last executing test programs: 42.668386942s ago: executing program 2 (id=935): r0 = socket(0x15, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r1 = socket$kcm(0x2, 0x1000000000000002, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002540)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ced4fbd44e24eb0d34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f07e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3a06d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a4693685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942ea629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a941576aebc8619d73415cda2130f5011e4845505008000000000004f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c298d9a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c040035cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e509e734fe7da3770845cf442d488afdc0e1700000000000000000000000000000000000000000000000000000520500002952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a62415f78000000005f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c81c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b40824095135861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e5dd921a5eadd4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e602c28ec78e116ae46c4897e2795b6ff020000004b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e29b10b50000eb4acff90756dba1ecf9f58afd3c19b5c455c9c022e8d03fe28bc358684492aa771dbfe8e4cd14dc5c1eb98b63198f6f830745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b51c34a5384f2cf51180c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af243b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380ecf1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734a37ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f558982d57c556ca1427b5960b7999054df5fb6410bc3cdc8517d817367565ca2a20996fcba472213744d3a156979651596afde2b0089f023fcfccd072bd6ea8445fc787390d71ec61d5b7b0f05f6931914bf49d66f07dd646bfbdea1cf021a88aa0d66eff294271a93e32f54f281068514a4cd2d0700a43df59e9924e4affdbd22405e675e9d7cdc10546571131831d4dc8c8363077a908d9ae4f27ff095f5b07667f93a3573d3fabfca58ee0a6b6a691102bb3c7be4dc5b816853275e7ae8c13ec341bad15353"], &(0x7f0000000340)='syzkaller\x00'}, 0x90) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff) setsockopt$sock_attach_bpf(r1, 0x88, 0x67, &(0x7f00000002c0)=r2, 0x4) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x11a, 0x3, 0x0, 0x0) sendmsg$inet(r1, &(0x7f0000000b40)={&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000800)="e9", 0x1}, {&(0x7f0000000040)='\x00\x00\x00\x00', 0x4}], 0x2, &(0x7f0000000100)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x40}, @loopback}}}], 0x20}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x6, 0xd, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff9e7, 0x0, 0x0, 0x0, 0x90f4}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x7fffffff}, @map_fd={0x18, 0x4}, @map_fd={0x18, 0x1}, @cb_func={0x18, 0x5, 0x4, 0x0, 0xfffffffffffffffb}, @map_fd={0x18, 0x4}]}, &(0x7f0000000040)='GPL\x00'}, 0x90) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x8044c0, &(0x7f0000000200), 0x3, 0x4be, &(0x7f0000000a00)="$eJzs3cFvG1UaAPBvnKRN23ST7u6hW2m71W5XabVbO2m2bbSHbldaLadKQLmHkDhRFCeOYqdtogql4sQJCRAgOHHigsQfgIT6JyCkSnBHCIEqaMuBA2BkZ9yEYCcpdeI2+f2kl3nzxvH3PVt+4zcz8gSwZ52IiEsR0RERpyOiN23PpCWWV0r1cffu3hirliQqlSvfJJGkbfXnStLlofTfuiPi2aciXkh+Hbe0uDQ9Wijk59P1XHlmLldaXDozNTM6mZ/Mzw4NDZ4fvjB8bnigZX29+L8v33jlvf9f/Oif1z4f+frUi9W0etJta/vRSitd76q9FnWdETG/HcHaoCPtT1e7EwEAYEuq3/F/HxF/jYj7b7c7GwAAAGA7VP7TEz8kEZXm9m+0EQAAAHj8ZWrXwCaZbHotQE9kMtnsyjW8f4yDmUKxVP7HRHFhdnzlWtm+6MpMTBXyA+m1wn3RlVTXB2v11fWz69aHIuJIRLzee6C2nh0rFsbbffADAAAA9ohDa+b/SUR817sy/wcAAAB2mb52JwAAAABsO/N/AAAA2P2azv+TzojXDu9sMgAAAECrPX35crVU6ve/Hr+6uDBdvHpmPF+azs4sjGXHivNz2clicbL2m30zmz1foVic+1fMLlzPlfOlcq60uDQyU1yYLY/U7us9knefaAAAANh5R/5y67MkIpb/faBWqval28zVYXfLPNzDk+3KA9h5He1OAGibh9z/A7uIOT6w2cS+e4fyAAAAtk//n7Z2/t95Ath9HP+Hvct+HfauznYnALSN8//Abz7///Fq9eUW5gMAALReT60kmWx6LrAnMplsNuJw7bYAXcnEVCE/EBG/i4hPe7v2V9cH2500AAAAAAAAAAAAAAAAAAAAAAAAADxhKpUkKgAAAMCuFpH5Kknv/9Xfe7Jn/fGBfcn3vbVlRFx758qb10fL5fnBavu3D9rLb6XtZ9txBAMAAABYrz5Pr8/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCV7t29MVYvOxn3zn8joq9R/M7ori27oysiDt5PonPN/yUR0dGC+Ms3I+Joo/hJNa3oS7NYHz8TEQfaHP9QC+LDXnarOv5cavT5y8SJ2rLx568zLY/qzolm41/mwfjX0WT8O7zFGMduf5BrGv9mxLHOxuNPPX7yiOPv888tLTXbVnk3or/h/if5RaxceWYuV1pcOjM1MzqZn8zPDg0Nnh++MHxueCA3MVXIp38bxnj1zx/+tFH/DzaJ37dJ/09usf8/3r5+9w8bxD/1t8bv/9H18Vdfktpr//d0P1Bt7q/Xl1fqax1//5PjG/V/vEn/N3v/T22x/6efeemLLT4UANgBpcWl6dFCIT+vorKrK/vjsUjjiam0e2QCAABabfVLf7szAQAAAAAAAAAAAAAAAAAAgL1rJ35ObG287vZ1FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgQz8HAAD//2iV0qM=") mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0) syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fqnc=FIRMWARE_CHECK,fscontext=user_u,permit_directio,\x00'], 0x1, 0x1e8, &(0x7f00000002c0)="$eJzKKC4sZmdgYPj7sSaZgUGAgZGBgYGFQYThAQMjAwsDA4MwSICBgWEnE4SOhdILofQeCMXQBFXHCxX3h9J/zasiohgYGDOV7pkxH1Du4FRkFADL+9twPmBpZ5COZbCc573mUlDmlKtCb5efW3Tv08NmmV1qujtKaw4wMDBMdxS6y8Bo3sHJwMAgGL5Fzc6AtxtsNGNk1BE00zsZNzMpMoJkF/38ZvKA0YihMZaBkUFug7/a4m9/pCpX3zzj3fF7QuZCHon60EkHrzTp3X6tF5Pe+DYj9nxnpFKLDeudL7MOu3WeEyhpEQ5RX5oVv7Pz/sH9+85WZ1xZ6VesfTZ+aTyfc9Ujlo0Soh9PB24u33/9oN3TKfOFl6Vk2tRVFEaqfVrw8mrHyxnB0pNz99vJFc9ndG1pADk27OoqCwbGuYybmRgYXp3tC0b2RXkDNOgYmBkYGBQYGBiYGFgY0jJzUg0cGBgZmKEcQxaoKphqJgYOsIRecn5OSj0DIzjCwNrmM7DAzTC8zsAK5xghc4wFGhKgRsVA6d9Qsy0aoAIM9VBaAUo7QOn5UPo6lIYlE1FotLOATQiH8jQaGBjYGCoSS0qKDNkYGKAsuJgRXMxIAG4zSKsKAwNDKhOqt/uhfEAAAAD//60Cnmc=") r3 = syz_open_procfs(0x0, &(0x7f0000000780)='map_files\x00') getdents(r3, 0x0, 0x0) r4 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r4, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_open_dev$usbfs(0x0, 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f0000000180)="580000001400192340834b80", 0xc}], 0x1) sendmmsg(r4, &(0x7f00000018c0)=[{{&(0x7f0000000180)=@hci, 0x80, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0x10}}], 0x1, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x0, 0x8, 0xc}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_mark_inode_dirty\x00'}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) 41.440112612s ago: executing program 2 (id=937): r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0x10, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_CROPCAP(r0, 0xc02c563a, &(0x7f0000000240)={0x8}) 40.902872093s ago: executing program 2 (id=940): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha1-avx2)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$inet(r1, &(0x7f0000000e40)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000002c0)="fc35", 0x2}, {&(0x7f0000000540)="2b84c2a412b6bb9c91169d149757acf5bc60d4f194cd18ed5a855bb7f3bacbdfa3cdb838181905e5d4f5cc8c644cc4f95ac94463692e0dadcb8cda6a0fdeb2fc946270874904340164a11b73cec29cc440ee51612af3abd1130667b5c346f16defdd41abcd925ed21324cb9732d3b8f6e4942bfc8fd79770478688a495f81dc72f0870f6bccc10713e418b572256141082d66fe3059e95289901eea9e9ca0d4f6e38243a20d1050bb08acf62e8ccd989adb3925926891169e34c373e553257eb6a3e6a268ce30c94a2eb8d4d2d000000000000004d6cdcc1e723bf1802f7ca7c8d002f650a8b634eb8d09d8dd24819947032b37a387e51cb33721c1054a1b96564cea1302f15804cb599a641647c731e0d1c808d1ccf85d5b7c3a1c1b0f5c304b88fff1c9cddcecd3a919788f81ab0336d6de83312f54c0879dfde386530", 0x13e}], 0x2}}], 0x1, 0x0) 40.72183452s ago: executing program 2 (id=941): r0 = socket$inet6(0xa, 0x2, 0x3a) r1 = dup(r0) bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000340)='./file2\x00', 0x14552, &(0x7f0000000240)=ANY=[], 0x1, 0x11f3, &(0x7f0000001b80)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=") mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x72, 0x92, 0xbd, 0x40, 0x2040, 0x5530, 0xa882, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0xdf, 0x7f, 0xa9, 0x0, [], [{{0x9, 0x5, 0x9, 0x0, 0x40}}]}}]}}]}}, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1adc51, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00') r4 = open(&(0x7f0000000200)='./bus\x00', 0x141a42, 0x0) sendfile(r4, r3, 0x0, 0x100800001) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x8, 0x3a, 0x0, @remote, @local, {[], @echo_reply={0x81, 0x0, 0x0, 0x200}}}}}}, 0x0) 38.064631328s ago: executing program 2 (id=950): r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0x10, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_CROPCAP(r0, 0xc02c563a, &(0x7f0000000240)={0x8}) 37.54110417s ago: executing program 2 (id=954): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x8, 0x22, 0x0, 0x1, [{0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}, @NL80211_ATTR_DFS_REGION={0x5}]}, 0x2c}}, 0x0) 37.007462956s ago: executing program 3 (id=959): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000340), 0x14) shutdown(r0, 0x0) write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0'}, 0xb) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000500)=@gcm_256={{0x303}, "2a4001011f891d5b", "11682d84dd05bb63db142ade2bd907f400", "fd6ed24e", "01000010ffffffff"}, 0x38) 36.471451395s ago: executing program 3 (id=962): r0 = socket(0x15, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r1 = socket$kcm(0x2, 0x1000000000000002, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002540)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ced4fbd44e24eb0d34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f07e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3a06d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a4693685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942ea629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a941576aebc8619d73415cda2130f5011e4845505008000000000004f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c298d9a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c040035cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e509e734fe7da3770845cf442d488afdc0e1700000000000000000000000000000000000000000000000000000520500002952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a62415f78000000005f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c81c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b40824095135861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e5dd921a5eadd4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e602c28ec78e116ae46c4897e2795b6ff020000004b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e29b10b50000eb4acff90756dba1ecf9f58afd3c19b5c455c9c022e8d03fe28bc358684492aa771dbfe8e4cd14dc5c1eb98b63198f6f830745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b51c34a5384f2cf51180c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af243b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380ecf1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734a37ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f558982d57c556ca1427b5960b7999054df5fb6410bc3cdc8517d817367565ca2a20996fcba472213744d3a156979651596afde2b0089f023fcfccd072bd6ea8445fc787390d71ec61d5b7b0f05f6931914bf49d66f07dd646bfbdea1cf021a88aa0d66eff294271a93e32f54f281068514a4cd2d0700a43df59e9924e4affdbd22405e675e9d7cdc10546571131831d4dc8c8363077a908d9ae4f27ff095f5b07667f93a3573d3fabfca58ee0a6b6a691102bb3c7be4dc5b816853275e7ae8c13ec341bad15353"], &(0x7f0000000340)='syzkaller\x00'}, 0x90) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff) setsockopt$sock_attach_bpf(r1, 0x88, 0x67, &(0x7f00000002c0)=r2, 0x4) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x11a, 0x3, 0x0, 0x0) sendmsg$inet(r1, &(0x7f0000000b40)={&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000800)="e9", 0x1}, {&(0x7f0000000040)='\x00\x00\x00\x00', 0x4}], 0x2, &(0x7f0000000100)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x40}, @loopback}}}], 0x20}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x6, 0xd, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff9e7, 0x0, 0x0, 0x0, 0x90f4}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x7fffffff}, @map_fd={0x18, 0x4}, @map_fd={0x18, 0x1}, @cb_func={0x18, 0x5, 0x4, 0x0, 0xfffffffffffffffb}, @map_fd={0x18, 0x4}]}, &(0x7f0000000040)='GPL\x00'}, 0x90) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x8044c0, &(0x7f0000000200), 0x3, 0x4be, &(0x7f0000000a00)="$eJzs3cFvG1UaAPBvnKRN23ST7u6hW2m71W5XabVbO2m2bbSHbldaLadKQLmHkDhRFCeOYqdtogql4sQJCRAgOHHigsQfgIT6JyCkSnBHCIEqaMuBA2BkZ9yEYCcpdeI2+f2kl3nzxvH3PVt+4zcz8gSwZ52IiEsR0RERpyOiN23PpCWWV0r1cffu3hirliQqlSvfJJGkbfXnStLlofTfuiPi2aciXkh+Hbe0uDQ9Wijk59P1XHlmLldaXDozNTM6mZ/Mzw4NDZ4fvjB8bnigZX29+L8v33jlvf9f/Oif1z4f+frUi9W0etJta/vRSitd76q9FnWdETG/HcHaoCPtT1e7EwEAYEuq3/F/HxF/jYj7b7c7GwAAAGA7VP7TEz8kEZXm9m+0EQAAAHj8ZWrXwCaZbHotQE9kMtnsyjW8f4yDmUKxVP7HRHFhdnzlWtm+6MpMTBXyA+m1wn3RlVTXB2v11fWz69aHIuJIRLzee6C2nh0rFsbbffADAAAA9ohDa+b/SUR817sy/wcAAAB2mb52JwAAAABsO/N/AAAA2P2azv+TzojXDu9sMgAAAECrPX35crVU6ve/Hr+6uDBdvHpmPF+azs4sjGXHivNz2clicbL2m30zmz1foVic+1fMLlzPlfOlcq60uDQyU1yYLY/U7us9knefaAAAANh5R/5y67MkIpb/faBWqval28zVYXfLPNzDk+3KA9h5He1OAGibh9z/A7uIOT6w2cS+e4fyAAAAtk//n7Z2/t95Ath9HP+Hvct+HfauznYnALSN8//Abz7///Fq9eUW5gMAALReT60kmWx6LrAnMplsNuJw7bYAXcnEVCE/EBG/i4hPe7v2V9cH2500AAAAAAAAAAAAAAAAAAAAAAAAADxhKpUkKgAAAMCuFpH5Kknv/9Xfe7Jn/fGBfcn3vbVlRFx758qb10fL5fnBavu3D9rLb6XtZ9txBAMAAABYrz5Pr8/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCV7t29MVYvOxn3zn8joq9R/M7ori27oysiDt5PonPN/yUR0dGC+Ms3I+Joo/hJNa3oS7NYHz8TEQfaHP9QC+LDXnarOv5cavT5y8SJ2rLx568zLY/qzolm41/mwfjX0WT8O7zFGMduf5BrGv9mxLHOxuNPPX7yiOPv888tLTXbVnk3or/h/if5RaxceWYuV1pcOjM1MzqZn8zPDg0Nnh++MHxueCA3MVXIp38bxnj1zx/+tFH/DzaJ37dJ/09usf8/3r5+9w8bxD/1t8bv/9H18Vdfktpr//d0P1Bt7q/Xl1fqax1//5PjG/V/vEn/N3v/T22x/6efeemLLT4UANgBpcWl6dFCIT+vorKrK/vjsUjjiam0e2QCAABabfVLf7szAQAAAAAAAAAAAAAAAAAAgL1rJ35ObG287vZ1FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgQz8HAAD//2iV0qM=") mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0) syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fqnc=FIRMWARE_CHECK,fscontext=user_u,permit_directio,\x00'], 0x1, 0x1e8, &(0x7f00000002c0)="$eJzKKC4sZmdgYPj7sSaZgUGAgZGBgYGFQYThAQMjAwsDA4MwSICBgWEnE4SOhdILofQeCMXQBFXHCxX3h9J/zasiohgYGDOV7pkxH1Du4FRkFADL+9twPmBpZ5COZbCc573mUlDmlKtCb5efW3Tv08NmmV1qujtKaw4wMDBMdxS6y8Bo3sHJwMAgGL5Fzc6AtxtsNGNk1BE00zsZNzMpMoJkF/38ZvKA0YihMZaBkUFug7/a4m9/pCpX3zzj3fF7QuZCHon60EkHrzTp3X6tF5Pe+DYj9nxnpFKLDeudL7MOu3WeEyhpEQ5RX5oVv7Pz/sH9+85WZ1xZ6VesfTZ+aTyfc9Ujlo0Soh9PB24u33/9oN3TKfOFl6Vk2tRVFEaqfVrw8mrHyxnB0pNz99vJFc9ndG1pADk27OoqCwbGuYybmRgYXp3tC0b2RXkDNOgYmBkYGBQYGBiYGFgY0jJzUg0cGBgZmKEcQxaoKphqJgYOsIRecn5OSj0DIzjCwNrmM7DAzTC8zsAK5xghc4wFGhKgRsVA6d9Qsy0aoAIM9VBaAUo7QOn5UPo6lIYlE1FotLOATQiH8jQaGBjYGCoSS0qKDNkYGKAsuJgRXMxIAG4zSKsKAwNDKhOqt/uhfEAAAAD//60Cnmc=") r3 = syz_open_procfs(0x0, &(0x7f0000000780)='map_files\x00') getdents(r3, 0x0, 0x0) r4 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r4, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_open_dev$usbfs(0x0, 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f0000000180)="580000001400192340834b80", 0xc}], 0x1) sendmmsg(r4, &(0x7f00000018c0)=[{{&(0x7f0000000180)=@hci, 0x80, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0x10}}], 0x1, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x0, 0x8, 0xc}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_mark_inode_dirty\x00'}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) 35.23053802s ago: executing program 3 (id=967): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x4810, &(0x7f0000000140)=ANY=[], 0x11, 0x693, &(0x7f0000000880)="$eJzs3c1vHGcdB/DvrNcvm0qO26ZpQJUwjVQQEYkdK4VwSUAIBalCVThwthqnseKkwXFR2gNxAYkrB/6AcggXOIEQEhJSpHKGW8XN4lQJiUtPaQ8MmtlZe+3u2ptXO/TziWaf55ln5pnf/OZlXyJrAnxuXTiR9t10cuHEa7eq9sadhZWNOwvXevUkk0laSbtbpLieFB8k59Od8oVqZjNcMWw7v14+e/HDjzc+6rba2RqveukMD7A9yl6sN1Nmk4w15UPYNt4bDzbe5Fa12MxMlbDjvcTBfhtPUm7z46NbPYOUY32Nodc78PQouu+bfbrX/0xyKMlU7w1tvdvZevIR7um+7kXrjy8OAAAAODAO37ud3Mr0fscBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT5Pm+f9FM7V69dkUvef/T/Q9Y39in8MdbvfIpnqVu60nEQwAAAAAAAAAPF5fupffXSzL6V67LOr/83+5bhypX5/J27mZpazmZG5lMWtZy2rmk8z0DTRxa3FtbXW+t+anZVkOWfP0wDVPjxhw51HsNQAAAAAAAAD83zjXlD/LhUzvcywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBNkYx1i3o60qvPpNVOMpVkolpuPflHr/40u7vfAQAAAMATcPhe7uVWpnvtsqi/8x+tv/dP5e1cz1qWs5aVLOVS/VtA91t/a+POwsrGnYVr1fTZcb/9n636H6f3DKMeMd3fHgZv+Vi9RCeXs1zPOZk38lZWcimtes3KsV48g+N6r4qpONdVlqMl6FJTVnv+q6Y8GGbqjIxvZmSuia3KxrO7Z6L/6DzAlubT2vzl58h95Pzcrlsp/ts7Jod6c5Jnvr93zsfva2ceys5MnO47+47unonkK3/6/Y+urFy/eqVYP3FwTqP7MPmvratmZyYW+jLx4siZuHzz6czETq28sFm/kO/lhzmR2bye1SznJ1nMWpYym+/WtcXmfK5eZ3bP1Pltrdf3imKiOS5jO2L68uFuuVtML9frTmc5P8hbuZSlvFr/O535fCNnciZn+47wCyNc9a0BV/2fhwd//KtNpZPkl015MFR5fbYvr/333Jm6r39OK+Vkd73nHtm9cVP7i02lOhI/b8qDYTMTU9l8l+hF93wvA+MDM/Gb+rZyc+X61dUrizd2jFusD97eK9m++wfnRlKdL89VB6tubT87qr7nB/bN131HNvtaO/t+29ns2+tKnWg+w312pNN134sD+xbqvmN9fVuftz4ty7L7eQuAA+/Q1w5NdP7d+Xvn/c4vOlc6r019Z/Kbky9NZPxv499qz4290nqp+EPez0+z9zd0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgTzffeffq4srK0uqOSlmWt4d0PZZK2sm2OX/9S98ySeqHAY0+YLX0+VZSz2mnqdxfYLcfbHfee9Ak/LM5Jk8k4Y+kMjX0/NlZ+aQsy4MR8yiVsnFQ4tmPyr7eloAn4NTatRunbr7z7teXry2+ufTm0vWzZ86cnTt75tWFU5eXV5bmuq/7HSXwOPR9AgcAAAAAAAAAAACeEqP9cU7xcH/bAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAQLpxI+26KzM+dnKvaG3cWVqqpV99a8pMkrSTFbFJ8kJxPd8pM33DFsO2sJxc//Hjjo26r3Uz18q3d1hvNejNlNslYUw4wNWhmeXvYeEU9zo3h442o2NzDKmHHe4mD/fa/AAAA///tbhq7") syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x480, &(0x7f00000000c0), 0x1, 0x765, &(0x7f0000000800)="$eJzs3c1rHOUfAPDvbJKmv7Q/E0HQegoIGijdmBpbBQ8VDyJYKOjZdtlsQ80mW7Kb0oSAFhG8CCoeBL307Eu9efXlqv+FB2mpmhYrHiQyu7PpNtltN22SRffzgWmf55nZPPPdZ2aeZ/cZdgLoW+PpP7mIQxHxQRIxmpUnETFUTw1GnGhsd2tttZguSayvv/ZbUt/m5tpqMVpekzqQZR6LiO/fjTic21pvdXllrlAulxaz/GRt/vxkdXnlyLn5wmxptrRwbGp6+ujxZ48f27lY//hp5eC1D19+6qsTf73z6JX3f0jiRBzM1rXGsVPGYzx7T4bSt/AOL+10ZT2W9HoHuC/pqTnQOMvjUIzGQD0FAPyXvRUR6wBAn0n0/wDQZ5rfA9xcWy02l95+I7G3rr8YEfsb8TfnNxtrBrM5u/31edCRm0k2M9KYzEwiYmwH6h+PiM++eeOLdIldmocEaOftSxFxZmx86/U/2XLPwnY93cU245vyrn+wd75Nxz/PtRv/5TbGP3HH+KdhuM25ez/uff7nru5ANR2l478XWu5tu9USf2ZsIMv9vz7mG0rOniuX0mvbQxExEUPDaX7qLnVM3Pj7Rqd1reO/3z968/O0/vT/21vkrg4O3/mamUKt8CAxt7p+KeLxwXbxJxvtn7Rp/7TsVJd1vPL8e592WpfGn8bbXLbGv7vWL0c82bb9b9/Rltz1/sTJ+uEw2Two2vj6509G2pUf2dT+6ZLW3/wssBfS9h+5e/xjSev9mtXt1/Hj5dHvOq27d/ztj/99yev19L6s7GKhVlucitiXvLq1/Ojt1zbzze3T+CeeaH/+bz7+11v2If1MeKbL+Aev/frl/ce/u9L4Z7bV/ttPXLk1N9Cp/u7af7qemshKurn+dbuDD/LeAQAAAAAAAAAAAAAAAAAAAAAAAEC3chFxMJJcfiOdy+XzjWd4PxIjuXKlWjt8trK0MBP1Z2WPxVCu+VOXoy2/hzqV/R5+M390U/6ZiHg4Ij4e/l89ny9WyjO9Dh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMgc6PP8/9ctwr/cOANg1+3u9AwDAntP/A0D/0f8DQP/R/wNA/9H/A0D/0f8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwy06dPJku63+urRbT/MyF5aW5yoUjM6XqXH5+qZgvVhbP52crldlyKV+szN/r75UrlfPTsbB0cbJWqtYmq8srp+crSwu10+fmC7Ol06WhPYkKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALanurwyVyiXS4sSEhISG4leX5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/h3+CQAA///Q6StZ") r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r0, 0x0) r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) ftruncate(r1, 0x81fd) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000000), 0x1670e68) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) io_submit(r2, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x16000}]) 33.658739944s ago: executing program 3 (id=972): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000000)={0xffffffffffffffff}) r2 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x2, &(0x7f0000000000)=0x5b2, 0x4) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, 0x0, 0x0) bind$can_raw(r2, &(0x7f00000000c0), 0x10) close_range(r1, 0xffffffffffffffff, 0x0) 32.578562047s ago: executing program 3 (id=976): syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a500000005"], &(0x7f0000000100)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = syz_open_dev$dri(&(0x7f0000001000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETGAMMA(r3, 0xc02064a4, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x0, 0x0}) r4 = dup(r2) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) sendmsg$NFT_BATCH(r0, 0x0, 0x0) openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000340), 0x501400, 0x0) syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000400)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x8000, &(0x7f0000000140)=ANY=[], 0x3, 0x6a4, &(0x7f0000001980)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=") ioctl$BTRFS_IOC_ADD_DEV(0xffffffffffffffff, 0x5000940a, &(0x7f00000003c0)={{}, "c5920558e2c421e104c1701160f560bfd7f08a8f7e3ca83a4afe51bdf4e8a566f8cd85a22fb0dc664fa614b5c377f001c4b6e9ace950341b981a412e97cc46ca91c648b14a9490f2390020e5605fa843701c16ed21e396fa2043a32d72c621c0a19cd0cac767337e50a4495bf9362f4006df2f75530f8b68a3da78c92cf8185b56b95f55f365047c98a40612ef5cc3cb4264d4d91d1f1468c33bd5cc5a080adc972e8c8f9cecaa1fd11a1078155f96326680658cab6cb7ba9e603793a8c113f7c0187657bdda1904781b3ba12f987653b74f7a9cb295c8ee4b002e327e3872cd46cf293672247f3003dc3c0f9af904404640e0d4ced809526bfa9c451916c7c39a3b29a9ad0a6992127bdc2ac42f217bd11db359e6e2e968ff80f71563925dda7790e0509d3402462e3115150a54d77b1d7a481b8f0899cfa0dd26fa908515ecd803bac0efeb235381a1bcf2df231e66edf204c5b52e000475e5bdfc5b03f714ba40392ca17c4066f87646b72c4c3d0db70f77016751e45524ec59c75436b60b7a7c1eddd3dda422e4f2a8475f7ca24e28e8b926f2a844d05d6f92a7a6ecbd6eaf6861c596ba52e92fcb40fd3c8c3bf953984a3871c1f5454ec7b08a27fca608cfe825aafe8d069b9aa7375685a67706706e217f1228a3489697e49dce28dc4b3268a8469eaa4525f91bf929acc48ea42f0a04f49513968525b5be8b954a8d697e3f3448e29d3ff3aa9259f707c08b20cb4309a4330257f87218f2f54caf83307527f8f85e6e4946d0db6d9ee9f692b935d761b0323aff3657198f5e1681a90e52bb0a9342f85984f5bc56f1c75b8c1e673c8c0ea4ad1ec50af55ebf41ec29e4f9f34be68ad70f04c6e5f61ef2bbc3ce0445cfb76949b78a6549343a9fd2b336db3db2a7b144b834fc38a21d3e45377ac16428072e08f83c3d26213f14a5473415709a04bb839b7dd07e55f3064e2f2e8ac55683a82db5722dd2f8b2c35e4cdd952462119fa54046ea9723aac1573dace8ff5e79ba89f6a9751270634f9e02cec0d0c314e516a43ced9ca9d3f991f31fb00741c666b3130861cfe75432b7a025d3bc9aa1e03f32689f352ed4ea2c7cf3eae3cbdfb49958dd54e22602b81ab74b38419ac67e4c06cf13adba218ec3033b80f0c4ab8d265c9446fe0eebd75bc4d9885e0ed3d4b26a021393292a571bc2f04f328fd86b4b4ac57e920270088e1e265a91e639180e3f3041e71f23ef6368fb02ad4c31c973400e84bdfa59b14f963b5fe5966dec6c90e5bc7a5f3e8f774dd0b0245841af4b135811223332a25332107e7c2417f2515b7addfa190063320c34261a365032bc8810638e7ab1f7fd62ea6ec3f2f700e993ade9738a25fe016b04ec0d25ca6384fb6533445e77e07762b72906dc32565eacda9c1e5ad0e0f1ed2ab679f7b6bd2ae602ac80444fc0b6ffa38812ccd881b89d42d4a1cc24e06db0f4be1df40c63d585802f50c055d090344bdc108eca6dbb35f2858b38aba9302128ba5ac1acee22959d67f84a894a6a0e36a328366256d34c56af4027bbaf6500f4e48d53a3e76b378fb8d21fbe74e584402f837a7275ab3ff558d8890a3093afea6963351a3c7006b14933dd6cd37393dd23faa5aa9f12ba10eaf25be4504409cb13c096c8a7eba3e7ff4cd876c039859f8bbab79b3909cf09156813fb8d2e72994d0b8ac8c41117666f3cba5aec8c1605277100c02841c04ef559ac6c6cbacc67303d7a5c41b774f8f71dae2af7b13746419eb5d70e1bb8f79ed5619dbd18f2241c510d0a3b4f9be900bd5e6e752725029b517eb33a59a7b68001734a9ef0e48a69de957506362bca15cd5390822c4a4618202f94b2a41b701853fa82ad0e3d1d4a3b8a48546364ab05f6ef884aacfee1f87e6fa6c3935e833a11cc441a3e8abf3ee5ef9c1669dbad2597945972508bd3b07f2f33e31ad3d6c5e6a609ebf0d96f23fb632f0cce8993d77edb4225e8dfe82c042ab467423f1a5f04556b2fd7af13cde7a633d0fba7010ef9de3240151d922a21946b7a11edb77b28763091822ad4d21b9322e684cf4e9c18d81b8aac55cc2b3445a3d60442584d8f60a9bd558818b274a3ca34684f450bf0b35ebc03f62b4cc6ab67c9d19d3073565b3ea14581e76a99e065222274ca19d10704f1f02971a04069005c96c979e41abdc2a1815c4c1cd1a1b06fc26a0a45fbb26a4700da534d5bd6955e9ae4143e9ff25291ee3137543eeb9319ad094fb477cbdaf90fc66623276ee1a7003d00c960c7d07a38d7b55bf0342dd0aa960a037e608cfb1ae112d10abe7054b3acb04ff1bc75c7234549f1a58b9209699a0326863c779a1f3cb57fb2c5d0ea41c00e1f102a847247109942edb119d7fce0a612a98da0d63e0d523c034afc061d52574236b48d98400a01207dc57bd6b1a1a6899ae7ea1516c25a584d8e09cd267a2726262209af3996bf30604e8113ddb68c8c2afb331d5032ab13581e42ddef793a3767d504a2c5cf09ece38f52526cb99d7c4ccc1b7826e50da22134196ff22b8a322dcd9533638a767c2b092e1174fc39b59e74aa4fb78784be1d91c9f12f115f64f1681f2514680b91c8b8174dd292dc32edc9ea03c83572d50915f9afd1a4a724161588f3ec34e2b83132a93042ea3ebd28cf3cf7a03a7206d9a36f867861170c76c8ff7ce0a54bf1677fc5a7807ec17da2813fa211695d6a213a3e3625dab3562108e985d73d86f10afa1a344fecc6050f98753171280917b19474ac367f1ab7deeea8df60fe4b382ba06066e2ca77eed69027de2414bb814fb1a995aa88668c2fa4d2dbef85e655bc7d9ad756ba52a6016848f18f22c2c45a15b5c453f81590e2952b0acc640092b98bef3e84f18833159a151abf58f92b804e0a64402335c5f27c5e9da2fbb72835441b9e3e40c7a20a4958418830b5aac2cfdf3354cd4ac8154832ffd7d039f861e8c63241751d50184f25221c3fb5d13c2f81e9ea0206338d2c6a3085b0a00bb66e381c239cbe792c1b06781c5ed52221318e40fabbce587bea70be54ec5743a8891232f083a612bfe110ff5734f3a7c7fdde5f8b94bc616ff5132dd348be9b55b453eb40748e2a21fb01f84b3d60ad5feba11a714fb627ccdf12ad082684f94cde651f42408399186beac2c173d056f79cf51412921a69ab4c574a236d05600ce1bb1230adafecc8a63ef217a505981b8d68dc9865d962d186db8f012964af7573ecb2a4fa0bbf1d826c69181fa004dcb5920c90dc33bee8a3335624c17877f0fc24bb06e6acd0addc927460fd5405b73f1242186666eec414f892d7486016f843e3bde9e05974c44965833282e39117a4c5b6ac7bad84251cf2ebf1262c98618f82eea3877e5200a9a491159253c240cfdd2a47adceeb46c14e6a0292da012b5043033d34716dcd26392745d8aa74d5727b424350e8977bde07256862c5bc5fdf4ab0f268c6a92a5af8dc63451ec7b14f632590e799a53faaeeee2d2df591df091ce405b00ddef609d6b3e87a2d5e9cbc65dd80594dfa6217e7ca680c6437d6bc437592d40fbcebeaee69b481d7279a4a18e0ece304d0f5b12b152f9d960f9335c1b7c95e6be8fb46b74db70a401643ea202231bfb2eaadc562cd676357cca43d1b75d708ca0a4f0f82576adf42c7289991ce446d72dc747fb781fa46521082511668fc6a0d68560d0588b49a0cbb2bad0736b6fe703c0aef5332e732159c1d06e24aa734aec31f3b36b143eb51ace66bf4c212d84d70cf5e47478ccdbb89065c6e1c6b0f50d9359f03d79ab83d9dd00b8397d087fc87b5ff2610f87fd10c5c9ca4bcb760a100e7a10124651e3402ebe1c935b2f89b54d5958a7e8d0351d436e96b87c14f61c5c146230b4c025017c36e49179fd30989c966c72a9f3fbed6e8afee5661266c0cdb73173ffe5bb32c35b41bcf0a4f357fb2fe18c1b2721c2ddbee3658557b0e25ccf7aa77538f4bf6fb355033077f8538c70ef4bf743c038df5a9096363b558ca559888234038ba4f6899512e08f1727656a659a5c570404fa9e3acc27cf35a3b83b272ce26ffdf6e9dea2daeced6cddeee329c06b11949822f185fac30c1be8dbf76596b518836f152b0137326daf3966652925a73bb6241a90b27fba8bfa8fa4d62d3a844e1d272c8199e8683d1fd15ed2d31db20fbce35e0b3c96c782afbc1d01b825893dc11e8b02252503764e5c71dd98cf34a91b795916ecf6cbd304b9bfe7a269f11e0c691a41414b2358f3aa8870fb1269d27037b670671864b1041d7b0028e0d034ab4934863f132a64abee8ebe39880a1c417120b80640e37d1f960daaadb7b07d13ace7c3f13c740ee214ed0bbe5d7a448212aff181955e3155e7b419ec1dc3aa19aa0495a8789bcb1afbae23d63f02fa56f910bac0ee30218ae5d6044100e279d97da9ac1c498a680c44fedaec7a16cbd0f72a45ea2f60d39bfc825a5805411f22f8d6c503b916be2ac6c522143c1cfa954db2f6e26eb7cf1e542a6e9a9fd3ab6838bdb3bda6b681b9b1c7a04e4cdee97f154c4df829bf190395422f2b6e5752cb7f9e3e8ea7f6be86606b0234d6a8ba8792eef936cf984e6270403538bd0df9b3e9d008630e1440aa11afa45c1b36dcd6acdee13317fc285696f478ae74cdedac4d387ea9e420d4897f7d6d613868cd4561130ec1fa992484aa689ec07fd9ed6c603f3d5b51706d325cff66429687f58a670b7e7c6d416a1b3e295f3c631daf460e499482fb929ed9e28e209c9611bf977824f38b0e8b029bd8b2dfa7d624be2d1a545277b19323898605c7906c38044ca73c9d11a1a14b5a5904698261b31b7b40ba8f591a976937287d71965f490157f253676b39e47c4ad0104db4484f98af8bd74809c2edcee673be9008f6e6d7a052c6f87fd565fc2571ecfecd30bcdce068f3ff28d5072be6e2887bef967ffbeafe71143941b412976267d0a8e9ff2c29acbdf030793d4787d8e5795aeff8c41dde7a92781d9a1ed05ee7dcdee06943f4032e68d99b450c09a569d78650747ac10a5875057176d090a6712592fa7629dbd0634823d570d780f678016e0528e556b5871c3417247526f24491c043b4945e94b85cb9afb6450493af246196359dd70c7eb0bcf7bc96ac44e2b7016cdabd08dbfe6416a57326e11a96ec67b1f2662f5dd25aa36b3ea2b99720b38f50d95ba1246b3dc985b083503754b2b6fcb6352e2b323c14a75bed50fb32698f5a0962bb6c980bd007050f67e903f67cb7329691b046983649f468b4cc880fa0eb60b0555a0ee341fa4d6231244cd978d3fc8dd40aaeee1e89b8a318794ce07120b592e4c1b374cd500fded95c947c1cb5e48479dc93a05ee8385b9ba23770192e8b50fcdb8228393e9f43c0a7ff3619bdc9d8694041168288b448a15bc49545eda34ffa5f48d72d0c2ffd310ba8b60c4ba50dbccad99a17cc23d357d12bb0be6bfedccf36cdea1a5867de86d696a0bd07108b312d85eb64a5d81cec091c5d992f73e1db1f8b28a4ddcc461619b253ef7a2a201e2bdac05eafd9f7d149b9676c319f5ec65e9b2dbc13c8610fa8fd635a074653b2bc92e79b1aefdbc179869115d49bfc4377bfc537a73635cfdf1bceff911990eae060130a6b0990d81ac8abcc91655fb0e612ce59d96d7deeba94187bd8efad6791e71084e33597cb458dcf3b2bef77ce8e89f808a5f2efcb85ead34fca221d9548392ebeb1cc4abef99a48b45c4e84005124ad634cb72ecf5a42306700063bb3b3c3f20daf2ac4b5b"}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r6, 0xc05064a7, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000340), &(0x7f00000007c0), 