x527/0xd70
[  358.181495][    C1]  ? rtnetlink_rcv_msg+0x6eb/0xd00
[  358.186685][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  358.191746][    C1]  ? get_rtnl_holder+0x144/0x190
[  358.196751][    C1]  rtnetlink_rcv_msg+0x6eb/0xd00
[  358.201721][    C1]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[  358.206905][    C1]  ? __lock_acquire+0x1384/0x2050
[  358.211966][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  358.217526][    C1]  netlink_rcv_skb+0x1e3/0x430
[  358.222319][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  358.227843][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  358.233214][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  358.238435][    C1]  netlink_unicast+0x7f6/0x990
[  358.243254][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  358.248563][    C1]  ? __virt_addr_valid+0x183/0x530
[  358.253736][    C1]  ? __check_object_size+0x49c/0x900
[  358.259036][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  358.264206][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  358.269009][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  358.274351][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  358.280356][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  358.285361][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  358.290659][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  358.296170][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  358.301468][    C1]  __sock_sendmsg+0x221/0x270
[  358.306216][    C1]  __sys_sendto+0x3a4/0x4f0
[  358.310746][    C1]  ? __pfx___sys_sendto+0x10/0x10
[  358.315868][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  358.321875][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  358.328274][    C1]  __x64_sys_sendto+0xde/0x100
[  358.333097][    C1]  do_syscall_64+0xf3/0x230
[  358.337622][    C1]  ? clear_bhb_loop+0x35/0x90
[  358.342324][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.348284][    C1] RIP: 0033:0x7f12d0b77cac
[  358.352758][    C1] RSP: 002b:00007ffc100ea9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  358.361208][    C1] RAX: ffffffffffffffda RBX: 00007f12d1834620 RCX: 00007f12d0b77cac
[  358.369240][    C1] RDX: 0000000000000020 RSI: 00007f12d1834670 RDI: 0000000000000003
[  358.377254][    C1] RBP: 0000000000000000 R08: 00007ffc100eaa14 R09: 000000000000000c
[  358.385263][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  358.393287][    C1] R13: 0000000000000000 R14: 00007f12d1834670 R15: 0000000000000000
[  358.401294][    C1]  </TASK>
[  358.404351][    C1] DEBUG: holding rtnl_mutex for 994 jiffies.
[  358.410336][    C1] task:kworker/u8:0    state:R  running task     stack:20824 pid:11    tgid:11    ppid:2      flags:0x00004008
[  358.422136][    C1] Workqueue: netns cleanup_net
[  358.426953][    C1] Call Trace:
[  358.430251][    C1]  <IRQ>
[  358.433162][    C1]  sched_show_task+0x506/0x6d0
[  358.437954][    C1]  ? report_rtnl_holders+0x2a5/0x400
[  358.443310][    C1]  ? __pfx__printk+0x10/0x10
[  358.447928][    C1]  ? __pfx_sched_show_task+0x10/0x10
[  358.453282][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  358.459203][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  358.465598][    C1]  report_rtnl_holders+0x327/0x400
[  358.470745][    C1]  call_timer_fn+0x18e/0x650
[  358.475408][    C1]  ? call_timer_fn+0xc0/0x650
[  358.480104][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[  358.485792][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  358.490943][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[  358.496648][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[  358.502311][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[  358.508029][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  358.513282][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  358.518499][    C1]  ? __pfx_report_rtnl_holders+0x10/0x10
[  358.524196][    C1]  __run_timer_base+0x66a/0x8e0
[  358.529083][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  358.534519][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  358.540886][    C1]  run_timer_softirq+0xb7/0x170
[  358.545796][    C1]  handle_softirqs+0x2c4/0x970
[  358.550590][    C1]  ? __irq_exit_rcu+0xf4/0x1c0
[  358.555427][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  358.560740][    C1]  ? irqtime_account_irq+0xd4/0x1e0
[  358.566007][    C1]  __irq_exit_rcu+0xf4/0x1c0
[  358.570616][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  358.575872][    C1]  irq_exit_rcu+0x9/0x30
[  358.580134][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  358.585815][    C1]  </IRQ>
[  358.588754][    C1]  <TASK>
[  358.591757][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  358.597797][    C1] RIP: 0010:preempt_schedule_irq+0xf6/0x1c0
[  358.603737][    C1] Code: 89 f5 49 c1 ed 03 eb 0d 48 f7 03 08 00 00 00 0f 84 8b 00 00 00 bf 01 00 00 00 e8 c5 e1 c5 f5 e8 30 8d fe f5 fb bf 01 00 00 00 <e8> 55 ad ff ff 43 80 7c 3d 00 00 74 08 4c 89 f7 e8 f5 49 5e f6 48
[  358.623403][    C1] RSP: 0018:ffffc90000107460 EFLAGS: 00000286
[  358.629492][    C1] RAX: 4e6175336ecda400 RBX: 1ffff92000020e94 RCX: ffffffff817022aa
[  358.637527][    C1] RDX: dffffc0000000000 RSI: ffffffff8bcad540 RDI: 0000000000000001
[  358.645549][    C1] RBP: ffffc90000107510 R08: ffffffff9301080f R09: 1ffffffff2602101
[  358.653579][    C1] R10: dffffc0000000000 R11: fffffbfff2602102 R12: 1ffff92000020e8c
[  358.661569][    C1] R13: 1ffff92000020e90 R14: ffffc90000107480 R15: dffffc0000000000
[  358.669612][    C1]  ? mark_lock+0x9a/0x360
[  358.674003][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  358.679754][    C1]  irqentry_exit+0x5e/0x90
[  358.684218][    C1]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  358.689693][    C1] RIP: 0010:synchronize_rcu+0x0/0x360
[  358.695115][    C1] Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 d5 1f 81 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48
[  358.714762][    C1] RSP: 0018:ffffc900001075d8 EFLAGS: 00000206
[  358.720848][    C1] RAX: dffffc0000000000 RBX: 1ffff92000020ec4 RCX: ffffffff94808903
[  358.728880][    C1] RDX: 0000000000000001 RSI: ffffffff8bcae220 RDI: ffffffff8c20aee0
[  358.736904][    C1] RBP: ffffc900001076b8 R08: ffffffff947f609f R09: 1ffffffff28fec13
[  358.744925][    C1] R10: dffffc0000000000 R11: fffffbfff28fec14 R12: ffffffff947f3eb8
[  358.752960][    C1] R13: 1ffff92000020ec0 R14: 0000000000000a06 R15: ffffc90000107620
[  358.760964][    C1]  lockdep_unregister_key+0x4b7/0x540
[  358.766395][    C1]  ? __pfx_lockdep_unregister_key+0x10/0x10
[  358.772316][    C1]  ? rcu_is_watching+0x15/0xb0
[  358.777136][    C1]  ? qdisc_reset+0x3bf/0x5b0
[  358.781750][    C1]  __qdisc_destroy+0x165/0x410
[  358.786582][    C1]  dev_shutdown+0x9b/0x450
[  358.791024][    C1]  unregister_netdevice_many_notify+0x97b/0x1c40
[  358.797437][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  358.804265][    C1]  ? unregister_netdevice_queue+0x26b/0x370
[  358.810184][    C1]  ? batadv_softif_destroy_netlink+0x1e3/0x270
[  358.816402][    C1]  default_device_exit_batch+0xa0f/0xa90
[  358.822066][    C1]  ? __pfx___might_resched+0x10/0x10
[  358.827418][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  358.833622][    C1]  ? cfg802154_pernet_exit+0xc3/0xe0
[  358.838925][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  358.845127][    C1]  cleanup_net+0x89d/0xcc0
[  358.849576][    C1]  ? __pfx_cleanup_net+0x10/0x10
[  358.854589][    C1]  ? process_scheduled_works+0x945/0x1830
[  358.860326][    C1]  process_scheduled_works+0xa2c/0x1830
[  358.865961][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  358.871971][    C1]  ? assign_work+0x364/0x3d0
[  358.876628][    C1]  worker_thread+0x86d/0xd40
[  358.881258][    C1]  ? __kthread_parkme+0x169/0x1d0
[  358.886352][    C1]  ? __pfx_worker_thread+0x10/0x10
[  358.891486][    C1]  kthread+0x2f0/0x390
[  358.895597][    C1]  ? __pfx_worker_thread+0x10/0x10
[  358.900727][    C1]  ? __pfx_kthread+0x10/0x10
[  358.905374][    C1]  ret_from_fork+0x4b/0x80
[  358.909813][    C1]  ? __pfx_kthread+0x10/0x10
[  358.914466][    C1]  ret_from_fork_asm+0x1a/0x30
[  358.919267][    C1]  </TASK>
[  358.922297][    C1] DEBUG: waiting rtnl_mutex for 1046 jiffies.
[  358.928408][    C1] task:syz-executor    state:D stack:21728 pid:8651  tgid:8651  ppid:8637   flags:0x00000000
[  358.938624][    C1] Call Trace:
[  358.941916][    C1]  <TASK>
[  358.944913][    C1]  __schedule+0x1800/0x4a60
[  358.949458][    C1]  ? __pfx___schedule+0x10/0x10
[  358.954362][    C1]  ? __pfx_lock_release+0x10/0x10
[  358.959409][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  358.964946][    C1]  ? schedule+0x90/0x320
[  358.969206][    C1]  schedule+0x14b/0x320
[  358.973411][    C1]  schedule_preempt_disabled+0x13/0x30
[  358.978892][    C1]  __mutex_lock+0x6a4/0xd70
[  358.983446][    C1]  ? __mutex_lock+0x527/0xd70
[  358.988149][    C1]  ? rtnetlink_rcv_msg+0x6eb/0xd00
[  358.993304][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  358.998363][    C1]  ? get_rtnl_holder+0x144/0x190
[  359.003364][    C1]  rtnetlink_rcv_msg+0x6eb/0xd00
[  359.008324][    C1]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[  359.013483][    C1]  ? __lock_acquire+0x1384/0x2050
[  359.018526][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  359.024042][    C1]  netlink_rcv_skb+0x1e3/0x430
[  359.028828][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  359.034357][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  359.039684][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  359.044950][    C1]  netlink_unicast+0x7f6/0x990
[  359.049748][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  359.055102][    C1]  ? __virt_addr_valid+0x183/0x530
[  359.060233][    C1]  ? __check_object_size+0x49c/0x900
[  359.065561][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  359.070694][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  359.075533][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  359.080835][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  359.086900][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  359.091869][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  359.097212][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  359.102730][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  359.108031][    C1]  __sock_sendmsg+0x221/0x270
[  359.112775][    C1]  __sys_sendto+0x3a4/0x4f0
[  359.117306][    C1]  ? __pfx___sys_sendto+0x10/0x10
[  359.122379][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  359.128431][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  359.134824][    C1]  __x64_sys_sendto+0xde/0x100
[  359.139614][    C1]  do_syscall_64+0xf3/0x230
[  359.144174][    C1]  ? clear_bhb_loop+0x35/0x90
[  359.148876][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  359.154814][    C1] RIP: 0033:0x7f8c21b77cac
[  359.159247][    C1] RSP: 002b:00007ffc30d58af0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  359.167719][    C1] RAX: ffffffffffffffda RBX: 00007f8c22834620 RCX: 00007f8c21b77cac
[  359.175724][    C1] RDX: 0000000000000040 RSI: 00007f8c22834670 RDI: 0000000000000003
[  359.183731][    C1] RBP: 0000000000000000 R08: 00007ffc30d58b44 R09: 000000000000000c
[  359.191713][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  359.199744][    C1] R13: 0000000000000000 R14: 00007f8c22834670 R15: 0000000000000000
[  359.207776][    C1]  </TASK>
[  359.210805][    C1] DEBUG: waiting rtnl_mutex for 1071 jiffies.
[  359.216935][    C1] task:syz-executor    state:D stack:21728 pid:8743  tgid:8743  ppid:8724   flags:0x00004002
[  359.227152][    C1] Call Trace:
[  359.230445][    C1]  <TASK>
[  359.233436][    C1]  __schedule+0x1800/0x4a60
[  359.237985][    C1]  ? __pfx___schedule+0x10/0x10
[  359.242915][    C1]  ? __pfx_lock_release+0x10/0x10
[  359.247964][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  359.253477][    C1]  ? schedule+0x90/0x320
[  359.257742][    C1]  schedule+0x14b/0x320
[  359.261920][    C1]  schedule_preempt_disabled+0x13/0x30
[  359.267441][    C1]  __mutex_lock+0x6a4/0xd70
[  359.271972][    C1]  ? __mutex_lock+0x527/0xd70
[  359.276703][    C1]  ? unregister_nexthop_notifier+0x17/0x40
[  359.282572][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  359.287614][    C1]  ? synchronize_rcu+0x11b/0x360
[  359.292602][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  359.298969][    C1]  ? get_rtnl_holder+0x144/0x190
[  359.303987][    C1]  unregister_nexthop_notifier+0x17/0x40
[  359.309650][    C1]  nsim_fib_destroy+0x89/0x180
[  359.314483][    C1]  nsim_dev_reload_destroy+0x2e3/0x490
[  359.319972][    C1]  ? __pfx_nsim_bus_remove+0x10/0x10
[  359.325296][    C1]  nsim_drv_remove+0x58/0x160
[  359.330005][    C1]  device_release_driver_internal+0x4a9/0x7c0
[  359.336154][    C1]  bus_remove_device+0x34f/0x420
[  359.341130][    C1]  device_del+0x57a/0x9b0
[  359.345540][    C1]  ? __pfx_device_del+0x10/0x10
[  359.350423][    C1]  device_unregister+0x20/0xc0
[  359.355246][    C1]  del_device_store+0x363/0x480
[  359.360130][    C1]  ? __pfx_del_device_store+0x10/0x10
[  359.365574][    C1]  ? sysfs_kf_write+0x182/0x2a0
[  359.370444][    C1]  ? bus_attr_store+0x4f/0xa0
[  359.375169][    C1]  ? __pfx_sysfs_kf_write+0x10/0x10
[  359.380387][    C1]  kernfs_fop_write_iter+0x3a1/0x500
[  359.385743][    C1]  vfs_write+0xa72/0xc90
[  359.390022][    C1]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  359.395898][    C1]  ? __pfx_vfs_write+0x10/0x10
[  359.400699][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  359.405943][    C1]  ? blkcg_maybe_throttle_current+0x1ab/0xb80
[  359.412045][    C1]  ksys_write+0x1a0/0x2c0
[  359.416432][    C1]  ? __pfx_ksys_write+0x10/0x10
[  359.421304][    C1]  ? do_syscall_64+0x100/0x230
[  359.426117][    C1]  ? do_syscall_64+0xb6/0x230
[  359.430815][    C1]  do_syscall_64+0xf3/0x230
[  359.435398][    C1]  ? clear_bhb_loop+0x35/0x90
[  359.440097][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  359.446057][    C1] RIP: 0033:0x7f06f6374a9f
[  359.450492][    C1] RSP: 002b:00007ffe39e4ab70 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  359.458973][    C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f06f6374a9f
[  359.466992][    C1] RDX: 0000000000000001 RSI: 00007ffe39e4abc0 RDI: 0000000000000005
[  359.475020][    C1] RBP: 00007f06f63e45b2 R08: 0000000000000000 R09: 00007ffe39e4a9c7
[  359.483046][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  359.491047][    C1] R13: 00007ffe39e4abc0 R14: 00007f06f7034620 R15: 0000000000000003
[  359.499100][    C1]  </TASK>
[  359.502130][    C1] DEBUG: waiting rtnl_mutex for 1097 jiffies.