0x0, 0x0, 0x0, 0x0, r7}) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) 26.000981979s ago: executing program 3 (id=983): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x8, 0x22, 0x0, 0x1, [{0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}, @NL80211_ATTR_DFS_REGION={0x5}]}, 0x2c}}, 0x0) 18.903706955s ago: executing program 1 (id=996): setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x12, &(0x7f0000000340), 0x4) r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000003140)=""/4095, &(0x7f0000000000)=0xfff) getsockopt$bt_hci(r0, 0x84, 0x6d, &(0x7f0000000000)=""/4087, &(0x7f0000001080)=0xff7) r1 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000640)='ext4_ext_remove_space_done\x00'}, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) socket$inet6_sctp(0xa, 0x0, 0x84) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000680)=ANY=[@ANYBLOB="9c000000", @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="7d003300800000000802110000000802110000000802110000000000000000000000000000000000010003010e04"], 0x9c}}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000100), 0xfecc) mmap(&(0x7f00007dc000/0x1000)=nil, 0x1000, 0x1, 0x12, r4, 0x0) r5 = socket$unix(0x1, 0x2, 0x0) connect$unix(r5, &(0x7f0000000180)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r7, &(0x7f0000000040)={0x1f, 0x21, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) write$binfmt_script(r7, &(0x7f0000000200), 0xfecc) poll(&(0x7f00000000c0)=[{r7}], 0x1, 0x0) sendmsg$nl_route(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="4800000010000304000000000000000000000300", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128008001400677470001c00028008000600e5e7bcc4368a2f42a5cb613bac56b5b2f686224918743b0e3f7bb4566c910b88661d5a2c337883aea3211789ce1a9f496f33d8bd0c96dcc273341874d19bac", @ANYRES32, @ANYBLOB="08000200", @ANYRES32, @ANYBLOB="080004000000"], 0x48}}, 0x0) sendmsg$NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, 0x0, 0x0) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r8, &(0x7f0000000440), 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0) r9 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r9, &(0x7f0000000080), 0x42) sendmmsg$sock(r9, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000180)="05000000eeca06ad54c456350da0a5f21f55e46e", 0x14}, {&(0x7f0000002bc0)="26373bfbfe0bcd2f21b430a9d6cd4fd9a216e3daba6bff56f74ccf39b3eed7ef2f557f95", 0x24}], 0x2}}], 0x2, 0x0) 11.79595518s ago: executing program 0 (id=1001): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x4000, &(0x7f0000001240)=ANY=[@ANYBLOB="6d6f64653d30303030303030303030303030303030303030303230322c756d61736b3d30303030303030303030303030303030303030303030322c646d6f64653d30303030303030303030303030303030303037373737372c766f6c756d653d30303030303030303030303030303030303030312c73686f727461642c73686f727461642c6e6f7672732c6e6f7672732c6164696e6963622c6769643d69676e6f72652c646d6f64653d30303030303030303030303030303030303030303031302c6164696e6963622c6164696e6963622c73657373696f6e3d30303030303030302a604f7e3030303030303030303030352c0007ec6278e01f2ca1b3e247de8f095ab58520740203338bee59c32f5ae18bcdb3bf3d6fce2d78715a6d286bf862b384fb75a7b5e8394fe5f2cd121b67bcde32bb50f0dc41a76e187c5e236b84f24e1e8339dc2d02cd718a665a3d49afcfdd0a9efcb4f4bde15333eb64d9cdf83e260f53c2fe4faf03c02e68775d873415a7de35fbe9bc18ffa4458f2ba090163596407e21cf24f3e95d951f94d8b0f928836937d62a232dfe64290984e35230f25dbdf6d9d1fa2d8e381af0f6a01ed43ccb03e1b88162c12dd584649b"], 0x2, 0xc3a, &(0x7f00000002c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZSVy9S+mYhXuqqbZBJBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUrQwmiLokWldILn4UOTUE9HCRlH0wBYBcgpYzOxbcUmRFi2KFGV9Pjb1nZ19b+a9mdUMRfDNCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAg4vdevXT6TNq47qvnH1VrAID9cGX066fPpvsWW9yXxgAA++LqFv/+BwAAAAAAAAAAAAAADpQURTwdKWavrKbx6nVH/XK77/adsaHhrasdSVXNQ1X58qt+5uy5819+cfBCNy+3pz+k/sP22Xh99Oqlxiszt2bnJufnJycaY9Pt6zMTkzvewm7rb3ayOgCNW2/cnrhxY75x9oVzG96+M/BB/1PHBy4OPn/quW7ZsaHh4dH1IvXe8rUHbkjHdiM8DkcRpyKtdd8vYvfHor6/536zI1UnTladGBsarjoy1W5NL5RvjvR0tNFTqdk9Rlufi6j17WsfttfsjMUtygafLLs3Otuaa12bmmyMtOYW2gvtmemR1Glt2Z9GFHEhRSxFxEr/vZvriyJqkeJ7x1bTtYg41D0OX6wGBm/fjmIP+7gDZTsbfRFLxWNwzg6w/ijitUjxs3dPxPV8namuNV+IeK3MH0a8XebLEan8YJyPeH+LzxGPp1oU8Wfl+b+4miaq60H3unL5G42vTd+Y6Snbva58xPvDPVeKR3R/OLIp98cBvzbVo4hWdcVfTQ/+zQ4AAAAAAAAAAAAAAAAAD9uRKOIzkeLVf/vDzhy/1bj0YxcHf3/gl3vHjD97n+2UZV+IiMViZ2NyD+eBgSNpJKVHPJb4SVaPIv4oj//7zqNuDAAAAAAAAAAAAAAAAAAAwBOtiJ9GipfeO5GWondO8fb0zcbV1rWpzqyw3bl/u3Omr62trTVSJ5s5x3Mu5lzKuZxzJWcUuX7OZs7xnIs5l3Iu51zJGYdy/ZzNnOM5F3Mu5VzOuZIzarl+zmbO8ZyLOZdyLudcyRkHZO5eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICPkyKK+EWk+O63VlOkiGhGjEcnl/sfdesAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFJ/KuIHkaLx1ebddbWISNX/HSfKP85H83CZn4zmYJkvR/NSzlaVteZ3HkH72Z2+VMRPIkV//Z27Jzyf/77Oq7sfg3j72+uvPlvr5KHumwMf9D91/NjFweFfe3a75bRVA05ebk/fvtMYGxoeHu1ZXct7/2TPuoG83+LhdJ2ImH/zrTdaU1OTcw++UH4EdlH9MVpItSelpxaqhagdiGZstXA4/wXeu77zBCjv/+9Hit9+79+7N/zO/b8ev9R5dfcOHz//4/X7/0ubN7TD+39tc718/y/v6Vvd/5/uWfdS/m6krxZRX7g123c8oj7/5lun2rdaNydvTk6fP336K4ODXzl3uu9wRP1Ge2qyZ+mhHC4AAAAAAAAAAAAAAACA/ZOK+N1I0frJampExJ1qvNbAxcHnTz13KA5V4602jNt+ffTqpcYrM7dm5ybn5ycnGmPT7eszE5M73V29Gu41NjS8J525ryN73P4j9VdmZt+ca9/8g4Ut3z9av3RtfmGuVR7SrR6XcCSKiGbvmpNVg8eGhqtGT7Vb09WWR7YcTP/R9aUi/iNSXD/fSJ/P6/L4/80j/DeM/1/cvKE9Gv//iZ515T5TKuLnkeK3/vzZ+HzVzqNxzzHL5f46Upy88LlcLg6X5bpt6DxXoDMysCz7v5HiH36xsWx3POTT62XP7PjAPibK838sUvzgT78fv57XbXz+w9bn/+jmDe3R+X+mZ93RDc8r2HXXyef/VKR4+el34jfyug97/kf32RsncuG7z+fYo/P/qZ51A3m/v/lwug4AAAAAAAAAAPBY60tF/E2k+NFwLb2Y1+3k9/8mNm9oj37/69M96yYeznxF913Y9UEFAAAAgAOiLxXx00hxc+Gdu2OoN47/7hn/+Tvr4z+H0qZ3q5/z/Ur13ICH+fO/XgN5v+O77zYAAAAAAAAAAAAAAAAAAAAcKCkV8WKeT328Gs8/se186suR4tX//lIul46X5brzwA9Uf9avzEyfujQ1NXO9tdC6NjXZGJ1tXZ8s6z4TKVb/6nO5blHNr96db74zx/v6XOxzkWL4b7tlO3Oxd+cmf2a97Jmy7CcixX/+3cay3XmsP7Ve9mxZ9i8jxTf/aeuyx9fLnivLfj9S/PibjW7Zo2XZ7vNRP71e9oXrM8UenBUAAAAAAAAAAAAAAAAAAACeNH2piD+JFP9za+nuWP48/39fz8vK29/ume9/kzvVPP8D1fz/2y0/yPz/1XMFFrfbKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfDylKOKtSDF7ZTUt95evO+qX29O374wNDW9d7Uiqah6qypdf9TNnz53/8ouDF7r54fUfts/E66NXLzVembk1Ozc5Pz850Ribbl+fmZjc8RZ2W3+zk9UBaNx64/bEjRvzjbMvnNvw9p2BD/qfOj5wcfD5U891y44NDQ+P9pSp9T3w3u+Rtll/OIr4i0jxpb//r/Sj/ogidn8s7vPZ2WtHqk6crDoxNjRcdWSq3ZpeKN8c6R6IIqLRU6nZPUb7cC52pRmxWDa/bPDJsnujs6251rWpycZIa26hvdCemR5JndaW/WlEERdSxFJErPTfu7m+KOKNSPG9Y6vpn/sjDnWPwxevjH799Nnt21HsYR93oGxnoy9iqXgMztkB1h9F/GOk+Nm7J+Jf+iNq0fmKL0S8VuYPI96OzvlO5QfjfMT7W3yOeDzVooj/K8//xdX0bn95PeheVy5/o/G16RszPWW715XH/v6wnw74takeRfy4uuKvpn/19xoAAAAAAAAAAAAAAADgACniVyPFS++dSNX44LtjitvTNxtXW9emOsP6umP/umOm19bW1hqpk82c4zkXcy7lXM65kjOKXD9ns8z62tp4fr2Ycynncs6VnHEo18/ZzDmeczHnUs7lnCs5o5br52zmHM+5mHMp53LOlZxxQMbuAQAAAAAAAAAAAAAAAAAAHy9F9V+K735rNa31d+aXHo9OLpsP9GPv/wMAAP//NbH0uA==") r4 = socket$netlink(0x10, 0x3, 0x9) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, 0x0, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, &(0x7f0000000140)=0x12, 0x4) creat(&(0x7f0000000040)='./bus\x00', 0x92) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=']) read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r5, &(0x7f0000000240)={0x50, 0x0, r6, {0x7, 0x27, 0x0, 0x0, 0x1}}, 0x50) syz_fuse_handle_req(r5, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 11.668554697s ago: executing program 1 (id=1002): syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000200)='./bus\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6e6f646973636172640000008000200000ff5f78617474722c646973636172642c7768696e745f6d6f64653d757365722d626173651a9603642c6e6f696e6c696e48c8b8bd9db81b403801c199ffba3691ebc17570972cb0aab560ecd4a62772a15b05a04f8812838b6d154a85515cf6a313e8043c58707a92ff4e0d69fdd8fd380734190ccaff409ba8953c23b0c6f1c09d49447f1e1d0cedb97bb4daf266dcc2cec17b92cbbe1303abfc278ad789ffe0f34862de20f795a4b968385446d1964503b1815a337e284216bd6809000000000004000000d593d55b7516ceab7cd6f2aebee0e3b4e72511cc77b8aeb6cb60fe02009fbd67bd8d700393ec17bc2e14a4811bdefdda2f5f5ebead17e18e7fa077c6bf2fe6d11ac484b13898ad0c52acbc155d3426"], 0x1, 0x54f8, &(0x7f0000010140)="$eJzs3LtvW1UcB/DjpGn6okSIga1XqpASqbbiPCrYArTiIVJFPAYmcGzHcmv7RrHjhEwMjIiB/wSBxMTI38DAzIYYQGxIIN9zQpvyWOLECfl8pOvvvcfXv3uOVVX6XUc3ABfWXPbbL6VwM1wNIUyHEG6EUOyX0lZYi/FCCOFWCGHqia2Uxv8auBxCuBZCuJkKJqO3vrgzvL3681u/fvv97KXrX37zwwSWC5wRL4YQuttxf68bM2/FfJjGa8N2kd2VYcr4RvdROs5j7jU3iwp7tcPzakUut+L5+fZuf5RbnVp9lK32VjG+3YsX7A9bh3WKDzys7RTHjeZmke1+XmTrIM5r/yD+93bQH8Q6jVTv46J8GAwOM44395txPduPiqz3Bmk81s0bzf1RDlOmy4V63mkU89g8zjd9tr3d7u3uZ8PmTr+d97LVSvWlSvVuubqTN5qD5kq51m3cXcnmW53RaeVBs9Zda+V5q9Os1PPuQjbfqtfL1Wo2f6+52a71smq1slxZLK8upL072esP3s86jWx+lK+2e7uDdqefbeU7WfzEQrZUWX55Ibtdzd5d38g23rl/f33jvQ/vffDglfU3X0sn/W1a2fzS4tJSubpYXqouXKD1f5omPcb1w7GUJj0BgPPnRPv/uVizpP8HnnLe+/+g/x+Lc9X/XvT+/wTWD8ei/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLB+nPnqjWJnLh5fT+PPpKHn0nEphDAVQvjjH0yHy0dqTqc6M/9y/sxTc1gLoagwusZs2q6l8dH2+7Mn/S0AAADA/9fXn9z6PHbr8WVu0hPiNMWbNlM3PhpTvVIIYWbupzFVmxq9PD+mYsW/70thf0zVihtYV8ZULN5yuzSuav/h8X236SNx5YkoxZg6hekAAACn7GgncBpdCAAAAJPx2aQnwGSUwuPfBNMf8M/GSD8IXj1yBAAAAJxDpUlPAAAAADhxRf9/Fp7/913J8/8AAADgpMTn/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCf7NxPTsJAFAfg10IF/0Vi3HsVd3AMj+DSpeEAXoIj4BW8AGfAnUcwYGhLtAYTkw7FkO9L2jIT8uOVsHkzpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD69FfPJy9Ptc9uc1bqdNHcDAAAA7LIs5pPyxagan9fzl/XUdT3OIiKPiF29ey9OGpm9Oqf45f3FjxpeI8qEzWcM6uMsIu7q4+Nq398CAAAAHK/FdDauuvXqNDp0QXSpWrTJL+4T5WURUYzeE6Xlm9NNorDy992Px0Rp5QLWMFFYteTWT5X2J73GZfjtklWXvNNyAACATjQ7gW67EAAAALr0cOgCOIwstluZ273g8p/3XxuCp40RAAAA8L8Ndk1m3dcBAAAAdKzs/z3/DwAAAI5b9fw/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9mlZzCeL6WzcNme1bifN3QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfLI/7ygQAmEQBnvXdyZz/8NKg6amJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+d1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/0u1/+T0yNM8ncaWPpeCRZu2psXTX2HjSOHoy3fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxc79+8ZNxQEAf7bPF1pAHAFlCEIgMcBCr9fS0pUBFDHwJyBF6bUErvxoM9CqQsrChjJ3QTAihAQKW/6HzImUJWwZbggSc5B9duL8kDgIsa/J5yM9v+9Z1nvf50RRvn5OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDS8L2DOMkOnVEcF+c2dh8vZP3mkT6ztrI1m7UsjupM+unwavVDNNNcIgAAAFwcSVnfhxC209W5rI87ef2fltdkNf8Pz4/isp4/WveXfVn7Z+3333Ze3p+oM5onG/TO4qB/9XgqrbNb5WR74R+vaOV3Pn/2kuRfkPjD5ZeGaX4/o+/W199v5+FUHdkCAP/FlbIvgvL3oazvNZkYABdGq1J4l/V/0mk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA6DJfDs2UchRBmWwdxZnP38cJJ/drK1mzZbj55slIdMxsiDSHcWRz0r9a4lkn34OGjz+YHg/79+oPXQgjNzV4EH49xTQhNZig4bRAX3+v/48h70QSs62yDhn8wAQBw7qRFy+r67XR1LjsXTYew9+Ph+v/NShzGrP93Prm5UZ2rWv/3alvh5Osu3fuy++Dho7cX783f7d/tf/7Otd67veu3bty41c2flXQ9MQEAAOB02kWr1v/x9PH9/8uVOIxZ/3/1fe+b6lyJ+v9EB5t+TWcCAABwsb34+l9/Riecj9rt8PX80tL93ui4//na6NhAqv/aVNGq9X8y3XRWAAAAQB2Gy9Gh/f/blTiMuf//3E+v/FIdMwkhXCr2/68sfDG4Xd9yJlodf07c9BoBAABo1qWiVff/0/z9/3j/lYc4hPDWG6O4+DeAY9X/yQff/lydq/r+//X6ljiR4pnR/cj7qRBaM01nBAAAwHn2TNGyYv+PdHXu018vf9T2/j8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4OAAD//xwcQP8=") r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0) r1 = creat(&(0x7f0000000100)='./file1\x00', 0x0) fallocate(r1, 0x0, 0x0, 0x2000402) r2 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20) 10.74499015s ago: executing program 0 (id=1003): r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x121001, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000080)) r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000810087406d040e0a759400000001090212000100000000090400200003"], 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000200), r2) sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x180, r3, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0x10, 0xc, 0x0, 0x1, [{0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x148, 0x8, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x4c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x4}, {0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x4}, {0x3c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x2c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0xfffffffffffffe26}]}]}]}, 0x180}}, 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000040)={&(0x7f00000001c0)={0x418, 0x0, 0x4, 0x70bd27, 0x25dfdbfd, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0xb0, 0xc, 0x0, 0x1, [{0x4c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5205c03b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4750bf5e}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4760}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x18193fa}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8c3b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8c44}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7a9704d8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x61284872}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xa13a6de}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6de1022c}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x123cd91a}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf7e8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x11aedaa5}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4dff3af7}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf814}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xd5451a7}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6cb1acd0}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x623aa719}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7e696f7c}]}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x3c, 0xc, 0x0, 0x1, [{0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6c5a047c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7ebd}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2c3d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x73d85849}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3e0bffd1}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7eaa863a}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x14, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x4e}]}, {0x4}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x184, 0xc, 0x0, 0x1, [{0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x20dbace0}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc596}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2a9010c9}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa32c}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4b5fc18}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4afd2bee}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1743}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x61a8d77d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7f3f729e}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8899}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x26ee}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7c76cd54}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9627}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4451}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x68bcdc3e}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x451d67dd}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf5fc}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa926}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2d4ca9ce}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xa37fc75}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x217f3e03}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x244e7610}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x897d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4ce7}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8017}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2bfddee4}]}, {0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc777}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x52e4dc1b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x487e}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x77b6d6d3}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1644}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x76e3}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4af6e4eb}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1f18}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8924}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xbde9}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5f1241d8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x64a11cd4}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1e38}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4efa6108}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1262f806}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x493c2355}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xba08}]}]}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSCATLST={0x168, 0xc, 0x0, 0x1, [{0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x66610cb}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x35c0}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x8b39573}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd397}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x24b6ee5a}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1b041b03}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1171e00d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x665ddc99}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7d358071}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x66fd6608}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x52eedeec}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x71df50ca}]}, {0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x38e2b781}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x27b6}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6198}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2f18b135}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3ab5ff17}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1a50}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x117b0ee8}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4da24a5f}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xce41}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x26de}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xbd83}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x38970f22}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x11b2}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x73d5}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xb99c440}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6968c034}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xbcd5}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x671c81cf}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5669}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc52b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xbdae}]}, {0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x17a36602}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xea90}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5a0}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x46494eaf}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3dfee77e}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x15bf4134}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5627ac1f}]}]}]}, 0x418}, 0x1, 0x0, 0x0, 0x20040000}, 0x48804) socket(0x10, 0x3, 0x0) getpid() sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0) 9.482178446s ago: executing program 1 (id=1005): syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x0, &(0x7f0000005240), 0x1, 0x51b8, &(0x7f0000005280)="$eJzs3V+IVNcdB/Azu65uXepOoRQLQlcoLS0+LIVSi5RuS9X6sDJV+lBbdfuHQvFlFR8qfeiGBIPkIesKEvMQNwQiSUAXMcQQIasSDSGQByEo8cGEJWwwD0LyvISde8/szLnenXGjWaOfT9i9c+Z3zrlnhvsw343nTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAQwu3PawMz//vJSFl94vTFubnZ7T0TNw/1bT2//0YIlfrzlby+9/d/3PHvnXuHe+OAkT9lx2q1bMps6K2ssbLlyflxrT9/DyH0JBN058fNfU1jK+kJwoHihIvatmv3hd7J4Y2HD264NHn01FjxpTOvd7kXsFzy62pm4Voaqv/uSno02k2XXqXlEs3GpxfcN/IiAIB7MlirHxofR/OPuI32WFpP2kNJezxpx08I482NpcjmXVm2zoG0vkzrHMqiwqrSdSb1/P1vtGvp+KSdRI17WGdr1zzS9JatczSpL9c6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4me87N/Pf2u1dOltUnTl+cm5vd3jNx81Df1vP7b4RQrT9fycqV6yfXHfvVP7cMvHl8+GeD//rDju58XDyuaOocrscHv+4P4R9NlZk47WdrQqi1FurNcKJY+E/9wbZYAAAA4FHyw/rvrkY7i4M9Le1KPU1W6v9FeVjctftC7+TwxsMHN1yaPHpqbOnz1UrmG7rrfI12deGn0hSMY/xN51uox64HCvMsLp0xzfNXLm+8uOXqnqNl4wv5v7p4/o/vnPwPAADA1yH/p/Msrl3+f/XIE7MDT539adn4Qv4faDllIf/HFcf83xWWlv8BAADgYfag8/9QYZ7Ftcv/f91z4ncfbukdKhtfyP+DneX/Fc3Ljk++Hxe8rz+EwXZLBwAAAErE/+++8KeFmNeziJ/m9TMvH5u+9vFvNpXNV8j/Q53l/577/soAAACApfr57ls/ePHt786W1Qv5v9ZZ/l/1wFcOAAAAdGr9mc1vVV+oPFdWL+T/kc7y/+r8mO98yAZdif8K4Vh/CL3zD0azwtUw/ttGAQAAALhPYk7//7NX33m6+8/fKetXyP+ji9//P97pIO7/b7n/X2H/f1Mhu+vfJjcGAAAA4HFU3M8fb4+ffXNB2ffvd7r//5N1517/5bXp58vOX8j/Y53l/+7m4/38/j8AAABYgm/b9//9pTDP4trd///T77/23pdzP7pcNr6Q/8c7y//x2Nf88qbj+/Nkfwhr5x/kdxN8JZ5uX1KY6mkqZG98MmJnHJEXplY1FepGkxG/6A9h/fyDsaTwvVgYTwp31uSFyaTwQSzk10OjcDopTMcr7fiafLlp4Y1YyDdYTMUdFH2NLRHJiC/KRswX7jrio8bJAQAAHisxPOdZtqe1GdIoO1Vp12F1uw5d7Tp0t+uwIumQdix7Poy0FuLzf3vp7Ooj1Us/DiUK+X+ys/wf34qV2aFs/3+I+//zLyBs7P8fiYVqUpiKhVp6x4BaPEcWdp+J56jW8hF31jYKAAAA8EiLfxfoXuZ1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFfs3X+QXVV9APCzP96+7GazWcRBVAZWqGDqsNkkpojSMdgo1h+4KK1jHWtCsuCaxQQSOoShnQWs/cHYUkDaaa2Eto7CWJrBKZDWlkgbbAc6Bdo6QNTRIiN2qg5Di7UgdN7ee97ed+7evJdkN2Tp5/PHvvPe9/y878e+c+995wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8/HHfHvtoHf/Dw+6vi19/+leeff/Lc2vVf37n0nLsveTSE8ZnHu7Jw1yM3n3DDGZvePrLnpvesGNu8/n19ebk8HpY2/nTndz4Ra/3OshDu6gqhNw2cPpgFavn9wVjfCYMhHBNmA80SEwNZibThsK8/hF1hNtCsak9/CIOFwPkP33vPpxqJG/tDeG0IoZ628Y161kZ/Gji1LwsMpIGtvVngRy9kmoG7u7MAHLb4Zmi+6HePt2YYnrtcxeuvNm8de3Glw+uJieHqfN8/e4E7VdCXPjB+WE9bqToWROntsde7bRG820rb+TpPW/GLVP4N5YXZUD10b564cONlUzviI91hdLSnqqYFep4fferKTQeTXjSvw9iB4Xl5He578KH+49a+e89ta+9cv+f+xx463G4+UtikxfRCq4f8Nbdonsdonc+TRfD2K31LGvGlK4Rw12umT/mlC558Y1W8NP8fPvD8P76c4213S+5Y67ND2dw8PjIYEz8cyubmAAAAsGgshr2m+//w6eEPvPd3bq+qrzT/H+ns+H885J9P5rPR7g1h3UzimuUhHD/zeBa4NTZ3wfIQXjOTGm8NnJ0E9obwypnEimZVSYklscRIEvjuUB5YlwTui4HxJPC5GLguCXwiBnYngU0xsDcJvDUGwmTrOH56KB9Hx4H+GNiQbcTd8SyEp4dia8m22t+sCgAAYJ7ks8Na693CuQ6HmyFOL3f3t8sQz8CuzFBPakhnsM1pVWUNve1q6G5XQ3Pc0wcefqnmrnY1l07D6GrN0PPmdfse3/b460KF0vx/7MDz//ocHekqHf8P4byZvzF3dx6ZasY3jLdkAAAAAA7Dg3//2T//1zPfeUNVvDT/X9fZ+f9xn0hPIXN4IO6G2LI8hLHWQFbtm8uB7Kj30jwAAAAAi0HzeHzzWPhkfpudop3Op8v5xw8yfzzwv27O/J8597tf/tnPvuGcqv6W5v/jnZ3/P9B6m3XivtiLG5aHsKQQ+GrsZSMwYyQGvvWW1kA+/vviBrg2VpWfmNCs6tpYYkMMjCWBXVUlHmyWOL41kD9ZzcavaY5jMi9RCAAAAMARF3cHxOPy8fz/tZ/75avXPPLEB6vKleb/Gw7u/P+ZeXDp9P6ppSGs7A2hJ/1hwAMD2cKAMTDYlSf+ZiCrqyet6qqBEM5qDCyt6tv5+v+96RqDD/dnVcXA8Sd/4alTG4k/7Q9hZTHwtQ/dsraR2JEEmo3/Qn8IJzVGmzb+l0uyxmtp47+/JIQTC4FmVRcsCaHRWF9a1b31/DoGaVV/UQ/h2EKgWdXP1EPYGQBYpOK/0s3FB7fvvGLLxqmpiUsXMBH34feHCyenJkY3bZ3aXK/o0+akzy3LGF1VHlN3h2Pfny9R9NzbTh7uJN38neBYsS/5fvzSiYP5/fhdqDYzztW1lrtr0iG/7pRyE+mQ5hpypz9hPNQhDxQrmX0SK/vRF5aGJZdtn7h09PKNO3Zcuir722n21dnfeJgp21ar0m01MFffOnh5VK6WlTjUbXVasZKVOy7etnL7zitOn7x440UTF018fNWasbE3rl51xplrVzZGNZb9bTPU0+aqOhnqC7d0OK55HOqreguVHIlPDQkJicWWWHHnm37xi//x+ElVHz+l+f+2A8//46dO/OTP12eoOv4/HA/zZ4/PHubfEAO7Oj3+P1x1NL95YsBIEpiOgWmH+QEAAHhpiLsj497MuNf6ye9dcd2xt5z09apypfn/dGe//5+n9f+bS9e/s2qZ/xWxxFjV+v/pMv/N9f+nq9b/T5f5b67/v+tFWP//smYg2SRPW/8fAAB4KThy6/+3Xd4/vUBAKUPb5f3TCwSUMrRdxr/TCwQc9Pr/T/xg65LjX3brhlChNP+/rrP5v4X7AQAA4Ojx6Qc27zrtJz+pPCpcmv/v6mz+f+TX/wtV5/+PVAXGqxYGtP4fAAAAi1TV+n8fe/2WZZP/NnZBVbnS/H93Z/P/eNpFd0vuWOuzQ9madiFd0+6HQ82fDAAAAMDi0B1GR2sd5m1ZGfXsQ2/z0Xwp0AOli87a/Sc/33PldZUtlub/ezub/7f8LmPfgw/1H7f23XuevW3tnev33P/YQ7PH/wEAAICF0+l+CQAAAAAAAAAAAAAA4MW3/m8/+hsfvuezb6iKl37/H86bebzq9//xun/x9wUvb8kda22//l9+//x33b5zZsnCB4ZCOKUY2HL1lmNCfm3+04qBez684hWNxNVpiS9/861PNBIfSQPvOP1lzzQSZyWBDXGRxFemgXhVxWeWJYG4vOK/pIG4PXangb488FvLsnF0pdvqe4PZtupKt9VjgyEsLwSa2+quwayNrnSANyaB5gAvSQNxgOfmge60V7cvzXoVA4Ox6M1Ls14BAHDUit8Ca+HCyamJsfgVPt6+qrf1NmpZsuyqcrVdHTa/P1+a7Lm3nTzcSbon/S46e63xWqg3hrCq9HW1mKVrZpTzU0ubTffyiiG3W+2tu6Jc6mA3XV/1iPqzEY1u2jq1udZ24GvaZ1nd2zbLqtJkp5ile2aTdlBLB33pYEQdbpsOuhzvd4fR0Z4k15ticDi0aPeK6PT3+sV1/qpeBcU8oyf+6hXTE3c8WVVfaf4/3Nn8v14c1zP5xQCm45X1rlkeQuUlBwEAAIBDtP+vH1m99Y8++cX09jff9Sv/e9dPXflMVbnS/H+ks/l/3IOVHwrO9nbsjdf/b87/h7PArbG5C5aH8JqZ1HgskV1Q/52xxFgWuDXuMFkRS2wYb61qSQzsTgLfHcoDe5PAfTGQ76X4Qsh35fzeUAhrZ1LntZbYFksMJ4H3xsBIEhiNgbEksCwG1iWB/1yWB8aTwP0xECZbt9WXltm7AgAAHIJ8nlVrvRvSed7u3nYZutplGGiXobtdhnq7DFWjiPfviBlqyckrXYVMtbTW/qSWUoZ4MfyD7lcpQ3iwNWdasNR0PP+geb5BV2uGUz7/+g+EZb99c6hQmv+PdTb/H2i9zVq/L87/Z6//lwW+Grt3Qzx1fCQGvvWW1kC+Y+C+ONm9tlnVeF4in7RfG0usi4GRJLAtBtYlgQ3n5YFdr2gN5DPtZuPXNBufzEsUAgAAAHDExR0EcTdNnP9f/tzbl3/6i7/+31XlSvP/dZ3N/2N7S4uNfSLW+p1lIdzVNdubZuD0wSwQ92MMxp/HnzAYwjGFHRzNEhMDWYm+pOGwrz/7hXpfWtWe/myNgXj//IfvvedTjcSN/SG8trD3pdnGN+pZG/1p4NS+LDCQBrb2ZoG456cZuLs7C8Bha+4VjC+o/FSXpuG5y1W8/l4q1wRNh1faBzpHvrl+c7VQ6ukD+T7VpoN72krVsSBKb4+93m2L8d027N1W/CKVf0N5YTZUD92bJy7ceNnUjvhI8ZesJQv0PBd/pdpJeh5eh9OH3tv26mkHxpKPj7G5y839OuyK1e178KH+49a+e89ta+9cv+f+xx7quBsV4g+FX/2j24YfKWzehVYP+Wtu0X2ejPs8WYz/BkY8bSGEf1p/4eXPhr/rr4qX5v/jnc3/e5PbGT+OG3P78hBeV9i4D8TN/3PLs8/BQiD7lDy2HMgOuT8+VPnJCQAAAPOtubujub9gMr/NTghP58nl/OMHmT/ur1g3Z/5O+/2GPztz1VdO3P7HVfHS/H/Dgef/S5JuOv7v+D8LxPH/OR3tu6KXpA9MH9au6FJ1LAjH/+d0tL/bHP+fk+P/jv/PxfH/Nhz/n9PR/rSVviVt86WrMR/9nw9+8t/PHjylKl6a/2/rbP5v/b+5F+1rrv+3oWr9v21V6/9NW/8PAABYUBULzaXzvNLqfaUM6ep9pQxtFwhsu8Sg9f8Oev2/Nw/0vv93+29aESqU5v/Tnc3/48thabH1xbL+38h5FVVdFwPbLAwIAADA0ahqBwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvrpvuHdn3Dz/+0glV8etv/8rzzz95bu36r+9ces7dlzwawuTM411ZuOuRm0+44YxNbx/Zc9N7VoxtXv++el6ult++uiV3rPXZoRB2FR4ZjIkfDjXuzAbOf9ftO3sbiQeGQjilGNhy9ZZjGonPDYVwWjFwz4dXvKKRuDot8eVvvvWJRuIjaeAdp7/smUbirDzQlXb3M8uy7nal3f3UshCWFwLN7n5sWWtVzTbOyQPdaRufH8zaiIHBWPQPBrM2YmAqlphcEsLK3hB60qr+sZ5V1ZNW9Vf1rKqetKpfq4dwVgihN63qm31ZVb3pyP+5L6sqBo4/+QtPndpI7OoLYWUx8LUP3bK2kbgkCTQbf19fCCc1XjJp43fUssZraeM31kI4MYTQl5b4r96sRF9a4tu9IRxbCDQb/2hvCDsDLwnxw2dz8cHtO6/YsnFqauLSBUz05W31hwsnpyZGN22d2lxP+lSlq5B+4aoDxw9k/1NXbmrcPve2k4c7Sffm5WozXV5da7m7Zr56X1ug3sd+DRQrmX0+SvXH/H1haVhy2faJS0cv37hjx6Wrsr+dZl+d/e1pDq6xrVbN17bq1KFuq9OKlazccfG2ldt3XnH65MUbL5q4aOLjq9aMjb1x9aozzly7sjGqsezvfAz1liM/1Ff1Fio5Eh8AEhISiy3R3fLpNna0f5CXvujPdrQW6jMf0KVpRTFL18wo52PQZx/iiA/le0rbEa0qTRxKWVa3z7KmNJmYzdKfZZn5XleaHBZr6p7ZpPF+dxgd7anaDsOtd4ub9/uHsXkfzTddp2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/2MHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WYfRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//HB8mtQ==") r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file7\x00', 0x0) fallocate(r0, 0x0, 0x0, 0x1001f0) r1 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x3, 0x1800, 0x10000) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000000)={0x0, 0x3f, 0x0, 0x0, 0x1, [{}]}) 8.228071391s ago: executing program 4 (id=1007): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)={0x2c, 0x28, 0x107, 0x0, 0x0, {0x2}, [@nested={0x10, 0x1, 0x0, 0x1, [@typed={0x9, 0x0, 0x0, 0x0, @str='!])&\x00'}]}, @typed={0x4, 0x2, 0x0, 0x0, @uid}]}, 0x2c}}, 0x0) 7.813134386s ago: executing program 4 (id=1008): iopl(0x3) syz_clone3(&(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000580)=[0xffffffffffffffff], 0x1}, 0x58) 7.584559264s ago: executing program 0 (id=1009): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="726f6469722c696f636861727365743d6b6f69382d72752c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d302c6e66732c757466383d302c757466383d312c696f636861727365743d6d6163726f6d616e2c6e6f6e756d7461696c3d302c757466383d312c756e695f786c6174653d302c64656275672c736d61636b6673666c6f6f723d626c6c696f2e6266712e696f7273697604003dc33a26b56d923a582e321e3948d75eb47fb2754cc5c683d3816ff408f64d784f145db5f62c1b93ebd7b66fbe77d1eb17e529c91604ce0ee17a476680a401f9812d10acb6a99f99b36a108314b76f60ce9fea0ceff26e4fbec313efda741c6e72048be2d00c3d8198831b40bfdca83d3e16323d37b469c19ed35880acf0047afefc539c12b311ff58ab2098f635010ad9b44765fa2ca0f35e56c1165468c61053d26e26ba0dd2dca86b86d62a9227fb5b4369be5cd05790110863e49186a31f7c9fdd4f447301b1b4eca7637c8966aa0eb0f78ec2e0f77c554fc77dceda07532f9331b34ffd3bdc8000000073e23097917a2c61707072616973651e726f6f74636f6e746578743d756e636f6e66696e65645f752c686173682d646566636f6e746578743d73746166665f752c006602c91b01a2ec83c431f65c21b0753b1b1242e17f20e5552a019e19ded3897ea6d865f8974771b3d5e43be4eddacb7a3fb5cfc3e84e48633e38d0c1e130b118c7fb58393533a9b116a0a9b03f5d62dfeb2f7a609b0252a38330bba1edaa8d4d83"], 0x1, 0x27a, &(0x7f0000000080)="$eJzs3c9KY1ccB/Df1STGtpAsuiqFXmgXXQX1CZRiQZpVSxbtppWqUJIgKAT6h6auui901XfoO/QBupk3mMUsB2Y3Loa5Q3Jv/hg1mUDUQT6fjT/vOd/zJx51lZMfPu62j07PTy5+exrVahJru7Ebl0nUYy1G/ggA4DG5zLJ4keUW9S1FJSKyWvHd2j0sDwC4A8v8/wcAHodvvv3uq71mc//rNK1GdP/stZLIv+bteyfxU3TiOLaiFq8isrG8/uCguR+ldKAen3X7vdYg2f3+/2L8vecRw/x21KJ+Pf/lQXN/O81N5fu9VjneG+SzJB9oJ2rxYURWjmKQSX7nhny0KvH5p/8U6399HI2oxZMf4zQ6cTQcYpL/fTtNv8j+fvnrcKJBPun3WhvDfhPZ+r3+YAAAAAAAAAAAAAAAAAAAAAAAeNQa6dj0/T390W2AjcbN7bfeD1Tc8NOful9nK03T0TU+vVY58nwpPipF6eF2DgAAAAAAAAAAAAAAAAAAAO+O859/aR92OsdnV4r/stkni4vS1JPR2/qXiF8p2v9GLJ96myLWi6V1kmtTJKOmFcy1sUznzWUnjXzxfy2/sE9WtcG5xeh0tQ+TWNC5uvCQbBaDnZ0ncw/t1SK74fit35qqrGjvlfdX+2IOdlwev5jzO5dX/JsyI7mrP0EAAAAAAAAAAAAAAAAAAEBh8qbfeHat8eJBlgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA927y+f/jIuqzT2aLfhGe12d6QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhjbwIAAP//K3BmgQ==") ioctl$FS_IOC_SETFLAGS(r2, 0x125f, 0x0) 7.312096993s ago: executing program 4 (id=1010): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) io_setup(0xa, &(0x7f0000000240)=0x0) io_getevents(r1, 0x0, 0x0, 0x0, 0x0) 7.206595044s ago: executing program 0 (id=1011): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) ioprio_set$pid(0x1, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x5) ioprio_get$uid(0x3, 0x0) 7.007422489s ago: executing program 0 (id=1012): r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000082505a1a440000102030109025c0002010000000904000000020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300000000000904010000020d000009040101"], 0x0) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000a80)={0x84, &(0x7f0000000880)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 6.960504821s ago: executing program 4 (id=1013): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cgroup.controllers\x00', 0x275a, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000007c0), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16, @ANYBLOB="e7cdff000004000204003b1c29008091c855", @ANYRES32=r1, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0) preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0xb00000000065808, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) r2 = open(&(0x7f00009e1000)='./file0\x00', 0x62a40, 0x0) fcntl$setlease(r2, 0x400, 0x0) ioctl$HIDIOCGREPORT(r2, 0x400c4807, &(0x7f0000000180)={0x2, 0x1, 0x1}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x58}}, 0x0) sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000540)={0x40, 0x0, 0x2, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x4, 0x36}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x63}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x19}]}, 0x40}, 0x1, 0x0, 0x0, 0x8004}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000240), 0x3af4701e) r4 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r4, 0x29, 0x33, &(0x7f00000000c0)=0x1, 0x4) setsockopt$inet6_int(r4, 0x29, 0x31, &(0x7f0000000200)=0x8, 0x4) bind$inet6(r4, &(0x7f0000f65000)={0xa, 0x4e21, 0x0, @loopback}, 0x1c) sendto$inet6(r4, 0x0, 0x0, 0x20000002, &(0x7f00000001c0)={0xa, 0x4e21, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r4, 0x29, 0x6, 0x0, &(0x7f0000000080)) 6.413303361s ago: executing program 4 (id=1014): syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000200)='./bus\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6e6f646973636172640000008000200000ff5f78617474722c646973636172642c7768696e745f6d6f64653d757365722d626173651a9603642c6e6f696e6c696e48c8b8bd9db81b403801c199ffba3691ebc17570972cb0aab560ecd4a62772a15b05a04f8812838b6d154a85515cf6a313e8043c58707a92ff4e0d69fdd8fd380734190ccaff409ba8953c23b0c6f1c09d49447f1e1d0cedb97bb4daf266dcc2cec17b92cbbe1303abfc278ad789ffe0f34862de20f795a4b968385446d1964503b1815a337e284216bd6809000000000004000000d593d55b7516ceab7cd6f2aebee0e3b4e72511cc77b8aeb6cb60fe02009fbd67bd8d700393ec17bc2e14a4811bdefdda2f5f5ebead17e18e7fa077c6bf2fe6d11ac484b13898ad0c52acbc155d3426"], 0x1, 0x54f8, &(0x7f0000010140)="$eJzs3LtvW1UcB/DjpGn6okSIga1XqpASqbbiPCrYArTiIVJFPAYmcGzHcmv7RrHjhEwMjIiB/wSBxMTI38DAzIYYQGxIIN9zQpvyWOLECfl8pOvvvcfXv3uOVVX6XUc3ABfWXPbbL6VwM1wNIUyHEG6EUOyX0lZYi/FCCOFWCGHqia2Uxv8auBxCuBZCuJkKJqO3vrgzvL3681u/fvv97KXrX37zwwSWC5wRL4YQuttxf68bM2/FfJjGa8N2kd2VYcr4RvdROs5j7jU3iwp7tcPzakUut+L5+fZuf5RbnVp9lK32VjG+3YsX7A9bh3WKDzys7RTHjeZmke1+XmTrIM5r/yD+93bQH8Q6jVTv46J8GAwOM44395txPduPiqz3Bmk81s0bzf1RDlOmy4V63mkU89g8zjd9tr3d7u3uZ8PmTr+d97LVSvWlSvVuubqTN5qD5kq51m3cXcnmW53RaeVBs9Zda+V5q9Os1PPuQjbfqtfL1Wo2f6+52a71smq1slxZLK8upL072esP3s86jWx+lK+2e7uDdqefbeU7WfzEQrZUWX55Ibtdzd5d38g23rl/f33jvQ/vffDglfU3X0sn/W1a2fzS4tJSubpYXqouXKD1f5omPcb1w7GUJj0BgPPnRPv/uVizpP8HnnLe+/+g/x+Lc9X/XvT+/wTWD8ei/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLB+nPnqjWJnLh5fT+PPpKHn0nEphDAVQvjjH0yHy0dqTqc6M/9y/sxTc1gLoagwusZs2q6l8dH2+7Mn/S0AAADA/9fXn9z6PHbr8WVu0hPiNMWbNlM3PhpTvVIIYWbupzFVmxq9PD+mYsW/70thf0zVihtYV8ZULN5yuzSuav/h8X236SNx5YkoxZg6hekAAACn7GgncBpdCAAAAJPx2aQnwGSUwuPfBNMf8M/GSD8IXj1yBAAAAJxDpUlPAAAAADhxRf9/Fp7/913J8/8AAADgpMTn/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCf7NxPTsJAFAfg10IF/0Vi3HsVd3AMj+DSpeEAXoIj4BW8AGfAnUcwYGhLtAYTkw7FkO9L2jIT8uOVsHkzpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD69FfPJy9Ptc9uc1bqdNHcDAAAA7LIs5pPyxagan9fzl/XUdT3OIiKPiF29ey9OGpm9Oqf45f3FjxpeI8qEzWcM6uMsIu7q4+Nq398CAAAAHK/FdDauuvXqNDp0QXSpWrTJL+4T5WURUYzeE6Xlm9NNorDy992Px0Rp5QLWMFFYteTWT5X2J73GZfjtklWXvNNyAACATjQ7gW67EAAAALr0cOgCOIwstluZ273g8p/3XxuCp40RAAAA8L8Ndk1m3dcBAAAAdKzs/z3/DwAAAI5b9fw/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9mlZzCeL6WzcNme1bifN3QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfLI/7ygQAmEQBnvXdyZz/8NKg6amJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+d1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/0u1/+T0yNM8ncaWPpeCRZu2psXTX2HjSOHoy3fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxc79+8ZNxQEAf7bPF1pAHAFlCEIgMcBCr9fS0pUBFDHwJyBF6bUErvxoM9CqQsrChjJ3QTAihAQKW/6HzImUJWwZbggSc5B9duL8kDgIsa/J5yM9v+9Z1nvf50RRvn5OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDS8L2DOMkOnVEcF+c2dh8vZP3mkT6ztrI1m7UsjupM+unwavVDNNNcIgAAAFwcSVnfhxC209W5rI87ef2fltdkNf8Pz4/isp4/WveXfVn7Z+3333Ze3p+oM5onG/TO4qB/9XgqrbNb5WR74R+vaOV3Pn/2kuRfkPjD5ZeGaX4/o+/W199v5+FUHdkCAP/FlbIvgvL3oazvNZkYABdGq1J4l/V/0mk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA6DJfDs2UchRBmWwdxZnP38cJJ/drK1mzZbj55slIdMxsiDSHcWRz0r9a4lkn34OGjz+YHg/79+oPXQgjNzV4EH49xTQhNZig4bRAX3+v/48h70QSs62yDhn8wAQBw7qRFy+r67XR1LjsXTYew9+Ph+v/NShzGrP93Prm5UZ2rWv/3alvh5Osu3fuy++Dho7cX783f7d/tf/7Otd67veu3bty41c2flXQ9MQEAAOB02kWr1v/x9PH9/8uVOIxZ/3/1fe+b6lyJ+v9EB5t+TWcCAABwsb34+l9/Riecj9rt8PX80tL93ui4//na6NhAqv/aVNGq9X8y3XRWAAAAQB2Gy9Gh/f/blTiMuf//3E+v/FIdMwkhXCr2/68sfDG4Xd9yJlodf07c9BoBAABo1qWiVff/0/z9/3j/lYc4hPDWG6O4+DeAY9X/yQff/lydq/r+//X6ljiR4pnR/cj7qRBaM01nBAAAwHn2TNGyYv+PdHXu018vf9T2/j8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4OAAD//xwcQP8=") r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0) r1 = creat(&(0x7f0000000100)='./file1\x00', 0x0) fallocate(r1, 0x0, 0x0, 0x2000402) r2 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20) 5.781216577s ago: executing program 1 (id=1015): r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r0, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8], [0x10000], [0x6]], '\x00', [{}, {}, {}, {0x0, 0x0, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x0, 0x1, 0x1}], '\x00', 0x1000}) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) r2 = eventfd(0x0) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f0000000000)={0x0, r2}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000500)={0x5, 0x0, [{0x4, 0xcf, &(0x7f0000000140)=""/207}, {0x4, 0xa6, &(0x7f0000000240)=""/166}, {0xf000, 0xa, &(0x7f0000000300)=""/10}, {0x2, 0xd6, &(0x7f0000000340)=""/214}, {0x1000, 0x83, &(0x7f0000000440)=""/131}]}) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000100)={0x0, r2}) syz_emit_ethernet(0x46, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x1, 0x0, 0x2}}}}}}, 0x0) syz_emit_ethernet(0x5e, &(0x7f0000002e40)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "7428dd", 0x28, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_na={0x89, 0x0, 0x0, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [{0x0, 0x2, "122b472e41e24b11f34b608816e5"}]}}}}}}, 0x0) ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000) r3 = dup2(r1, r1) ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000040)=0x1) 4.960405888s ago: executing program 1 (id=1016): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x4) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) lsetxattr(&(0x7f0000000040)='./file1\x00', &(0x7f0000000140)=@known='system.posix_acl_access\x00', &(0x7f0000000180)='{\x00', 0x2, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000280), 0x10) r1 = socket$packet(0x11, 0x0, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'xfrm0\x00', 0x0}) stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) sched_setscheduler(0x0, 0x0, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) r6 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x0) poll(&(0x7f0000000300)=[{r6, 0x1c5}, {r6, 0x80}, {r4, 0x4011}], 0x3, 0x0) r7 = dup(r5) write$UHID_INPUT(r7, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b5e060987f70e06d038e7ff7fc6e5539b0d650e8b089b3f373b6c090890e0878f0e1ac6e7049b3b46959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07420936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x104d}}, 0x1006) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000140)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x19}, @in=@remote, 0x4e22, 0x958a, 0x4e24, 0x8, 0x2, 0x0, 0x0, 0x84, 0x0, r3}, {0x0, 0xb8, 0x2, 0x7, 0x87, 0x58, 0x8, 0x5}, {0x8, 0x10001, 0x7fff, 0x9}, 0x8, 0x0, 0x2, 0x1, 0x2}, {{@in=@local, 0x4d5, 0x32}, 0xa, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x3502, 0x4, 0x3, 0x0, 0x0, 0x2}}, 0xe8) bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@bloom_filter={0x1e, 0x0, 0x813, 0x10000, 0x44, 0x1}, 0x48) iopl(0x3) sendto$packet(0xffffffffffffffff, &(0x7f0000000100)="4dcdc7d96a760000002c80040200000000000000", 0x5dc, 0x0, &(0x7f0000000000)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x14) 1.865834826s ago: executing program 0 (id=1017): r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x121001, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000080)) r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000810087406d040e0a759400000001090212000100000000090400200003"], 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000200), r2) sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x180, r3, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0x10, 0xc, 0x0, 0x1, [{0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x148, 0x8, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x4c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x4}, {0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x4}, {0x3c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x2c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0xfffffffffffffe26}]}]}]}, 0x180}}, 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000040)={&(0x7f00000001c0)={0x418, 0x0, 0x4, 0x70bd27, 0x25dfdbfd, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0xb0, 0xc, 0x0, 0x1, [{0x4c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5205c03b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4750bf5e}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4760}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x18193fa}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8c3b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8c44}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7a9704d8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x61284872}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xa13a6de}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6de1022c}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x123cd91a}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf7e8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x11aedaa5}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4dff3af7}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf814}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xd5451a7}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6cb1acd0}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x623aa719}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7e696f7c}]}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x3c, 0xc, 0x0, 0x1, [{0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6c5a047c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7ebd}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2c3d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x73d85849}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3e0bffd1}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7eaa863a}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x14, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x4e}]}, {0x4}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x184, 0xc, 0x0, 0x1, [{0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x20dbace0}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc596}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2a9010c9}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa32c}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4b5fc18}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4afd2bee}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1743}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x61a8d77d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7f3f729e}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8899}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x26ee}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7c76cd54}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9627}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4451}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x68bcdc3e}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x451d67dd}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf5fc}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa926}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2d4ca9ce}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xa37fc75}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x217f3e03}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x244e7610}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x897d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4ce7}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8017}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2bfddee4}]}, {0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc777}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x52e4dc1b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x487e}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x77b6d6d3}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1644}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x76e3}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4af6e4eb}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1f18}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8924}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xbde9}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5f1241d8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x64a11cd4}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1e38}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4efa6108}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1262f806}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x493c2355}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xba08}]}]}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSCATLST={0x168, 0xc, 0x0, 0x1, [{0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x66610cb}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x35c0}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x8b39573}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd397}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x24b6ee5a}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1b041b03}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1171e00d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x665ddc99}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7d358071}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x66fd6608}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x52eedeec}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x71df50ca}]}, {0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x38e2b781}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x27b6}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6198}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2f18b135}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3ab5ff17}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1a50}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x117b0ee8}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4da24a5f}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xce41}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x26de}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xbd83}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x38970f22}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x11b2}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x73d5}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xb99c440}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6968c034}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xbcd5}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x671c81cf}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5669}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc52b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xbdae}]}, {0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x17a36602}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xea90}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5a0}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x46494eaf}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3dfee77e}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x15bf4134}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5627ac1f}]}]}]}, 0x418}, 0x1, 0x0, 0x0, 0x20040000}, 0x48804) socket(0x10, 0x3, 0x0) getpid() sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0) 73.724557ms ago: executing program 1 (id=1018): syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xdc, 0x3f, 0x6e, 0x40, 0x813, 0x1, 0x3a08, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9d, 0x26, 0x9b}}]}}]}}, 0x0) socket$inet6(0xa, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev}, 0x1c) r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x90, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x5b, 0xe, {{{}, {}, @device_b, @device_b}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x3}, @val={0x25, 0x3}, @val={0x2a, 0x1}, @void, @void, @val={0x72, 0x6}, @val={0x71, 0x7}, @val={0x76, 0x6}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x971}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x90}}, 0x0) 0s ago: executing program 4 (id=1019): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) syz_open_dev$evdev(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) time(0xfffffffffffffffc) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10) socket$inet_udplite(0x2, 0x2, 0x88) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r7}, 0x10) r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r9 = syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r8}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) read$FUSE(r8, &(0x7f0000000100)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r8, &(0x7f0000002140)={0x50, 0x0, r10}, 0x50) read$FUSE(r8, &(0x7f0000002900)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INTERRUPT(r8, &(0x7f0000000000)={0x10, 0xffffffffffffffda, r11}, 0x10) syz_fuse_handle_req(r8, &(0x7f0000004940)="a37b33352102270e8080da9acea18541f7a5c5c0ccac6b823171247e6e3675eaeae3fc94bd43baf4a099da2138a0fe4c613d6f13f998b175ae52341675e866014f466758a4fbd32928f56991cfdb381074d418d9690e966a9e10945f0a16abc6e27418ba809e9e22294a5f0c2ddb090d6849df842893a2f38c00c4c3689ec3875d021a3e221aa99d35e4660aa1796c2d4ea85bb91752c0c21dd01debd31e5d1eb7ddc9c64388008fa08a9871b9d158d0adbff0f57a19252b75100a980d86e9633cd793c8e2e33c00035a5ad72ef11437dc82e6e04d1a48d1f771d58f2f7dd978e9a4f3d462f03c0ca11026a9a15d1bd5c732b90d56a18ed5e16e4fc18739bd31eb7695369af1178a495890fc9e796d43f2f461e6d45634fb8e191c06c7c875fbad054f0ab21fecd7d3883a5d568426335c8902a1ef2e5856cf8888b91050dd50dd9e419b9a77dd6a135dbe314d769929a2ab34679406dc4314763867f7ad19945c550cce8d9243b1f602a47a7ca863895e5ddaff09fb773b1862a3757b2895054754c2a23a4b7975391972a9ad4f25245265bd77b634b9d834a88e9a16cc1a5b1dae4a46de62b939fe89403110778f126786aadd81950077de037b83550b1b897ebe50a3f660eb368cd771abb9fe1cf6fdd51e987757e3e7a6d9d1eebdacb8ecc00de9413f19b2a4063ad78b8eff9b5c420a06e21364d8c9fab06ee878e1344c767fe6e8d21dfe2f4dece09e2fbf405bc1008b2d0adf86fc70421952207b2265bacf5179efe10ba4c42e1f4d8f7c5b19352b866afd280c66b50d87c08a7e316270189f01397b70fe7b50e7426a5a760bafae1cd0c28469ccce09dd37afffce3ca4d5e05569bc145dc4ee1107097cee103a2215d87af81474231a8113b1f2924e6d5bf29742c3ef17d4f284db167a74f742b768bc3becc027c76d30e7921350746ababd6172895de2cd9e3a5e764edc8e2f3588b45574cc574993e84a47bb3d71867f412a7b20b82ac23e10a85f5f1984d25e42793798547837509bd94a7c8579f9181341b221f418cc0de373672ada07951cc7009300dbd0742426aba9eb1d533a0cd14a6b13f37854922228b9d0b1e20b67746102f84973405884ee2519227d3254c96e1146e08956cb1a474434b2ffe7a0b09e9437b303159abe4eca69f444be28ffe95a3935ad77dcb7291da653f9942926f6a3c750526dca116e7c278c628244e4b6c2da0eb2255e067bb11c42c03105bcb4ab9eb7a276e1f5d8cf7e779c158a2cc7f867d0e7fc5d77d797d725efd76ffde2c69b1abfa05dac952cf3ca5295845202341956d484859f7d5e2b3df31f9e2152674ecd71590605310c8fe238e33c0415469826c35aed0d65f3aa459ccf607e4b25f25cd08d65b48bd0f56461d995007dc5b00d8d91a9fa48286fa1d8dfb68fc9756cf928c05ba7f93f8285f7b6df63a5634c39da5ab555362339fd85dae4e952e06b8ad17bcf157733d55a30a05c0b6ac2ed2fd54ab1033dec41101f5251ed40c6f42e876328bad8f4fd21730cd1e2efb847dcb93ded254c4e66c6374ec40b124d32032f5ee5c52f0a51f2ca797b12f814a1f79e3e4d69412dbc834d620e72ee9648d67ff53eb126f7d382fd8f827fab96b7427cd0962e84542a98acc79cf429f004ce86f5841d0256c83a96087671365e3799951087a017f0a3ff7900b25515869ee524de62bd4e7c2c68e1c900f38b0f7bac92606a0d0eadfa9f1d5af8157f0d5a0d49dedb00bf5785f8b2f8c2f8c10f150a30c31141ca0545eda71841523c6986d7d5fbc1918d5c79e40b929c180153d34fc7c7faba1d471c10b52d3e93b8192fa4826d43ff9df160ab83041b0f647398964c108b7875d74d592d8ee2d5420316656626e58b4dba72bb09376592a062ba0cfa94469b2102ce05b68fd3d275f0941851dd6399cf386cb900441f0f762540ab58c1800e7e00bb34fe32eddc14f05d1537f6c23c8f5b5039b6a22b7d843476d22d4a1086f65aaad2699d402113e349ba58168fe5f9ed496f56d5c7864f6225b24562acad3aa8aac2cfc02e6d14fdaf89066022f61c3f7c0581bee46817ef95500a83e4dd6e6bbfec9ae785b59f29c61e23735543dc8d2596b5a787c00de7dd4209a656b398967d74d022f5a4be5c2ad5aa8e6fa76ebed097822c6b438655c05a5b5b9a3fefb8996c03aab4ef804f2145a9cecd2cc6ad2a54f4f13153da513ff3ff707ba8f34836fd7be482663557cf6923b2c417486a3bae32c28f5f9af211a4f60f202eb4bc5b4a9ac0c72f080c5ce3cd563b40dba488c6bb96f27935c2296e72063399bc0835f194e52d72efe2b0122728d6f841545bebd45b3d589e011f3360e9f90029d06b708b078f6c437862fd355604e87bf37c1ddf3a802fda5bbf03f8453cdb335fb381be1be1d9d3816654102b27dcb78c9b743b4ad22681b6f44dc854c96324d8c2ca678f31d3fe60c5144649340ad541edbc7c1d66314b566b43eeb9a1d9970726d25e529bb0b011b563378ec4580961d1137d47942b02f6f6c0e5322e879711bd4a98348180ca243ae538bd18e9bc1c217b36049e3ffefcfcb3a514dbdbdac14c47afec06b161355e89d1db713a007841e9f53ddc44764b61002c35f48f1c8d57e3c67415cbc920c9e69fb8a0ad8b2da067dd37d9c883dc5c24aac8105987f7b43df3fa2aab926566abdbb506d08b1db4b9f6aff592e68878fd22b2a04ccf8fad887ab7307f5bb5678659467547bb9b8c75a8f19a2fcffd855d917cf126ea4af832adb30df51f6e7311e15bdf0b14a019b4c5dd2a58ff142dbe159039a6dc73c099a72927e717dfcb2c438b9058bf7411786d930db5077533f35f56d02a647f14575abc3f7a149411c4597e9e9bc7e1767da725d8ea13d5c3fbc6e33cfe00b323a0d3abb4a928b180fd2007284ac614163e087c9d996f5f7545691c9b86557b09bb62bbb93d68c51a1f27fb57b869ff5702ee36ad13983f77682f278e09d17ded110beae19ba0a0200c8f9cdc624ded25da0f31b79b21897b25413af89066259aa41291275918a42105f277f5d606b24ca82f254d04fcd258651c565ef918c21a2f9e78162aeab6f19cb0e7c9e8b60b3de04b0916cb726d595e957a74290417e626366f20a33c2be052b3cdbcccca7210b4c9a02c42b749dce61714f59b144a92ad9af3501a3ab02654e6ec897bfa385f95f4e481c6e937122b163d8cb9292ae59c80fd00502e6a726949633e4b1ee09df492daec19d6d498090a9659d2fb7b63349988ffac6c792ad427eec0f48b9b285feba6d2365f1dff4852ea6b4d2289df7ece3a509cfa3574bc8f9e2670c8433885d8c9ec0494d40808d9c9d4efbf90d1b6558ae75e254ea3aff6f37f976aa2916b58a015e4919760063ebd2373730a37bd0f91b281c05b6fb3e35924b4ac88a0d0a8b0d125551458c719cd53cf9753fafc9535d6af395a5b29408d915e7259ab0f6c7abd8c754bb71ed1a476e6760eee035460d4dfec3c53f91636280056a57fc45e0f37a47f994f8b1bc42644c37fb004aef34bbfa71ef5b89b1ee581b8c803885d8f8637a2b3ae49078738580aa8c0d94c2564dd7b50bd6b718b854755b6a08d8d1a2ccf4eb3c704e53b8a299617134aa79fd00c8749e57965e9a16d73142f2812c3e1ffc09938406561949c674c35cf88128de9152b4a43d4e2432ac234014c12dbf057112d28d3125fc98bf0dd9a934217440199a698628778649cd1360d79db2d74fa34e94a6a9333f2804b8e4264160c493e951294810e6708ea888a48403aac2b21e136a1d8d07fe07930b543028b62ee39eb6f3480c27186bdcfef55e93343496eefb0c38b50cf9762dc606ab7fa4d155d2d965746baad06c3d39ce8fe350cfbf569676195330ec78f25f04a915685684f49a19f4102109a2cf60f28df29fcf74892ff84110ffa18fd43d3f8a10173b970ed934f5e30d170ef6348890be263f0d64ad5ae53e6e6b4895f3cdcd6fdaebd69fa2f067bd2a207559ca6cbdcebd4e18855642ffd8d5b85b6b805c2ca1c63de1cafe7ee1f2ceedd8fd5c6e22ab40ad8772027576080609c6d55a7d08149122c1fc28497723751abe76c8dd12c6e2f311ad531b0a2f8e04a5f17346ba602dadae0745ebd715853277e1b73ed2d0be842a95c955be66c7ab52a736709177a8a48255655f23076f6f0a8bd683b1ccc7866830ef3780d499760464da1a5aa731aa16fbd925fba7fd06702046dcbc3571031a7f58e9d9604de217acd0b59f790e78ebc51d91a45ef57c37417c5c1f34127aabe64a269b90f56e03280f10bbd1500ab30a3ee29c59fa0598a57eee3641cbe002fbca5b12102a7b8e7fd514bde6bb742dd139ecec58a0ee60b2fde003be535523d024aba223ff8e6cbd44cab79cf379389a64b1ccb1c72dc3e7fbb8d1f59a39a80cf5d30f5a66546e838959f2e4f19e854c7de93c8ec06a8f223f5355e9c76e17ad28a887dadc17a41fe80d878cb3e3bb863bbaa168c9a4ebd74475d7e6ae3d99a7aad9e23d3edf08ecb5143764099d258d4a6d82fc9afa5775f75b41bf36be25a537f2905903f82e08657fb7e341079ff29a656ff85ae34317c5b1a81d8e814d55807fcf2ed7250b29046d2e1d0a14ec7ba8910abfe0cc9aa04164b94a4bb0970f3f3b1eac5cfd1f32a5ac84d552f60962e98222b2a9513af22d5da3f005f6f9ae166797a94360235eac2a6ddb2321c2ec514eb6ccf086a8c83e65081ea67acac44753302d4519d0cfc796f56c04e849cdea18cbd32da25dddbfc2cd575c67f26882b5c2bc534701f11775d8e93131488141fbb61c61755aa30c1a1829140f0332a76317aafa08f072f00cb330c5adfdca9d9055b1fb51616e8ca5dc34dadc6911d93b93871115107c2371279e248ff898268cccb12b07cc555ad7bf7811910f37f2b07598f661dfa1f2ff6fe2d1f8aa4deebf260573b27ef6e578469ad652a4f31da494fe0d00e4c66e8011d5bb2c889331679544514f16c257e74ddca134aaa5d15707c26b3373c110e2ec61fede15fc6e52428e1b5788f5c667794c5bbb26e8aa7a66cc38bdb6150c7804d59a2ce2c2d4120f94afb3807a2b685fdede4da11bc63abf04bf0823897dddee0697924fe855fba225a97c5b5d1bd6cb17d6b0ce93e475a9b14130ca5cee7ba41d521f72214b2f0fbcc1fbec70ef4dc7a4c9442d02ec641bd087ffe52fc7c9f0c39d41d03d1f93cbb8896abbee62f3bb1685f97e22664fb45530681eb6393442cfae1366ddc395fd5aa4d4fd0c250566b1c7cc8cfe6b25e73315998b45af5dbca10696ed8d113f4f35f385840f0558e93740e9a5d2e6768a022d17d266f47d050a8e91e8e0bdbf0d5e92f8d8294c3666c00344d4336d23a4c4235a3bcbd69f4b4769d6b1f513544392ccb2b96b1c6292131014835dfefebb4686496fee657e4aca53fbbdc15e0a72b1af7bd58bc6b4959356e7726342a330e6b9badc94e7498569f3cac949acc0ea9fc149a874fe271829c72e917f1374a80f22c8bf0109a0ac1e1de013a826173853127c22f7ba826bba044bcd8898e2c8432ce54a98ab4d18eac68c208e51a3210c6730b81384cfd8a74e681627805fb100c26a2a8385686fbffedfc7583b2222e1f79e45de79069b9f37a07bf99386525091b6d614820deea7e3105dcefa214258a8603c876fb776d0b019c984e028da494ef3f8841bc889bed54ea443634c2885639e865f0cd0a1dfd6f7a3b22c51461e73b3650b9a63c48b400bdcfac039e4cfdbefbf869386075ce8790eb4a588fd49f49c54ac5a8c45641bba62620d15042f08f5305566bc19111d08fedb65e2f87fb28442340be88a40cfef7ab3dad7e79225c07d347c2526269e9e709a90a49345d3351ac967da890707ed2affd155f2b356bbbe756872ecf7d944d8be128cd36100c8913f7fcf67f5d6f71ea19aa8877806bd6f65f10b2bf72867a7f6b900a7e0049aba25e162d670399e407c1332855a8d2db7465a40704660cd63bbcde4e36412c1fb244a1d23edbeb9d1c7189343144c8e27c55249a2b7fc00134a230601ca488d9ff441508b14129046e918abe163a40ae26b77c6df0fb843610a93279168fd7244cf934f905fe33dd5675819bbeaf370bf9a1101159c57dcfa4820a76cfa5957355ee450371df3c5f61fe3f4cef0df889b69f543b3965dc19d48d897272146db5c34c26bb6a7b305e9bc9a63419b789abd8e6a72a89d95a422d7e77f9c0afc619c43c3b77c8ffd408383fee4475ff88c90372bf9fda91b8b3b19ee9cac890cc6aa13f3a33d40f3970626b8854e72ecd65467e40552ceed496a5144db8f4122d34246bf76651fb1f1a154c7a3906939bd1fb85cf99cad9ecb0d63e0bb31b8133c2eb0e6f66e8e36746589c30637f5e045b9a5b6b5c728398c326aa9e0e670098726d3127b2479442c8e64ed5402790af0a114c42a07d97c38b7c738c9bcb3ddde8e67c3e786dddf7