[  359.508246][    C1] task:kworker/u8:1    state:D stack:21008 pid:12    tgid:12    ppid:2      flags:0x00004000
[  359.518462][    C1] Workqueue: ipv6_addrconf addrconf_dad_work
[  359.524516][    C1] Call Trace:
[  359.527807][    C1]  <TASK>
[  359.530749][    C1]  __schedule+0x1800/0x4a60
[  359.535326][    C1]  ? __pfx___schedule+0x10/0x10
[  359.540207][    C1]  ? __pfx_lock_release+0x10/0x10
[  359.545304][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  359.550786][    C1]  ? kthread_data+0x52/0xd0
[  359.555375][    C1]  ? schedule+0x90/0x320
[  359.559638][    C1]  ? wq_worker_sleeping+0x66/0x240
[  359.564824][    C1]  ? schedule+0x90/0x320
[  359.569094][    C1]  schedule+0x14b/0x320
[  359.573322][    C1]  schedule_preempt_disabled+0x13/0x30
[  359.578807][    C1]  __mutex_lock+0x6a4/0xd70
[  359.583361][    C1]  ? mark_lock+0x9a/0x360
[  359.587715][    C1]  ? __mutex_lock+0x527/0xd70
[  359.592413][    C1]  ? addrconf_dad_work+0xd0/0x16f0
[  359.597578][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  359.602686][    C1]  ? get_rtnl_holder+0x144/0x190
[  359.607642][    C1]  addrconf_dad_work+0xd0/0x16f0
[  359.612637][    C1]  ? __pfx_addrconf_dad_work+0x10/0x10
[  359.618116][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  359.624512][    C1]  ? process_scheduled_works+0x945/0x1830
[  359.630282][    C1]  process_scheduled_works+0xa2c/0x1830
[  359.635923][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  359.641934][    C1]  ? assign_work+0x364/0x3d0
[  359.646570][    C1]  worker_thread+0x86d/0xd40
[  359.651201][    C1]  ? __kthread_parkme+0x169/0x1d0
[  359.656293][    C1]  ? __pfx_worker_thread+0x10/0x10
[  359.661431][    C1]  kthread+0x2f0/0x390
[  359.665563][    C1]  ? __pfx_worker_thread+0x10/0x10
[  359.670694][    C1]  ? __pfx_kthread+0x10/0x10
[  359.675331][    C1]  ret_from_fork+0x4b/0x80
[  359.680376][    C1]  ? __pfx_kthread+0x10/0x10
[  359.685005][    C1]  ret_from_fork_asm+0x1a/0x30
[  359.689808][    C1]  </TASK>
[  359.692872][    C1] DEBUG: waiting rtnl_mutex for 1112 jiffies.
[  359.698941][    C1] task:dhcpcd          state:D stack:20672 pid:4771  tgid:4771  ppid:4770   flags:0x00000002
[  359.709170][    C1] Call Trace:
[  359.712486][    C1]  <TASK>
[  359.715519][    C1]  __schedule+0x1800/0x4a60
[  359.720075][    C1]  ? __pfx___schedule+0x10/0x10
[  359.724990][    C1]  ? __pfx_lock_release+0x10/0x10
[  359.730036][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  359.737642][    C1]  ? schedule+0x90/0x320
[  359.741902][    C1]  schedule+0x14b/0x320
[  359.746130][    C1]  schedule_preempt_disabled+0x13/0x30
[  359.751610][    C1]  __mutex_lock+0x6a4/0xd70
[  359.756190][    C1]  ? __mutex_lock+0x527/0xd70
[  359.760890][    C1]  ? rtnetlink_rcv_msg+0x6eb/0xd00
[  359.766068][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  359.771134][    C1]  ? get_rtnl_holder+0x144/0x190
[  359.776142][    C1]  rtnetlink_rcv_msg+0x6eb/0xd00
[  359.781105][    C1]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[  359.786273][    C1]  ? __lock_acquire+0x1384/0x2050
[  359.791324][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  359.796870][    C1]  netlink_rcv_skb+0x1e3/0x430
[  359.801654][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  359.807171][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  359.812545][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  359.817761][    C1]  netlink_unicast+0x7f6/0x990
[  359.822587][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  359.827894][    C1]  ? __virt_addr_valid+0x183/0x530
[  359.833074][    C1]  ? __check_object_size+0x49c/0x900
[  359.838381][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  359.843569][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  359.848367][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  359.853704][    C1]  ? __import_iovec+0x536/0x820
[  359.858573][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  359.863584][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  359.868882][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  359.874393][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  359.879695][    C1]  __sock_sendmsg+0x221/0x270
[  359.884435][    C1]  ____sys_sendmsg+0x525/0x7d0
[  359.889230][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  359.894574][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  359.900507][    C1]  __sys_sendmsg+0x2b0/0x3a0
[  359.905141][    C1]  ? __pfx___sys_sendmsg+0x10/0x10
[  359.910265][    C1]  ? netlink_bind+0xaeb/0xc90
[  359.915018][    C1]  ? __pfx___sys_bind+0x10/0x10
[  359.919888][    C1]  ? fd_install+0x35c/0x5d0
[  359.924466][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  359.930837][    C1]  ? do_syscall_64+0x100/0x230
[  359.935665][    C1]  ? do_syscall_64+0xb6/0x230
[  359.940365][    C1]  do_syscall_64+0xf3/0x230
[  359.944928][    C1]  ? clear_bhb_loop+0x35/0x90
[  359.949624][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  359.955571][    C1] RIP: 0033:0x7fe66112ea4b
[  359.960004][    C1] RSP: 002b:00007ffef51fbdf8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  359.968490][    C1] RAX: ffffffffffffffda RBX: 00007fe6610566c0 RCX: 00007fe66112ea4b
[  359.976512][    C1] RDX: 0000000000000000 RSI: 00007ffef520ffa8 RDI: 000000000000000e
[  359.984546][    C1] RBP: 000000000000000e R08: 0000000000000000 R09: 00007ffef520ffa8
[  359.992569][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
[  360.000560][    C1] R13: 00007ffef520ffa8 R14: 0000000000000048 R15: 0000000000000001
[  360.008608][    C1]  </TASK>
[  360.011641][    C1] 
[  360.011641][    C1] Showing all locks held in the system:
[  360.019384][    C1] 6 locks held by kworker/u8:0/11:
[  360.024537][    C1]  #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  360.035519][    C1]  #1: ffffc90000107d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  360.046135][    C1]  #2: ffffffff8f5fddd0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  360.055624][    C1]  #3: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90
[  360.065705][    C1]  #4: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[  360.075893][    C1]  #5: ffffffff8e337a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  360.085808][    C1] 3 locks held by kworker/u8:1/12:
[  360.090930][    C1]  #0: ffff88802a28e948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  360.102610][    C1]  #1: ffffc90000117d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  360.115488][    C1]  #2: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0
[  360.124994][    C1] 1 lock held by khugepaged/37:
[  360.129856][    C1]  #0: ffffffff8e3f25c8 (lock#3){+.+.}-{3:3}, at: __lru_add_drain_all+0x66/0x560
[  360.139109][    C1] 3 locks held by kswapd0/88:
[  360.143851][    C1] 2 locks held by kworker/u8:7/2448:
[  360.149142][    C1]  #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  360.160876][    C1]  #1: ffffc90009457d00 ((work_completion)(&pool->idle_cull_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  360.173581][    C1] 1 lock held by dhcpcd/4771:
[  360.178269][    C1]  #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  360.187770][    C1] 2 locks held by getty/4857:
[  360.192501][    C1]  #0: ffff88802adeb0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  360.202302][    C1]  #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  360.212493][    C1] 3 locks held by kworker/0:3/5104:
[  360.217698][    C1]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  360.228745][    C1]  #1: ffffc9000391fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  360.239807][    C1]  #2: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  360.248857][    C1] 1 lock held by syz.3.155/5786:
[  360.253845][    C1] 1 lock held by syz-executor/8578:
[  360.259055][    C1]  #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  360.268560][    C1] 1 lock held by syz-executor/8651:
[  360.273789][    C1]  #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  360.283282][    C1] 4 locks held by syz-executor/8740:
[  360.288574][    C1]  #0: ffff88807b444420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90
[  360.297562][    C1]  #1: ffff88802f366488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[  360.307386][    C1]  #2: ffff888022bd31e8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[  360.317503][    C1]  #3: ffffffff8ef0c528 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[  360.327858][    C1] 7 locks held by syz-executor/8743:
[  360.333204][    C1]  #0: ffff88807b444420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90
[  360.342152][    C1]  #1: ffff8880163a5488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[  360.351995][    C1]  #2: ffff888022bd31e8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[  360.362107][    C1]  #3: ffffffff8ef0c528 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[  360.372486][    C1]  #4: ffff88807e9020e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0
[  360.383103][    C1]  #5: ffff88807e903250 (&devlink->lock_key#4){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160
[  360.393226][    C1]  #6: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: unregister_nexthop_notifier+0x17/0x40
[  360.403402][    C1] 2 locks held by syz.2.959/8923:
[  360.408430][    C1]  #0: ffffffff8f670390 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  360.416690][    C1]  #1: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0
[  360.426021][    C1] 
[  360.428351][    C1] =============================================
[  360.428351][    C1] 
[  360.443007][ T2862] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  360.454334][   T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  360.769728][   T11] team0 (unregistering): Port device team_slave_1 removed
[  360.903397][   T11] team0 (unregistering): Port device team_slave_0 removed
[  361.519457][    C1] DEBUG: waiting rtnl_mutex for 1224 jiffies.
[  361.525598][    C1] task:kworker/0:3     state:D stack:19928 pid:5104  tgid:5104  ppid:2      flags:0x00004000
[  361.535834][    C1] Workqueue: events linkwatch_event
[  361.541060][    C1] Call Trace:
[  361.544380][    C1]  <TASK>
[  361.547329][    C1]  __schedule+0x1800/0x4a60
[  361.551879][    C1]  ? __pfx___schedule+0x10/0x10
[  361.556779][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  361.562809][    C1]  ? __pfx_lock_release+0x10/0x10
[  361.567860][    C1]  ? kick_pool+0x45c/0x620
[  361.572303][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  361.577541][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  361.582787][    C1]  ? schedule+0x90/0x320
[  361.587061][    C1]  schedule+0x14b/0x320
[  361.591250][    C1]  schedule_preempt_disabled+0x13/0x30
[  361.596872][    C1]  __mutex_lock+0x6a4/0xd70
[  361.601413][    C1]  ? __mutex_lock+0x527/0xd70
[  361.606137][    C1]  ? linkwatch_event+0xe/0x60
[  361.610837][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  361.615925][    C1]  ? get_rtnl_holder+0x144/0x190
[  361.620885][    C1]  ? process_scheduled_works+0x945/0x1830
[  361.626662][    C1]  linkwatch_event+0xe/0x60
[  361.631180][    C1]  process_scheduled_works+0xa2c/0x1830
[  361.636798][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  361.642834][    C1]  ? assign_work+0x364/0x3d0
[  361.647451][    C1]  worker_thread+0x86d/0xd40
[  361.652879][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  361.658801][    C1]  ? __kthread_parkme+0x169/0x1d0
[  361.663873][    C1]  ? __pfx_worker_thread+0x10/0x10
[  361.669007][    C1]  kthread+0x2f0/0x390
[  361.673124][    C1]  ? __pfx_worker_thread+0x10/0x10
[  361.678252][    C1]  ? __pfx_kthread+0x10/0x10
[  361.682883][    C1]  ret_from_fork+0x4b/0x80
[  361.687326][    C1]  ? __pfx_kthread+0x10/0x10
[  361.691933][    C1]  ret_from_fork_asm+0x1a/0x30
[  361.696763][    C1]  </TASK>
[  361.699790][    C1] DEBUG: waiting rtnl_mutex for 1101 jiffies.