f9bac3cb61998f73340cdc62eeed7f05f2768fdaa6a5d91d98531a80fb8f8acb5abe47972f0155a85ee95166b20f727bd4ae648ce3e0de4d80ca7227ef298d4f204f094f12c8acfdd2a6905743b8daf56b8160dd081c54eeda647e23efdf89972aee301cc4f67faabe82fd9db1455090c05391cfc3e4bec5d38fab3716e19638dfd483ee2bba57e4d1c00d01cc45a49e2727c19b104f1072f1a50407e4622be580d35393c7db5119017be6bd5acf3be228c42096af9739e44867782e600a48ab9baeec9e37e9863d1b19733c3fe47c30f328816966748ce717529752ebb9e2f582ddd132158ed2d68fd17de3e725cd0fc13477585341703b51682879a9a3167cca4cb09ce2449d18514d8b8343de79b332b6981101a3c6ae2679aeaea1cad81d216400c40cea6ebc99ee77b5ab7a508cfffcefa7b4d48a2ea8a3ff5917f43876ea653822a21e208d733847e017eaadc460c9828365a1a0d149ccda8a5c42ecb74ce102fc9cb75360e87b758f7cb55c593bacf8a7eb698cf300adc7000f9082aff2be93ddbed0dc487c72e3e7707bbdaf0d6c5df66140270ca71de6c86b4776033af0cef6b5c8d9bb4bd74d2f90bdbc6d13fe4b4d5477a16add3eb75e865aa4441b68b3640bae1f03e7bb261808f2c3fb5d3997b666c7b5f0df5a53a7114f1eed925eb1d5519542f12e9692ed7ed98e789b962a892727bc06fafbc9e335e245e8240eaeb15ee7dd4136d738c243838fc752095763b7647760045fbdf26c2646c00ccee6fc905fa7224981e40a2124629c43cc020e2c0c83e02aca162afc40bc19734dd22fce44839440f4e69fd7aeb7c3f35ef2d4eddffc0874ef77bf4df5e1a77e2495e31cf514d4dd252ec978dc47df2edcbba9a175d4ecb402fb701f0781b618824328a94112ebdd51137910810c565d564a76be9d1e5d13ee9ad311fdcbdefe16bc6fbe0e3dfab238742a80463de1849bcdd6120ab7b420c9fb3c0e1955e65b431b0f43d32260ecdbdb69a4d6ea6498ac377648c974f29393f23cf99e2aa2cfe128c371beab86b0ec5b20edb5ee451554fac22562083396329d774fa9be0f4bee29f2657840bd82e1b824b371c56dac44a45d4898cb25a9af0598cc8b2f2b753fa88e4c3da1927a789cfcd6e95639e88d384d701d47bf74e0d4cfc4031ae57915ff179dfee312b2a7aefd50ca4f7e4deaa526703f80d5fd696e9043ed2b8110a3fad5188bf84d55ff73ba9ec6a8145e17369686e2a43b4e8bd4d09351f969432ea0c7940f326eda2cb8a7eb709480b3072af8fd3370ba8edcab2a6e48f8f6bc9679ed95de2a91955acfb2bdbec12ca8809922115edf86c68dc3d16c6dfd89c386976a8e666a9f2f965978f26a73919354eb0779d0c6220db4dceaf92686dc222b8af5472512f065767b63b8b64d370e2dd78a0398cb53a497b4c76863b82836e34aaf8bfe1e530be4622d350c16d20d973b7d6907e21efb393f3f7e57b6e0d660a8af0c689bb3e0d0c70d8a90878d650cf60f56012e80edcd1fad4bf5d7e9989a628ae3b20e755507ce52a9537bb57ba49f263f5905dd0e7c8be3e095b3738cfb9b040d4d81b7ac352bb213d2b47e8b6807b13990ecfcad12f2e0e1e486b5e34513c7f52d04edbd3296f5f5f5ed3d36463dccd417f05c38f156b4e8a78a07ce8536f83c80c8b1af747c83d9250cec54af6a67cc91e69f810d191da79f6640503d63b6172533bcacf5563caeb44c2b657e3039e063531ea22b07797f73218b14d77d94488bbba374202eec6c067ce3336da24893658225dfff4a8c6083954c4dcb9d969941937e8c19c2350da5453dc304ba5db942b33e1d062070478af3721528a77f518b67cff9d7a2e31669bb4e8d0dd6f179805b2e47d30cc1abb532576e8ed067cd0188df6c49ee0c63393bec3d925d88ecebe6a5a8f37f1dfc6762c7a3a596049e7f1787bec7a03e55a50360b83158e49cd9732a66b1cef83e43fd2abd33f753efdb236675490fc9c9381e6f421c9384e43ded79ce91025af90fda6752355ddacbb72aa204e7efa77f3825d7f274aca737bc56c61a1d05bf7004a71c904e8483f3c4df3c9ff5c7b7e350b4c55786d3ea99bb61814881c6e98da71e8f5a0646c44912d12e4a5ad3f2ea14f4d4933ecf7ac8b9464a80204b9c3465fc397aac5a3827bef7187fafb2074b22af3dcde7edaef478c75a0b50ea2ea20b2e08c35b6e48c424e2e3d5767e13dbbb1b87c6012f204f18ae7483d5c29c0a9c46de7917031e168c71c0a5c336c578f9ec41844618d40098542c772110566f1c6271d08842e8870a3ff1890a21b42a1339705edf23ff0b819e13c1fe061f950b86dac060e1654c388c53fa2ebf5988c5d06237b3424d551e5b103494f75bbea021b70aa5a67636f2b243819ce4abae74c4560bf15c9c33d095381e8fcbcf3d32abb2d38e78b9f5b97303fb46d01892258232849700be13dfc18c4f91d5a99c6a05970a6b4dc9179ea91eb4de76bbdf7be554d597d21adb396f0a1fa10fbc99741cc25aca370bfb916bf5bffda325c2405151e8e51426c90e5d782599cc59a7b263ff7a319d04d42835744f628c98e3ee379486f4954eab1742840edcf0fe87fd472f5e439678ac0bbc2295b2c12ea28680794c1c60978498b151c0ef5097480d453a0c22ddb2159316e04539561efbb55926758ae6fb2a3a495cf8aa7b693f1d854f99065e748b735097ea63e21d89515913e797515be6a767d42707ef6a0ebb1d3ff0071a0f4eddfdc85922a15a95f98d5f4a672d93621c975a3601bae013103c68fca1f6fb1c4b5853ffbece2075419263e32c72159268e3dab4ca3f0e5b904f40667bebf099374636d55f5a9ee1bbda48b39def3106041878afb63970cabae3388a33719ed206db73f10e498ff4bf4c0e3606726fc851578613c4bc1429695de29f6d6807eba84afc6ded50b0aa5b77ba864e1b36c035a97df5154b1a40017d919acdb8de617d458ddfe2ceda137bd1da6e2ebd5e32f2553c43e14ef6939ec0fb26a65487557cb1300072f79cbaf74a1221fad0d12added22303067f8292abd1d81e3d2aa200d1d1ed377bd57245ba44b51c927ae8d39e7d46dac00ecbacf30d32aebb568e757680c975dcc6864fafca28609db1ba8a30a74e96a791176f76a5de88c50b49ea20e206557b6e4f44d819b471fa1017cba5e195206de632bfb1b52c4c491bf4d1fbcde097324c7d42cf386f3a8c8410ef5477acbcdba183f0272e5ed5a142523b94899159361e7e48e10ee29e7d0a56e673ef903bcde86c19f71209daec067283c5453cce3dd4f39ac9ce17aa02c7ce6ac359a8d4396ed1aaff38225d41733d469535d5c6cd12b96265653296de79418d088652fef9e684f2f3e2ba4a63ab9ef9de81539e6061037e4efa9e03bcd1e95b2f5d6cacccc9f4e1df7c543befea4fa60513d84bdc84ae761be441116327ec263912cfbc47545546b8b038fe741d3ba495c7d862edba2733b497cef8b823a0198a928fce7f51575a93409c463bbf0aebe8450ad408974c6cf1de0e8ce887beee7fe06cae1c0f502799c1aa1a5942c74cd52497c342367b5850e03e9161f7766b4f3e3e5f9de3282f16be48e0eb8171f0cbda19d6c274f12cd62bc4c1bed7642bb147e9bcf7474f820f60d9020e2edf0c6bb3eb8d1dd53c85303544c0fc353cf0b16091d0bf238df89ed025d6591c5b32de30bf9e8e277a8f5f7a61f15051e38ece2021395dd9be6795ee0879a0bba9af3447973797e92279b3e74321615020a4624fbd9f6fa307a94c68f164942b9c7e0af63c41a7c76fac6d77e135ff5bfdaa3dd4753d0d8094c65f25811c9f593fc07f0710eca9e88c02645f9314d4674c50f869f5ed5246e41333670234412d8b6b2c9a99bf483af0cc0bc56039535e6cd9be1b5801538b39f83ec9fc4bb78a8880c06d27d8838e551a7c5eee3c85421665ca2bff57c21dd37e55939ee9f7e06cfcfc18a41b261422d7f94f1ee692960ba2a81a70c167d9e477d2b4a489dd08b1851dc79d651b468c179bc3e2c32215fa74ee00d449735094ee3a6c819decf11728cea207d41d3c665d210e1ab26a79fbbfba8aed8b401227a1adae500333a29d88086f796757dc12af76888c857407a21d9ed483651003f3298bbdb23f27e3e3e5f99f0dfb64534dd1676403042c62966fc7a3da65a089726ed48fd522b92ca292d0139b424fb6e2fa2b81cc5f95d0d64846d2060ad32edb8fe52eaa06b063512ae25c08664e65c5331dd17abf062a78bab8993766893d1cc04850015013a2f461fd96572496020145dc8fdb6f7393b0b1a380296f3cd8d50dcaa54d5259b0e6bc2da29edd01f9419806149c471d97f9f78f8be7236c7d6ec62885854a95ad81f3f7a2fe7968b446e655e1318d118bf731758a75a9747b6e15e945de3c05f962df9975d4268feea8e5de68fdf385636c66670cf195b7455b8d0b69eef633dc7ac799c451b000413efdcd62701eeaa7de5ecfe21c60aea75e22104f9a8ab443141dc18a61914a5c89336ec08ebe7454e4a5568b7fcd1ef25bdca18d3a6c10879564907742588d2b08d1e946712584acab70b3015cf91bfe1e88e8340b6d1b3f801a9fee09ade3f5989f6738401b56e117c36a9feb7809561f01ac1f360edaa29873a0e4daef2df8e97a483995f0ac114d324672c354a52ad8507b6d9c7ab8a3643fc8b46cc357c8eb396d6dba21b99611ef16139fe123f60c84ff1848dd74a8f32682293b2f5e5d496a8b88bee8990287400f4fa4420492bc85a0422ce9179a0cb7aead52f937c985da74c772538e2c5f3cfb88dda634635d0e797d52f5e3f250587f1b1817a9ea2d44cc2a40819c4f8f12d20a95c999e4b911a261fc4d179c3cec165d4737b72acef9e5f302cc90aec7f21e95c3d4f1df4ab39ff06e6baf9b8da3475e6f9cf9754f7ceabc3fa4e61c374fef8df2826aa4cca6703959b4d82224a3e02c68b4c53e9d850164c98f74bd4d2eff235329a1e72f144d1977780f3ad70162788b5fcb57277665bf136261710260277b4a8b68a067bdfa1d5c5f1d5ea42d45e1b5031b9824f3e23", 0x2000, &(0x7f0000002200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000021c0)={0x20}}) ioctl$FS_IOC_RESVSP(r9, 0x80086601, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) kernel console output (not intermixed with test programs): p1): ext4_dirty_inode:6014: inode #19: comm syz.1.818: mark_inode_dirty error [ 316.994669][ T8602] Buffer I/O error on dev loop1, logical block 0, lost sync page write [ 317.850615][ T62] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.266905][ T62] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.319879][ T8638] loop2: detected capacity change from 0 to 1024 [ 318.376711][ T8638] EXT4-fs: Ignoring removed orlov option [ 318.434792][ T8638] EXT4-fs: Ignoring removed nomblk_io_submit option [ 318.488333][ T8648] No such timeout policy "syz0" [ 318.519080][ T8638] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 318.560012][ T62] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.727662][ T62] batman_adv: batadv1: Interface deactivated: netdevsim0 [ 318.806558][ T62] batman_adv: batadv1: Removing interface: netdevsim0 [ 318.840719][ T62] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 319.085278][ T8657] ip6gretap0 speed is unknown, defaulting to 1000 [ 319.112412][ T8657] ip6gretap0 speed is unknown, defaulting to 1000 [ 319.137298][ T8657] ip6gretap0 speed is unknown, defaulting to 1000 [ 319.531522][ T9] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 319.698762][ T8657] infiniband syz2: set active [ 319.703909][ T8657] infiniband syz2: added ip6gretap0 [ 319.708703][ T6761] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.711838][ T8657] syz2: rxe_create_cq: returned err = -12 [ 319.725098][ T8657] infiniband syz2: Couldn't create ib_mad CQ [ 319.731404][ T8657] infiniband syz2: Couldn't open port 1 [ 319.752922][ T8] ip6gretap0 speed is unknown, defaulting to 1000 [ 319.784291][ T8657] RDS/IB: syz2: added [ 319.788939][ T8657] smc: adding ib device syz2 with port count 1 [ 319.795387][ T8657] smc: ib device syz2 port 1 has pnetid [ 319.806791][ T8657] ip6gretap0 speed is unknown, defaulting to 1000 [ 319.881960][ T9] usb 1-1: config 0 descriptor has 1 excess byte, ignoring [ 319.889285][ T9] usb 1-1: config 0 has no interfaces? [ 319.903481][ T5236] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 319.904760][ T9] usb 1-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 319.914279][ T5236] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 319.926359][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 319.933986][ T5236] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 319.948291][ T5236] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 319.952216][ T8] ip6gretap0 speed is unknown, defaulting to 1000 [ 319.956567][ T5236] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 319.965888][ T9] usb 1-1: Product: syz [ 319.990908][ T5236] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 320.075184][ T9] usb 1-1: Manufacturer: syz [ 320.081709][ T9] usb 1-1: SerialNumber: syz [ 320.150667][ T8657] ip6gretap0 speed is unknown, defaulting to 1000 [ 320.254571][ T8657] ip6gretap0 speed is unknown, defaulting to 1000 [ 320.351877][ T8657] ip6gretap0 speed is unknown, defaulting to 1000 [ 320.447716][ T8657] ip6gretap0 speed is unknown, defaulting to 1000 [ 320.543172][ T8657] ip6gretap0 speed is unknown, defaulting to 1000 [ 320.659354][ T9] usb 1-1: config 0 descriptor?? [ 320.729021][ T62] bridge_slave_1: left allmulticast mode [ 320.755344][ T62] bridge_slave_1: left promiscuous mode [ 320.774144][ T62] bridge0: port 2(bridge_slave_1) entered disabled state [ 320.838569][ T8664] loop2: detected capacity change from 0 to 2048 [ 320.850984][ T62] bridge_slave_0: left allmulticast mode [ 320.882007][ T62] bridge_slave_0: left promiscuous mode [ 320.889246][ T62] bridge0: port 1(bridge_slave_0) entered disabled state [ 320.953271][ T8664] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 320.987118][ T8] usb 1-1: USB disconnect, device number 10 [ 321.041352][ T29] audit: type=1800 audit(1722403616.093:118): pid=8664 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.835" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 321.180547][ T8664] loop2: detected capacity change from 2048 to 0 [ 321.215679][ T8662] EXT4-fs error (device loop2): ext4_get_inode_loc:4574: inode #19: block 6: comm syz.2.835: unable to read itable block [ 321.230071][ T6510] bio_check_eod: 24444 callbacks suppressed [ 321.230088][ T6510] syz.3.273: attempt to access beyond end of device [ 321.230088][ T6510] loop3: rw=3, sector=12057605868008, nr_sectors = 8388600 limit=2048 [ 321.281101][ T6510] syz.3.273: attempt to access beyond end of device [ 321.281101][ T6510] loop3: rw=3, sector=12057614256608, nr_sectors = 8388600 limit=2048 [ 321.289858][ T8662] syz.2.835: attempt to access beyond end of device [ 321.289858][ T8662] loop2: rw=145409, sector=0, nr_sectors = 4 limit=0 [ 321.311247][ T6510] syz.3.273: attempt to access beyond end of device [ 321.311247][ T6510] loop3: rw=3, sector=12057622645208, nr_sectors = 8388600 limit=2048 [ 321.337237][ T8662] buffer_io_error: 38 callbacks suppressed [ 321.337253][ T8662] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 321.366481][ T8662] EXT4-fs (loop2): I/O error while writing superblock [ 321.366516][ T6510] syz.3.273: attempt to access beyond end of device [ 321.366516][ T6510] loop3: rw=3, sector=12057631033808, nr_sectors = 8388600 limit=2048 [ 321.379366][ T8662] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: IO failure [ 321.417253][ T8662] syz.2.835: attempt to access beyond end of device [ 321.417253][ T8662] loop2: rw=145409, sector=0, nr_sectors = 4 limit=0 [ 321.454872][ T6510] syz.3.273: attempt to access beyond end of device [ 321.454872][ T6510] loop3: rw=3, sector=12057639422408, nr_sectors = 8388600 limit=2048 [ 321.524438][ T8662] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 321.533006][ T8662] EXT4-fs (loop2): I/O error while writing superblock [ 321.555887][ T6510] syz.3.273: attempt to access beyond end of device [ 321.555887][ T6510] loop3: rw=3, sector=12057647811008, nr_sectors = 8388600 limit=2048 [ 321.563986][ T8662] EXT4-fs error (device loop2): ext4_dirty_inode:6014: inode #19: comm syz.2.835: mark_inode_dirty error [ 321.647023][ T8662] syz.2.835: attempt to access beyond end of device [ 321.647023][ T8662] loop2: rw=145409, sector=0, nr_sectors = 4 limit=0 [ 321.688459][ T8662] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 321.697327][ T6510] syz.3.273: attempt to access beyond end of device [ 321.697327][ T6510] loop3: rw=3, sector=12057656199608, nr_sectors = 8388600 limit=2048 [ 321.720858][ T8662] EXT4-fs (loop2): I/O error while writing superblock [ 321.728222][ T8662] EXT4-fs error (device loop2): ext4_get_inode_loc:4574: inode #19: block 6: comm syz.2.835: unable to read itable block [ 321.789600][ T8662] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 321.797899][ T8662] EXT4-fs (loop2): I/O error while writing superblock [ 321.869785][ T8662] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: IO failure [ 321.878569][ T8662] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 321.901877][ T8662] EXT4-fs (loop2): I/O error while writing superblock [ 321.908674][ T8662] EXT4-fs error (device loop2): ext4_dirty_inode:6014: inode #19: comm syz.2.835: mark_inode_dirty error [ 321.967489][ T8662] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 321.986871][ T8662] EXT4-fs (loop2): I/O error while writing superblock [ 322.015007][ T8662] EXT4-fs error (device loop2): ext4_wait_block_bitmap:584: comm syz.2.835: Cannot read block bitmap - block_group = 0, block_bitmap = 2 [ 322.039427][ T9] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 322.064300][ T8662] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 322.086115][ T8662] EXT4-fs (loop2): I/O error while writing superblock [ 322.102510][ T8662] EXT4-fs error (device loop2): ext4_get_inode_loc:4574: inode #19: block 6: comm syz.2.835: unable to read itable block [ 322.139466][ T8662] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 322.155262][ T8662] EXT4-fs (loop2): I/O error while writing superblock [ 322.165053][ T5236] Bluetooth: hci4: command tx timeout [ 322.172846][ T8662] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: IO failure [ 322.199215][ T8662] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 322.229151][ T8662] EXT4-fs (loop2): I/O error while writing superblock [ 322.236034][ T8662] EXT4-fs error (device loop2): ext4_dirty_inode:6014: inode #19: comm syz.2.835: mark_inode_dirty error [ 322.249267][ T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 322.269101][ T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 322.288289][ T9] usb 1-1: config 1 has no interface number 0 [ 322.298466][ T9] usb 1-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 322.305204][ T8662] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 322.324195][ T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 322.335235][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 322.355253][ T9] usb 1-1: Product: syz [ 322.359554][ T9] usb 1-1: Manufacturer: syz [ 322.364168][ T9] usb 1-1: SerialNumber: syz [ 322.403841][ T9] cdc_ncm 1-1:1.1: NCM or ECM functional descriptors missing [ 322.429010][ T9] cdc_ncm 1-1:1.1: bind() failure [ 322.464963][ T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 322.494267][ T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 322.528017][ T62] bond0 (unregistering): Released all slaves [ 322.821588][ T8658] ip6gretap0 speed is unknown, defaulting to 1000 [ 322.826040][ T62] Êü: left promiscuous mode [ 322.873819][ T5236] Bluetooth: hci2: unexpected event 0x2f length: 763 > 260 [ 322.927113][ T8690] loop4: detected capacity change from 0 to 8192 [ 322.971617][ T8] usb 1-1: USB disconnect, device number 11 [ 322.982274][ T8690] REISERFS warning (device loop4): super-6515 reiserfs_parse_options: journaled quota format not specified. [ 323.402596][ T8690] loop4: detected capacity change from 0 to 8192 [ 323.449312][ T8690] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 323.597061][ T8690] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 323.623759][ T8690] REISERFS (device loop4): using ordered data mode [ 323.643810][ T8690] reiserfs: using flush barriers [ 323.662715][ T8690] REISERFS warning (device loop4): sh-458 journal_init_dev: cannot init journal device unknown-block(7,4): -16 [ 323.728392][ T8690] REISERFS warning (device loop4): sh-462 journal_init: unable to initialize journal device [ 323.769335][ T8690] REISERFS warning (device loop4): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 324.051605][ T8690] warning: `syz.4.841' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 324.239232][ T5236] Bluetooth: hci4: command tx timeout [ 324.472231][ T5236] Bluetooth: hci2: ISO packet too small [ 324.538437][ T62] hsr_slave_0: left promiscuous mode [ 324.556950][ T62] hsr_slave_1: left promiscuous mode [ 324.582143][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 324.586706][ T8734] netlink: 4 bytes leftover after parsing attributes in process `syz.4.850'. [ 324.607121][ T62] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 324.638237][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 324.666703][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 324.667822][ T62] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 324.692825][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 324.701392][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 324.710461][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 324.718198][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 324.725604][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 324.788802][ T62] veth1_macvtap: left promiscuous mode [ 324.796646][ T62] veth0_macvtap: left promiscuous mode [ 324.828652][ T62] veth1_vlan: left promiscuous mode [ 324.848864][ T62] veth0_vlan: left promiscuous mode [ 326.014266][ T62] team0 (unregistering): Port device team_slave_1 removed [ 326.097956][ T62] team0 (unregistering): Port device team_slave_0 removed [ 326.241272][ T6510] bio_check_eod: 65048 callbacks suppressed [ 326.241291][ T6510] syz.3.273: attempt to access beyond end of device [ 326.241291][ T6510] loop3: rw=3, sector=12602470603808, nr_sectors = 8388600 limit=2048 [ 326.262284][ T6510] syz.3.273: attempt to access beyond end of device [ 326.262284][ T6510] loop3: rw=3, sector=12602478992408, nr_sectors = 8388600 limit=2048 [ 326.283879][ T6510] syz.3.273: attempt to access beyond end of device [ 326.283879][ T6510] loop3: rw=3, sector=12602487381008, nr_sectors = 8388600 limit=2048 [ 326.419273][ T6510] syz.3.273: attempt to access beyond end of device [ 326.419273][ T6510] loop3: rw=3, sector=12602495769608, nr_sectors = 8388600 limit=2048 [ 326.426091][ T5236] Bluetooth: hci4: command tx timeout [ 326.444330][ T6510] syz.3.273: attempt to access beyond end of device [ 326.444330][ T6510] loop3: rw=3, sector=12602504158208, nr_sectors = 8388600 limit=2048 [ 326.462112][ T6510] syz.3.273: attempt to access beyond end of device [ 326.462112][ T6510] loop3: rw=3, sector=12602512546808, nr_sectors = 8388600 limit=2048 [ 326.477305][ T6510] syz.3.273: attempt to access beyond end of device [ 326.477305][ T6510] loop3: rw=3, sector=12602520935408, nr_sectors = 8388600 limit=2048 [ 326.492477][ T6510] syz.3.273: attempt to access beyond end of device [ 326.492477][ T6510] loop3: rw=3, sector=12602529324008, nr_sectors = 8388600 limit=2048 [ 326.543510][ T6510] syz.3.273: attempt to access beyond end of device [ 326.543510][ T6510] loop3: rw=3, sector=12602537712608, nr_sectors = 8388600 limit=2048 [ 326.722145][ T8751] netlink: 'syz.3.855': attribute type 1 has an invalid length. [ 326.742648][ T6510] syz.3.273: attempt to access beyond end of device [ 326.742648][ T6510] loop3: rw=3, sector=12602546101208, nr_sectors = 8388600 limit=2048 [ 326.818118][ T5236] Bluetooth: hci1: command tx timeout [ 328.011341][ T8658] chnl_net:caif_netlink_parms(): no params data found [ 328.093744][ T8735] ip6gretap0 speed is unknown, defaulting to 1000 [ 329.266901][ T54] Bluetooth: hci1: command tx timeout [ 329.570868][ T5236] Bluetooth: hci4: command tx timeout [ 329.822905][ T8780] loop0: detected capacity change from 0 to 512 [ 329.851780][ T8781] netlink: 4 bytes leftover after parsing attributes in process `syz.4.860'. [ 330.097258][ T8791] loop0: detected capacity change from 0 to 256 [ 330.308580][ T8788] netlink: 8 bytes leftover after parsing attributes in process `syz.4.860'. [ 330.340340][ T8658] bridge0: port 1(bridge_slave_0) entered blocking state [ 330.355573][ T8658] bridge0: port 1(bridge_slave_0) entered disabled state [ 330.388702][ T8658] bridge_slave_0: entered allmulticast mode [ 330.398210][ T8658] bridge_slave_0: entered promiscuous mode [ 330.443071][ T8786] team0: entered promiscuous mode [ 330.458617][ T8786] team_slave_0: entered promiscuous mode [ 330.478103][ T8786] team_slave_1: entered promiscuous mode [ 330.500321][ T8786] team0: left promiscuous mode [ 330.513264][ T8786] team_slave_0: left promiscuous mode [ 330.535230][ T8786] team_slave_1: left promiscuous mode [ 330.565493][ T8658] bridge0: port 2(bridge_slave_1) entered blocking state [ 330.577903][ T8658] bridge0: port 2(bridge_slave_1) entered disabled state [ 330.589694][ T8658] bridge_slave_1: entered allmulticast mode [ 330.601574][ T8658] bridge_slave_1: entered promiscuous mode [ 331.324578][ T6510] bio_check_eod: 40072 callbacks suppressed [ 331.324600][ T6510] syz.3.273: attempt to access beyond end of device [ 331.324600][ T6510] loop3: rw=3, sector=12938702469008, nr_sectors = 8388600 limit=2048 [ 331.725474][ T6510] syz.3.273: attempt to access beyond end of device [ 331.725474][ T6510] loop3: rw=3, sector=12938710857608, nr_sectors = 8388600 limit=2048 [ 331.764987][ T54] Bluetooth: hci1: command tx timeout [ 331.801083][ T8658] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 331.819495][ T6510] syz.3.273: attempt to access beyond end of device [ 331.819495][ T6510] loop3: rw=3, sector=12938719246208, nr_sectors = 8388600 limit=2048 [ 331.886403][ T8658] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 331.904807][ T6510] syz.3.273: attempt to access beyond end of device [ 331.904807][ T6510] loop3: rw=3, sector=12938727634808, nr_sectors = 8388600 limit=2048 [ 331.968456][ T6510] syz.3.273: attempt to access beyond end of device [ 331.968456][ T6510] loop3: rw=3, sector=12938736023408, nr_sectors = 8388600 limit=2048 [ 332.012420][ T6510] syz.3.273: attempt to access beyond end of device [ 332.012420][ T6510] loop3: rw=3, sector=12938744412008, nr_sectors = 8388600 limit=2048 [ 332.046845][ T6510] syz.3.273: attempt to access beyond end of device [ 332.046845][ T6510] loop3: rw=3, sector=12938752800608, nr_sectors = 8388600 limit=2048 [ 332.077764][ T6510] syz.3.273: attempt to access beyond end of device [ 332.077764][ T6510] loop3: rw=3, sector=12938761189208, nr_sectors = 8388600 limit=2048 [ 332.108709][ T8658] team0: Port device team_slave_0 added [ 332.109069][ T6510] syz.3.273: attempt to access beyond end of device [ 332.109069][ T6510] loop3: rw=3, sector=12938769577808, nr_sectors = 8388600 limit=2048 [ 332.138589][ T8816] netlink: 4 bytes leftover after parsing attributes in process `syz.0.867'. [ 332.152209][ T6510] syz.3.273: attempt to access beyond end of device [ 332.152209][ T6510] loop3: rw=3, sector=12938777966408, nr_sectors = 8388600 limit=2048 [ 332.243863][ T8658] team0: Port device team_slave_1 added [ 333.329701][ T8658] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 333.345219][ T8658] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 333.373305][ T8658] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 333.534218][ T941] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 333.638534][ T62] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.719279][ T8658] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 333.755731][ T8658] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 333.785344][ T941] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 333.806991][ T941] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 333.822663][ T941] usb 1-1: config 1 has no interface number 0 [ 333.828925][ T8658] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 333.840209][ T54] Bluetooth: hci1: command tx timeout [ 333.850361][ T941] usb 1-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 333.904377][ T941] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 333.922159][ T941] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.923851][ T8846] netlink: 4 bytes leftover after parsing attributes in process `syz.3.874'. [ 333.936371][ T941] usb 1-1: Product: syz [ 333.943841][ T941] usb 1-1: Manufacturer: syz [ 333.952044][ T941] usb 1-1: SerialNumber: syz [ 333.982275][ T62] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.993597][ T941] cdc_ncm 1-1:1.1: NCM or ECM functional descriptors missing [ 334.023484][ T941] cdc_ncm 1-1:1.1: bind() failure [ 334.077389][ T8848] netlink: 8 bytes leftover after parsing attributes in process `syz.3.874'. [ 334.286308][ T62] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.324005][ T54] Bluetooth: hci2: unexpected event 0x2f length: 763 > 260 [ 334.429591][ T941] usb 1-1: USB disconnect, device number 12 [ 334.544524][ T8856] team0: entered promiscuous mode [ 334.582224][ T8856] team_slave_0: entered promiscuous mode [ 334.698105][ T8858] loop4: detected capacity change from 0 to 1024 [ 334.771879][ T8858] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 334.950180][ T8856] team_slave_1: entered promiscuous mode [ 335.168905][ T8856] team0: left promiscuous mode [ 335.173912][ T8856] team_slave_0: left promiscuous mode [ 335.179573][ T8856] team_slave_1: left promiscuous mode [ 335.198595][ T8658] hsr_slave_0: entered promiscuous mode [ 335.206314][ T8658] hsr_slave_1: entered promiscuous mode [ 335.212654][ T8658] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 335.239661][ T8658] Cannot create hsr debugfs directory [ 335.325446][ T62] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.590002][ T8860] netlink: 8 bytes leftover after parsing attributes in process `syz.4.878'. [ 335.762278][ T8735] chnl_net:caif_netlink_parms(): no params data found [ 335.973489][ T5328] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 336.137518][ T62] bridge_slave_1: left allmulticast mode [ 336.153750][ T62] bridge_slave_1: left promiscuous mode [ 336.159518][ T62] bridge0: port 2(bridge_slave_1) entered disabled state [ 336.165693][ T5328] usb 1-1: Using ep0 maxpacket: 16 [ 336.174317][ T1638] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 336.205411][ T62] bridge_slave_0: left allmulticast mode [ 336.211084][ T62] bridge_slave_0: left promiscuous mode [ 336.213003][ T5328] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 336.232615][ T62] bridge0: port 1(bridge_slave_0) entered disabled state [ 336.250296][ T5328] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 336.276476][ T5328] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 336.292706][ T5328] usb 1-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0 [ 336.317752][ T5328] usb 1-1: Product: syz [ 336.321942][ T5328] usb 1-1: Manufacturer: syz [ 336.365433][ T6510] bio_check_eod: 46166 callbacks suppressed [ 336.365449][ T6510] syz.3.273: attempt to access beyond end of device [ 336.365449][ T6510] loop3: rw=3, sector=13326054462608, nr_sectors = 8388600 limit=2048 [ 336.366245][ T1638] usb 5-1: config 0 has no interfaces? [ 336.399627][ T5328] usb 1-1: config 0 descriptor?? [ 336.432100][ T6510] syz.3.273: attempt to access beyond end of device [ 336.432100][ T6510] loop3: rw=3, sector=13326062851208, nr_sectors = 8388600 limit=2048 [ 336.455280][ T1638] usb 5-1: New USB device found, idVendor=056a, idProduct=0315, bcdDevice= 0.00 [ 336.468897][ T1638] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 336.487209][ T6510] syz.3.273: attempt to access beyond end of device [ 336.487209][ T6510] loop3: rw=3, sector=13326071239808, nr_sectors = 8388600 limit=2048 [ 336.519404][ T1638] usb 5-1: config 0 descriptor?? [ 336.557112][ T6510] syz.3.273: attempt to access beyond end of device [ 336.557112][ T6510] loop3: rw=3, sector=13326079628408, nr_sectors = 8388600 limit=2048 [ 336.603040][ T6510] syz.3.273: attempt to access beyond end of device [ 336.603040][ T6510] loop3: rw=3, sector=13326088017008, nr_sectors = 8388600 limit=2048 [ 336.623712][ T6510] syz.3.273: attempt to access beyond end of device [ 336.623712][ T6510] loop3: rw=3, sector=13326096405608, nr_sectors = 8388600 limit=2048 [ 336.653112][ T6510] syz.3.273: attempt to access beyond end of device [ 336.653112][ T6510] loop3: rw=3, sector=13326104794208, nr_sectors = 8388600 limit=2048 [ 336.733396][ T6510] syz.3.273: attempt to access beyond end of device [ 336.733396][ T6510] loop3: rw=3, sector=13326113182808, nr_sectors = 8388600 limit=2048 [ 336.798014][ T5419] usb 5-1: USB disconnect, device number 8 [ 336.809528][ T6510] syz.3.273: attempt to access beyond end of device [ 336.809528][ T6510] loop3: rw=3, sector=13326121571408, nr_sectors = 8388600 limit=2048 [ 336.842789][ T5328] kovaplus 0003:1E7D:2D50.0009: unknown main item tag 0xd [ 336.870922][ T6510] syz.3.273: attempt to access beyond end of device [ 336.870922][ T6510] loop3: rw=3, sector=13326129960008, nr_sectors = 8388600 limit=2048 [ 336.871300][ T5328] kovaplus 0003:1E7D:2D50.0009: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.0-1/input0 [ 337.248503][ T5328] kovaplus 0003:1E7D:2D50.0009: couldn't init struct kovaplus_device [ 337.263164][ T5328] kovaplus 0003:1E7D:2D50.0009: couldn't install mouse [ 337.275248][ T5328] kovaplus 0003:1E7D:2D50.0009: probe with driver kovaplus failed with error -71 [ 337.298638][ T5328] usb 1-1: USB disconnect, device number 13 [ 337.306004][ T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 337.342871][ T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 337.371348][ T62] bond0 (unregistering): Released all slaves [ 337.406362][ T5419] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 337.633297][ T5419] usb 4-1: Using ep0 maxpacket: 32 [ 337.652349][ T5419] usb 4-1: New USB device found, idVendor=0557, idProduct=7820, bcdDevice=a6.2f [ 337.683569][ T5419] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 337.691715][ T5419] usb 4-1: Product: syz [ 337.706016][ T5419] usb 4-1: Manufacturer: syz [ 337.708267][ T8735] bridge0: port 1(bridge_slave_0) entered blocking state [ 337.721318][ T5419] usb 4-1: SerialNumber: syz [ 337.736766][ T8735] bridge0: port 1(bridge_slave_0) entered disabled state [ 337.754584][ T5419] usb 4-1: config 0 descriptor?? [ 337.760410][ T8735] bridge_slave_0: entered allmulticast mode [ 337.770434][ T5419] mos7840 4-1:0.0: required endpoints missing [ 337.781430][ T8735] bridge_slave_0: entered promiscuous mode [ 337.934309][ T8735] bridge0: port 2(bridge_slave_1) entered blocking state [ 337.966814][ T8735] bridge0: port 2(bridge_slave_1) entered disabled state [ 337.993581][ T8735] bridge_slave_1: entered allmulticast mode [ 338.038015][ T8735] bridge_slave_1: entered promiscuous mode [ 338.041652][ T5419] usb 4-1: USB disconnect, device number 10 [ 338.247835][ T8901] loop4: detected capacity change from 0 to 1024 [ 338.303141][ T8901] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 339.336631][ T8735] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 339.382044][ T8908] loop4: detected capacity change from 0 to 4096 [ 339.470932][ T8910] netlink: 8 bytes leftover after parsing attributes in process `syz.3.890'. [ 339.670900][ T8904] loop4: detected capacity change from 0 to 512 [ 339.877085][ T8735] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 339.980908][ T8735] team0: Port device team_slave_0 added [ 340.061085][ T8735] team0: Port device team_slave_1 added [ 340.162931][ T8918] Bluetooth: MGMT ver 1.23 [ 340.483502][ T62] hsr_slave_0: left promiscuous mode [ 340.492695][ T62] hsr_slave_1: left promiscuous mode [ 340.529867][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 340.558969][ T62] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 340.602926][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 340.610349][ T62] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 340.747894][ T62] veth1_macvtap: left promiscuous mode [ 340.804517][ T62] veth0_macvtap: left promiscuous mode [ 340.810271][ T62] veth1_vlan: left promiscuous mode [ 340.834722][ T62] veth0_vlan: left promiscuous mode [ 341.135780][ T8923] loop0: detected capacity change from 0 to 40427 [ 341.202465][ T8] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 341.372757][ T6510] bio_check_eod: 59702 callbacks suppressed [ 341.372773][ T6510] syz.3.273: attempt to access beyond end of device [ 341.372773][ T6510] loop3: rw=3, sector=13826954545808, nr_sectors = 8388600 limit=2048 [ 341.426851][ T6510] syz.3.273: attempt to access beyond end of device [ 341.426851][ T6510] loop3: rw=3, sector=13826962934408, nr_sectors = 8388600 limit=2048 [ 341.442405][ T8] usb 5-1: Using ep0 maxpacket: 16 [ 341.444040][ T6510] syz.3.273: attempt to access beyond end of device [ 341.444040][ T6510] loop3: rw=3, sector=13826971323008, nr_sectors = 8388600 limit=2048 [ 341.470885][ T6510] syz.3.273: attempt to access beyond end of device [ 341.470885][ T6510] loop3: rw=3, sector=13826979711608, nr_sectors = 8388600 limit=2048 [ 341.471371][ T8] usb 5-1: config 0 has an invalid interface number: 7 but max is 0 [ 341.510332][ T6510] syz.3.273: attempt to access beyond end of device [ 341.510332][ T6510] loop3: rw=3, sector=13826988100208, nr_sectors = 8388600 limit=2048 [ 341.562530][ T8] usb 5-1: config 0 has no interface number 0 [ 341.567957][ T6510] syz.3.273: attempt to access beyond end of device [ 341.567957][ T6510] loop3: rw=3, sector=13826996488808, nr_sectors = 8388600 limit=2048 [ 341.596932][ T8] usb 5-1: config 0 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9 [ 341.608301][ T8] usb 5-1: config 0 interface 7 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024 [ 341.608370][ T6510] syz.3.273: attempt to access beyond end of device [ 341.608370][ T6510] loop3: rw=3, sector=13827004877408, nr_sectors = 8388600 limit=2048 [ 341.640005][ T8] usb 5-1: config 0 interface 7 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 341.677019][ T6510] syz.3.273: attempt to access beyond end of device [ 341.677019][ T6510] loop3: rw=3, sector=13827013266008, nr_sectors = 8388600 limit=2048 [ 341.708642][ T8] usb 5-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 4.00 [ 341.732254][ T6510] syz.3.273: attempt to access beyond end of device [ 341.732254][ T6510] loop3: rw=3, sector=13827021654608, nr_sectors = 8388600 limit=2048 [ 341.735946][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 341.788281][ T6510] syz.3.273: attempt to access beyond end of device [ 341.788281][ T6510] loop3: rw=3, sector=13827030043208, nr_sectors = 8388600 limit=2048 [ 341.845624][ T8] usb 5-1: config 0 descriptor?? [ 341.875730][ T8] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.7/input/input12 [ 342.206034][ T5280] usb 5-1: USB disconnect, device number 9 [ 342.211903][ C1] pxrc 5-1:0.7: pxrc_usb_irq - usb_submit_urb failed with result: -19 [ 342.222923][ T4669] pxrc 5-1:0.7: pxrc_open - usb_submit_urb failed, error: -19 [ 342.511771][ T62] team0 (unregistering): Port device team_slave_1 removed [ 342.574323][ T62] team0 (unregistering): Port device team_slave_0 removed [ 343.525456][ T8933] loop4: detected capacity change from 0 to 32768 [ 343.585115][ T8735] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 343.595877][ T8735] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.643743][ T8735] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 343.669441][ T8735] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 343.687594][ T8735] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.734681][ T8735] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 344.067847][ T8735] hsr_slave_0: entered promiscuous mode [ 344.103569][ T8938] netlink: 4 bytes leftover after parsing attributes in process `syz.4.900'. [ 344.133585][ T8735] hsr_slave_1: entered promiscuous mode [ 344.202772][ T8735] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 344.213653][ T8735] Cannot create hsr debugfs directory [ 344.225801][ T8942] netlink: 8 bytes leftover after parsing attributes in process `syz.4.900'. [ 344.246083][ T8658] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 344.304875][ T8658] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 344.426593][ T8658] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 344.453916][ T8658] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 344.516120][ T8938] team0: entered promiscuous mode [ 344.521583][ T8938] team_slave_0: entered promiscuous mode [ 344.529647][ T8938] team_slave_1: entered promiscuous mode [ 344.548034][ T8938] team0: left promiscuous mode [ 344.559727][ T8938] team_slave_0: left promiscuous mode [ 344.566179][ T8938] team_slave_1: left promiscuous mode [ 344.684264][ T5282] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 344.894259][ T5282] usb 1-1: config 0 has no interfaces? [ 344.900974][ T5282] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 344.919364][ T5282] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 344.930940][ T5282] usb 1-1: config 0 descriptor?? [ 345.970798][ T8658] 8021q: adding VLAN 0 to HW filter on device bond0 [ 346.014477][ T5282] usb 1-1: USB disconnect, device number 14 [ 346.108516][ T8658] 8021q: adding VLAN 0 to HW filter on device team0 [ 346.130348][ T941] bridge0: port 1(bridge_slave_0) entered blocking state [ 346.137466][ T941] bridge0: port 1(bridge_slave_0) entered forwarding state [ 346.205870][ T941] bridge0: port 2(bridge_slave_1) entered blocking state [ 346.213072][ T941] bridge0: port 2(bridge_slave_1) entered forwarding state [ 346.382439][ T6510] bio_check_eod: 68818 callbacks suppressed [ 346.382496][ T6510] syz.3.273: attempt to access beyond end of device [ 346.382496][ T6510] loop3: rw=3, sector=14404325106608, nr_sectors = 8388600 limit=2048 [ 346.417856][ T6510] syz.3.273: attempt to access beyond end of device [ 346.417856][ T6510] loop3: rw=3, sector=14404333495208, nr_sectors = 8388600 limit=2048 [ 346.460283][ T6510] syz.3.273: attempt to access beyond end of device [ 346.460283][ T6510] loop3: rw=3, sector=14404341883808, nr_sectors = 8388600 limit=2048 [ 346.509222][ T6510] syz.3.273: attempt to access beyond end of device [ 346.509222][ T6510] loop3: rw=3, sector=14404350272408, nr_sectors = 8388600 limit=2048 [ 346.546932][ T6510] syz.3.273: attempt to access beyond end of device [ 346.546932][ T6510] loop3: rw=3, sector=14404358661008, nr_sectors = 8388600 limit=2048 [ 346.569541][ T6510] syz.3.273: attempt to access beyond end of device [ 346.569541][ T6510] loop3: rw=3, sector=14404367049608, nr_sectors = 8388600 limit=2048 [ 346.619054][ T6510] syz.3.273: attempt to access beyond end of device [ 346.619054][ T6510] loop3: rw=3, sector=14404375438208, nr_sectors = 8388600 limit=2048 [ 346.661807][ T6510] syz.3.273: attempt to access beyond end of device [ 346.661807][ T6510] loop3: rw=3, sector=14404383826808, nr_sectors = 8388600 limit=2048 [ 346.703547][ T6510] syz.3.273: attempt to access beyond end of device [ 346.703547][ T6510] loop3: rw=3, sector=14404392215408, nr_sectors = 8388600 limit=2048 [ 346.754571][ T8735] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 346.774920][ T6510] syz.3.273: attempt to access beyond end of device [ 346.774920][ T6510] loop3: rw=3, sector=14404400604008, nr_sectors = 8388600 limit=2048 [ 346.828381][ T8735] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 346.873986][ T8735] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 346.941255][ T8735] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 347.096735][ T8658] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 347.206593][ T8989] loop0: detected capacity change from 0 to 256 [ 347.360127][ T8970] loop4: detected capacity change from 0 to 32768 [ 347.397969][ T8658] veth0_vlan: entered promiscuous mode [ 347.434938][ T8658] veth1_vlan: entered promiscuous mode [ 347.484331][ T8990] netlink: 60 bytes leftover after parsing attributes in process `syz.0.912'. [ 347.680503][ T8735] 8021q: adding VLAN 0 to HW filter on device bond0 [ 347.788521][ T8658] veth0_macvtap: entered promiscuous mode [ 347.850462][ T8735] 8021q: adding VLAN 0 to HW filter on device team0 [ 347.960706][ T941] bridge0: port 1(bridge_slave_0) entered blocking state [ 347.967852][ T941] bridge0: port 1(bridge_slave_0) entered forwarding state [ 348.052029][ T941] bridge0: port 2(bridge_slave_1) entered blocking state [ 348.059111][ T941] bridge0: port 2(bridge_slave_1) entered forwarding state [ 348.122444][ T8658] veth1_macvtap: entered promiscuous mode [ 348.228320][ T8735] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 348.266192][ T8735] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 348.361824][ T8658] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 348.403545][ T8658] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 348.465199][ T8658] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 348.643772][ T8658] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 348.731340][ T8658] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 348.826727][ T8658] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 348.981199][ T8658] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.041221][ T8658] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.137086][ T8658] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 349.198218][ T8658] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 349.223170][ T8658] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.281928][ T8658] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 349.319764][ T8658] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.426190][ T8658] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 349.462103][ T8658] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.509197][ T8658] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 349.528199][ T8658] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.541416][ T8658] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 349.619040][ T8658] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.668097][ T8658] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.697406][ T8658] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.741337][ T8658] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 351.200631][ T9030] loop0: detected capacity change from 0 to 1024 [ 351.309400][ T8735] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 351.393826][ T6510] bio_check_eod: 19986 callbacks suppressed [ 351.393845][ T6510] syz.3.273: attempt to access beyond end of device [ 351.393845][ T6510] loop3: rw=3, sector=14572063552208, nr_sectors = 8388600 limit=2048 [ 351.491356][ T6510] syz.3.273: attempt to access beyond end of device [ 351.491356][ T6510] loop3: rw=3, sector=14572071940808, nr_sectors = 8388600 limit=2048 [ 351.560974][ T6510] syz.3.273: attempt to access beyond end of device [ 351.560974][ T6510] loop3: rw=3, sector=14572080329408, nr_sectors = 8388600 limit=2048 [ 351.634969][ T8735] veth0_vlan: entered promiscuous mode [ 351.672130][ T1638] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 351.713539][ T6510] syz.3.273: attempt to access beyond end of device [ 351.713539][ T6510] loop3: rw=3, sector=14572088718008, nr_sectors = 8388600 limit=2048 [ 351.739226][ T6510] syz.3.273: attempt to access beyond end of device [ 351.739226][ T6510] loop3: rw=3, sector=14572097106608, nr_sectors = 8388600 limit=2048 [ 351.741895][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 351.769361][ T6510] syz.3.273: attempt to access beyond end of device [ 351.769361][ T6510] loop3: rw=3, sector=14572105495208, nr_sectors = 8388600 limit=2048 [ 351.798118][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 351.819738][ T9041] loop0: detected capacity change from 0 to 128 [ 351.830216][ T8735] veth1_vlan: entered promiscuous mode [ 351.835959][ T6510] syz.3.273: attempt to access beyond end of device [ 351.835959][ T6510] loop3: rw=3, sector=14572113883808, nr_sectors = 8388600 limit=2048 [ 351.876749][ T6510] syz.3.273: attempt to access beyond end of device [ 351.876749][ T6510] loop3: rw=3, sector=14572122272408, nr_sectors = 8388600 limit=2048 [ 351.940925][ T6510] syz.3.273: attempt to access beyond end of device [ 351.940925][ T6510] loop3: rw=3, sector=14572130661008, nr_sectors = 8388600 limit=2048 [ 351.976949][ T1638] usb 4-1: Using ep0 maxpacket: 16 [ 352.006430][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 352.014586][ T6510] syz.3.273: attempt to access beyond end of device [ 352.014586][ T6510] loop3: rw=3, sector=14572139049608, nr_sectors = 8388600 limit=2048 [ 352.068749][ T1638] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 352.083299][ T8735] veth0_macvtap: entered promiscuous mode [ 352.109469][ T8735] veth1_macvtap: entered promiscuous mode [ 352.121343][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 352.126042][ T1638] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 352.180850][ T1638] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 352.206331][ T1638] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 352.224096][ T8735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 352.242063][ T1638] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 352.277804][ T8735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.287726][ T1638] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 352.298031][ T8735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 352.333237][ T1638] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 352.344954][ T8735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.381965][ T1638] usb 4-1: Manufacturer: syz [ 352.385513][ T8735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 352.404619][ T9057] loop4: detected capacity change from 0 to 256 [ 352.413663][ T1638] usb 4-1: config 0 descriptor?? [ 352.451499][ T8735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.474161][ T8735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 352.508899][ T8735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.539449][ T8735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 352.580717][ T8735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.607150][ T8735] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 352.679071][ T8735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 352.704108][ T9057] netlink: 60 bytes leftover after parsing attributes in process `syz.4.923'. [ 352.774991][ T8735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.807788][ T8735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 352.821410][ T1638] rc_core: IR keymap rc-hauppauge not found [ 352.848287][ T1638] Registered IR keymap rc-empty [ 352.852124][ T8735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.875912][ T9035] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 352.901246][ T1638] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 352.910517][ T8735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 352.927674][ T9035] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 352.962915][ T8735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.981017][ T1638] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 352.993465][ T8735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 353.041611][ T8735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 353.052557][ T1638] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 353.080479][ T8735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 353.105164][ T1638] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input13 [ 353.136853][ T8735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 353.187815][ T8735] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 353.241048][ T1638] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 353.262904][ T8735] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.293938][ T8735] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.312971][ T8735] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.336260][ T8735] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.340807][ T1638] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 353.394502][ T9069] netlink: 'syz.1.828': attribute type 3 has an invalid length. [ 353.422149][ T1638] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 353.510619][ T1638] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 353.580840][ T1638] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 353.660972][ T1638] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 353.735136][ T1638] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 353.881026][ T1638] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 353.957277][ T1638] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 354.042782][ T3000] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 354.050633][ T3000] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 354.060795][ T1638] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 354.232708][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 354.263396][ T1638] mceusb 4-1:0.0: Registered with mce emulator interface version 1 [ 354.293733][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 354.363843][ T1638] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 354.477953][ T1638] usb 4-1: USB disconnect, device number 11 [ 354.884562][ T46] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 355.132077][ T46] usb 5-1: too many configurations: 65, using maximum allowed: 8 [ 355.207213][ T46] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 355.255457][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 355.330463][ T9114] loop2: detected capacity change from 0 to 512 [ 355.342283][ T46] usb 5-1: Found UVC 0.00 device (046d:08c1) [ 355.391628][ T46] usb 5-1: No valid video chain found. [ 355.448354][ T9114] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 355.544056][ T9114] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 355.571171][ T9103] input: syz0 as /devices/virtual/input/input14 [ 355.636845][ T9114] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0 [ 355.709286][ T9114] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 355.798527][ T9114] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.935: Failed to acquire dquot type 0 [ 355.961128][ T9126] loop1: detected capacity change from 0 to 512 [ 356.001841][ T9097] loop0: detected capacity change from 0 to 1024 [ 356.343447][ T8735] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.372725][ T9131] ip6gretap0 speed is unknown, defaulting to 1000 [ 356.402432][ T6510] bio_check_eod: 25646 callbacks suppressed [ 356.402451][ T6510] syz.3.273: attempt to access beyond end of device [ 356.402451][ T6510] loop3: rw=3, sector=14787281473808, nr_sectors = 8388600 limit=2048 [ 356.530249][ T6510] syz.3.273: attempt to access beyond end of device [ 356.530249][ T6510] loop3: rw=3, sector=14787289862408, nr_sectors = 8388600 limit=2048 [ 356.692965][ T6510] syz.3.273: attempt to access beyond end of device [ 356.692965][ T6510] loop3: rw=3, sector=14787298251008, nr_sectors = 8388600 limit=2048 [ 356.795444][ T6510] syz.3.273: attempt to access beyond end of device [ 356.795444][ T6510] loop3: rw=3, sector=14787306639608, nr_sectors = 8388600 limit=2048 [ 356.913815][ T6510] syz.3.273: attempt to access beyond end of device [ 356.913815][ T6510] loop3: rw=3, sector=14787315028208, nr_sectors = 8388600 limit=2048 [ 357.035931][ T6510] syz.3.273: attempt to access beyond end of device [ 357.035931][ T6510] loop3: rw=3, sector=14787323416808, nr_sectors = 8388600 limit=2048 [ 357.089252][ T6510] syz.3.273: attempt to access beyond end of device [ 357.089252][ T6510] loop3: rw=3, sector=14787331805408, nr_sectors = 8388600 limit=2048 [ 357.179556][ T6510] syz.3.273: attempt to access beyond end of device [ 357.179556][ T6510] loop3: rw=3, sector=14787340194008, nr_sectors = 8388600 limit=2048 [ 357.195540][ T9162] overlayfs: failed to resolve './file0': -2 [ 357.212036][ T6510] syz.3.273: attempt to access beyond end of device [ 357.212036][ T6510] loop3: rw=3, sector=14787348582608, nr_sectors = 8388600 limit=2048 [ 357.252319][ T6510] syz.3.273: attempt to access beyond end of device [ 357.252319][ T6510] loop3: rw=3, sector=14787356971208, nr_sectors = 8388600 limit=2048 [ 357.566021][ T9163] loop2: detected capacity change from 0 to 8192 [ 357.579810][ T1638] usb 5-1: USB disconnect, device number 10 [ 357.715710][ T9163] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 357.758115][ T9] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 358.043938][ T9] usb 4-1: config 0 has an invalid interface number: 255 but max is 0 [ 358.073621][ T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 358.119210][ T9] usb 4-1: config 0 has no interface number 0 [ 358.139576][ T8] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 358.151283][ T9] usb 4-1: config 0 interface 255 has no altsetting 0 [ 358.209226][ T9] usb 4-1: New USB device found, idVendor=06cd, idProduct=010b, bcdDevice= 6.60 [ 358.239565][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 358.289690][ T9] usb 4-1: config 0 descriptor?? [ 358.325175][ T9] keyspan 4-1:0.255: Keyspan - (without firmware) converter detected [ 358.410640][ T8] usb 3-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82 [ 358.439900][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 358.530760][ T8] usb 3-1: config 0 descriptor?? [ 358.574068][ T8] smsusb:smsusb_probe: board id=8, interface number 0 [ 358.624026][ T8] smsusb:smsusb_probe: Device initialized with return code -19 [ 358.860676][ T5282] usb 4-1: USB disconnect, device number 12 [ 358.867140][ T5282] keyspan 4-1:0.255: device disconnected [ 359.005624][ T8] usb 3-1: USB disconnect, device number 15 [ 360.062150][ T9229] netlink: 4 bytes leftover after parsing attributes in process `syz.1.953'. [ 360.534565][ T3000] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.773505][ T3000] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 361.175003][ T3000] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 361.413888][ T6510] bio_check_eod: 31684 callbacks suppressed [ 361.413907][ T6510] syz.3.273: attempt to access beyond end of device [ 361.413907][ T6510] loop3: rw=3, sector=15053149762208, nr_sectors = 8388600 limit=2048 [ 361.459480][ T5236] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 361.471105][ T9258] loop0: detected capacity change from 0 to 8192 [ 361.477666][ T5236] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 361.492669][ T3000] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 361.493848][ T5236] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 361.522729][ T5236] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 361.531657][ T5236] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 361.531729][ T6510] syz.3.273: attempt to access beyond end of device [ 361.531729][ T6510] loop3: rw=3, sector=15053158150808, nr_sectors = 8388600 limit=2048 [ 361.558175][ T5236] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 361.706397][ T6510] syz.3.273: attempt to access beyond end of device [ 361.706397][ T6510] loop3: rw=3, sector=15053166539408, nr_sectors = 8388600 limit=2048 [ 361.811067][ T6510] syz.3.273: attempt to access beyond end of device [ 361.811067][ T6510] loop3: rw=3, sector=15053174928008, nr_sectors = 8388600 limit=2048 [ 361.852162][ T9261] ip6gretap0 speed is unknown, defaulting to 1000 [ 361.940712][ T8] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 361.981257][ T6510] syz.3.273: attempt to access beyond