[  361.705883][    C1] task:syz.2.959       state:D stack:23800 pid:8923  tgid:8922  ppid:6893   flags:0x00000004
[  361.716098][    C1] Call Trace:
[  361.719382][    C1]  <TASK>
[  361.722326][    C1]  __schedule+0x1800/0x4a60
[  361.726930][    C1]  ? __pfx___schedule+0x10/0x10
[  361.731818][    C1]  ? __pfx_lock_release+0x10/0x10
[  361.736890][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  361.742390][    C1]  ? schedule+0x90/0x320
[  361.746698][    C1]  schedule+0x14b/0x320
[  361.750878][    C1]  schedule_preempt_disabled+0x13/0x30
[  361.756388][    C1]  __mutex_lock+0x6a4/0xd70
[  361.760929][    C1]  ? __mutex_lock+0x527/0xd70
[  361.765657][    C1]  ? nl80211_pre_doit+0x5f/0x8b0
[  361.770618][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  361.775700][    C1]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  361.781962][    C1]  ? get_rtnl_holder+0x144/0x190
[  361.786944][    C1]  nl80211_pre_doit+0x5f/0x8b0
[  361.791738][    C1]  genl_rcv_msg+0xaaa/0xec0
[  361.796286][    C1]  ? mark_lock+0x9a/0x360
[  361.800645][    C1]  ? __pfx_genl_rcv_msg+0x10/0x10
[  361.805742][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  361.810785][    C1]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  361.816208][    C1]  ? __pfx_nl80211_set_wiphy+0x10/0x10
[  361.821682][    C1]  ? __pfx_nl80211_post_doit+0x10/0x10
[  361.827188][    C1]  ? __pfx___might_resched+0x10/0x10
[  361.832529][    C1]  netlink_rcv_skb+0x1e3/0x430
[  361.837310][    C1]  ? __pfx_genl_rcv_msg+0x10/0x10
[  361.842355][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  361.847710][    C1]  genl_rcv+0x28/0x40
[  361.851706][    C1]  netlink_unicast+0x7f6/0x990
[  361.856519][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  361.861824][    C1]  ? __virt_addr_valid+0x183/0x530
[  361.866983][    C1]  ? __check_object_size+0x49c/0x900
[  361.872287][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  361.877460][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  361.882255][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  361.887583][    C1]  ? __import_iovec+0x536/0x820
[  361.892480][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  361.897441][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  361.902764][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  361.908246][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  361.913574][    C1]  __sock_sendmsg+0x221/0x270
[  361.918284][    C1]  ____sys_sendmsg+0x525/0x7d0
[  361.923103][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  361.928421][    C1]  __sys_sendmsg+0x2b0/0x3a0
[  361.933062][    C1]  ? __pfx___sys_sendmsg+0x10/0x10
[  361.938193][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  361.944174][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  361.950525][    C1]  ? do_syscall_64+0x100/0x230
[  361.955332][    C1]  ? do_syscall_64+0xb6/0x230
[  361.960026][    C1]  do_syscall_64+0xf3/0x230
[  361.964568][    C1]  ? clear_bhb_loop+0x35/0x90
[  361.969268][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.975207][    C1] RIP: 0033:0x7ff8b0d75f19
[  361.979633][    C1] RSP: 002b:00007ff8b1a8c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  361.988099][    C1] RAX: ffffffffffffffda RBX: 00007ff8b0f05f60 RCX: 00007ff8b0d75f19
[  361.996121][    C1] RDX: 0000000000000000 RSI: 0000000020000580 RDI: 0000000000000006
[  362.004138][    C1] RBP: 00007ff8b0de4e68 R08: 0000000000000000 R09: 0000000000000000
[  362.012133][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  362.020151][    C1] R13: 000000000000000b R14: 00007ff8b0f05f60 R15: 00007ffdefe3cf58
[  362.028175][    C1]  </TASK>
[  362.031202][    C1] DEBUG: waiting rtnl_mutex for 1360 jiffies.
[  362.037301][    C1] task:syz-executor    state:D stack:21728 pid:8578  tgid:8578  ppid:8556   flags:0x00004000
[  362.047514][    C1] Call Trace:
[  362.050800][    C1]  <TASK>
[  362.053772][    C1]  __schedule+0x1800/0x4a60
[  362.058326][    C1]  ? __pfx___schedule+0x10/0x10
[  362.063226][    C1]  ? __pfx_lock_release+0x10/0x10
[  362.068267][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  362.073780][    C1]  ? schedule+0x90/0x320
[  362.078045][    C1]  schedule+0x14b/0x320
[  362.082225][    C1]  schedule_preempt_disabled+0x13/0x30
[  362.087727][    C1]  __mutex_lock+0x6a4/0xd70
[  362.092254][    C1]  ? __mutex_lock+0x527/0xd70
[  362.096978][    C1]  ? rtnetlink_rcv_msg+0x6eb/0xd00
[  362.102114][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  362.107195][    C1]  ? get_rtnl_holder+0x144/0x190
[  362.112149][    C1]  rtnetlink_rcv_msg+0x6eb/0xd00
[  362.117132][    C1]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[  362.122270][    C1]  ? __lock_acquire+0x1384/0x2050
[  362.127342][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  362.132870][    C1]  netlink_rcv_skb+0x1e3/0x430
[  362.137654][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  362.143157][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  362.148475][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  362.153719][    C1]  netlink_unicast+0x7f6/0x990
[  362.158262][   T30] INFO: task syz.1.460:7036 blocked for more than 144 seconds.
[  362.158496][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  362.171332][    C1]  ? __virt_addr_valid+0x183/0x530
[  362.174908][   T30]       Not tainted 6.10.0-next-20240719-syzkaller #0
[  362.176468][    C1]  ? __check_object_size+0x49c/0x900
[  362.188499][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  362.193663][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  362.198459][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  362.203785][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  362.209790][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  362.214040][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  362.214750][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  362.228696][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  362.234222][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  362.239517][    C1]  __sock_sendmsg+0x221/0x270
[  362.244248][    C1]  __sys_sendto+0x3a4/0x4f0
[  362.248775][    C1]  ? __pfx___sys_sendto+0x10/0x10
[  362.253863][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  362.259875][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  362.266256][    C1]  __x64_sys_sendto+0xde/0x100
[  362.271041][    C1]  do_syscall_64+0xf3/0x230
[  362.275581][    C1]  ? clear_bhb_loop+0x35/0x90
[  362.280279][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.286182][   T30] task:syz.1.460       state:D stack:25424 pid:7036  tgid:7010  ppid:5103   flags:0x00004004
[  362.286210][    C1] RIP: 0033:0x7f12d0b77cac
[  362.286233][    C1] RSP: 002b:00007ffc100ea9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  362.309245][    C1] RAX: ffffffffffffffda RBX: 00007f12d1834620 RCX: 00007f12d0b77cac
[  362.317268][    C1] RDX: 0000000000000020 RSI: 00007f12d1834670 RDI: 0000000000000003
[  362.325291][    C1] RBP: 0000000000000000 R08: 00007ffc100eaa14 R09: 000000000000000c
[  362.333312][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  362.341301][    C1] R13: 0000000000000000 R14: 00007f12d1834670 R15: 0000000000000000
[  362.349334][    C1]  </TASK>
[  362.352367][    C1] DEBUG: holding rtnl_mutex for 1389 jiffies.
[  362.358460][    C1] task:kworker/u8:0    state:R  running task     stack:20824 pid:11    tgid:11    ppid:2      flags:0x00004000
[  362.362670][   T30] Call Trace:
[  362.370229][    C1] Workqueue: netns cleanup_net
[  362.378279][    C1] Call Trace:
[  362.381563][    C1]  <TASK>
[  362.384536][    C1]  __schedule+0x1800/0x4a60
[  362.389082][    C1]  ? __pfx___schedule+0x10/0x10
[  362.393984][    C1]  ? __pfx_lock_release+0x10/0x10
[  362.399027][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  362.404967][    C1]  ? kthread_data+0x52/0xd0
[  362.409495][    C1]  ? wq_worker_sleeping+0x66/0x240
[  362.414647][    C1]  ? schedule+0x90/0x320
[  362.418910][    C1]  schedule+0x14b/0x320
[  362.423110][    C1]  synchronize_rcu_expedited+0x684/0x830
[  362.428767][    C1]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  362.434984][    C1]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  362.440343][    C1]  ? __pfx___might_resched+0x10/0x10
[  362.440535][   T30]  <TASK>
[  362.445647][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  362.445679][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[  362.445709][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  362.445749][    C1]  synchronize_rcu+0x11b/0x360
[  362.445772][    C1]  ? __pfx_synchronize_rcu+0x10/0x10
[  362.445809][    C1]  lockdep_unregister_key+0x4b7/0x540
[  362.445841][    C1]  ? __pfx_lockdep_unregister_key+0x10/0x10
[  362.473884][   T30]  __schedule+0x1800/0x4a60
[  362.477168][    C1]  ? rcu_is_watching+0x15/0xb0
[  362.497714][    C1]  ? qdisc_reset+0x3bf/0x5b0
[  362.502326][    C1]  __qdisc_destroy+0x165/0x410
[  362.507133][    C1]  dev_shutdown+0x357/0x450
[  362.511661][    C1]  unregister_netdevice_many_notify+0x97b/0x1c40
[  362.518060][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  362.524890][    C1]  ? unregister_netdevice_queue+0x26b/0x370
[  362.530815][    C1]  ? batadv_softif_destroy_netlink+0x1e3/0x270
[  362.537028][    C1]  default_device_exit_batch+0xa0f/0xa90
[  362.542723][    C1]  ? __pfx___might_resched+0x10/0x10
[  362.547282][   T30]  ? __pfx___schedule+0x10/0x10
[  362.548013][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  362.559041][    C1]  ? cfg802154_pernet_exit+0xc3/0xe0
[  362.564369][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  362.570536][    C1]  cleanup_net+0x89d/0xcc0
[  362.575006][    C1]  ? __pfx_cleanup_net+0x10/0x10
[  362.578771][   T30]  ? __pfx_lock_release+0x10/0x10
[  362.579948][    C1]  ? process_scheduled_works+0x945/0x1830
[  362.590690][    C1]  process_scheduled_works+0xa2c/0x1830
[  362.596316][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  362.602323][    C1]  ? assign_work+0x364/0x3d0
[  362.606957][    C1]  worker_thread+0x86d/0xd40
[  362.611601][    C1]  ? __kthread_parkme+0x169/0x1d0
[  362.616693][    C1]  ? __pfx_worker_thread+0x10/0x10
[  362.621823][    C1]  kthread+0x2f0/0x390
[  362.622529][   T30]  ? preempt_schedule_common+0x84/0xd0
[  362.625912][    C1]  ? __pfx_worker_thread+0x10/0x10
[  362.636480][    C1]  ? __pfx_kthread+0x10/0x10
[  362.641082][    C1]  ret_from_fork+0x4b/0x80
[  362.645549][    C1]  ? __pfx_kthread+0x10/0x10
[  362.650157][    C1]  ret_from_fork_asm+0x1a/0x30
[  362.654984][    C1]  </TASK>
[  362.658010][    C1] DEBUG: waiting rtnl_mutex for 1419 jiffies.
[  362.664105][    C1] task:syz-executor    state:D stack:21728 pid:8651  tgid:8651  ppid:8637   flags:0x00000000
[  362.674320][    C1] Call Trace:
[  362.677610][    C1]  <TASK>
[  362.680552][    C1]  __schedule+0x1800/0x4a60
[  362.685130][    C1]  ? __pfx___schedule+0x10/0x10
[  362.689998][    C1]  ? __pfx_lock_release+0x10/0x10
[  362.690363][   T30]  ? __pfx_preempt_schedule+0x10/0x10
[  362.695053][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  362.695087][    C1]  ? schedule+0x90/0x320
[  362.710186][    C1]  schedule+0x14b/0x320
[  362.714398][    C1]  schedule_preempt_disabled+0x13/0x30
[  362.719887][    C1]  __mutex_lock+0x6a4/0xd70
[  362.724448][    C1]  ? __mutex_lock+0x527/0xd70
[  362.729149][    C1]  ? rtnetlink_rcv_msg+0x6eb/0xd00
[  362.734319][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  362.739384][    C1]  ? get_rtnl_holder+0x144/0x190
[  362.744364][    C1]  rtnetlink_rcv_msg+0x6eb/0xd00
[  362.749326][    C1]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[  362.749340][   T30]  ? schedule+0x90/0x320
[  362.754459][    C1]  ? __lock_acquire+0x1384/0x2050
[  362.754491][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  362.754534][    C1]  netlink_rcv_skb+0x1e3/0x430
[  362.754559][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  362.754590][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  362.754638][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  362.790063][    C1]  netlink_unicast+0x7f6/0x990
[  362.794888][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  362.798179][   T30]  schedule+0x14b/0x320
[  362.800175][    C1]  ? __virt_addr_valid+0x183/0x530
[  362.809464][    C1]  ? __check_object_size+0x49c/0x900
[  362.814795][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  362.819933][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  362.824751][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  362.829229][   T30]  io_schedule+0x8d/0x110
[  362.830032][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  362.840371][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  362.845364][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  362.850663][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  362.856173][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  362.861472][    C1]  __sock_sendmsg+0x221/0x270
[  362.866197][    C1]  __sys_sendto+0x3a4/0x4f0
[  362.870721][    C1]  ? __pfx___sys_sendto+0x10/0x10
[  362.872573][   T30]  folio_wait_bit_common+0x882/0x12b0
[  362.875789][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  362.881107][   T30]  ? __pfx_folio_wait_bit_common+0x10/0x10
[  362.887067][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  362.887103][    C1]  __x64_sys_sendto+0xde/0x100
[  362.887132][    C1]  do_syscall_64+0xf3/0x230
[  362.887155][    C1]  ? clear_bhb_loop+0x35/0x90
[  362.887185][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.919154][    C1] RIP: 0033:0x7f8c21b77cac
[  362.923618][    C1] RSP: 002b:00007ffc30d58af0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  362.932055][    C1] RAX: ffffffffffffffda RBX: 00007f8c22834620 RCX: 00007f8c21b77cac
[  362.940067][    C1] RDX: 0000000000000040 RSI: 00007f8c22834670 RDI: 0000000000000003
[  362.948075][    C1] RBP: 0000000000000000 R08: 00007ffc30d58b44 R09: 000000000000000c
[  362.956086][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  362.964101][    C1] R13: 0000000000000000 R14: 00007f8c22834670 R15: 0000000000000000
[  362.972106][    C1]  </TASK>
[  362.975162][    C1] DEBUG: waiting rtnl_mutex for 1447 jiffies.