end of device [ 361.981257][ T6510] loop3: rw=3, sector=15053183316608, nr_sectors = 8388600 limit=2048 [ 362.051746][ T6510] syz.3.273: attempt to access beyond end of device [ 362.051746][ T6510] loop3: rw=3, sector=15053191705208, nr_sectors = 8388600 limit=2048 [ 362.112115][ T3000] bridge_slave_1: left allmulticast mode [ 362.127993][ T3000] bridge_slave_1: left promiscuous mode [ 362.143587][ T3000] bridge0: port 2(bridge_slave_1) entered disabled state [ 362.150229][ T6510] syz.3.273: attempt to access beyond end of device [ 362.150229][ T6510] loop3: rw=3, sector=15053200093808, nr_sectors = 8388600 limit=2048 [ 362.178335][ T8] usb 1-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82 [ 362.220267][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 362.229475][ T6510] syz.3.273: attempt to access beyond end of device [ 362.229475][ T6510] loop3: rw=3, sector=15053208482408, nr_sectors = 8388600 limit=2048 [ 362.258090][ T8] usb 1-1: config 0 descriptor?? [ 362.297652][ T8] smsusb:smsusb_probe: board id=8, interface number 0 [ 362.306826][ T3000] bridge_slave_0: left allmulticast mode [ 362.314584][ T6510] syz.3.273: attempt to access beyond end of device [ 362.314584][ T6510] loop3: rw=3, sector=15053216871008, nr_sectors = 8388600 limit=2048 [ 362.325060][ T3000] bridge_slave_0: left promiscuous mode [ 362.341993][ T8] smsusb:smsusb_probe: Device initialized with return code -19 [ 362.374354][ T3000] bridge0: port 1(bridge_slave_0) entered disabled state [ 362.391492][ T6510] syz.3.273: attempt to access beyond end of device [ 362.391492][ T6510] loop3: rw=3, sector=15053225259608, nr_sectors = 8388600 limit=2048 [ 362.596031][ T5328] usb 1-1: USB disconnect, device number 15 [ 363.725415][ T54] Bluetooth: hci1: command tx timeout [ 364.848446][ T3000] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 364.863311][ T3000] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 364.876775][ T3000] bond0 (unregistering): Released all slaves [ 365.751158][ T54] Bluetooth: hci1: command tx timeout [ 366.784771][ T6510] bio_check_eod: 26750 callbacks suppressed [ 366.784800][ T6510] syz.3.273: attempt to access beyond end of device [ 366.784800][ T6510] loop3: rw=3, sector=15277628698208, nr_sectors = 8388600 limit=2048 [ 366.946670][ T6510] syz.3.273: attempt to access beyond end of device [ 366.946670][ T6510] loop3: rw=3, sector=15277637086808, nr_sectors = 8388600 limit=2048 [ 366.961919][ T6510] syz.3.273: attempt to access beyond end of device [ 366.961919][ T6510] loop3: rw=3, sector=15277645475408, nr_sectors = 8388600 limit=2048 [ 366.981652][ T6510] syz.3.273: attempt to access beyond end of device [ 366.981652][ T6510] loop3: rw=3, sector=15277653864008, nr_sectors = 8388600 limit=2048 [ 367.146898][ T9342] loop0: detected capacity change from 0 to 512 [ 367.286584][ T6510] syz.3.273: attempt to access beyond end of device [ 367.286584][ T6510] loop3: rw=3, sector=15277662252608, nr_sectors = 8388600 limit=2048 [ 367.308347][ T6510] syz.3.273: attempt to access beyond end of device [ 367.308347][ T6510] loop3: rw=3, sector=15277670641208, nr_sectors = 8388600 limit=2048 [ 368.659750][ T54] Bluetooth: hci1: command tx timeout [ 368.710786][ T6510] syz.3.273: attempt to access beyond end of device [ 368.710786][ T6510] loop3: rw=3, sector=15277679029808, nr_sectors = 8388600 limit=2048 [ 368.739782][ C1] eth0: bad gso: type: 1, size: 1408 [ 368.820305][ T6510] syz.3.273: attempt to access beyond end of device [ 368.820305][ T6510] loop3: rw=3, sector=15277687418408, nr_sectors = 8388600 limit=2048 [ 368.874787][ T9348] netlink: 'syz.1.979': attribute type 1 has an invalid length. [ 369.030213][ T6510] syz.3.273: attempt to access beyond end of device [ 369.030213][ T6510] loop3: rw=3, sector=15277695807008, nr_sectors = 8388600 limit=2048 [ 369.041255][ T9348] netlink: 4 bytes leftover after parsing attributes in process `syz.1.979'. [ 369.257011][ T6510] syz.3.273: attempt to access beyond end of device [ 369.257011][ T6510] loop3: rw=3, sector=15277704195608, nr_sectors = 8388600 limit=2048 [ 369.401933][ T9261] chnl_net:caif_netlink_parms(): no params data found [ 370.710025][ T54] Bluetooth: hci1: command tx timeout [ 371.200071][ T9354] netlink: 'syz.0.981': attribute type 1 has an invalid length. [ 372.155020][ T6510] bio_check_eod: 1903 callbacks suppressed [ 372.155040][ T6510] syz.3.273: attempt to access beyond end of device [ 372.155040][ T6510] loop3: rw=3, sector=15293676090008, nr_sectors = 8388600 limit=2048 [ 372.618893][ T6510] syz.3.273: attempt to access beyond end of device [ 372.618893][ T6510] loop3: rw=3, sector=15293684478608, nr_sectors = 8388600 limit=2048 [ 372.634840][ T9368] loop0: detected capacity change from 0 to 512 [ 372.740748][ T6510] syz.3.273: attempt to access beyond end of device [ 372.740748][ T6510] loop3: rw=3, sector=15293692867208, nr_sectors = 8388600 limit=2048 [ 372.755669][ T6510] syz.3.273: attempt to access beyond end of device [ 372.755669][ T6510] loop3: rw=3, sector=15293701255808, nr_sectors = 8388600 limit=2048 [ 372.868111][ T9368] loop0: detected capacity change from 0 to 128 [ 372.905842][ T6510] syz.3.273: attempt to access beyond end of device [ 372.905842][ T6510] loop3: rw=3, sector=15293709644408, nr_sectors = 8388600 limit=2048 [ 373.475251][ T3000] hsr_slave_0: left promiscuous mode [ 374.679298][ T6510] syz.3.273: attempt to access beyond end of device [ 374.679298][ T6510] loop3: rw=3, sector=15293718033008, nr_sectors = 8388600 limit=2048 [ 374.712740][ T3000] hsr_slave_1: left promiscuous mode [ 374.733338][ T6510] syz.3.273: attempt to access beyond end of device [ 374.733338][ T6510] loop3: rw=3, sector=15293726421608, nr_sectors = 8388600 limit=2048 [ 374.936090][ T6510] syz.3.273: attempt to access beyond end of device [ 374.936090][ T6510] loop3: rw=3, sector=15293734810208, nr_sectors = 8388600 limit=2048 [ 374.972596][ T6510] syz.3.273: attempt to access beyond end of device [ 374.972596][ T6510] loop3: rw=3, sector=15293743198808, nr_sectors = 8388600 limit=2048 [ 375.007373][ T3000] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 375.853795][ T3000] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 375.856826][ T6510] syz.3.273: attempt to access beyond end of device [ 375.856826][ T6510] loop3: rw=3, sector=15293751587408, nr_sectors = 8388600 limit=2048 [ 375.926498][ T3000] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 375.963464][ T3000] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 376.009503][ T3000] veth1_macvtap: left promiscuous mode [ 376.033807][ T3000] veth0_macvtap: left promiscuous mode [ 376.054681][ T3000] veth1_vlan: left promiscuous mode [ 376.072913][ T3000] veth0_vlan: left promiscuous mode [ 376.190192][ T46] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 376.222548][ T9393] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11) [ 376.229175][ T9393] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 376.289802][ T9393] vhci_hcd vhci_hcd.0: Device attached [ 376.426611][ T46] usb 5-1: Using ep0 maxpacket: 8 [ 376.438758][ T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 376.473309][ T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 376.517887][ T46] usb 5-1: New USB device found, idVendor=05ac, idProduct=0267, bcdDevice= 0.00 [ 376.540277][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 376.574951][ T46] usb 5-1: config 0 descriptor?? [ 376.610041][ T5328] usb 10-1: SetAddress Request (2) to port 0 [ 376.661326][ T5328] usb 10-1: new SuperSpeed USB device number 2 using vhci_hcd [ 376.844464][ T9400] vhci_hcd: connection reset by peer [ 376.863538][ T2928] vhci_hcd: stop threads [ 376.878010][ T2928] vhci_hcd: release socket [ 376.901809][ T2928] vhci_hcd: disconnect device [ 377.005542][ T46] apple 0003:05AC:0267.000A: hidraw0: USB HID v0.00 Device [HID 05ac:0267] on usb-dummy_hcd.4-1/input0 [ 377.164130][ T6510] bio_check_eod: 20965 callbacks suppressed [ 377.164150][ T6510] syz.3.273: attempt to access beyond end of device [ 377.164150][ T6510] loop3: rw=3, sector=15469626975008, nr_sectors = 8388600 limit=2048 [ 377.194044][ T6510] syz.3.273: attempt to access beyond end of device [ 377.194044][ T6510] loop3: rw=3, sector=15469635363608, nr_sectors = 8388600 limit=2048 [ 377.217573][ T46] usb 5-1: USB disconnect, device number 11 [ 377.272453][ T6510] syz.3.273: attempt to access beyond end of device [ 377.272453][ T6510] loop3: rw=3, sector=15469643752208, nr_sectors = 8388600 limit=2048 [ 377.339723][ T6510] syz.3.273: attempt to access beyond end of device [ 377.339723][ T6510] loop3: rw=3, sector=15469652140808, nr_sectors = 8388600 limit=2048 [ 377.371482][ T6510] syz.3.273: attempt to access beyond end of device [ 377.371482][ T6510] loop3: rw=3, sector=15469660529408, nr_sectors = 8388600 limit=2048 [ 377.398243][ T6510] syz.3.273: attempt to access beyond end of device [ 377.398243][ T6510] loop3: rw=3, sector=15469668918008, nr_sectors = 8388600 limit=2048 [ 377.436603][ T6510] syz.3.273: attempt to access beyond end of device [ 377.436603][ T6510] loop3: rw=3, sector=15469677306608, nr_sectors = 8388600 limit=2048 [ 377.575025][ T6510] syz.3.273: attempt to access beyond end of device [ 377.575025][ T6510] loop3: rw=3, sector=15469685695208, nr_sectors = 8388600 limit=2048 [ 377.680441][ T6510] syz.3.273: attempt to access beyond end of device [ 377.680441][ T6510] loop3: rw=3, sector=15469694083808, nr_sectors = 8388600 limit=2048 [ 377.851516][ T6510] syz.3.273: attempt to access beyond end of device [ 377.851516][ T6510] loop3: rw=3, sector=15469702472408, nr_sectors = 8388600 limit=2048 [ 377.931187][ T1266] ieee802154 phy0 wpan0: encryption failed: -22 [ 377.959756][ T1266] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.176805][ T9413] loop0: detected capacity change from 0 to 256 [ 378.179818][ T9412] netlink: 'syz.1.993': attribute type 1 has an invalid length. [ 378.219808][ T9412] netlink: 4 bytes leftover after parsing attributes in process `syz.1.993'. [ 378.736853][ T3000] team0 (unregistering): Port device team_slave_1 removed [ 378.869824][ C1] DEBUG: waiting rtnl_mutex for 598 jiffies. [ 378.876188][ C1] task:syz-executor state:D stack:21728 pid:9261 tgid:9261 ppid:9244 flags:0x00004000 [ 378.886405][ C1] Call Trace: [ 378.889711][ C1] [ 378.892646][ C1] __schedule+0x1800/0x4a60 [ 378.897153][ C1] ? __pfx___schedule+0x10/0x10 [ 378.902013][ C1] ? __pfx_lock_release+0x10/0x10 [ 378.907027][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 378.912518][ C1] ? schedule+0x90/0x320 [ 378.916772][ C1] schedule+0x14b/0x320 [ 378.920961][ C1] schedule_preempt_disabled+0x13/0x30 [ 378.926408][ C1] __mutex_lock+0x6a4/0xd70 [ 378.930919][ C1] ? __mutex_lock+0x527/0xd70 [ 378.935589][ C1] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 378.940706][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 378.945766][ C1] ? get_rtnl_holder+0x144/0x190 [ 378.950733][ C1] rtnetlink_rcv_msg+0x6eb/0xd00 [ 378.955671][ C1] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 378.960791][ C1] ? __lock_acquire+0x1384/0x2050 [ 378.965805][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 378.971282][ C1] netlink_rcv_skb+0x1e3/0x430 [ 378.976032][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 378.981496][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 378.986808][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 378.992065][ C1] netlink_unicast+0x7f6/0x990 [ 378.996869][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 379.002194][ C1] ? __virt_addr_valid+0x183/0x530 [ 379.007291][ C1] ? __check_object_size+0x49c/0x900 [ 379.012578][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 379.017675][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 379.022447][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 379.027716][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 379.032679][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 379.037946][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 379.043405][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 379.048675][ C1] __sock_sendmsg+0x221/0x270 [ 379.053365][ C1] __sys_sendto+0x3a4/0x4f0 [ 379.057855][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 379.062889][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 379.068072][ C1] ? blkcg_maybe_throttle_current+0x1ab/0xb80 [ 379.074149][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 379.080139][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 379.086454][ C1] __x64_sys_sendto+0xde/0x100 [ 379.091246][ C1] do_syscall_64+0xf3/0x230 [ 379.095737][ C1] ? clear_bhb_loop+0x35/0x90 [ 379.100419][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 379.106302][ C1] RIP: 0033:0x7f2b2337914c [ 379.110725][ C1] RSP: 002b:00007ffe468e1680 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 379.119128][ C1] RAX: ffffffffffffffda RBX: 00007f2b24034620 RCX: 00007f2b2337914c [ 379.127100][ C1] RDX: 000000000000003c RSI: 00007f2b24034670 RDI: 0000000000000003 [ 379.135079][ C1] RBP: 0000000000000000 R08: 00007ffe468e16d4 R09: 000000000000000c [ 379.143049][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 379.151029][ C1] R13: 0000000000000000 R14: 00007f2b24034670 R15: 0000000000000000 [ 379.158994][ C1] [ 379.162014][ C1] DEBUG: holding rtnl_mutex for 627 jiffies. [ 379.167968][ C1] task:kworker/u8:12 state:R running task stack:19472 pid:3000 tgid:3000 ppid:2 flags:0x00004000 [ 379.179718][ C1] Workqueue: netns cleanup_net [ 379.184480][ C1] Call Trace: [ 379.187744][ C1] [ 379.190689][ C1] __schedule+0x1800/0x4a60 [ 379.195199][ C1] ? __virt_addr_valid+0x183/0x530 [ 379.200313][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 379.206625][ C1] ? lock_release+0xbf/0xa30 [ 379.211222][ C1] ? __pfx___schedule+0x10/0x10 [ 379.216057][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 379.221262][ C1] ? mark_lock+0x9a/0x360 [ 379.225598][ C1] preempt_schedule_irq+0xfb/0x1c0 [ 379.230713][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 379.236428][ C1] irqentry_exit+0x5e/0x90 [ 379.240847][ C1] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 379.246289][ C1] RIP: 0010:synchronize_rcu+0x0/0x360 [ 379.251658][ C1] Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 65 38 81 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 [ 379.271270][ C1] RSP: 0018:ffffc9000a3ff5d8 EFLAGS: 00000206 [ 379.277326][ C1] RAX: dffffc0000000000 RBX: 1ffff9200147fec4 RCX: ffffffff94f2f903 [ 379.285296][ C1] RDX: 0000777d5931ae01 RSI: ffffffff8c0ae240 RDI: ffffffff8c607c40 [ 379.293267][ C1] RBP: ffffc9000a3ff6b8 R08: ffffffff8142a345 R09: 1ffffffff202faed [ 379.301237][ C1] R10: dffffc0000000000 R11: fffffbfff202faee R12: ffffffff94f1aeb8 [ 379.309189][ C1] R13: 1ffff9200147fec0 R14: 0000000000000a06 R15: ffffc9000a3ff620 [ 379.317165][ C1] ? __phys_addr+0x105/0x170 [ 379.321806][ C1] lockdep_unregister_key+0x4b7/0x540 [ 379.327166][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 379.333063][ C1] ? rcu_is_watching+0x15/0xb0 [ 379.337841][ C1] ? qdisc_reset+0x3bf/0x5b0 [ 379.342458][ C1] __qdisc_destroy+0x165/0x410 [ 379.347215][ C1] dev_shutdown+0x9b/0x450 [ 379.351642][ C1] unregister_netdevice_many_notify+0x97b/0x1c40 [ 379.357973][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 379.364790][ C1] ? unregister_netdevice_queue+0x26b/0x370 [ 379.370705][ C1] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 379.376853][ C1] default_device_exit_batch+0xa0f/0xa90 [ 379.382495][ C1] ? __pfx___might_resched+0x10/0x10 [ 379.387766][ C1] ? __pfx_default_device_exit_batch+0x10/0x10 [ 379.393925][ C1] ? cfg802154_pernet_exit+0xc3/0xe0 [ 379.399206][ C1] ? __pfx_default_device_exit_batch+0x10/0x10 [ 379.405364][ C1] cleanup_net+0x89d/0xcc0 [ 379.409797][ C1] ? __pfx_cleanup_net+0x10/0x10 [ 379.414758][ C1] ? process_scheduled_works+0x945/0x1830 [ 379.420487][ C1] process_scheduled_works+0xa2c/0x1830 [ 379.426033][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 379.432046][ C1] ? assign_work+0x364/0x3d0 [ 379.436629][ C1] worker_thread+0x86d/0xd40 [ 379.441232][ C1] ? __kthread_parkme+0x169/0x1d0 [ 379.446244][ C1] ? __pfx_worker_thread+0x10/0x10 [ 379.451357][ C1] kthread+0x2f0/0x390 [ 379.455409][ C1] ? __pfx_worker_thread+0x10/0x10 [ 379.460528][ C1] ? __pfx_kthread+0x10/0x10 [ 379.465104][ C1] ret_from_fork+0x4b/0x80 [ 379.469508][ C1] ? __pfx_kthread+0x10/0x10 [ 379.474097][ C1] ret_from_fork_asm+0x1a/0x30 [ 379.478857][ C1] [ 379.481898][ C1] DEBUG: waiting rtnl_mutex for 588 jiffies. [ 379.487853][ C1] task:kworker/1:2 state:D stack:20688 pid:1638 tgid:1638 ppid:2 flags:0x00004000 [ 379.498024][ C1] Workqueue: events linkwatch_event [ 379.503233][ C1] Call Trace: [ 379.506495][ C1] [ 379.509411][ C1] __schedule+0x1800/0x4a60 [ 379.513932][ C1] ? __pfx___schedule+0x10/0x10 [ 379.518769][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 379.524757][ C1] ? __pfx_lock_release+0x10/0x10 [ 379.529787][ C1] ? kick_pool+0x1bd/0x620 [ 379.534192][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 379.539383][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 379.544585][ C1] ? schedule+0x90/0x320 [ 379.548811][ C1] schedule+0x14b/0x320 [ 379.552975][ C1] schedule_preempt_disabled+0x13/0x30 [ 379.558417][ C1] __mutex_lock+0x6a4/0xd70 [ 379.562930][ C1] ? __mutex_lock+0x527/0xd70 [ 379.567591][ C1] ? linkwatch_event+0xe/0x60 [ 379.572272][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 379.577283][ C1] ? get_rtnl_holder+0x144/0x190 [ 379.582225][ C1] ? process_scheduled_works+0x945/0x1830 [ 379.587933][ C1] linkwatch_event+0xe/0x60 [ 379.592437][ C1] process_scheduled_works+0xa2c/0x1830 [ 379.597982][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 379.603969][ C1] ? assign_work+0x364/0x3d0 [ 379.608563][ C1] worker_thread+0x86d/0xd40 [ 379.613161][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 379.619043][ C1] ? __kthread_parkme+0x169/0x1d0 [ 379.624108][ C1] ? __pfx_worker_thread+0x10/0x10 [ 379.629202][ C1] kthread+0x2f0/0x390 [ 379.633275][ C1] ? __pfx_worker_thread+0x10/0x10 [ 379.638372][ C1] ? __pfx_kthread+0x10/0x10 [ 379.642961][ C1] ret_from_fork+0x4b/0x80 [ 379.647361][ C1] ? __pfx_kthread+0x10/0x10 [ 379.651951][ C1] ret_from_fork_asm+0x1a/0x30 [ 379.656708][ C1] [ 379.659733][ C1] [ 379.659733][ C1] Showing all locks held in the system: [ 379.667447][ C1] 3 locks held by kworker/1:2/1638: [ 379.673042][ C1] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 379.684013][ C1] #1: ffffc900050f7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 379.694983][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 379.703973][ C1] 2 locks held by kworker/u8:10/2962: [ 379.709322][ C1] 4 locks held by kworker/u8:12/3000: [ 379.714690][ C1] 1 lock held by dhcpcd/4898: [ 379.719345][ C1] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2ce/0x1bc0 [ 379.728487][ C1] 2 locks held by getty/4980: [ 379.733158][ C1] #0: ffff88802b23f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 379.742909][ C1] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 379.753005][ C1] 5 locks held by kworker/0:9/5328: [ 379.758182][ C1] #0: ffff8880192b3d48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 379.769500][ C1] #1: ffffc9000439fd00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 379.781336][ C1] #2: ffff8880241c0190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150 [ 379.790305][ C1] #3: ffff8880241c3518 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x25b9/0x5150 [ 379.800226][ C1] #4: ffff8880209fbe68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x25f7/0x5150 [ 379.809889][ C1] 4 locks held by syz.3.273/6510: [ 379.814889][ C1] #0: ffff88807c1612a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_ioctl+0x1161/0x2480 [ 379.824988][ C1] #1: ffff88802e156c70 (&mi->mi_sem){++++}-{3:3}, at: nilfs_sufile_trim_fs+0x4f2/0x1270 [ 379.834836][ C1] #2: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 379.844934][ C1] #3: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 379.854778][ C1] 1 lock held by segctord/6511: [ 379.859607][ C1] #0: ffff88807c1612a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 379.870547][ C1] 3 locks held by syz-executor/8658: [ 379.875852][ C1] 1 lock held by syz-executor/9261: [ 379.881043][ C1] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 379.890449][ C1] 2 locks held by syz.3.983/9372: [ 379.895448][ C1] #0: ffffffff8fce77f0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 379.903632][ C1] #1: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0 [ 379.912861][ C1] [ 379.915167][ C1] ============================================= [ 379.915167][ C1] [ 380.949985][ C1] DEBUG: waiting rtnl_mutex for 630 jiffies. [ 380.956019][ C1] task:syz.3.983 state:D stack:25984 pid:9372 tgid:9371 ppid:6649 flags:0x00004004 [ 380.966256][ C1] Call Trace: [ 380.969545][ C1] [ 380.972518][ C1] __schedule+0x1800/0x4a60 [ 380.977073][ C1] ? __pfx___schedule+0x10/0x10 [ 380.981975][ C1] ? __pfx_lock_release+0x10/0x10 [ 380.987019][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 380.992531][ C1] ? schedule+0x90/0x320 [ 380.996814][ C1] schedule+0x14b/0x320 [ 381.001038][ C1] schedule_preempt_disabled+0x13/0x30 [ 381.006526][ C1] __mutex_lock+0x6a4/0xd70 [ 381.011079][ C1] ? __mutex_lock+0x527/0xd70 [ 381.015771][ C1] ? nl80211_pre_doit+0x5f/0x8b0 [ 381.020770][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 381.025823][ C1] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 381.032115][ C1] ? get_rtnl_holder+0x144/0x190 [ 381.037071][ C1] nl80211_pre_doit+0x5f/0x8b0 [ 381.041888][ C1] genl_rcv_msg+0xaaa/0xec0 [ 381.046409][ C1] ? mark_lock+0x9a/0x360 [ 381.050800][ C1] ? __pfx_genl_rcv_msg+0x10/0x10 [ 381.055868][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 381.060935][ C1] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 381.066325][ C1] ? __pfx_nl80211_set_reg+0x10/0x10 [ 381.071657][ C1] ? __pfx_nl80211_post_doit+0x10/0x10 [ 381.077134][ C1] ? __pfx___might_resched+0x10/0x10 [ 381.082478][ C1] netlink_rcv_skb+0x1e3/0x430 [ 381.087274][ C1] ? __pfx_genl_rcv_msg+0x10/0x10 [ 381.092366][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 381.097699][ C1] ? __netlink_deliver_tap+0x77e/0x7c0 [ 381.103223][ C1] genl_rcv+0x28/0x40 [ 381.107198][ C1] netlink_unicast+0x7f6/0x990 [ 381.112005][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 381.117307][ C1] ? __virt_addr_valid+0x183/0x530 [ 381.122441][ C1] ? __check_object_size+0x49c/0x900 [ 381.127709][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 381.132852][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 381.137643][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 381.142968][ C1] ? __import_iovec+0x536/0x820 [ 381.147839][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 381.152828][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 381.158121][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 381.163631][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 381.168938][ C1] __sock_sendmsg+0x221/0x270 [ 381.173675][ C1] ____sys_sendmsg+0x525/0x7d0 [ 381.178474][ C1] ? __pfx_____sys_sendmsg+0x10/0x10 [ 381.183836][ C1] __sys_sendmsg+0x2b0/0x3a0 [ 381.188457][ C1] ? __pfx___sys_sendmsg+0x10/0x10 [ 381.193624][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 381.199641][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 381.205993][ C1] ? do_syscall_64+0x100/0x230 [ 381.210806][ C1] ? do_syscall_64+0xb6/0x230 [ 381.215497][ C1] do_syscall_64+0xf3/0x230 [ 381.220059][ C1] ? clear_bhb_loop+0x35/0x90 [ 381.224822][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.230768][ C1] RIP: 0033:0x7f4242f773b9 [ 381.235201][ C1] RSP: 002b:00007f42429ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 381.243667][ C1] RAX: ffffffffffffffda RBX: 00007f4243105f80 RCX: 00007f4242f773b9 [ 381.251691][ C1] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003 [ 381.259700][ C1] RBP: 00007f4242fe48e6 R08: 0000000000000000 R09: 0000000000000000 [ 381.267688][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 381.275707][ C1] R13: 000000000000000b R14: 00007f4243105f80 R15: 00007ffed2747c68 [ 381.283850][ C1] [ 381.286888][ C1] DEBUG: waiting rtnl_mutex for 503 jiffies. [ 381.292909][ C1] task:dhcpcd state:D stack:20672 pid:4898 tgid:4898 ppid:4897 flags:0x00000002 [ 381.303133][ C1] Call Trace: [ 381.306427][ C1] [ 381.309371][ C1] __schedule+0x1800/0x4a60 [ 381.313957][ C1] ? __pfx___schedule+0x10/0x10 [ 381.318835][ C1] ? __pfx_lock_release+0x10/0x10 [ 381.323918][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 381.329406][ C1] ? schedule+0x90/0x320 [ 381.333701][ C1] schedule+0x14b/0x320 [ 381.337891][ C1] schedule_preempt_disabled+0x13/0x30 [ 381.343409][ C1] __mutex_lock+0x6a4/0xd70 [ 381.347951][ C1] ? __mutex_lock+0x527/0xd70 [ 381.352665][ C1] ? devinet_ioctl+0x2ce/0x1bc0 [ 381.357507][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 381.362540][ C1] ? bpf_lsm_capable+0x9/0x10 [ 381.367201][ C1] ? security_capable+0x90/0xb0 [ 381.372094][ C1] ? get_rtnl_holder+0x144/0x190 [ 381.377062][ C1] devinet_ioctl+0x2ce/0x1bc0 [ 381.381800][ C1] ? get_user_ifreq+0x1bb/0x200 [ 381.386692][ C1] inet_ioctl+0x3d7/0x4f0 [ 381.391094][ C1] ? __pfx_inet_ioctl+0x10/0x10 [ 381.396015][ C1] sock_do_ioctl+0x158/0x460 [ 381.400691][ C1] ? __pfx_sock_do_ioctl+0x10/0x10 [ 381.405839][ C1] ? __pfx_lock_release+0x10/0x10 [ 381.410987][ C1] sock_ioctl+0x629/0x8e0 [ 381.415362][ C1] ? __pfx_sock_ioctl+0x10/0x10 [ 381.420281][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 381.426306][ C1] ? bpf_lsm_file_ioctl+0x9/0x10 [ 381.431309][ C1] ? security_file_ioctl+0x87/0xb0 [ 381.436436][ C1] ? __pfx_sock_ioctl+0x10/0x10 [ 381.441339][ C1] __se_sys_ioctl+0xfc/0x170 [ 381.445973][ C1] do_syscall_64+0xf3/0x230 [ 381.450509][ C1] ? clear_bhb_loop+0x35/0x90 [ 381.455199][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.461142][ C1] RIP: 0033:0x7fe362c77d49 [ 381.465573][ C1] RSP: 002b:00007ffeb4f8acc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 381.474020][ C1] RAX: ffffffffffffffda RBX: 00007fe362ba96c0 RCX: 00007fe362c77d49 [ 381.482006][ C1] RDX: 00007ffeb4f9aeb8 RSI: 0000000000008914 RDI: 0000000000000018 [ 381.489977][ C1] RBP: 00007ffeb4fab078 R08: 00007ffeb4f9ae78 R09: 00007ffeb4f9ae28 [ 381.497931][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 381.505905][ C1] R13: 00007ffeb4f9aeb8 R14: 0000000000000028 R15: 0000000000008914 [ 381.513888][ C1] [ 381.516893][ C1] DEBUG: waiting rtnl_mutex for 862 jiffies. [ 381.522865][ C1] task:syz-executor state:D stack:21728 pid:9261 tgid:9261 ppid:9244 flags:0x00004000 [ 381.533024][ C1] Call Trace: [ 381.536294][ C1] [ 381.539210][ C1] __schedule+0x1800/0x4a60 [ 381.543733][ C1] ? __pfx___schedule+0x10/0x10 [ 381.548579][ C1] ? __pfx_lock_release+0x10/0x10 [ 381.553608][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 381.559054][ C1] ? schedule+0x90/0x320 [ 381.563300][ C1] schedule+0x14b/0x320 [ 381.567442][ C1] schedule_preempt_disabled+0x13/0x30 [ 381.572901][ C1] __mutex_lock+0x6a4/0xd70 [ 381.577388][ C1] ? __mutex_lock+0x527/0xd70 [ 381.582064][ C1] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 381.587163][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 381.592207][ C1] ? get_rtnl_holder+0x144/0x190 [ 381.597136][ C1] rtnetlink_rcv_msg+0x6eb/0xd00 [ 381.602080][ C1] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 381.607193][ C1] ? __lock_acquire+0x1384/0x2050 [ 381.612246][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 381.617702][ C1] netlink_rcv_skb+0x1e3/0x430 [ 381.622488][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 381.627950][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 381.633261][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 381.638443][ C1] netlink_unicast+0x7f6/0x990 [ 381.643215][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 381.648486][ C1] ? __virt_addr_valid+0x183/0x530 [ 381.653600][ C1] ? __check_object_size+0x49c/0x900 [ 381.658867][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 381.663984][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 381.668737][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 381.674110][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 381.679035][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 381.684318][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 381.689781][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 381.695053][ C1] __sock_sendmsg+0x221/0x270 [ 381.699748][ C1] __sys_sendto+0x3a4/0x4f0 [ 381.704241][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 