[  362.981237][    C1] task:syz-executor    state:D stack:21728 pid:8743  tgid:8743  ppid:8724   flags:0x00004002
[  362.991455][    C1] Call Trace:
[  362.994766][    C1]  <TASK>
[  362.997712][    C1]  __schedule+0x1800/0x4a60
[  363.002260][    C1]  ? __pfx___schedule+0x10/0x10
[  363.007162][    C1]  ? __pfx_lock_release+0x10/0x10
[  363.012208][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  363.017717][    C1]  ? schedule+0x90/0x320
[  363.021973][    C1]  schedule+0x14b/0x320
[  363.025083][   T30]  ? __pfx_wake_page_function+0x10/0x10
[  363.026148][    C1]  schedule_preempt_disabled+0x13/0x30
[  363.031655][   T30]  ? filemap_get_folios_tag+0x1ce/0x890
[  363.037099][    C1]  __mutex_lock+0x6a4/0xd70
[  363.037133][    C1]  ? __mutex_lock+0x527/0xd70
[  363.037162][    C1]  ? unregister_nexthop_notifier+0x17/0x40
[  363.037189][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  363.037213][    C1]  ? synchronize_rcu+0x11b/0x360
[  363.037239][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  363.037272][    C1]  ? get_rtnl_holder+0x144/0x190
[  363.037298][    C1]  unregister_nexthop_notifier+0x17/0x40
[  363.037323][    C1]  nsim_fib_destroy+0x89/0x180
[  363.037347][    C1]  nsim_dev_reload_destroy+0x2e3/0x490
[  363.037378][    C1]  ? __pfx_nsim_bus_remove+0x10/0x10
[  363.037400][    C1]  nsim_drv_remove+0x58/0x160
[  363.037427][    C1]  device_release_driver_internal+0x4a9/0x7c0
[  363.037467][    C1]  bus_remove_device+0x34f/0x420
[  363.037497][    C1]  device_del+0x57a/0x9b0
[  363.037535][    C1]  ? __pfx_device_del+0x10/0x10
[  363.037573][    C1]  device_unregister+0x20/0xc0
[  363.037608][    C1]  del_device_store+0x363/0x480
[  363.037635][    C1]  ? __pfx_del_device_store+0x10/0x10
[  363.037664][    C1]  ? sysfs_kf_write+0x182/0x2a0
[  363.037690][    C1]  ? bus_attr_store+0x4f/0xa0
[  363.037717][    C1]  ? __pfx_sysfs_kf_write+0x10/0x10
[  363.037742][    C1]  kernfs_fop_write_iter+0x3a1/0x500
[  363.037773][    C1]  vfs_write+0xa72/0xc90
[  363.037807][    C1]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  363.037834][    C1]  ? __pfx_vfs_write+0x10/0x10
[  363.037875][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  363.037899][    C1]  ? blkcg_maybe_throttle_current+0x1ab/0xb80
[  363.037938][    C1]  ksys_write+0x1a0/0x2c0
[  363.037972][    C1]  ? __pfx_ksys_write+0x10/0x10
[  363.038003][    C1]  ? do_syscall_64+0x100/0x230
[  363.038028][    C1]  ? do_syscall_64+0xb6/0x230
[  363.038052][    C1]  do_syscall_64+0xf3/0x230
[  363.038073][    C1]  ? clear_bhb_loop+0x35/0x90
[  363.140106][   T30]  invalidate_inode_pages2_range+0x4e4/0x1030
[  363.140767][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.152585][   T30]  ? filemap_get_folios_tag+0x5eb/0x890
[  363.155479][    C1] RIP: 0033:0x7f06f6374a9f
[  363.160720][   T30]  ? __pfx_invalidate_inode_pages2_range+0x10/0x10
[  363.164949][    C1] RSP: 002b:00007ffe39e4ab70 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  363.164978][    C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f06f6374a9f
[  363.164995][    C1] RDX: 0000000000000001 RSI: 00007ffe39e4abc0 RDI: 0000000000000005
[  363.165010][    C1] RBP: 00007f06f63e45b2 R08: 0000000000000000 R09: 00007ffe39e4a9c7
[  363.165026][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  363.165040][    C1] R13: 00007ffe39e4abc0 R14: 00007f06f7034620 R15: 0000000000000003
[  363.165074][    C1]  </TASK>
[  363.165085][    C1] DEBUG: waiting rtnl_mutex for 1464 jiffies.
[  363.300620][    C1] task:kworker/u8:1    state:D stack:21008 pid:12    tgid:12    ppid:2      flags:0x00004000
[  363.302586][   T30]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  363.310812][    C1] Workqueue: ipv6_addrconf addrconf_dad_work
[  363.323002][    C1] Call Trace:
[  363.326298][    C1]  <TASK>
[  363.329248][    C1]  __schedule+0x1800/0x4a60
[  363.333854][    C1]  ? __pfx___schedule+0x10/0x10
[  363.338737][    C1]  ? __pfx_lock_release+0x10/0x10
[  363.343810][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  363.349292][    C1]  ? kthread_data+0x52/0xd0
[  363.353846][    C1]  ? schedule+0x90/0x320
[  363.358105][    C1]  ? wq_worker_sleeping+0x66/0x240
[  363.363265][    C1]  ? schedule+0x90/0x320
[  363.367534][    C1]  schedule+0x14b/0x320
[  363.371708][    C1]  schedule_preempt_disabled+0x13/0x30
[  363.377210][    C1]  __mutex_lock+0x6a4/0xd70
[  363.379895][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  363.381711][    C1]  ? mark_lock+0x9a/0x360
[  363.392384][    C1]  ? __mutex_lock+0x527/0xd70
[  363.397113][    C1]  ? addrconf_dad_work+0xd0/0x16f0
[  363.402246][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  363.407321][    C1]  ? get_rtnl_holder+0x144/0x190
[  363.412270][    C1]  addrconf_dad_work+0xd0/0x16f0
[  363.417262][    C1]  ? __pfx_addrconf_dad_work+0x10/0x10
[  363.422765][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  363.429122][    C1]  ? process_scheduled_works+0x945/0x1830
[  363.429247][   T30]  ? I_BDEV+0xd/0x20
[  363.434861][    C1]  process_scheduled_works+0xa2c/0x1830
[  363.434915][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  363.434952][    C1]  ? assign_work+0x364/0x3d0
[  363.434982][    C1]  worker_thread+0x86d/0xd40
[  363.435018][    C1]  ? __kthread_parkme+0x169/0x1d0
[  363.435050][    C1]  ? __pfx_worker_thread+0x10/0x10
[  363.435073][    C1]  kthread+0x2f0/0x390
[  363.435092][    C1]  ? __pfx_worker_thread+0x10/0x10
[  363.435116][    C1]  ? __pfx_kthread+0x10/0x10
[  363.435136][    C1]  ret_from_fork+0x4b/0x80
[  363.435163][    C1]  ? __pfx_kthread+0x10/0x10
[  363.435183][    C1]  ret_from_fork_asm+0x1a/0x30
[  363.435222][    C1]  </TASK>
[  363.435233][    C1] DEBUG: waiting rtnl_mutex for 1487 jiffies.
[  363.435245][    C1] task:dhcpcd          state:D stack:20672 pid:4771  tgid:4771  ppid:4770   flags:0x00000002
[  363.435285][    C1] Call Trace:
[  363.435294][    C1]  <TASK>
[  363.435307][    C1]  __schedule+0x1800/0x4a60
[  363.435350][    C1]  ? __pfx___schedule+0x10/0x10
[  363.435378][    C1]  ? __pfx_lock_release+0x10/0x10
[  363.435406][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  363.435439][    C1]  ? schedule+0x90/0x320
[  363.435461][    C1]  schedule+0x14b/0x320
[  363.435489][    C1]  schedule_preempt_disabled+0x13/0x30
[  363.435514][    C1]  __mutex_lock+0x6a4/0xd70
[  363.435552][    C1]  ? __mutex_lock+0x527/0xd70
[  363.435582][    C1]  ? rtnetlink_rcv_msg+0x6eb/0xd00
[  363.435613][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  363.435653][    C1]  ? get_rtnl_holder+0x144/0x190
[  363.492730][   T30]  ? filemap_check_errors+0xe1/0x140
[  363.493133][    C1]  rtnetlink_rcv_msg+0x6eb/0xd00
[  363.497851][   T30]  kiocb_invalidate_pages+0x317/0x3b0
[  363.500847][    C1]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[  363.585184][   T30]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  363.586424][    C1]  ? __lock_acquire+0x1384/0x2050
[  363.591295][   T30]  ? __pfx_kiocb_invalidate_pages+0x10/0x10
[  363.596661][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  363.596708][    C1]  netlink_rcv_skb+0x1e3/0x430
[  363.596731][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  363.596761][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  363.640427][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  363.645673][    C1]  netlink_unicast+0x7f6/0x990
[  363.650470][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  363.653129][   T30]  ? rcu_is_watching+0x15/0xb0
[  363.655795][    C1]  ? __virt_addr_valid+0x183/0x530
[  363.660512][   T30]  ? __mark_inode_dirty+0x41c/0xe20
[  363.665622][    C1]  ? __check_object_size+0x49c/0x900
[  363.665648][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  363.665681][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  363.686067][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  363.691371][    C1]  ? __import_iovec+0x536/0x820
[  363.696265][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  363.701226][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  363.706549][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  363.712031][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  363.716821][   T30]  ? preempt_count_add+0x93/0x190
[  363.717332][    C1]  __sock_sendmsg+0x221/0x270
[  363.722309][   T30]  ? mnt_put_write_access_file+0xbb/0x100
[  363.726983][    C1]  ____sys_sendmsg+0x525/0x7d0
[  363.737508][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  363.742835][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  363.748767][    C1]  __sys_sendmsg+0x2b0/0x3a0
[  363.753412][    C1]  ? __pfx___sys_sendmsg+0x10/0x10
[  363.758535][    C1]  ? netlink_bind+0xaeb/0xc90
[  363.763288][    C1]  ? __pfx___sys_bind+0x10/0x10
[  363.768151][    C1]  ? fd_install+0x35c/0x5d0
[  363.772708][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  363.779057][    C1]  ? do_syscall_64+0x100/0x230
[  363.783866][    C1]  ? do_syscall_64+0xb6/0x230
[  363.788560][    C1]  do_syscall_64+0xf3/0x230
[  363.793108][    C1]  ? clear_bhb_loop+0x35/0x90
[  363.797802][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.803735][    C1] RIP: 0033:0x7fe66112ea4b
[  363.808164][    C1] RSP: 002b:00007ffef51fbdf8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  363.816598][   T30]  blkdev_direct_write+0x49/0x140
[  363.816621][    C1] RAX: ffffffffffffffda RBX: 00007fe6610566c0 RCX: 00007fe66112ea4b
[  363.821633][   T30]  blkdev_write_iter+0x41a/0x5d0
[  363.829597][    C1] RDX: 0000000000000000 RSI: 00007ffef520ffa8 RDI: 000000000000000e
[  363.829616][    C1] RBP: 000000000000000e R08: 0000000000000000 R09: 00007ffef520ffa8
[  363.829629][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
[  363.829644][    C1] R13: 00007ffef520ffa8 R14: 0000000000000048 R15: 0000000000000001
[  363.829675][    C1]  </TASK>
[  363.869586][    C1] 
[  363.869586][    C1] Showing all locks held in the system:
[  363.877333][    C1] 5 locks held by kworker/u8:0/11:
[  363.882474][    C1] 3 locks held by kworker/u8:1/12:
[  363.887589][    C1]  #0: ffff88802a28e948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  363.899244][    C1]  #1: ffffc90000117d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  363.912111][    C1]  #2: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0
[  363.921590][    C1] 1 lock held by khungtaskd/30:
[  363.922481][   T30]  iter_file_splice_write+0xbd7/0x14e0
[  363.926452][    C1] 5 locks held by kworker/u8:4/61:
[  363.931894][   T30]  ? __pfx_iter_file_splice_write+0x10/0x10
[  363.936970][    C1] 1 lock held by kswapd0/88:
[  363.936985][    C1] 3 locks held by kswapd1/89:
[  363.936997][    C1]  #0: ffffffff8e4311c0 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0xbb4/0x35a0
[  363.937061][    C1]  #1: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[  363.937120][    C1]  #2: ffffffff8e337a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  363.980754][    C1] 2 locks held by kworker/u8:10/2481:
[  363.986163][    C1] 1 lock held by dhcpcd/4771:
[  363.990842][    C1]  #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  364.000321][    C1] 2 locks held by getty/4857:
[  364.005025][    C1]  #0: ffff88802adeb0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  364.014839][    C1]  #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  364.025007][    C1] 1 lock held by syz-executor/5089:
[  364.030209][    C1]  #0: ffff88807d6fb770 (mapping.invalidate_lock){++++}-{3:3}, at: filemap_fault+0xb5b/0x1760
[  364.037281][   T30]  ? __pfx_copy_splice_read+0x10/0x10
[  364.040525][    C1] 3 locks held by kworker/0:3/5104:
[  364.051084][    C1]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  364.062117][    C1]  #1: ffffc9000391fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  364.073163][    C1]  #2: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  364.075481][   T30]  ? __pfx_iter_file_splice_write+0x10/0x10
[  364.082158][    C1] 3 locks held by kworker/0:5/5154:
[  364.093283][    C1] 1 lock held by syz.3.155/5786:
[  364.098227][    C1] 1 lock held by syz-executor/8578:
[  364.103440][    C1]  #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  364.112922][    C1] 1 lock held by syz-executor/8651:
[  364.118122][    C1]  #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  364.127600][    C1] 4 locks held by syz-executor/8740:
[  364.132914][    C1]  #0: ffff88807b444420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90
[  364.141849][    C1]  #1: ffff88802f366488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[  364.151661][    C1]  #2: ffff888022bd31e8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[  364.161748][    C1]  #3: ffffffff8ef0c528 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[  364.170797][   T30]  direct_splice_actor+0x11e/0x220
[  364.172069][    C1] 7 locks held by syz-executor/8743:
[  364.182489][    C1]  #0: ffff88807b444420 (sb_writers#8){.+.+}-{0:0}
[  364.182555][   T30]  splice_direct_to_actor+0x58e/0xc90
[  364.182562][    C1] , at: vfs_write+0x227/0xc90
[  364.182592][    C1]  #1: 
[  364.189077][   T30]  ? __pfx_direct_splice_actor+0x10/0x10
[  364.194428][    C1] ffff8880163a5488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[  364.194488][    C1]  #2: ffff888022bd31e8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[  364.226904][    C1]  #3: ffffffff8ef0c528 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[  364.237247][    C1]  #4: ffff88807e9020e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0
[  364.247848][    C1]  #5: ffff88807e903250 (&devlink->lock_key#4){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160
[  364.256228][   T30]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  364.257918][    C1]  #6: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: unregister_nexthop_notifier+0x17/0x40
[  364.273969][    C1] 2 locks held by syz.2.959/8923:
[  364.278995][    C1]  #0: ffffffff8f670390 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  364.287251][    C1]  #1: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0
[  364.296554][    C1] 1 lock held by syz-executor/8924:
[  364.301759][    C1] 
[  364.304114][    C1] =============================================
[  364.304114][    C1] 
[  364.315077][   T30]  ? __fget_files+0x29/0x470
[  364.319699][   T30]  ? __pfx_lock_release+0x10/0x10
[  364.391321][   T30]  do_splice_direct+0x28c/0x3e0
[  364.451222][   T30]  ? __pfx_do_splice_direct+0x10/0x10
[  364.469070][   T30]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  364.503822][   T30]  ? security_file_permission+0x7f/0xa0
[  364.541236][   T30]  ? rw_verify_area+0x1d2/0x6b0
[  364.553024][   T30]  do_sendfile+0x56d/0xe20
[  364.557489][   T30]  ? __pfx_do_sendfile+0x10/0x10
[  364.620762][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  364.633739][   T30]  __se_sys_sendfile64+0x17c/0x1e0
[  364.638881][   T30]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  364.712742][   T30]  ? __x64_sys_sendfile64+0x1f/0xb0
[  364.722621][   T30]  ? __sanitizer_cov_trace_pc+0x46/0x70
[  364.728206][   T30]  ? do_syscall_64+0xb6/0x230
[  364.776481][   T30]  do_syscall_64+0xf3/0x230
[  364.782282][   T30]  ? clear_bhb_loop+0x35/0x90
[  364.837994][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.872785][   T30] RIP: 0033:0x7f5539975f19
[  364.877230][   T30] RSP: 002b:00007f553a6d8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  364.939516][   T30] RAX: ffffffffffffffda RBX: 00007f5539b06110 RCX: 00007f5539975f19
[  364.963811][   T30] RDX: 0000000000000000 RSI: 000000000000000c RDI: 000000000000000c
[  364.971811][   T30] RBP: 00007f55399e4e68 R08: 0000000000000000 R09: 0000000000000000
[  365.046872][   T30] R10: 0000000000020003 R11: 0000000000000246 R12: 0000000000000000
[  365.083134][   T30] R13: 000000000000006e R14: 00007f5539b06110 R15: 00007ffcae80ecf8
[  365.141568][   T30]  </TASK>
[  365.152611][   T30] 
[  365.152611][   T30] Showing all locks held in the system:
[  365.160341][   T30] 5 locks held by kworker/u8:0/11:
[  365.202587][   T30]  #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  365.262565][   T30]  #1: ffffc90000107d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  365.302582][   T30]  #2: ffffffff8f5fddd0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  365.312044][   T30]  #3: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90
[  365.361201][    C1] DEBUG: waiting rtnl_mutex for 1608 jiffies.
[  365.367324][    C1] task:kworker/0:3     state:D stack:19928 pid:5104  tgid:5104  ppid:2      flags:0x00004000
[  365.377557][    C1] Workqueue: events linkwatch_event
[  365.377962][   T30]  #4: 
[  365.382787][    C1] Call Trace:
[  365.382801][    C1]  <TASK>
[  365.382815][    C1]  __schedule+0x1800/0x4a60
[  365.382868][    C1]  ? __pfx___schedule+0x10/0x10
[  365.382894][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  365.407224][    C1]  ? __pfx_lock_release+0x10/0x10
[  365.412275][    C1]  ? kick_pool+0x45c/0x620
[  365.416758][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  365.421971][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  365.422574][   T30] ffffffff8e33ce38 (rcu_state.exp_mutex
[  365.427194][    C1]  ? schedule+0x90/0x320
[  365.427205][   T30] ){+.+.}-{3:3}
[  365.427226][    C1]  schedule+0x14b/0x320
[  365.444621][    C1]  schedule_preempt_disabled+0x13/0x30
[  365.450102][    C1]  __mutex_lock+0x6a4/0xd70
[  365.454682][    C1]  ? __mutex_lock+0x527/0xd70
[  365.459383][    C1]  ? linkwatch_event+0xe/0x60
[  365.464103][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  365.469156][    C1]  ? get_rtnl_holder+0x144/0x190
[  365.470487][   T30] , at: synchronize_rcu_expedited+0x381/0x830
[  365.474117][    C1]  ? process_scheduled_works+0x945/0x1830
[  365.474149][    C1]  linkwatch_event+0xe/0x60
[  365.488638][   T30] 3 locks held by kworker/u8:1/12:
[  365.490390][    C1]  process_scheduled_works+0xa2c/0x1830
[  365.501115][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  365.503158][   T30]  #0: ffff88802a28e948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}
[  365.507137][    C1]  ? assign_work+0x364/0x3d0
[  365.516793][   T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  365.519627][    C1]  worker_thread+0x86d/0xd40
[  365.534768][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  365.540682][    C1]  ? __kthread_parkme+0x169/0x1d0
[  365.545759][    C1]  ? __pfx_worker_thread+0x10/0x10
[  365.550890][    C1]  kthread+0x2f0/0x390
[  365.554995][    C1]  ? __pfx_worker_thread+0x10/0x10
[  365.560127][    C1]  ? __pfx_kthread+0x10/0x10
[  365.564759][    C1]  ret_from_fork+0x4b/0x80
[  365.569199][    C1]  ? __pfx_kthread+0x10/0x10
[  365.573830][    C1]  ret_from_fork_asm+0x1a/0x30
[  365.578635][    C1]  </TASK>
[  365.581666][    C1] DEBUG: waiting rtnl_mutex for 1489 jiffies.
[  365.587788][    C1] task:syz.2.959       state:D stack:23800 pid:8923  tgid:8922  ppid:6893   flags:0x00000004
[  365.597690][   T30] , at: process_scheduled_works+0x90a/0x1830
[  365.597985][    C1] Call Trace:
[  365.607260][    C1]  <TASK>
[  365.610211][    C1]  __schedule+0x1800/0x4a60
[  365.614804][    C1]  ? __pfx___schedule+0x10/0x10
[  365.618825][   T30]  #1: ffffc90000117d00
[  365.619663][    C1]  ? __pfx_lock_release+0x10/0x10
[  365.628878][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  365.634413][    C1]  ? schedule+0x90/0x320
[  365.638677][    C1]  schedule+0x14b/0x320
[  365.642883][    C1]  schedule_preempt_disabled+0x13/0x30
[  365.644930][   T30]  (
[  365.648343][    C1]  __mutex_lock+0x6a4/0xd70
[  365.648359][   T30] (work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  365.655371][    C1]  ? __mutex_lock+0x527/0xd70
[  365.655404][    C1]  ? nl80211_pre_doit+0x5f/0x8b0
[  365.675824][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  365.680873][    C1]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  365.687185][    C1]  ? get_rtnl_holder+0x144/0x190
[  365.692143][    C1]  nl80211_pre_doit+0x5f/0x8b0
[  365.696967][    C1]  genl_rcv_msg+0xaaa/0xec0
[  365.701495][    C1]  ? mark_lock+0x9a/0x360
[  365.705909][    C1]  ? __pfx_genl_rcv_msg+0x10/0x10
[  365.708933][   T30]  #2: ffffffff8f60a948 (
[  365.710960][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  365.710973][   T30] rtnl_mutex
[  365.720342][    C1]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  365.728948][    C1]  ? __pfx_nl80211_set_wiphy+0x10/0x10
[  365.734471][    C1]  ? __pfx_nl80211_post_doit+0x10/0x10
[  365.739950][    C1]  ? __pfx___might_resched+0x10/0x10
[  365.745294][    C1]  netlink_rcv_skb+0x1e3/0x430
[  365.747942][   T30] ){+.+.}-{3:3}
[  365.750055][    C1]  ? __pfx_genl_rcv_msg+0x10/0x10
[  365.758558][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  365.763914][    C1]  genl_rcv+0x28/0x40
[  365.764488][   T30] , at: addrconf_dad_work+0xd0/0x16f0
[  365.767897][    C1]  netlink_unicast+0x7f6/0x990
[  365.778077][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  365.783413][    C1]  ? __virt_addr_valid+0x183/0x530
[  365.788551][    C1]  ? __check_object_size+0x49c/0x900
[  365.793896][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  365.799030][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  365.803837][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  365.809141][    C1]  ? __import_iovec+0x536/0x820
[  365.814012][   T30] 1 lock held by khungtaskd/30:
[  365.814028][   T30]  #0: ffffffff8e337a60 (rcu_read_lock
[  365.818862][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  365.829275][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  365.834605][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  365.840100][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  365.845455][    C1]  __sock_sendmsg+0x221/0x270
[  365.850166][    C1]  ____sys_sendmsg+0x525/0x7d0
[  365.854997][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  365.860321][    C1]  __sys_sendmsg+0x2b0/0x3a0
[  365.863148][   T30] ){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  365.864981][    C1]  ? __pfx___sys_sendmsg+0x10/0x10
[  365.871657][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  365.882771][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  365.889127][    C1]  ? do_syscall_64+0x100/0x230
[  365.893943][    C1]  ? do_syscall_64+0xb6/0x230
[  365.898640][    C1]  do_syscall_64+0xf3/0x230
[  365.903185][    C1]  ? clear_bhb_loop+0x35/0x90
[  365.907896][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.913362][   T30] 8 locks held by kworker/1:1/46:
[  365.913831][    C1] RIP: 0033:0x7ff8b0d75f19
[  365.918792][   T30] 2 locks held by kworker/u8:4/61:
[  365.923202][    C1] RSP: 002b:00007ff8b1a8c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  365.923230][    C1] RAX: ffffffffffffffda RBX: 00007ff8b0f05f60 RCX: 00007ff8b0d75f19
[  365.923247][    C1] RDX: 0000000000000000 RSI: 0000000020000580 RDI: 0000000000000006
[  365.923263][    C1] RBP: 00007ff8b0de4e68 R08: 0000000000000000 R09: 0000000000000000
[  365.960752][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  365.968809][    C1] R13: 000000000000000b R14: 00007ff8b0f05f60 R15: 00007ffdefe3cf58
[  365.976846][    C1]  </TASK>
[  365.979882][    C1] DEBUG: waiting rtnl_mutex for 1755 jiffies.
[  365.983786][   T30] 1 lock held by kswapd0/88:
[  365.985977][    C1] task:syz-executor    state:D stack:21728 pid:8578  tgid:8578  ppid:1      flags:0x00004004
[  365.993551][ T2481] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  366.000714][    C1] Call Trace:
[  366.014526][    C1]  <TASK>
[  366.017472][    C1]  __schedule+0x1800/0x4a60
[  366.022017][    C1]  ? __pfx___schedule+0x10/0x10
[  366.022559][   T30] 1 lock held by kswapd1/89:
[  366.026893][    C1]  ? __pfx_lock_release+0x10/0x10
[  366.031451][   T30] 2 locks held by kworker/u8:10/2481:
[  366.036453][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  366.036491][    C1]  ? schedule+0x90/0x320
[  366.036516][    C1]  schedule+0x14b/0x320
[  366.036544][    C1]  schedule_preempt_disabled+0x13/0x30
[  366.036571][    C1]  __mutex_lock+0x6a4/0xd70
[  366.036603][    C1]  ? __mutex_lock+0x527/0xd70
[  366.036633][    C1]  ? rtnetlink_rcv_msg+0x6eb/0xd00
[  366.036665][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  366.036703][    C1]  ? get_rtnl_holder+0x144/0x190
[  366.085670][    C1]  rtnetlink_rcv_msg+0x6eb/0xd00
[  366.085735][   T30] 2 locks held by kworker/u8:12/2862:
[  366.090610][    C1]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[  366.101129][    C1]  ? __lock_acquire+0x1384/0x2050
[  366.106215][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  366.111721][    C1]  netlink_rcv_skb+0x1e3/0x430
[  366.116544][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  366.117013][   T30]  #0: 
[  366.122007][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  366.130119][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  366.135382][    C1]  netlink_unicast+0x7f6/0x990
[  366.135676][   T30] ffff8880b943ea18 (
[  366.140167][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  366.149379][    C1]  ? __virt_addr_valid+0x183/0x530
[  366.154539][    C1]  ? __check_object_size+0x49c/0x900
[  366.159840][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  366.163051][   T30] &rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  366.164983][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  366.165024][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  366.182979][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  366.188989][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  366.193987][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  366.199288][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  366.203951][   T30]  #1: ffff8880b9428948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}
[  366.204797][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  366.218609][    C1]  __sock_sendmsg+0x221/0x270
[  366.223334][    C1]  __sys_sendto+0x3a4/0x4f0
[  366.227864][    C1]  ? __pfx___sys_sendto+0x10/0x10
[  366.232977][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  366.238992][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  366.242695][   T30] , at: psi_task_switch+0x441/0x770
[  366.245371][    C1]  __x64_sys_sendto+0xde/0x100
[  366.252887][   T30] 1 lock held by dhcpcd/4771:
[  366.255261][    C1]  do_syscall_64+0xf3/0x230
[  366.259875][   T30]  #0: ffffffff8f60a948
[  366.264393][    C1]  ? clear_bhb_loop+0x35/0x90
[  366.264515][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.264541][    C1] RIP: 0033:0x7f12d0b77cac
[  366.264570][    C1] RSP: 002b:00007ffc100ea9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  366.292228][    C1] RAX: ffffffffffffffda RBX: 00007f12d1834620 RCX: 00007f12d0b77cac
[  366.292520][   T30]  (rtnl_mutex
[  366.300238][    C1] RDX: 0000000000000020 RSI: 00007f12d1834670 RDI: 0000000000000003
[  366.311626][    C1] RBP: 0000000000000000 R08: 00007ffc100eaa14 R09: 000000000000000c
[  366.319646][   T30] ){+.+.}-{3:3}
[  366.319663][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  366.319661][   T30] , at: rtnetlink_rcv_msg+0x6eb/0xd00
[  366.319692][   T30] 2 locks held by getty/4857:
[  366.323139][    C1] R13: 0000000000000000 R14: 00007f12d1834670 R15: 0000000000000000
[  366.323175][    C1]  </TASK>
[  366.323186][    C1] DEBUG: holding rtnl_mutex for 1787 jiffies.