381.709252][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 381.714456][ C1] ? blkcg_maybe_throttle_current+0x1ab/0xb80 [ 381.720535][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 381.726510][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 381.732841][ C1] __x64_sys_sendto+0xde/0x100 [ 381.737589][ C1] do_syscall_64+0xf3/0x230 [ 381.742091][ C1] ? clear_bhb_loop+0x35/0x90 [ 381.746753][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.752647][ C1] RIP: 0033:0x7f2b2337914c [ 381.757045][ C1] RSP: 002b:00007ffe468e1680 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 381.765467][ C1] RAX: ffffffffffffffda RBX: 00007f2b24034620 RCX: 00007f2b2337914c [ 381.773439][ C1] RDX: 000000000000003c RSI: 00007f2b24034670 RDI: 0000000000000003 [ 381.781410][ C1] RBP: 0000000000000000 R08: 00007ffe468e16d4 R09: 000000000000000c [ 381.789364][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 381.797335][ C1] R13: 0000000000000000 R14: 00007f2b24034670 R15: 0000000000000000 [ 381.805314][ C1] [ 381.808317][ C1] DEBUG: holding rtnl_mutex for 891 jiffies. [ 381.814295][ C1] task:kworker/u8:12 state:R running task stack:19472 pid:3000 tgid:3000 ppid:2 flags:0x00004000 [ 381.826027][ C1] Workqueue: netns cleanup_net [ 381.830795][ C1] Call Trace: [ 381.834055][ C1] [ 381.836972][ C1] __schedule+0x1800/0x4a60 [ 381.841487][ C1] ? __virt_addr_valid+0x183/0x530 [ 381.846586][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 381.852916][ C1] ? lock_release+0xbf/0xa30 [ 381.857507][ C1] ? __pfx___schedule+0x10/0x10 [ 381.862359][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 381.867550][ C1] ? mark_lock+0x9a/0x360 [ 381.871881][ C1] preempt_schedule_irq+0xfb/0x1c0 [ 381.876998][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 381.882756][ C1] irqentry_exit+0x5e/0x90 [ 381.887161][ C1] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 381.892621][ C1] RIP: 0010:synchronize_rcu+0x0/0x360 [ 381.897981][ C1] Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 65 38 81 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 [ 381.917591][ C1] RSP: 0000:ffffc9000a3ff5d8 EFLAGS: 00000206 [ 381.923664][ C1] RAX: dffffc0000000000 RBX: 1ffff9200147fec4 RCX: ffffffff94f2f903 [ 381.931636][ C1] RDX: 0000777d5931ae01 RSI: ffffffff8c0ae240 RDI: ffffffff8c607c40 [ 381.939588][ C1] RBP: ffffc9000a3ff6b8 R08: ffffffff8142a345 R09: 1ffffffff202faed [ 381.947576][ C1] R10: dffffc0000000000 R11: fffffbfff202faee R12: ffffffff94f22ec8 [ 381.955547][ C1] R13: 1ffff9200147fec0 R14: 0000000000000202 R15: ffffc9000a3ff620 [ 381.963528][ C1] ? __phys_addr+0x105/0x170 [ 381.968107][ C1] lockdep_unregister_key+0x4b7/0x540 [ 381.973490][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 381.979371][ C1] ? rcu_is_watching+0x15/0xb0 [ 381.984153][ C1] ? qdisc_reset+0x3bf/0x5b0 [ 381.988731][ C1] __qdisc_destroy+0x165/0x410 [ 381.993496][ C1] dev_shutdown+0x357/0x450 [ 381.997984][ C1] unregister_netdevice_many_notify+0x97b/0x1c40 [ 382.004319][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 382.011091][ C1] ? unregister_netdevice_queue+0x26b/0x370 [ 382.016987][ C1] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 382.023176][ C1] default_device_exit_batch+0xa0f/0xa90 [ 382.028910][ C1] ? __pfx___might_resched+0x10/0x10 [ 382.034198][ C1] ? __pfx_default_device_exit_batch+0x10/0x10 [ 382.040355][ C1] ? cfg802154_pernet_exit+0xc3/0xe0 [ 382.045626][ C1] ? __pfx_default_device_exit_batch+0x10/0x10 [ 382.051791][ C1] cleanup_net+0x89d/0xcc0 [ 382.056193][ C1] ? __pfx_cleanup_net+0x10/0x10 [ 382.061137][ C1] ? process_scheduled_works+0x945/0x1830 [ 382.066928][ C1] process_scheduled_works+0xa2c/0x1830 [ 382.072534][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 382.078504][ C1] ? assign_work+0x364/0x3d0 [ 382.083098][ C1] worker_thread+0x86d/0xd40 [ 382.087682][ C1] ? __kthread_parkme+0x169/0x1d0 [ 382.092711][ C1] ? __pfx_worker_thread+0x10/0x10 [ 382.097807][ C1] kthread+0x2f0/0x390 [ 382.101877][ C1] ? __pfx_worker_thread+0x10/0x10 [ 382.106974][ C1] ? __pfx_kthread+0x10/0x10 [ 382.111559][ C1] ret_from_fork+0x4b/0x80 [ 382.115958][ C1] ? __pfx_kthread+0x10/0x10 [ 382.120552][ C1] ret_from_fork_asm+0x1a/0x30 [ 382.125309][ C1] [ 382.128311][ C1] DEBUG: waiting rtnl_mutex for 852 jiffies. [ 382.134282][ C1] task:kworker/1:2 state:D stack:20688 pid:1638 tgid:1638 ppid:2 flags:0x00004000 [ 382.144443][ C1] Workqueue: events linkwatch_event [ 382.149665][ C1] Call Trace: [ 382.152941][ C1] [ 382.155860][ C1] __schedule+0x1800/0x4a60 [ 382.160380][ C1] ? __pfx___schedule+0x10/0x10 [ 382.165217][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 382.171197][ C1] ? __pfx_lock_release+0x10/0x10 [ 382.176206][ C1] ? kick_pool+0x1bd/0x620 [ 382.180626][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 382.185814][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 382.191012][ C1] ? schedule+0x90/0x320 [ 382.195245][ C1] schedule+0x14b/0x320 [ 382.199384][ C1] schedule_preempt_disabled+0x13/0x30 [ 382.204844][ C1] __mutex_lock+0x6a4/0xd70 [ 382.209333][ C1] ? __mutex_lock+0x527/0xd70 [ 382.214012][ C1] ? linkwatch_event+0xe/0x60 [ 382.218672][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 382.223706][ C1] ? get_rtnl_holder+0x144/0x190 [ 382.228631][ C1] ? process_scheduled_works+0x945/0x1830 [ 382.234349][ C1] linkwatch_event+0xe/0x60 [ 382.238834][ C1] process_scheduled_works+0xa2c/0x1830 [ 382.244399][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 382.250391][ C1] ? assign_work+0x364/0x3d0 [ 382.254966][ C1] worker_thread+0x86d/0xd40 [ 382.259543][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 382.265480][ C1] ? __kthread_parkme+0x169/0x1d0 [ 382.270523][ C1] ? __pfx_worker_thread+0x10/0x10 [ 382.275618][ C1] kthread+0x2f0/0x390 [ 382.279709][ C1] ? __pfx_worker_thread+0x10/0x10 [ 382.284827][ C1] ? __pfx_kthread+0x10/0x10 [ 382.289401][ C1] ret_from_fork+0x4b/0x80 [ 382.293826][ C1] ? __pfx_kthread+0x10/0x10 [ 382.298402][ C1] ret_from_fork_asm+0x1a/0x30 [ 382.303186][ C1] [ 382.306191][ C1] [ 382.306191][ C1] Showing all locks held in the system: [ 382.313900][ C1] 2 locks held by rcu_tasks_trace/15: [ 382.319251][ C1] #0: ffffffff8e938030 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0xa9d/0xd90 [ 382.330683][ C1] #1: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 382.341581][ C1] 3 locks held by kworker/1:2/1638: [ 382.346756][ C1] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 382.357719][ C1] #1: ffffc900050f7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 382.368684][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 382.377663][ C1] 2 locks held by kworker/u8:7/2462: [ 382.382943][ C1] #0: ffff888015889148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 382.394609][ C1] #1: ffffc9000986fd00 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 382.406731][ C1] 3 locks held by kworker/u8:10/2962: [ 382.412103][ C1] 4 locks held by kworker/u8:12/3000: [ 382.417486][ C1] 2 locks held by udevd/4684: [ 382.422163][ C1] 1 lock held by dhcpcd/4898: [ 382.426831][ C1] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2ce/0x1bc0 [ 382.436038][ C1] 2 locks held by getty/4980: [ 382.440714][ C1] #0: ffff88802b23f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 382.450466][ C1] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 382.460567][ C1] 5 locks held by kworker/0:9/5328: [ 382.465745][ C1] 2 locks held by syz.3.273/6510: [ 382.470763][ C1] 1 lock held by segctord/6511: [ 382.475588][ C1] #0: ffff88807c1612a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 382.486474][ C1] 1 lock held by syz-executor/9261: [ 382.491668][ C1] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 382.501073][ C1] 2 locks held by syz.3.983/9372: [ 382.506072][ C1] #0: ffffffff8fce77f0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 382.514289][ C1] #1: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0 [ 382.523530][ C1] 4 locks held by modprobe/9419: [ 382.528892][ C1] [ 382.531274][ C1] ============================================= [ 382.531274][ C1] [ 382.547752][ T6510] bio_check_eod: 5910 callbacks suppressed [ 382.547768][ T6510] syz.3.273: attempt to access beyond end of device [ 382.547768][ T6510] loop3: rw=3, sector=15519287487008, nr_sectors = 8388600 limit=2048 [ 382.551958][ T5328] usb 10-1: device descriptor read/8, error -110 [ 382.553947][ T6510] syz.3.273: attempt to access beyond end of device [ 382.553947][ T6510] loop3: rw=3, sector=15519295875608, nr_sectors = 8388600 limit=2048 [ 382.589474][ T6510] syz.3.273: attempt to access beyond end of device [ 382.589474][ T6510] loop3: rw=3, sector=15519304264208, nr_sectors = 8388600 limit=2048 [ 382.604166][ T6510] syz.3.273: attempt to access beyond end of device [ 382.604166][ T6510] loop3: rw=3, sector=15519312652808, nr_sectors = 8388600 limit=2048 [ 382.619730][ T6510] syz.3.273: attempt to access beyond end of device [ 382.619730][ T6510] loop3: rw=3, sector=15519321041408, nr_sectors = 8388600 limit=2048 [ 382.647226][ T6510] syz.3.273: attempt to access beyond end of device [ 382.647226][ T6510] loop3: rw=3, sector=15519329430008, nr_sectors = 8388600 limit=2048 [ 382.669008][ T6510] syz.3.273: attempt to access beyond end of device [ 382.669008][ T6510] loop3: rw=3, sector=15519337818608, nr_sectors = 8388600 limit=2048 [ 382.704554][ T6510] syz.3.273: attempt to access beyond end of device [ 382.704554][ T6510] loop3: rw=3, sector=15519346207208, nr_sectors = 8388600 limit=2048 [ 382.730108][ T6510] syz.3.273: attempt to access beyond end of device [ 382.730108][ T6510] loop3: rw=3, sector=15519354595808, nr_sectors = 8388600 limit=2048 [ 382.768976][ T6510] syz.3.273: attempt to access beyond end of device [ 382.768976][ T6510] loop3: rw=3, sector=15519362984408, nr_sectors = 8388600 limit=2048 [ 382.803613][ T3000] team0 (unregistering): Port device team_slave_0 removed [ 383.191156][ T5328] usb usb10-port1: attempt power cycle [ 383.300707][ T4623] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 383.322198][ T4623] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 383.332100][ T4623] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 383.350372][ T4623] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 383.393584][ T4623] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 383.401573][ T4623] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 383.511309][ T5419] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 383.589972][ C1] DEBUG: waiting rtnl_mutex for 894 jiffies. [ 383.596036][ C1] task:syz.3.983 state:D stack:25984 pid:9372 tgid:9371 ppid:6649 flags:0x00004004 [ 383.606267][ C1] Call Trace: [ 383.609557][ C1] [ 383.612536][ C1] __schedule+0x1800/0x4a60 [ 383.617085][ C1] ? __pfx___schedule+0x10/0x10 [ 383.621995][ C1] ? __pfx_lock_release+0x10/0x10 [ 383.627048][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 383.632574][ C1] ? schedule+0x90/0x320 [ 383.636846][ C1] schedule+0x14b/0x320 [ 383.641057][ C1] schedule_preempt_disabled+0x13/0x30 [ 383.646541][ C1] __mutex_lock+0x6a4/0xd70 [ 383.651098][ C1] ? __mutex_lock+0x527/0xd70 [ 383.655813][ C1] ? nl80211_pre_doit+0x5f/0x8b0 [ 383.660808][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 383.665855][ C1] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 383.672160][ C1] ? get_rtnl_holder+0x144/0x190 [ 383.677126][ C1] nl80211_pre_doit+0x5f/0x8b0 [ 383.681957][ C1] genl_rcv_msg+0xaaa/0xec0 [ 383.686487][ C1] ? mark_lock+0x9a/0x360 [ 383.690877][ C1] ? __pfx_genl_rcv_msg+0x10/0x10 [ 383.695967][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 383.701041][ C1] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 383.706432][ C1] ? __pfx_nl80211_set_reg+0x10/0x10 [ 383.711763][ C1] ? __pfx_nl80211_post_doit+0x10/0x10 [ 383.717242][ C1] ? __pfx___might_resched+0x10/0x10 [ 383.722589][ C1] netlink_rcv_skb+0x1e3/0x430 [ 383.727373][ C1] ? __pfx_genl_rcv_msg+0x10/0x10 [ 383.732447][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 383.737762][ C1] ? __netlink_deliver_tap+0x77e/0x7c0 [ 383.743287][ C1] genl_rcv+0x28/0x40 [ 383.747299][ C1] netlink_unicast+0x7f6/0x990 [ 383.752148][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 383.757455][ C1] ? __virt_addr_valid+0x183/0x530 [ 383.762631][ C1] ? __check_object_size+0x49c/0x900 [ 383.767941][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 383.773121][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 383.777924][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 383.783270][ C1] ? __import_iovec+0x536/0x820 [ 383.788151][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 383.793163][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 383.798463][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 383.803986][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 383.809296][ C1] __sock_sendmsg+0x221/0x270 [ 383.814052][ C1] ____sys_sendmsg+0x525/0x7d0 [ 383.818855][ C1] ? __pfx_____sys_sendmsg+0x10/0x10 [ 383.824224][ C1] __sys_sendmsg+0x2b0/0x3a0 [ 383.828850][ C1] ? __pfx___sys_sendmsg+0x10/0x10 [ 383.834028][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 383.840025][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 383.846380][ C1] ? do_syscall_64+0x100/0x230 [ 383.850694][ T5328] usb usb10-port1: unable to enumerate USB device [ 383.851179][ C1] ? do_syscall_64+0xb6/0x230 [ 383.862270][ C1] do_syscall_64+0xf3/0x230 [ 383.866796][ C1] ? clear_bhb_loop+0x35/0x90 [ 383.871542][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.877461][ C1] RIP: 0033:0x7f4242f773b9 [ 383.881945][ C1] RSP: 002b:00007f42429ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 383.890430][ C1] RAX: ffffffffffffffda RBX: 00007f4243105f80 RCX: 00007f4242f773b9 [ 383.898422][ C1] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003 [ 383.906458][ C1] RBP: 00007f4242fe48e6 R08: 0000000000000000 R09: 0000000000000000 [ 383.914483][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 383.922514][ C1] R13: 000000000000000b R14: 00007f4243105f80 R15: 00007ffed2747c68 [ 383.930547][ C1] [ 383.933582][ C1] DEBUG: waiting rtnl_mutex for 768 jiffies. [ 383.939564][ C1] task:dhcpcd state:D stack:20672 pid:4898 tgid:4898 ppid:4897 flags:0x00000002 [ 383.949828][ C1] Call Trace: [ 383.953123][ C1] [ 383.956066][ C1] __schedule+0x1800/0x4a60 [ 383.960659][ C1] ? __pfx___schedule+0x10/0x10 [ 383.965541][ C1] ? __pfx_lock_release+0x10/0x10 [ 383.970619][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 383.976120][ C1] ? schedule+0x90/0x320 [ 383.980432][ C1] schedule+0x14b/0x320 [ 383.984621][ C1] schedule_preempt_disabled+0x13/0x30 [ 383.990148][ C1] __mutex_lock+0x6a4/0xd70 [ 383.994765][ C1] ? __mutex_lock+0x527/0xd70 [ 383.999473][ C1] ? devinet_ioctl+0x2ce/0x1bc0 [ 384.004387][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 384.009441][ C1] ? bpf_lsm_capable+0x9/0x10 [ 384.014185][ C1] ? security_capable+0x90/0xb0 [ 384.019068][ C1] ? get_rtnl_holder+0x144/0x190 [ 384.024420][ C1] devinet_ioctl+0x2ce/0x1bc0 [ 384.029464][ C1] ? get_user_ifreq+0x1bb/0x200 [ 384.034349][ C1] inet_ioctl+0x3d7/0x4f0 [ 384.038706][ C1] ? __pfx_inet_ioctl+0x10/0x10 [ 384.043626][ C1] sock_do_ioctl+0x158/0x460 [ 384.048255][ C1] ? __pfx_sock_do_ioctl+0x10/0x10 [ 384.053452][ C1] ? __pfx_lock_release+0x10/0x10 [ 384.058504][ C1] sock_ioctl+0x629/0x8e0 [ 384.062872][ C1] ? __pfx_sock_ioctl+0x10/0x10 [ 384.067744][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 384.073774][ C1] ? bpf_lsm_file_ioctl+0x9/0x10 [ 384.078725][ C1] ? security_file_ioctl+0x87/0xb0 [ 384.083878][ C1] ? __pfx_sock_ioctl+0x10/0x10 [ 384.088761][ C1] __se_sys_ioctl+0xfc/0x170 [ 384.093425][ C1] do_syscall_64+0xf3/0x230 [ 384.097950][ C1] ? clear_bhb_loop+0x35/0x90 [ 384.102680][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 384.108586][ C1] RIP: 0033:0x7fe362c77d49 [ 384.113047][ C1] RSP: 002b:00007ffeb4f8acc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 384.121518][ C1] RAX: ffffffffffffffda RBX: 00007fe362ba96c0 RCX: 00007fe362c77d49 [ 384.129497][ C1] RDX: 00007ffeb4f9aeb8 RSI: 0000000000008914 RDI: 0000000000000018 [ 384.137499][ C1] RBP: 00007ffeb4fab078 R08: 00007ffeb4f9ae78 R09: 00007ffeb4f9ae28 [ 384.145505][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 384.153520][ C1] R13: 00007ffeb4f9aeb8 R14: 0000000000000028 R15: 0000000000008914 [ 384.161558][ C1] [ 384.164612][ C1] DEBUG: waiting rtnl_mutex for 1127 jiffies. [ 384.170719][ C1] task:syz-executor state:D stack:21728 pid:9261 tgid:9261 ppid:9244 flags:0x00004000 [ 384.180946][ C1] Call Trace: [ 384.184237][ C1] [ 384.187174][ C1] __schedule+0x1800/0x4a60 [ 384.191760][ C1] ? __pfx___schedule+0x10/0x10 [ 384.196637][ C1] ? __pfx_lock_release+0x10/0x10 [ 384.201757][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 384.207253][ C1] ? schedule+0x90/0x320 [ 384.211574][ C1] schedule+0x14b/0x320 [ 384.215767][ C1] schedule_preempt_disabled+0x13/0x30 [ 384.221311][ C1] __mutex_lock+0x6a4/0xd70 [ 384.226091][ C1] ? __mutex_lock+0x527/0xd70 [ 384.230818][ C1] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 384.235970][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 384.241075][ C1] ? get_rtnl_holder+0x144/0x190 [ 384.246024][ C1] rtnetlink_rcv_msg+0x6eb/0xd00 [ 384.251009][ C1] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 384.256138][ C1] ? __lock_acquire+0x1384/0x2050 [ 384.261213][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 384.266708][ C1] netlink_rcv_skb+0x1e3/0x430 [ 384.271524][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 384.277005][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 384.282442][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 384.287666][ C1] netlink_unicast+0x7f6/0x990 [ 384.292488][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 384.297789][ C1] ? __virt_addr_valid+0x183/0x530 [ 384.302948][ C1] ? __check_object_size+0x49c/0x900 [ 384.308246][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 384.313397][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 384.318179][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 384.323515][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 384.329004][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 384.334331][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 384.339838][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 384.345133][ C1] __sock_sendmsg+0x221/0x270 [ 384.349862][ C1] __sys_sendto+0x3a4/0x4f0 [ 384.354394][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 384.359440][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 384.364668][ C1] ? blkcg_maybe_throttle_current+0x1ab/0xb80 [ 384.370815][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 384.376816][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 384.383182][ C1] __x64_sys_sendto+0xde/0x100 [ 384.387966][ C1] do_syscall_64+0xf3/0x230 [ 384.392518][ C1] ? clear_bhb_loop+0x35/0x90 [ 384.397216][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 384.403140][ C1] RIP: 0033:0x7f2b2337914c [ 384.407564][ C1] RSP: 002b:00007ffe468e1680 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 384.416091][ C1] RAX: ffffffffffffffda RBX: 00007f2b24034620 RCX: 00007f2b2337914c [ 384.424106][ C1] RDX: 000000000000003c RSI: 00007f2b24034670 RDI: 0000000000000003 [ 384.432127][ C1] RBP: 0000000000000000 R08: 00007ffe468e16d4 R09: 000000000000000c [ 384.440150][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 384.448137][ C1] R13: 0000000000000000 R14: 00007f2b24034670 R15: 0000000000000000 [ 384.456169][ C1] [ 384.459205][ C1] DEBUG: holding rtnl_mutex for 1156 jiffies. [ 384.465311][ C1] task:kworker/u8:12 state:D stack:19472 pid:3000 tgid:3000 ppid:2 flags:0x00004000 [ 384.475541][ C1] Workqueue: netns cleanup_net [ 384.480372][ C1] Call Trace: [ 384.483662][ C1] [ 384.486607][ C1] __schedule+0x1800/0x4a60 [ 384.491202][ C1] ? __pfx___schedule+0x10/0x10 [ 384.496087][ C1] ? __pfx_lock_release+0x10/0x10 [ 384.501174][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 384.507110][ C1] ? kthread_data+0x52/0xd0 [ 384.511709][ C1] ? wq_worker_sleeping+0x66/0x240 [ 384.516841][ C1] ? schedule+0x90/0x320 [ 384.521142][ C1] schedule+0x14b/0x320 [ 384.525335][ C1] synchronize_rcu_expedited+0x684/0x830 [ 384.531025][ C1] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 384.537206][ C1] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 384.542590][ C1] ? __pfx___might_resched+0x10/0x10 [ 384.547893][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 384.553912][ C1] ? __pfx_autoremove_wake_function+0x10/0x10 [ 384.560046][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 384.566421][ C1] synchronize_rcu+0x11b/0x360 [ 384.571240][ C1] ? __pfx_synchronize_rcu+0x10/0x10 [ 384.576551][ C1] lockdep_unregister_key+0x4b7/0x540 [ 384.581983][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 384.587901][ C1] ? rcu_is_watching+0x15/0xb0 [ 384.592696][ C1] ? qdisc_reset+0x3bf/0x5b0 [ 384.597307][ C1] __qdisc_destroy+0x165/0x410 [ 384.602214][ C1] dev_shutdown+0x357/0x450 [ 384.606734][ C1] unregister_netdevice_many_notify+0x97b/0x1c40 [ 384.613134][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 384.619962][ C1] ? unregister_netdevice_queue+0x26b/0x370 [ 384.625898][ C1] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 384.632125][ C1] default_device_exit_batch+0xa0f/0xa90 [ 384.637787][ C1] ? __pfx___might_resched+0x10/0x10 [ 384.643137][ C1] ? __pfx_default_device_exit_batch+0x10/0x10 [ 384.649307][ C1] ? cfg802154_pernet_exit+0xc3/0xe0 [ 384.654632][ C1] ? __pfx_default_device_exit_batch+0x10/0x10 [ 384.660856][ C1] cleanup_net+0x89d/0xcc0 [ 384.665303][ C1] ? __pfx_cleanup_net+0x10/0x10 [ 384.670300][ C1] ? process_scheduled_works+0x945/0x1830 [ 384.676035][ C1] process_scheduled_works+0xa2c/0x1830 [ 384.681661][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 384.687689][ C1] ? assign_work+0x364/0x3d0 [ 384.692337][ C1] worker_thread+0x86d/0xd40 [ 384.696957][ C1] ? __kthread_parkme+0x169/0x1d0 [ 384.702049][ C1] ? __pfx_worker_thread+0x10/0x10 [ 384.707186][ C1] kthread+0x2f0/0x390 [ 384.711308][ C1] ? __pfx_worker_thread+0x10/0x10 [ 384.716448][ C1] ? __pfx_kthread+0x10/0x10 [ 384.721104][ C1] ret_from_fork+0x4b/0x80 [ 384.725543][ C1] ? __pfx_kthread+0x10/0x10 [ 384.730185][ C1] ret_from_fork_asm+0x1a/0x30 [ 384.734974][ C1] [ 384.737980][ C1] DEBUG: waiting rtnl_mutex for 1113 jiffies. [ 384.744083][ C1] task:kworker/1:2 state:D stack:20688 pid:1638 tgid:1638 ppid:2 flags:0x00004000 [ 384.754313][ C1] Workqueue: events linkwatch_event [ 384.759543][ C1] Call Trace: [ 384.762882][ C1] [ 384.765829][ C1] __schedule+0x1800/0x4a60 [ 384.770410][ C1] ? __pfx___schedule+0x10/0x10 [ 384.775278][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 384.781304][ C1] ? __pfx_lock_release+0x10/0x10 [ 384.786359][ C1] ? kick_pool+0x1bd/0x620 [ 384.790863][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 384.796085][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 384.801343][ C1] ? schedule+0x90/0x320 [ 384.805620][ C1] schedule+0x14b/0x320 [ 384.809839][ C1] schedule_preempt_disabled+0x13/0x30 [ 384.815318][ C1] __mutex_lock+0x6a4/0xd70 [ 384.819865][ C1] ? __mutex_lock+0x527/0xd70 [ 384.824561][ C1] ? linkwatch_event+0xe/0x60 [ 384.829249][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 384.834314][ C1] ? get_rtnl_holder+0x144/0x190 [ 384.839265][ C1] ? process_scheduled_works+0x945/0x1830 [ 384.845036][ C1] linkwatch_event+0xe/0x60 [ 384.849554][ C1] process_scheduled_works+0xa2c/0x1830 [ 384.855171][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 384.861215][ C1] ? assign_work+0x364/0x3d0 [ 384.865837][ C1] worker_thread+0x86d/0xd40 [ 384.870467][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 384.876349][ C1] ? __kthread_parkme+0x169/0x1d0 [ 384.881424][ C1] ? __pfx_worker_thread+0x10/0x10 [ 384.886568][ C1] kthread+0x2f0/0x390 [ 384.890700][ C1] ? __pfx_worker_thread+0x10/0x10 [ 384.895828][ C1] ? __pfx_kthread+0x10/0x10 [ 384.900465][ C1] ret_from_fork+0x4b/0x80 [ 384.904912][ C1] ? __pfx_kthread+0x10/0x10 [ 384.909509][ C1] ret_from_fork_asm+0x1a/0x30 [ 384.914336][ C1] [ 384.917361][ C1] [ 384.917361][ C1] Showing all locks held in the system: [ 384.925116][ C1] 3 locks held by kworker/1:2/1638: [ 384.930390][ C1] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 384.941467][ C1] #1: ffffc900050f7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 384.952517][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 384.961591][ C1] 5 locks held by kworker/u8:12/3000: [ 384.966962][ C1] #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 384.977871][ C1] #1: ffffc9000a3ffd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 384.988466][ C1] #2: ffffffff8fc751d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 384.997904][ C1] #3: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90 [ 385.007997][ C1] #4: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 385.018978][ C1] 1 lock held by dhcpcd/4898: [ 385.023678][ C1] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2ce/0x1bc0 [ 385.032867][ C1] 2 locks held by getty/4980: [ 385.037544][ C1] #0: ffff88802b23f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 385.047321][ C1] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 385.057480][ C1] 3 locks held by kworker/u9:4/5236: [ 385.062786][ C1] #0: ffff888028366148 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 385.073664][ C1] #1: ffffc90002e97d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 385.086361][ C1] #2: ffff8880768c0d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400 [ 385.096270][ C1] 6 locks held by kworker/1:7/5419: [ 385.101492][ C1] #0: ffff8880192b3d48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 385.112892][ C1] #1: ffffc9000492fd00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 385.124825][ C1] #2: ffff888023e40190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150 [ 385.133786][ C1] #3: ffff888023e43518 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x25b9/0x5150 [ 385.143800][ C1] #4: ffff88801ece6a68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x25f7/0x5150 [ 385.153543][ C1] #5: ffffffff8f54f770 (ehci_cf_port_reset_rwsem){.+.