[  366.323200][    C1] task:kworker/u8:0    state:D
[  366.354938][   T30]  #0: 
[  366.358312][    C1]  stack:20824 pid:11    tgid:11    ppid:2      flags:0x00004000
[  366.373588][    C1] Workqueue: netns cleanup_net
[  366.378376][    C1] Call Trace:
[  366.381658][    C1]  <TASK>
[  366.384639][    C1]  __schedule+0x1800/0x4a60
[  366.389186][    C1]  ? __pfx___schedule+0x10/0x10
[  366.394044][   T30] ffff88802adeb0a0 (&tty->ldisc_sem){++++}-{0:0}
[  366.394078][    C1]  ? __pfx_lock_release+0x10/0x10
[  366.394091][   T30] , at: tty_ldisc_ref_wait+0x25/0x70
[  366.394112][   T30]  #1: ffffc900031232f0
[  366.400406][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  366.420780][    C1]  ? kthread_data+0x52/0xd0
[  366.423788][   T30]  (&ldata->atomic_read_lock){+.+.}-{3:3}
[  366.425321][    C1]  ? wq_worker_sleeping+0x66/0x240
[  366.425326][   T30] , at: n_tty_read+0x6b5/0x1e10
[  366.425360][    C1]  ? schedule+0x90/0x320
[  366.431046][   T30] 1 lock held by sshd/5087:
[  366.436151][    C1]  schedule+0x14b/0x320
[  366.436182][    C1]  synchronize_rcu_expedited+0x684/0x830
[  366.436211][    C1]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  366.436250][    C1]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  366.471064][    C1]  ? __pfx___might_resched+0x10/0x10
[  366.476399][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  366.482402][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[  366.484818][   T30]  #0: 
[  366.488502][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  366.491257][   T30] ffff88801d6ee948 (
[  366.497592][    C1]  synchronize_rcu+0x11b/0x360
[  366.506278][    C1]  ? __pfx_synchronize_rcu+0x10/0x10
[  366.511595][    C1]  lockdep_unregister_key+0x4b7/0x540
[  366.517026][    C1]  ? __pfx_lockdep_unregister_key+0x10/0x10
[  366.522982][    C1]  ? rcu_is_watching+0x15/0xb0
[  366.527766][    C1]  ? qdisc_reset+0x3bf/0x5b0
[  366.530522][   T30] mapping.invalidate_lock
[  366.532359][    C1]  __qdisc_destroy+0x165/0x410
[  366.532371][   T30] ){++++}-{3:3}
[  366.532393][    C1]  dev_shutdown+0x357/0x450
[  366.549440][    C1]  unregister_netdevice_many_notify+0x97b/0x1c40
[  366.555838][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  366.562656][    C1]  ? unregister_netdevice_queue+0x26b/0x370
[  366.563165][   T30] , at: filemap_fault+0xb5b/0x1760
[  366.568559][    C1]  ? batadv_softif_destroy_netlink+0x1e3/0x270
[  366.579839][    C1]  default_device_exit_batch+0xa0f/0xa90
[  366.585524][    C1]  ? __pfx___might_resched+0x10/0x10
[  366.590838][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  366.594532][   T30] 3 locks held by kworker/0:3/5104:
[  366.597018][    C1]  ? cfg802154_pernet_exit+0xc3/0xe0
[  366.602158][   T30]  #0: ffff888015080948
[  366.607450][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  366.607482][    C1]  cleanup_net+0x89d/0xcc0
[  366.622250][    C1]  ? __pfx_cleanup_net+0x10/0x10
[  366.627269][    C1]  ? process_scheduled_works+0x945/0x1830
[  366.633048][    C1]  process_scheduled_works+0xa2c/0x1830
[  366.638650][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  366.643727][   T30]  ((wq_completion)events){+.+.}-{0:0}
[  366.644670][    C1]  ? assign_work+0x364/0x3d0
[  366.644676][   T30] , at: process_scheduled_works+0x90a/0x1830
[  366.644702][   T30]  #1: ffffc9000391fd00
[  366.650138][    C1]  worker_thread+0x86d/0xd40
[  366.669471][    C1]  ? __kthread_parkme+0x169/0x1d0
[  366.674551][    C1]  ? __pfx_worker_thread+0x10/0x10
[  366.679680][    C1]  kthread+0x2f0/0x390
[  366.683789][    C1]  ? __pfx_worker_thread+0x10/0x10
[  366.683839][   T30]  (
[  366.688902][    C1]  ? __pfx_kthread+0x10/0x10
[  366.691393][   T30] (linkwatch_work).work){+.+.}-{0:0}
[  366.695979][    C1]  ret_from_fork+0x4b/0x80
[  366.696010][    C1]  ? __pfx_kthread+0x10/0x10
[  366.696031][    C1]  ret_from_fork_asm+0x1a/0x30
[  366.696077][    C1]  </TASK>
[  366.696088][    C1] DEBUG: waiting rtnl_mutex for 1824 jiffies.
[  366.696101][    C1] task:syz-executor    state:D stack:21728 pid:8651  tgid:8651  ppid:1      flags:0x00000004
[  366.696141][    C1] Call Trace:
[  366.696149][    C1]  <TASK>
[  366.696162][    C1]  __schedule+0x1800/0x4a60
[  366.696209][    C1]  ? __pfx___schedule+0x10/0x10
[  366.742557][   T30] , at: process_scheduled_works+0x945/0x1830
[  366.745166][    C1]  ? __pfx_lock_release+0x10/0x10
[  366.749959][   T30]  #2: ffffffff8f60a948
[  366.755937][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  366.755975][    C1]  ? schedule+0x90/0x320
[  366.756001][    C1]  schedule+0x14b/0x320
[  366.756030][    C1]  schedule_preempt_disabled+0x13/0x30
[  366.756055][    C1]  __mutex_lock+0x6a4/0xd70
[  366.756087][    C1]  ? __mutex_lock+0x527/0xd70
[  366.756116][    C1]  ? rtnetlink_rcv_msg+0x6eb/0xd00
[  366.756148][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  366.756188][    C1]  ? get_rtnl_holder+0x144/0x190
[  366.784556][   T30]  (
[  366.784644][    C1]  rtnetlink_rcv_msg+0x6eb/0xd00
[  366.789097][   T30] rtnl_mutex){+.+.}-{3:3}
[  366.793770][    C1]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[  366.793804][    C1]  ? __lock_acquire+0x1384/0x2050
[  366.793833][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  366.793881][    C1]  netlink_rcv_skb+0x1e3/0x430
[  366.793905][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  366.793937][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  366.793980][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  366.814463][   T30] , at: linkwatch_event+0xe/0x60
[  366.816407][    C1]  netlink_unicast+0x7f6/0x990
[  366.820687][   T30] 1 lock held by syz.3.155/5786:
[  366.825799][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  366.825829][    C1]  ? __virt_addr_valid+0x183/0x530
[  366.825853][    C1]  ? __check_object_size+0x49c/0x900
[  366.825877][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  366.825910][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  366.825944][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  366.825965][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  366.825996][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  366.826025][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  366.826045][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  366.826078][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  366.826098][    C1]  __sock_sendmsg+0x221/0x270
[  366.826132][    C1]  __sys_sendto+0x3a4/0x4f0
[  366.826161][    C1]  ? __pfx___sys_sendto+0x10/0x10
[  366.826213][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  366.826245][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  366.826280][    C1]  __x64_sys_sendto+0xde/0x100
[  366.826308][    C1]  do_syscall_64+0xf3/0x230
[  366.826332][    C1]  ? clear_bhb_loop+0x35/0x90
[  366.826361][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.826387][    C1] RIP: 0033:0x7f8c21b77cac
[  366.826404][    C1] RSP: 002b:00007ffc30d58af0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  366.826429][    C1] RAX: ffffffffffffffda RBX: 00007f8c22834620 RCX: 00007f8c21b77cac
[  366.826447][    C1] RDX: 0000000000000040 RSI: 00007f8c22834670 RDI: 0000000000000003
[  366.826463][    C1] RBP: 0000000000000000 R08: 00007ffc30d58b44 R09: 000000000000000c
[  366.826478][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  366.826493][    C1] R13: 0000000000000000 R14: 00007f8c22834670 R15: 0000000000000000
[  366.826530][    C1]  </TASK>
[  366.826541][    C1] DEBUG: waiting rtnl_mutex for 1833 jiffies.
[  366.854461][   T30] 1 lock held by syz-executor/8578:
[  366.857682][    C1] task:syz-executor    state:D
[  366.892490][   T30]  #0: 
[  366.893086][    C1]  stack:21728 pid:8743  tgid:8743  ppid:1      flags:0x00004006
[  366.897793][   T30] ffffffff8f60a948
[  366.903072][    C1] Call Trace:
[  366.903084][    C1]  <TASK>
[  366.903099][    C1]  __schedule+0x1800/0x4a60
[  366.903151][    C1]  ? __pfx___schedule+0x10/0x10
[  366.903181][    C1]  ? __pfx_lock_release+0x10/0x10
[  366.903212][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  366.903247][    C1]  ? schedule+0x90/0x320
[  366.903270][    C1]  schedule+0x14b/0x320
[  366.903297][    C1]  schedule_preempt_disabled+0x13/0x30
[  366.903323][    C1]  __mutex_lock+0x6a4/0xd70
[  366.929387][   T30]  (
[  366.930230][    C1]  ? __mutex_lock+0x527/0xd70
[  366.952865][   T30] rtnl_mutex
[  366.956721][    C1]  ? unregister_nexthop_notifier+0x17/0x40
[  366.961429][   T30] ){+.+.}-{3:3}
[  366.965928][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  366.965960][    C1]  ? synchronize_rcu+0x11b/0x360
[  366.965986][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  366.966021][    C1]  ? get_rtnl_holder+0x144/0x190
[  366.966048][    C1]  unregister_nexthop_notifier+0x17/0x40
[  366.966074][    C1]  nsim_fib_destroy+0x89/0x180
[  366.966100][    C1]  nsim_dev_reload_destroy+0x2e3/0x490
[  366.966134][    C1]  ? __pfx_nsim_bus_remove+0x10/0x10
[  366.966157][    C1]  nsim_drv_remove+0x58/0x160
[  366.997880][   T30] , at: rtnetlink_rcv_msg+0x6eb/0xd00
[  367.005505][    C1]  device_release_driver_internal+0x4a9/0x7c0
[  367.005557][    C1]  bus_remove_device+0x34f/0x420
[  367.005590][    C1]  device_del+0x57a/0x9b0
[  367.005628][    C1]  ? __pfx_device_del+0x10/0x10
[  367.005666][    C1]  device_unregister+0x20/0xc0
[  367.005694][    C1]  del_device_store+0x363/0x480
[  367.005723][    C1]  ? __pfx_del_device_store+0x10/0x10
[  367.052560][   T30] 1 lock held by syz-executor/8651:
[  367.059152][    C1]  ? sysfs_kf_write+0x182/0x2a0
[  367.090915][   T30]  #0: 
[  367.093094][    C1]  ? bus_attr_store+0x4f/0xa0
[  367.093130][    C1]  ? __pfx_sysfs_kf_write+0x10/0x10
[  367.107229][   T30] ffffffff8f60a948
[  367.109694][    C1]  kernfs_fop_write_iter+0x3a1/0x500
[  367.122485][   T30]  (
[  367.123368][    C1]  vfs_write+0xa72/0xc90
[  367.126769][   T30] rtnl_mutex){+.+.}-{3:3}
[  367.131773][    C1]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  367.164645][   T30] , at: rtnetlink_rcv_msg+0x6eb/0xd00
[  367.169071][    C1]  ? __pfx_vfs_write+0x10/0x10
[  367.200186][   T30] 4 locks held by syz-executor/8740:
[  367.204040][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  367.204070][    C1]  ? blkcg_maybe_throttle_current+0x1ab/0xb80
[  367.229138][   T30]  #0: 
[  367.231712][    C1]  ksys_write+0x1a0/0x2c0
[  367.246306][   T30] ffff88807b444420
[  367.248391][    C1]  ? __pfx_ksys_write+0x10/0x10
[  367.289484][   T30]  (
[  367.292137][    C1]  ? do_syscall_64+0x100/0x230
[  367.303822][   T30] sb_writers
[  367.305032][    C1]  ? do_syscall_64+0xb6/0x230
[  367.307483][   T30] #8){.+.+}-{0:0}
[  367.312224][    C1]  do_syscall_64+0xf3/0x230
[  367.328811][    C1]  ? clear_bhb_loop+0x35/0x90
[  367.333543][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.339457][    C1] RIP: 0033:0x7f06f6374a9f
[  367.343914][    C1] RSP: 002b:00007ffe39e4ab70 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  367.351392][   T30] , at: vfs_write+0x227/0xc90
[  367.352328][    C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f06f6374a9f
[  367.360739][   T30]  #1: 
[  367.364982][    C1] RDX: 0000000000000001 RSI: 00007ffe39e4abc0 RDI: 0000000000000005
[  367.365004][    C1] RBP: 00007f06f63e45b2 R08: 0000000000000000 R09: 00007ffe39e4a9c7
[  367.365018][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  367.365033][    C1] R13: 00007ffe39e4abc0 R14: 00007f06f7034620 R15: 0000000000000003
[  367.365067][    C1]  </TASK>
[  367.365078][    C1] DEBUG: waiting rtnl_mutex for 1884 jiffies.
[  367.365092][    C1] task:kworker/u8:1    state:D stack:21008 pid:12    tgid:12    ppid:2      flags:0x00004000
[  367.365133][    C1] Workqueue: ipv6_addrconf addrconf_dad_work
[  367.365163][    C1] Call Trace:
[  367.365172][    C1]  <TASK>
[  367.365186][    C1]  __schedule+0x1800/0x4a60
[  367.365238][    C1]  ? __pfx___schedule+0x10/0x10
[  367.378395][   T30] ffff88802f366488
[  367.383919][    C1]  ? __pfx_lock_release+0x10/0x10
[  367.383954][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  367.383979][    C1]  ? kthread_data+0x52/0xd0
[  367.384007][    C1]  ? schedule+0x90/0x320
[  367.384032][    C1]  ? wq_worker_sleeping+0x66/0x240
[  367.384062][    C1]  ? schedule+0x90/0x320
[  367.384086][    C1]  schedule+0x14b/0x320
[  367.400451][   T30]  (
[  367.403048][    C1]  schedule_preempt_disabled+0x13/0x30
[  367.403079][    C1]  __mutex_lock+0x6a4/0xd70
[  367.403106][    C1]  ? mark_lock+0x9a/0x360
[  367.422523][   T30] &of->mutex
[  367.425270][    C1]  ? __mutex_lock+0x527/0xd70
[  367.428503][   T30] ){+.+.}-{3:3}
[  367.431419][    C1]  ? addrconf_dad_work+0xd0/0x16f0
[  367.492560][   T30] , at: kernfs_fop_write_iter+0x1eb/0x500
[  367.494002][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  367.497147][   T30]  #2: ffff888022bd31e8
[  367.501810][    C1]  ? get_rtnl_holder+0x144/0x190
[  367.530388][    C1]  addrconf_dad_work+0xd0/0x16f0
[  367.535387][    C1]  ? __pfx_addrconf_dad_work+0x10/0x10
[  367.539084][   T30]  (
[  367.540846][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  367.545627][   T30] kn->active
[  367.549681][    C1]  ? process_scheduled_works+0x945/0x1830
[  367.549696][   T30] #49
[  367.558628][    C1]  process_scheduled_works+0xa2c/0x1830
[  367.562509][   T30] ){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[  367.566803][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  367.579623][    C1]  ? assign_work+0x364/0x3d0
[  367.584265][    C1]  worker_thread+0x86d/0xd40
[  367.588895][    C1]  ? __kthread_parkme+0x169/0x1d0
[  367.593968][    C1]  ? __pfx_worker_thread+0x10/0x10
[  367.599104][    C1]  kthread+0x2f0/0x390
[  367.603189][   T30]  #3: ffffffff8ef0c528 (
[  367.603214][    C1]  ? __pfx_worker_thread+0x10/0x10
[  367.603226][   T30] nsim_bus_dev_list_lock){+.+.}-{3:3}
[  367.612638][    C1]  ? __pfx_kthread+0x10/0x10
[  367.612664][    C1]  ret_from_fork+0x4b/0x80
[  367.627063][    C1]  ? __pfx_kthread+0x10/0x10
[  367.631666][    C1]  ret_from_fork_asm+0x1a/0x30
[  367.636503][    C1]  </TASK>
[  367.639532][    C1] DEBUG: waiting rtnl_mutex for 1907 jiffies.
[  367.645625][    C1] task:dhcpcd          state:D stack:20672 pid:4771  tgid:4771  ppid:4770   flags:0x00000002
[  367.649744][   T30] , at: del_device_store+0xfc/0x480
[  367.655816][    C1] Call Trace:
[  367.655829][    C1]  <TASK>
[  367.655843][    C1]  __schedule+0x1800/0x4a60
[  367.655893][    C1]  ? __pfx___schedule+0x10/0x10
[  367.655923][    C1]  ? __pfx_lock_release+0x10/0x10
[  367.655952][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  367.655984][    C1]  ? schedule+0x90/0x320
[  367.663629][   T30] 7 locks held by syz-executor/8743:
[  367.664430][    C1]  schedule+0x14b/0x320
[  367.667316][   T30]  #0: ffff88807b444420
[  367.671798][    C1]  schedule_preempt_disabled+0x13/0x30
[  367.695490][   T30]  (
[  367.696626][    C1]  __mutex_lock+0x6a4/0xd70
[  367.700731][   T30] sb_writers#8
[  367.704885][    C1]  ? __mutex_lock+0x527/0xd70
[  367.704919][    C1]  ? rtnetlink_rcv_msg+0x6eb/0xd00
[  367.704951][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  367.704992][    C1]  ? get_rtnl_holder+0x144/0x190
[  367.705017][    C1]  rtnetlink_rcv_msg+0x6eb/0xd00
[  367.705047][    C1]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[  367.729492][   T30] ){.+.+}-{0:0}
[  367.730630][    C1]  ? __lock_acquire+0x1384/0x2050
[  367.743947][   T30] , at: vfs_write+0x227/0xc90
[  367.745506][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  367.751673][   T30]  #1: 
[  367.754037][    C1]  netlink_rcv_skb+0x1e3/0x430
[  367.754067][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  367.782348][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  367.787702][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  367.792480][   T30] ffff8880163a5488 (&of->mutex){+.+.}-{3:3}
[  367.792924][    C1]  netlink_unicast+0x7f6/0x990
[  367.798807][   T30] , at: kernfs_fop_write_iter+0x1eb/0x500
[  367.803579][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  367.803609][    C1]  ? __virt_addr_valid+0x183/0x530
[  367.803634][    C1]  ? __check_object_size+0x49c/0x900
[  367.825074][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  367.830227][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  367.832613][   T30]  #2: ffff888022bd31e8 (kn->active#49
[  367.835027][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  367.840470][   T30] ){.+.+}-{0:0}
[  367.845755][    C1]  ? __import_iovec+0x536/0x820
[  367.845785][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  367.845814][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  367.845835][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  367.845867][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  367.870924][   T30] , at: kernfs_fop_write_iter+0x20f/0x500
[  367.875102][    C1]  __sock_sendmsg+0x221/0x270
[  367.875142][    C1]  ____sys_sendmsg+0x525/0x7d0
[  367.875179][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  367.875203][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  367.875248][    C1]  __sys_sendmsg+0x2b0/0x3a0
[  367.875278][    C1]  ? __pfx___sys_sendmsg+0x10/0x10
[  367.875302][    C1]  ? netlink_bind+0xaeb/0xc90
[  367.875351][    C1]  ? __pfx___sys_bind+0x10/0x10
[  367.875371][    C1]  ? fd_install+0x35c/0x5d0
[  367.902565][   T30]  #3: 
[  367.906263][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  367.911310][   T30] ffffffff8ef0c528
[  367.915982][    C1]  ? do_syscall_64+0x100/0x230
[  367.916009][    C1]  ? do_syscall_64+0xb6/0x230
[  367.916032][    C1]  do_syscall_64+0xf3/0x230
[  367.916053][    C1]  ? clear_bhb_loop+0x35/0x90
[  367.916082][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.916106][    C1] RIP: 0033:0x7fe66112ea4b
[  367.916125][    C1] RSP: 002b:00007ffef51fbdf8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  367.916147][    C1] RAX: ffffffffffffffda RBX: 00007fe6610566c0 RCX: 00007fe66112ea4b
[  367.916162][    C1] RDX: 0000000000000000 RSI: 00007ffef520ffa8 RDI: 000000000000000e
[  367.916176][    C1] RBP: 000000000000000e R08: 0000000000000000 R09: 00007ffef520ffa8
[  367.916190][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
[  367.916205][    C1] R13: 00007ffef520ffa8 R14: 0000000000000048 R15: 0000000000000001
[  367.916238][    C1]  </TASK>
[  367.916250][    C1] 
[  367.916250][    C1] Showing all locks held in the system:
[  367.916259][    C1] 1 lock held by init/1:
[  367.916273][    C1]  #0: ffff88801d6ee948 (mapping.invalidate_lock){++++}-{3:3}, at: filemap_fault+0xb5b/0x1760
[  367.916339][    C1] 5 locks held by kworker/u8:0/11:
[  367.916353][    C1]  #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  367.969607][   T30]  (
[  367.975849][    C1]  #1: ffffc90000107d00 (net_cleanup_work){+.+.}-{0:0}
[  367.996143][   T30] nsim_bus_dev_list_lock
[  367.999800][    C1] , at: process_scheduled_works+0x945/0x1830
[  368.056895][   T30] ){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[  368.059394][    C1]  #2: 
[  368.077700][   T30]  #4: 
[  368.082772][    C1] ffffffff8f5fddd0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  368.082833][    C1]  #3: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90
[  368.082894][    C1]  #4: ffffffff8e33ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  368.112498][   T30] ffff88807e9020e8 (&dev->mutex
[  368.118382][    C1] 3 locks held by kworker/u8:1/12:
[  368.128348][    C1]  #0: ffff88802a28e948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  368.139992][    C1]  #1: ffffc90000117d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  368.148260][   T30] ){....}-{3:3}
[  368.152834][    C1]  #2: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0
[  368.152909][    C1] 3 locks held by khungtaskd/30:
[  368.170674][    C1] 5 locks held by kworker/1:1/46:
[  368.175729][    C1]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  368.178845][   T30] , at: device_release_driver_internal+0xce/0x7c0
[  368.186746][    C1]  #1: ffffc90000b67d00 ((work_completion)(&(&krcp->page_cache_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  368.186816][    C1]  #2: ffffffff8e4311c0 (fs_reclaim){+.+.}-{0:0}, at: __alloc_pages_slowpath+0xd31/0x23d0
[  368.214425][   T30]  #5: ffff88807e903250
[  368.216676][    C1]  #3: ffffc90000a18c00
[  368.220809][   T30]  (&devlink->lock_key#4){+.+.}-{3:3}
[  368.224975][    C1]  (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[  368.225025][    C1]  #4: ffffffff8e337a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  368.225096][    C1] 1 lock held by kswapd0/88:
[  368.225110][    C1] 1 lock held by kswapd1/89:
[  368.225152][    C1] 1 lock held by dhcpcd/4771:
[  368.249024][   T30] , at: nsim_drv_remove+0x50/0x160
[  368.253105][    C1]  #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  368.253186][    C1] 2 locks held by getty/4857:
[  368.253200][    C1]  #0: ffff88802adeb0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  368.253260][    C1]  #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  368.288070][   T30]  #6: 
[  368.291372][    C1] 1 lock held by sshd/5087:
[  368.308748][    C1]  #0: ffff88801d6ee948 (mapping.invalidate_lock){++++}-{3:3}, at: filemap_fault+0xb5b/0x1760
[  368.319114][    C1] 3 locks held by kworker/0:3/5104:
[  368.324347][    C1]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  368.335416][    C1]  #1: ffffc9000391fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  368.346462][    C1]  #2: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  368.348834][   T30] ffffffff8f60a948
[  368.355486][    C1] 1 lock held by syz.3.155/5786:
[  368.355507][    C1] 1 lock held by syz-executor/8578:
[  368.355521][    C1]  #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  368.372397][   T30]  (
[  368.378828][    C1] 1 lock held by syz-executor/8651:
[  368.378846][    C1]  #0: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  368.378917][    C1] 4 locks held by syz-executor/8740:
[  368.378931][    C1]  #0: ffff88807b444420
[  368.389655][   T30] rtnl_mutex
[  368.395985][    C1]  (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90
[  368.396051][    C1]  #1: ffff88802f366488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[  368.425493][    C1]  #2: ffff888022bd31e8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[  368.428872][   T30] ){+.+.}-{3:3}
[  368.435563][    C1]  #3: ffffffff8ef0c528 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[  368.435632][    C1] 7 locks held by syz-executor/8743:
[  368.435646][    C1]  #0: ffff88807b444420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90
[  368.442501][   T30] , at: unregister_nexthop_notifier+0x17/0x40
[  368.449361][    C1]  #1: ffff8880163a5488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[  368.479406][    C1]  #2: ffff888022bd31e8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[  368.482558][   T30] 2 locks held by syz.2.959/8923:
[  368.489482][    C1]  #3: ffffffff8ef0c528 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[  368.504851][    C1]  #4: ffff88807e9020e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0
[  368.515480][    C1]  #5: ffff88807e903250 (&devlink->lock_key#4){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160
[  368.525587][    C1]  #6: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}
[  368.525644][   T30]  #0: ffffffff8f670390
[  368.531946][    C1] , at: unregister_nexthop_notifier+0x17/0x40
[  368.542199][    C1] 2 locks held by syz.2.959/8923:
[  368.547256][    C1]  #0: ffffffff8f670390 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  368.555511][    C1]  #1: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0
[  368.556979][   T30]  (
[  368.564788][    C1] 
[  368.564799][    C1] =============================================
[  368.564799][    C1] 
[  368.634457][   T30] cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  368.640673][   T30]  #1: ffffffff8f60a948 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  368.727850][   T30] 
[  368.730203][   T30] =============================================
[  368.730203][   T30] 
[  368.789429][   T30] NMI backtrace for cpu 0
[  368.793789][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.10.0-next-20240719-syzkaller #0
[  368.803429][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  368.813493][   T30] Call Trace:
[  368.816786][   T30]  <TASK>
[  368.819725][   T30]  dump_stack_lvl+0x241/0x360
[  368.824417][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  368.829622][   T30]  ? __pfx__printk+0x10/0x10
[  368.834227][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[  368.839264][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  368.844221][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  368.849690][   T30]  ? _printk+0xd5/0x120
[  368.853862][   T30]  ? __pfx__printk+0x10/0x10
[  368.858465][   T30]  ? __wake_up_klogd+0x109/0x140
[  368.863419][   T30]  ? __pfx__printk+0x10/0x10
[  368.868039][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  368.873082][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  368.879072][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  368.885064][   T30]  watchdog+0xff4/0x1040
[  368.889313][   T30]  ? watchdog+0x1ea/0x1040
[  368.893743][   T30]  ? __pfx_watchdog+0x10/0x10
[  368.898426][   T30]  kthread+0x2f0/0x390
[  368.902504][   T30]  ? __pfx_watchdog+0x10/0x10
[  368.907185][   T30]  ? __pfx_kthread+0x10/0x10
[  368.911783][   T30]  ret_from_fork+0x4b/0x80
[  368.916209][   T30]  ? __pfx_kthread+0x10/0x10
[  368.920800][   T30]  ret_from_fork_asm+0x1a/0x30
[  368.925585][   T30]  </TASK>
[  368.929973][   T30] Sending NMI from CPU 0 to CPUs 1:
[  368.935745][    C1] NMI backtrace for cpu 1
[  368.935756][    C1] CPU: 1 UID: 0 PID: 5786 Comm: syz.3.155 Not tainted 6.10.0-next-20240719-syzkaller #0
[  368.935775][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  368.935783][    C1] RIP: 0010:lock_is_held_type+0xb/0x190
[  368.935807][    C1] Code: fc ff ff 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 41 57 41 56 41 55 <41> 54 53 48 83 ec 10 65 48 8b 04 25 28 00 00 00 48 89 44 24 08 bb
[  368.935818][    C1] RSP: 0018:ffffc90013d2dec0 EFLAGS: 00000002
[  368.935832][    C1] RAX: ffff88801d2d2040 RBX: ffff88813fffa000 RCX: dffffc0000000000
[  368.935844][    C1] RDX: ffff88802a373c00 RSI: 00000000ffffffff RDI: ffff88801d2d20a8
[  368.935855][    C1] RBP: 0000000000000001 R08: ffffffff81d44bb1 R09: 1ffffd40004008e0
[  368.935865][    C1] R10: dffffc0000000000 R11: fffff940004008e1 R12: 0000000000000003
[  368.935875][    C1] R13: 0000000000000740 R14: ffff88801d2d2100 R15: 1ffff11003a5a4d3
[  368.935886][    C1] FS:  00007f4507ca46c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  368.935898][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  368.935908][    C1] CR2: 000055e148888043 CR3: 000000007966e000 CR4: 00000000003506f0
[  368.935921][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  368.935930][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  368.935940][    C1] Call Trace:
[  368.935946][    C1]  <NMI>
[  368.935952][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  368.935968][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  368.935990][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  368.936006][    C1]  ? nmi_handle+0x2a/0x5a0
[  368.936028][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  368.936045][    C1]  ? nmi_handle+0x14f/0x5a0
[  368.936058][    C1]  ? nmi_handle+0x2a/0x5a0
[  368.936073][    C1]  ? lock_is_held_type+0xb/0x190
[  368.936091][    C1]  ? default_do_nmi+0x63/0x160
[  368.936113][    C1]  ? exc_nmi+0x123/0x1f0
[  368.936129][    C1]  ? end_repeat_nmi+0xf/0x53
[  368.936150][    C1]  ? lru_gen_update_size+0x8b1/0xed0
[  368.936170][    C1]  ? lock_is_held_type+0xb/0x190
[  368.936189][    C1]  ? lock_is_held_type+0xb/0x190
[  368.936208][    C1]  ? lock_is_held_type+0xb/0x190
[  368.936227][    C1]  </NMI>
[  368.936231][    C1]  <TASK>
[  368.936238][    C1]  lru_gen_update_size+0x8c8/0xed0
[  368.936262][    C1]  folio_inc_gen+0x346/0x4d0
[  368.936284][    C1]  ? __pfx_folio_inc_gen+0x10/0x10
[  368.936304][    C1]  ? folio_evictable+0x1a/0x310
[  368.936323][    C1]  evict_folios+0x21c2/0x78c0
[  368.936365][    C1]  ? __pfx_evict_folios+0x10/0x10
[  368.936398][    C1]  ? mem_cgroup_get_nr_swap_pages+0x28/0x110
[  368.936417][    C1]  ? get_swappiness+0x380/0x3e0
[  368.936438][    C1]  try_to_shrink_lruvec+0x9ab/0xbb0
[  368.936461][    C1]  ? __pfx_try_to_shrink_lruvec+0x10/0x10
[  368.936475][    C1]  ? shrink_node+0x3547/0x3de0
[  368.936489][    C1]  ? __pfx_lock_release+0x10/0x10
[  368.936509][    C1]  shrink_one+0x3b9/0x850
[  368.936525][    C1]  ? shrink_node+0x3547/0x3de0
[  368.936539][    C1]  shrink_node+0x3799/0x3de0
[  368.936552][    C1]  ? shrink_node+0x3547/0x3de0
[  368.936569][    C1]  ? validate_chain+0x11e/0x5920
[  368.936596][    C1]  ? __pfx_validate_chain+0x10/0x10
[  368.936612][    C1]  ? __pfx_shrink_node+0x10/0x10
[  368.936631][    C1]  ? cpuset_node_allowed+0x9b/0x5d0
[  368.936651][    C1]  do_try_to_free_pages+0x5c2/0x1a50
[  368.936680][    C1]  try_to_free_pages+0x9f0/0x10a0
[  368.936702][    C1]  ? __pfx_try_to_free_pages+0x10/0x10
[  368.936732][    C1]  ? __cpuset_memory_pressure_bump+0x4eb/0x620
[  368.936750][    C1]  ? fs_reclaim_acquire+0x93/0x140
[  368.936767][    C1]  __alloc_pages_slowpath+0xdc3/0x23d0
[  368.936800][    C1]  ? __pfx___alloc_pages_slowpath+0x10/0x10
[  368.936826][    C1]  __alloc_pages_noprof+0x43e/0x6c0
[  368.936842][    C1]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  368.936867][    C1]  alloc_pages_mpol_noprof+0x3e8/0x680
[  368.936886][    C1]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  368.936903][    C1]  ? xas_load+0x59b/0x5c0
[  368.936923][    C1]  folio_alloc_noprof+0x128/0x180
[  368.936940][    C1]  filemap_alloc_folio_noprof+0xdf/0x500
[  368.936962][    C1]  ? __pfx_filemap_alloc_folio_noprof+0x10/0x10
[  368.936981][    C1]  ? filemap_add_folio+0x26d/0x650
[  368.937003][    C1]  ? page_cache_ra_unbounded+0x382/0x7f0
[  368.937022][    C1]  ? page_cache_ra_unbounded+0x38f/0x7f0
[  368.937042][    C1]  ? kasan_check_range+0x5/0x290
[  368.937059][    C1]  page_cache_ra_unbounded+0x1f4/0x7f0
[  368.937085][    C1]  do_sync_mmap_readahead+0x49c/0x970
[  368.937110][    C1]  ? __pfx_do_sync_mmap_readahead+0x10/0x10
[  368.937125][    C1]  ? count_memcg_event_mm+0x90/0x420
[  368.937142][    C1]  ? __filemap_get_folio+0x984/0xc10
[  368.937160][    C1]  filemap_fault+0x828/0x1760
[  368.937175][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  368.937199][    C1]  ? __pfx_filemap_fault+0x10/0x10
[  368.937212][    C1]  ? pte_alloc_one+0x443/0x5d0
[  368.937231][    C1]  ? __pfx_pte_alloc_one+0x10/0x10
[  368.937251][    C1]  ? blk_cgroup_congested+0x1d/0x220
[  368.937271][    C1]  ? blk_cgroup_congested+0x20e/0x220
[  368.937294][    C1]  __do_fault+0x135/0x460
[  368.937311][    C1]  handle_pte_fault+0xd99/0x6eb0
[  368.937331][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  368.937351][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  368.937371][    C1]  ? mark_lock+0x9a/0x360
[  368.937390][    C1]  ? __pfx_handle_pte_fault+0x10/0x10
[  368.937407][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  368.937427][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  368.937448][    C1]  ? irqentry_exit+0x63/0x90
[  368.937465][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  368.937489][    C1]  ? __thp_vma_allowable_orders+0x951/0xa20
[  368.937508][    C1]  ? __pfx_lock_release+0x10/0x10
[  368.937529][    C1]  handle_mm_fault+0x1029/0x1980
[  368.937563][    C1]  ? __pfx_handle_mm_fault+0x10/0x10
[  368.937591][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  368.937612][    C1]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  368.937627][    C1]  exc_page_fault+0x2b9/0x8c0
[  368.937648][    C1]  asm_exc_page_fault+0x26/0x30
[  368.937664][    C1] RIP: 0010:rep_movs_alternative+0x33/0x70
[  368.937680][    C1] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb
[  368.937692][    C1] RSP: 0018:ffffc90013d2fbb0 EFLAGS: 00050246
[  368.937704][    C1] RAX: 0000000000000000 RBX: 0000000020019ac0 RCX: 0000000000000008
[  368.937713][    C1] RDX: 0000000000000000 RSI: ffffc90013d2fc20 RDI: 0000000020019ab8
[  368.937723][    C1] RBP: ffffc90013d2fc90 R08: ffffc90013d2fc27 R09: 1ffff920027a5f84
[  368.937734][    C1] R10: dffffc0000000000 R11: fffff520027a5f85 R12: 0000000000000008
[  368.937745][    C1] R13: 0000000000018ff0 R14: 0000000020019ab8 R15: ffffc90013d2fc20
[  368.937764][    C1]  _copy_to_user+0x86/0xb0
[  368.937782][    C1]  msr_read+0x187/0x260
[  368.937798][    C1]  ? __pfx_msr_read+0x10/0x10
[  368.937811][    C1]  ? bpf_lsm_file_permission+0x9/0x10
[  368.937828][    C1]  ? rw_verify_area+0x52a/0x6b0
[  368.937847][    C1]  ? __pfx_msr_read+0x10/0x10
[  368.937861][    C1]  vfs_read+0x204/0xbc0
[  368.937879][    C1]  ? __pfx_lock_release+0x10/0x10
[  368.937900][    C1]  ? __pfx_vfs_read+0x10/0x10
[  368.937917][    C1]  ? do_futex+0x33b/0x560
[  368.937936][    C1]  ? __fget_files+0x29/0x470
[  368.937951][    C1]  ? __fget_files+0x3f6/0x470
[  368.937965][    C1]  ? __fget_files+0x29/0x470
[  368.937984][    C1]  ksys_read+0x1a0/0x2c0
[  368.938005][    C1]  ? __pfx_ksys_read+0x10/0x10
[  368.938024][    C1]  ? do_syscall_64+0x100/0x230
[  368.938039][    C1]  ? do_syscall_64+0xb6/0x230
[  368.938054][    C1]  do_syscall_64+0xf3/0x230
[  368.938067][    C1]  ? clear_bhb_loop+0x35/0x90
[  368.938085][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.938106][    C1] RIP: 0033:0x7f4506f75f19
[  368.938120][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.938131][    C1] RSP: 002b:00007f4507ca4048 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  368.938144][    C1] RAX: ffffffffffffffda RBX: 00007f4507105f60 RCX: 00007f4506f75f19
[  368.938155][    C1] RDX: 0000000000018ff8 RSI: 0000000020019680 RDI: 0000000000000008
[  368.938165][    C1] RBP: 00007f4506fe4e68 R08: 0000000000000000 R09: 0000000000000000
[  368.938174][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  368.938183][    C1] R13: 000000000000000b R14: 00007f4507105f60 R15: 00007ffc37347948
[  368.938202][    C1]  </TASK>
[  369.246619][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  369.246635][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.10.0-next-20240719-syzkaller #0
[  369.246655][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  369.246665][   T30] Call Trace:
[  369.246672][   T30]  <TASK>
[  369.246681][   T30]  dump_stack_lvl+0x241/0x360
[  369.246704][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  369.246722][   T30]  ? __pfx__printk+0x10/0x10
[  369.246742][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  369.246771][   T30]  ? vscnprintf+0x5d/0x90
[  369.246792][   T30]  panic+0x349/0x870
[  369.246816][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  369.246837][   T30]  ? __pfx_panic+0x10/0x10
[  369.246858][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  369.246879][   T30]  ? __irq_work_queue_local+0x137/0x410
[  369.246904][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  369.246923][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  369.246941][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  369.857315][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  369.863466][   T30]  watchdog+0x1033/0x1040
[  369.867785][   T30]  ? watchdog+0x1ea/0x1040
[  369.872188][   T30]  ? __pfx_watchdog+0x10/0x10
[  369.876849][   T30]  kthread+0x2f0/0x390
[  369.880901][   T30]  ? __pfx_watchdog+0x10/0x10
[  369.885559][   T30]  ? __pfx_kthread+0x10/0x10
[  369.890131][   T30]  ret_from_fork+0x4b/0x80
[  369.894538][   T30]  ? __pfx_kthread+0x10/0x10
[  369.899111][   T30]  ret_from_fork_asm+0x1a/0x30
[  369.903874][   T30]  </TASK>
[  369.907093][   T30] Kernel Offset: disabled
[  369.911404][   T30] Rebooting in 86400 seconds..