+}-{3:3}, at: hub_port_reset+0x1f8/0x1b30 [ 385.164178][ C1] 4 locks held by syz.3.273/6510: [ 385.169212][ C1] #0: ffff88807c1612a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_ioctl+0x1161/0x2480 [ 385.179368][ C1] #1: ffff88802e156c70 (&mi->mi_sem){++++}-{3:3}, at: nilfs_sufile_trim_fs+0x4f2/0x1270 [ 385.189268][ C1] #2: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 385.199420][ C1] #3: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 385.209326][ C1] 1 lock held by segctord/6511: [ 385.214219][ C1] #0: ffff88807c1612a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 385.225174][ C1] 1 lock held by syz-executor/9261: [ 385.230410][ C1] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 385.239906][ C1] 2 locks held by syz.3.983/9372: [ 385.244926][ C1] #0: ffffffff8fce77f0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 385.253181][ C1] #1: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0 [ 385.262483][ C1] 2 locks held by syz.1.996/9424: [ 385.267486][ C1] #0: ffffffff8fce77f0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 385.275738][ C1] #1: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0 [ 385.285072][ C1] 1 lock held by syz.1.996/9426: [ 385.290071][ C1] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 385.299538][ C1] 1 lock held by syz.0.997/9423: [ 385.304553][ C1] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 385.314069][ C1] 1 lock held by syz-executor/9432: [ 385.319287][ C1] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 385.328723][ C1] [ 385.331091][ C1] ============================================= [ 385.331091][ C1] [ 385.369710][ T54] Bluetooth: hci3: command 0x0406 tx timeout [ 385.469648][ T5419] usb 5-1: Using ep0 maxpacket: 8 [ 385.476766][ T5419] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 385.487366][ T5419] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 385.505815][ T5419] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 385.515289][ T5236] Bluetooth: hci6: command tx timeout [ 385.522207][ T5419] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 385.530697][ T5419] usb 5-1: Product: syz [ 385.534869][ T5419] usb 5-1: Manufacturer: syz [ 385.539468][ T5419] usb 5-1: SerialNumber: syz [ 386.067269][ T9432] ip6gretap0 speed is unknown, defaulting to 1000 [ 386.080937][ T9261] bridge0: port 1(bridge_slave_0) entered blocking state [ 386.139731][ T9261] bridge0: port 1(bridge_slave_0) entered disabled state [ 386.146993][ T9261] bridge_slave_0: entered allmulticast mode [ 386.225763][ T9261] bridge_slave_0: entered promiscuous mode [ 386.306044][ T9261] bridge0: port 2(bridge_slave_1) entered blocking state [ 386.377393][ T9261] bridge0: port 2(bridge_slave_1) entered disabled state [ 386.439822][ T9261] bridge_slave_1: entered allmulticast mode [ 386.509749][ T9261] bridge_slave_1: entered promiscuous mode [ 386.548615][ T9437] loop0: detected capacity change from 0 to 2048 [ 386.590490][ T5419] cdc_ncm 5-1:1.0: bind() failure [ 386.613778][ T5419] usbtest 5-1:1.1: probe with driver usbtest failed with error -71 [ 386.618895][ T9437] fuse: Bad value for 'group_id' [ 386.627900][ T9437] fuse: Bad value for 'group_id' [ 386.693938][ T5419] usb 5-1: USB disconnect, device number 12 [ 386.953821][ T9261] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 387.031956][ T9261] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 387.264473][ T9261] team0: Port device team_slave_0 added [ 387.359665][ T5328] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 387.512164][ T9261] team0: Port device team_slave_1 added [ 387.549591][ T6510] bio_check_eod: 38422 callbacks suppressed [ 387.549611][ T6510] syz.3.273: attempt to access beyond end of device [ 387.549611][ T6510] loop3: rw=3, sector=15841678162208, nr_sectors = 8388600 limit=2048 [ 387.589934][ T5236] Bluetooth: hci6: command tx timeout [ 387.619660][ T5328] usb 1-1: config 0 interface 0 has no altsetting 0 [ 387.645531][ T9440] loop1: detected capacity change from 0 to 40427 [ 387.647506][ T5328] usb 1-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 387.666100][ T9440] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 387.698121][ T6510] syz.3.273: attempt to access beyond end of device [ 387.698121][ T6510] loop3: rw=3, sector=15841686550808, nr_sectors = 8388600 limit=2048 [ 387.714634][ T9440] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 387.736929][ T9440] F2FS-fs (loop1): invalid crc value [ 387.746248][ T5328] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 387.750237][ T6510] syz.3.273: attempt to access beyond end of device [ 387.750237][ T6510] loop3: rw=3, sector=15841694939408, nr_sectors = 8388600 limit=2048 [ 387.781718][ T5328] usb 1-1: config 0 descriptor?? [ 387.794850][ T9440] F2FS-fs (loop1): Found nat_bits in checkpoint [ 387.814302][ T6510] syz.3.273: attempt to access beyond end of device [ 387.814302][ T6510] loop3: rw=3, sector=15841703328008, nr_sectors = 8388600 limit=2048 [ 387.842999][ T6510] syz.3.273: attempt to access beyond end of device [ 387.842999][ T6510] loop3: rw=3, sector=15841711716608, nr_sectors = 8388600 limit=2048 [ 387.884021][ T6510] syz.3.273: attempt to access beyond end of device [ 387.884021][ T6510] loop3: rw=3, sector=15841720105208, nr_sectors = 8388600 limit=2048 [ 387.914429][ T6510] syz.3.273: attempt to access beyond end of device [ 387.914429][ T6510] loop3: rw=3, sector=15841728493808, nr_sectors = 8388600 limit=2048 [ 387.930253][ T6510] syz.3.273: attempt to access beyond end of device [ 387.930253][ T6510] loop3: rw=3, sector=15841736882408, nr_sectors = 8388600 limit=2048 [ 387.937970][ T9440] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 387.946274][ T6510] syz.3.273: attempt to access beyond end of device [ 387.946274][ T6510] loop3: rw=3, sector=15841745271008, nr_sectors = 8388600 limit=2048 [ 387.969186][ T6510] syz.3.273: attempt to access beyond end of device [ 387.969186][ T6510] loop3: rw=3, sector=15841753659608, nr_sectors = 8388600 limit=2048 [ 387.988966][ T9440] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 388.012466][ T9448] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1003'. [ 388.041958][ T9448] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1003'. [ 388.076403][ T9448] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1003'. [ 388.269192][ T8658] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 388.278107][ T9261] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 388.299351][ T9261] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 388.299427][ T8658] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 388.333312][ T9261] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 388.466531][ T9261] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 388.506772][ T9261] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 388.575679][ T9261] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 389.360801][ T9261] hsr_slave_0: entered promiscuous mode [ 389.400484][ T9261] hsr_slave_1: entered promiscuous mode [ 389.430181][ T9261] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 389.437773][ T9261] Cannot create hsr debugfs directory [ 389.480294][ T5328] video4linux radio32: keene_cmd_main failed (-110) [ 389.487575][ T5328] radio-keene 1-1:0.0: V4L2 device registered as radio32 [ 389.513234][ T5328] usb 1-1: USB disconnect, device number 16 [ 389.622956][ T9475] netlink: 'syz.4.1007': attribute type 1 has an invalid length. [ 389.669656][ T5236] Bluetooth: hci6: command tx timeout [ 389.786338][ T9475] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1007'. [ 389.898721][ C1] eth0: bad gso: type: 1, size: 1408 [ 389.949269][ T3000] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.181855][ T3000] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.228568][ T9487] loop0: detected capacity change from 0 to 256 [ 390.270857][ T9487] vfat: Unknown parameter 'smackfsfloor' [ 390.336320][ T9487] nullb0: AHDI p3 p4 [ 390.371254][ T9487] nullb0: p3 start 3176544754 is beyond EOD, truncated [ 390.462164][ T3000] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.524210][ T9432] chnl_net:caif_netlink_parms(): no params data found [ 390.803738][ T3000] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.019650][ T5328] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 391.181370][ T9492] loop1: detected capacity change from 0 to 32768 [ 391.192213][ T9492] BTRFS: device fsid 92aec1fe-fee8-4e05-92dc-790b47b871d9 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1005 (9492) [ 391.209696][ T5328] usb 1-1: Using ep0 maxpacket: 8 [ 391.215311][ T9492] BTRFS info (device loop1): first mount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9 [ 391.220871][ T5328] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 391.247046][ T5328] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 391.276314][ T9492] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 391.286394][ T9492] BTRFS info (device loop1): using free-space-tree [ 391.310084][ T5328] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 391.337494][ T5328] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.390535][ T5328] usb 1-1: Product: syz [ 391.394747][ T5328] usb 1-1: Manufacturer: syz [ 391.440787][ T5328] usb 1-1: SerialNumber: syz [ 391.650596][ T9432] bridge0: port 1(bridge_slave_0) entered blocking state [ 391.657776][ T9432] bridge0: port 1(bridge_slave_0) entered disabled state [ 391.696943][ T9432] bridge_slave_0: entered allmulticast mode [ 391.732263][ T9432] bridge_slave_0: entered promiscuous mode [ 391.749695][ T5236] Bluetooth: hci6: command tx timeout [ 391.915733][ T9432] bridge0: port 2(bridge_slave_1) entered blocking state [ 391.948002][ T9432] bridge0: port 2(bridge_slave_1) entered disabled state [ 391.970277][ T9432] bridge_slave_1: entered allmulticast mode [ 391.995392][ T9432] bridge_slave_1: entered promiscuous mode [ 392.015665][ T8658] BTRFS info (device loop1): last unmount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9 [ 392.542640][ T5328] cdc_ncm 1-1:1.0: bind() failure [ 392.561742][ T5328] usbtest 1-1:1.1: probe with driver usbtest failed with error -71 [ 392.566850][ T6510] bio_check_eod: 59714 callbacks suppressed [ 392.566866][ T6510] syz.3.273: attempt to access beyond end of device [ 392.566866][ T6510] loop3: rw=3, sector=16342670520008, nr_sectors = 8388600 limit=2048 [ 392.589283][ T5328] usb 1-1: USB disconnect, device number 17 [ 392.592172][ T9432] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 392.627576][ T3000] bridge_slave_1: left allmulticast mode [ 392.629644][ T6510] syz.3.273: attempt to access beyond end of device [ 392.629644][ T6510] loop3: rw=3, sector=16342678908608, nr_sectors = 8388600 limit=2048 [ 392.663451][ T3000] bridge_slave_1: left promiscuous mode [ 392.681621][ T9526] loop4: detected capacity change from 0 to 40427 [ 392.711996][ T3000] bridge0: port 2(bridge_slave_1) entered disabled state [ 392.714961][ T6510] syz.3.273: attempt to access beyond end of device [ 392.714961][ T6510] loop3: rw=3, sector=16342687297208, nr_sectors = 8388600 limit=2048 [ 392.740990][ T3000] bridge_slave_0: left allmulticast mode [ 392.746654][ T3000] bridge_slave_0: left promiscuous mode [ 392.753532][ T9526] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 392.772546][ T9526] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 392.783874][ T3000] bridge0: port 1(bridge_slave_0) entered disabled state [ 392.789839][ T6510] syz.3.273: attempt to access beyond end of device [ 392.789839][ T6510] loop3: rw=3, sector=16342695685808, nr_sectors = 8388600 limit=2048 [ 392.819584][ T9526] F2FS-fs (loop4): invalid crc value [ 392.822820][ T6510] syz.3.273: attempt to access beyond end of device [ 392.822820][ T6510] loop3: rw=3, sector=16342704074408, nr_sectors = 8388600 limit=2048 [ 392.851113][ T6510] syz.3.273: attempt to access beyond end of device [ 392.851113][ T6510] loop3: rw=3, sector=16342712463008, nr_sectors = 8388600 limit=2048 [ 392.875353][ T6510] syz.3.273: attempt to access beyond end of device [ 392.875353][ T6510] loop3: rw=3, sector=16342720851608, nr_sectors = 8388600 limit=2048 [ 394.836525][ T9526] F2FS-fs (loop4): Failed to start F2FS issue_checkpoint_thread (-4) [ 397.191531][ T5236] Bluetooth: hci2: command 0x0406 tx timeout [ 397.483808][ T6510] syz.3.273: attempt to access beyond end of device [ 397.483808][ T6510] loop3: rw=3, sector=16342729240208, nr_sectors = 8388600 limit=2048 [ 397.641111][ T6510] syz.3.273: attempt to access beyond end of device [ 397.641111][ T6510] loop3: rw=3, sector=16342737628808, nr_sectors = 8388600 limit=2048 [ 397.660127][ T6510] syz.3.273: attempt to access beyond end of device [ 397.660127][ T6510] loop3: rw=3, sector=16342746017408, nr_sectors = 8388600 limit=2048 [ 397.738213][ T6510] syz.3.273: attempt to access beyond end of device [ 397.738213][ T6510] loop3: rw=3, sector=16342754406008, nr_sectors = 8388600 limit=2048 [ 397.754149][ T30] INFO: task segctord:6511 blocked for more than 143 seconds. [ 397.771939][ T30] Not tainted 6.11.0-rc1-next-20240729-syzkaller #0 [ 397.779079][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 397.790168][ T5281] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 397.792271][ T6510] syz.3.273: attempt to access beyond end of device [ 397.792271][ T6510] loop3: rw=3, sector=16342762794608, nr_sectors = 8388600 limit=2048 [ 397.827044][ T30] task:segctord state:D stack:28272 pid:6511 tgid:6511 ppid:2 flags:0x00004000 [ 397.837309][ C1] DEBUG: waiting rtnl_mutex for 511 jiffies. [ 397.837330][ C1] task:kworker/0:0 state:D stack:20296 pid:8 tgid:8 ppid:2 flags:0x00004000 [ 397.837374][ C1] Workqueue: events switchdev_deferred_process_work [ 397.837409][ C1] Call Trace: [ 397.837419][ C1] [ 397.837435][ C1] __schedule+0x1800/0x4a60 [ 397.837492][ C1] ? __pfx___schedule+0x10/0x10 [ 397.837524][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 397.837555][ C1] ? __pfx_lock_release+0x10/0x10 [ 397.837586][ C1] ? kick_pool+0x45c/0x620 [ 397.837621][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 397.837651][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 397.837681][ C1] ? schedule+0x90/0x320 [ 397.837709][ C1] schedule+0x14b/0x320 [ 397.837742][ C1] schedule_preempt_disabled+0x13/0x30 [ 397.837771][ C1] __mutex_lock+0x6a4/0xd70 [ 397.837798][ C1] ? __mutex_lock+0x527/0xd70 [ 397.837823][ C1] ? switchdev_deferred_process_work+0xe/0x20 [ 397.837850][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 397.837883][ C1] ? get_rtnl_holder+0x144/0x190 [ 397.837909][ C1] ? process_scheduled_works+0x945/0x1830 [ 397.837943][ C1] switchdev_deferred_process_work+0xe/0x20 [ 397.837967][ C1] process_scheduled_works+0xa2c/0x1830 [ 397.838025][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 397.838064][ C1] ? assign_work+0x364/0x3d0 [ 397.838099][ C1] worker_thread+0x86d/0xd40 [ 397.838144][ C1] ? __kthread_parkme+0x169/0x1d0 [ 397.838176][ C1] ? __pfx_worker_thread+0x10/0x10 [ 397.838202][ C1] kthread+0x2f0/0x390 [ 397.838223][ C1] ? __pfx_worker_thread+0x10/0x10 [ 397.838250][ C1] ? __pfx_kthread+0x10/0x10 [ 397.838271][ C1] ret_from_fork+0x4b/0x80 [ 397.838300][ C1] ? __pfx_kthread+0x10/0x10 [ 397.838321][ C1] ret_from_fork_asm+0x1a/0x30 [ 397.838367][ C1] [ 397.838378][ C1] DEBUG: holding rtnl_mutex for 529 jiffies. [ 397.838391][ C1] task:kworker/u8:12 state:D stack:19472 pid:3000 tgid:3000 ppid:2 flags:0x00004000 [ 397.838432][ C1] Workqueue: netns cleanup_net [ 397.838457][ C1] Call Trace: [ 397.838467][ C1] [ 397.838481][ C1] __schedule+0x1800/0x4a60 [ 397.838533][ C1] ? __pfx___schedule+0x10/0x10 [ 397.838567][ C1] ? __pfx_lock_release+0x10/0x10 [ 397.838594][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 397.838629][ C1] ? kthread_data+0x52/0xd0 [ 397.838658][ C1] ? wq_worker_sleeping+0x66/0x240 [ 397.838687][ C1] ? schedule+0x90/0x320 [ 397.838716][ C1] schedule+0x14b/0x320 [ 397.838747][ C1] synchronize_rcu_expedited+0x684/0x830 [ 397.838776][ C1] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 397.838814][ C1] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 397.838837][ C1] ? __pfx___might_resched+0x10/0x10 [ 397.838863][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 397.838893][ C1] ? __pfx_autoremove_wake_function+0x10/0x10 [ 397.838921][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 397.838968][ C1] synchronize_rcu+0x11b/0x360 [ 397.838991][ C1] ? __pfx_synchronize_rcu+0x10/0x10 [ 397.839018][ C1] ? __phys_addr+0x105/0x170 [ 397.839047][ C1] lockdep_unregister_key+0x4b7/0x540 [ 397.839082][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 397.839116][ C1] ? rcu_is_watching+0x15/0xb0 [ 397.839138][ C1] ? qdisc_reset+0x3bf/0x5b0 [ 397.839168][ C1] __qdisc_destroy+0x165/0x410 [ 397.839194][ C1] dev_shutdown+0x357/0x450 [ 397.839224][ C1] unregister_netdevice_many_notify+0x97b/0x1c40 [ 397.839269][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 397.839298][ C1] ? net_generic+0x1f/0x240 [ 397.839320][ C1] ? __pfx_lock_release+0x10/0x10 [ 397.839353][ C1] ? unregister_netdevice_queue+0x26b/0x370 [ 397.839382][ C1] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 397.839422][ C1] ? nexthop_net_exit_batch_rtnl+0x100/0x150 [ 397.839453][ C1] cleanup_net+0x75d/0xcc0 [ 397.839516][ C1] ? __pfx_cleanup_net+0x10/0x10 [ 397.839552][ C1] ? process_scheduled_works+0x945/0x1830 [ 397.839579][ C1] process_scheduled_works+0xa2c/0x1830 [ 397.839637][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 397.839676][ C1] ? assign_work+0x364/0x3d0 [ 397.839710][ C1] worker_thread+0x86d/0xd40 [ 397.839755][ C1] ? __kthread_parkme+0x169/0x1d0 [ 397.839789][ C1] ? __pfx_worker_thread+0x10/0x10 [ 397.839819][ C1] kthread+0x2f0/0x390 [ 397.839840][ C1] ? __pfx_worker_thread+0x10/0x10 [ 397.839867][ C1] ? __pfx_kthread+0x10/0x10 [ 397.839889][ C1] ret_from_fork+0x4b/0x80 [ 397.839916][ C1] ? __pfx_kthread+0x10/0x10 [ 397.839943][ C1] ret_from_fork_asm+0x1a/0x30 [ 397.839989][ C1] [ 397.839998][ C1] DEBUG: waiting rtnl_mutex for 530 jiffies. [ 397.840012][ C1] task:syz-executor state:D stack:21728 pid:9261 tgid:9261 ppid:9244 flags:0x00004002 [ 397.840053][ C1] Call Trace: [ 397.840063][ C1] [ 397.840076][ C1] __schedule+0x1800/0x4a60 [ 397.840127][ C1] ? __pfx___schedule+0x10/0x10 [ 397.840161][ C1] ? __pfx_lock_release+0x10/0x10 [ 397.840191][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 397.840226][ C1] ? schedule+0x90/0x320 [ 397.840254][ C1] schedule+0x14b/0x320 [ 397.840286][ C1] schedule_preempt_disabled+0x13/0x30 [ 397.840317][ C1] __mutex_lock+0x6a4/0xd70 [ 397.840344][ C1] ? __mutex_lock+0x527/0xd70 [ 397.840367][ C1] ? unregister_netdevice_notifier_net+0x89/0x3a0 [ 397.840393][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 397.840424][ C1] ? get_rtnl_holder+0x144/0x190 [ 397.840450][ C1] unregister_netdevice_notifier_net+0x89/0x3a0 [ 397.840476][ C1] ? _raw_spin_unlock+0x28/0x50 [ 397.840504][ C1] ? mntput_no_expire+0x2da/0x850 [ 397.840533][ C1] ? __pfx_unregister_netdevice_notifier_net+0x10/0x10 [ 397.840561][ C1] ? __pfx_mntput_no_expire+0x10/0x10 [ 397.840596][ C1] ? _raw_spin_unlock+0x28/0x50 [ 397.840624][ C1] ? simple_release_fs+0x9c/0xd0 [ 397.840656][ C1] nsim_dev_hwstats_exit+0x81/0x290 [ 397.840688][ C1] ? kfree+0x149/0x360 [ 397.840719][ C1] nsim_dev_reload_destroy+0x2ad/0x490 [ 397.840747][ C1] ? __pfx_nsim_bus_remove+0x10/0x10 [ 397.840774][ C1] nsim_drv_remove+0x58/0x160 [ 397.840798][ C1] device_release_driver_internal+0x4a9/0x7c0 [ 397.840837][ C1] bus_remove_device+0x34f/0x420 [ 397.840876][ C1] device_del+0x57a/0x9b0 [ 397.840910][ C1] ? __pfx_device_del+0x10/0x10 [ 397.840952][ C1] device_unregister+0x20/0xc0 [ 397.840978][ C1] del_device_store+0x363/0x480 [ 397.841010][ C1] ? __pfx_del_device_store+0x10/0x10 [ 397.841043][ C1] ? sysfs_kf_write+0x182/0x2a0 [ 397.841068][ C1] ? bus_attr_store+0x4f/0xa0 [ 397.841092][ C1] ? __pfx_sysfs_kf_write+0x10/0x10 [ 397.841116][ C1] kernfs_fop_write_iter+0x3a1/0x500 [ 397.841147][ C1] vfs_write+0xa72/0xc90 [ 397.841183][ C1] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 397.841209][ C1] ? __pfx_vfs_write+0x10/0x10 [ 397.841262][ C1] ksys_write+0x1a0/0x2c0 [ 397.841298][ C1] ? __pfx_ksys_write+0x10/0x10 [ 397.841330][ C1] ? do_syscall_64+0x100/0x230 [ 397.841356][ C1] ? do_syscall_64+0xb6/0x230 [ 397.841381][ C1] do_syscall_64+0xf3/0x230 [ 397.841403][ C1] ? clear_bhb_loop+0x35/0x90 [ 397.841433][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.841458][ C1] RIP: 0033:0x7f2b23375e9f [ 397.841479][ C1] RSP: 002b:00007ffe468e11f0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 397.841503][ C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f2b23375e9f [ 397.841519][ C1] RDX: 0000000000000001 RSI: 00007ffe468e1240 RDI: 0000000000000005 [ 397.841533][ C1] RBP: 00007f2b233e5940 R08: 0000000000000000 R09: 00007ffe468e1047 [ 397.841549][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 397.841563][ C1] R13: 00007ffe468e1240 R14: 00007f2b24034620 R15: 0000000000000003 [ 397.841594][ C1] [ 397.841604][ C1] DEBUG: waiting rtnl_mutex for 522 jiffies. [ 397.841617][ C1] task:syz-executor state:D stack:21728 pid:9432 tgid:9432 ppid:9427 flags:0x00004000 [ 397.841657][ C1] Call Trace: [ 397.841665][ C1] [ 397.841680][ C1] __schedule+0x1800/0x4a60 [ 397.841734][ C1] ? __pfx___schedule+0x10/0x10 [ 397.841768][ C1] ? __pfx_lock_release+0x10/0x10 [ 397.841798][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 397.841832][ C1] ? schedule+0x90/0x320 [ 397.841859][ C1] schedule+0x14b/0x320 [ 397.841891][ C1] schedule_preempt_disabled+0x13/0x30 [ 397.841920][ C1] __mutex_lock+0x6a4/0xd70 [ 397.841951][ C1] ? __mutex_lock+0x527/0xd70 [ 397.841975][ C1] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 397.842009][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 397.842043][ C1] ? get_rtnl_holder+0x144/0x190 [ 397.842070][ C1] rtnetlink_rcv_msg+0x6eb/0xd00 [ 397.842101][ C1] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 397.842131][ C1] ? __lock_acquire+0x1384/0x2050 [ 397.842162][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 397.842204][ C1] netlink_rcv_skb+0x1e3/0x430 [ 397.842229][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 397.842262][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 397.842305][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 397.842330][ C1] netlink_unicast+0x7f6/0x990 [ 397.842369][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 397.842398][ C1] ? __virt_addr_valid+0x183/0x530 [ 397.842422][ C1] ? __check_object_size+0x49c/0x900 [ 397.842448][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 397.842480][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 397.842517][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 397.842538][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 397.842570][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 397.842600][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 397.842619][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 397.842642][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 397.842663][ C1] __sock_sendmsg+0x221/0x270 [ 397.842697][ C1] __sys_sendto+0x3a4/0x4f0 [ 397.842729][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 397.842782][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 397.842815][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 397.842852][ C1] __x64_sys_sendto+0xde/0x100 [ 397.842881][ C1] do_syscall_64+0xf3/0x230 [ 397.842903][ C1] ? clear_bhb_loop+0x35/0x90 [ 397.842941][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.842966][ C1] RIP: 0033:0x7f228957914c [ 397.842986][ C1] RSP: 002b:00007ffea79998d0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 397.843013][ C1] RAX: ffffffffffffffda RBX: 00007f228a234620 RCX: 00007f228957914c [ 397.843032][ C1] RDX: 0000000000000028 RSI: 00007f228a234670 RDI: 0000000000000003 [ 397.843048][ C1] RBP: 0000000000000000 R08: 00007ffea7999924 R09: 000000000000000c [ 397.843063][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 397.843078][ C1] R13: 0000000000000000 R14: 00007f228a234670 R15: 0000000000000000 [ 397.843111][ C1] [ 397.843122][ C1] [ 397.843122][ C1] Showing all locks held in the system: [ 397.843133][ C1] 3 locks held by kworker/0:0/8: [ 397.843191][ C1] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 397.843264][ C1] #1: ffffc900000d7d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 397.843331][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 397.843398][ C1] 5 locks held by khungtaskd/30: [ 397.843412][ C1] #0: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: watchdog+0x1ea/0x1040 [ 397.843470][ C1] #1: ffffffff8e813280 (console_lock){+.+.}-{0:0}, at: _printk+0xd5/0x120 [ 397.843535][ C1] #2: ffffffff8e812e90 (console_srcu){....}-{0:0}, at: console_flush_all+0x147/0xf50 [ 397.843596][ C1] #3: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 397.843655][ C1] #4: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 397.843725][ C1] 3 locks held by kworker/1:1/46: [ 397.843738][ C1] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 397.843800][ C1] #1: ffffc90000b67d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 397.843876][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 397.843968][ C1] 5 locks held by kworker/u8:12/3000: [ 397.843983][ C1] #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 397.844048][ C1] #1: ffffc9000a3ffd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 397.844113][ C1] #2: ffffffff8fc751d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 397.844172][ C1] #3: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: cleanup_net+0x6af/0xcc0 [ 397.844229][ C1] #4: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 397.844291][ C1] 2 locks held by getty/4980: [ 397.844305][ C1] #0: ffff88802b23f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 397.844371][ C1] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 397.844434][ C1] 3 locks held by kworker/1:3/5279: [ 397.844448][ C1] #0: ffff888016e9a148 ((wq_completion)pm){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 397.844512][ C1] #1: ffffc90003a27d00 ((work_completion)(&hcd->wakeup_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 397.844579][ C1] #2: ffff888023d50190 (&dev->mutex){....}-{3:3}, at: usb_remote_wakeup+0x23/0x100 [ 397.844644][ C1] 6 locks held by kworker/0:4/5281: [ 397.844658][ C1] #0: ffff8880192b3d48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 397.844722][ C1] #1: ffffc90003a77d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 397.844788][ C1] #2: ffff888023d38190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150 [ 397.844851][ C1] #3: ffff888023d3b518 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x25b9/0x5150 [ 397.844913][ C1] #4: ffff88801b7f1668 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x25f7/0x5150 [ 397.844984][ C1] #5: ffffffff8f54f770 (ehci_cf_port_reset_rwsem){.+.+}-{3:3}, at: hub_port_reset+0x1f8/0x1b30 [ 397.845051][ C1] 2 locks held by syz.3.273/6510: [ 397.845065][ C1] 1 lock held by segctord/6511: [ 397.845079][ C1] #0: ffff88807c1612a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 397.845152][ C1] 2 locks held by syz-executor/7698: [ 397.845170][ C1] 7 locks held by syz-executor/9261: [ 397.845183][ C1] #0: ffff8880301c6420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 397.845257][ C1] #1: ffff88802dcc3888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 397.845317][ C1] #2: ffff8880208d1878 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 397.845383][ C1] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 397.845449][ C1] #4: ffff888054a700e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 397.845513][ C1] #5: ffff888054a73250 (&devlink->lock_key#18){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 397.845576][ C1] #6: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: unregister_netdevice_notifier_net+0x89/0x3a0 [ 397.845638][ C1] 1 lock held by syz-executor/9432: [ 397.845652][ C1] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 397.845720][ C1] 2 locks held by sed/9546: [ 397.845734][ C1] [ 397.845741][ C1] ============================================= [ 397.845741][ C1] [ 397.981502][ T5281] usb 1-1: config 0 interface 0 has no altsetting 0 [ 397.984375][ T6510] syz.3.273: attempt to access beyond end of device [ 397.984375][ T6510] loop3: rw=3, sector=16342771183208, nr_sectors = 8388600 limit=2048 [ 398.003698][ T5281] usb 1-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 398.005501][ T6510] syz.3.273: attempt to access beyond end of device [ 398.005501][ T6510] loop3: rw=3, sector=16342779571808, nr_sectors = 8388600 limit=2048 [ 398.022322][ T5281] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 398.024425][ T6510] syz.3.273: attempt to access beyond end of device [ 398.024425][ T6510] loop3: rw=3, sector=16342787960408, nr_sectors = 8388600 limit=2048 [ 398.045009][ T5281] usb 1-1: config 0 descriptor?? [ 398.047221][ T6510] syz.3.273: attempt to access beyond end of device [ 398.047221][ T6510] loop3: rw=3, sector=16342796349008, nr_sectors = 8388600 limit=2048 [ 398.139641][ T30] Call Trace: [ 398.179541][ T6510] syz.3.273: attempt to access beyond end of device [ 398.179541][ T6510] loop3: rw=3, sector=16342804737608, nr_sectors = 8388600 limit=2048 [ 398.283744][ T9539] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1017'. [ 398.286846][ T30] [ 398.295271][ T9539] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1017'. [ 398.295948][ T30] __schedule+0x1800/0x4a60 [ 398.304924][ T9539] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1017'. [ 398.499554][ T6510] syz.3.273: attempt to access beyond end of device [ 398.499554][ T6510] loop3: rw=3, sector=16342813126208, nr_sectors = 8388600 limit=2048 [ 398.521260][ T30] ? __pfx___schedule+0x10/0x10 [ 398.569557][ T5279] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 398.649604][ T5281] (null): keene_cmd_main failed (-110) [ 398.678330][ T30] ? __pfx_lock_release+0x10/0x10 [ 398.728104][ T5281] video4linux radio32: keene_cmd_main failed (-32) [ 398.879510][ C1] DEBUG: waiting rtnl_mutex for 615 jiffies. [ 398.891870][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 398.894619][ C1] task:kworker/0:0 state:D [ 398.902657][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 398.905591][ C1] stack:20296 pid:8 tgid:8 ppid:2 flags:0x00004000 [ 398.913820][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 398.918203][ C1] Workqueue: events switchdev_deferred_process_work [ 398.929637][ T30] ? schedule+0x90/0x320 [ 398.940048][ C1] [ 398.940060][ C1] Call Trace: [ 398.940069][ C1] [ 398.940083][ C1] __schedule+0x1800/0x4a60 [ 398.940135][ C1] ? __pfx___schedule+0x10/0x10 [ 398.950563][ T30] schedule+0x14b/0x320 [ 398.955363][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 398.964954][ T30] schedule_preempt_disabled+0x13/0x30 [ 398.972847][ C1] ? __pfx_lock_release+0x10/0x10 [ 398.982448][ T30] rwsem_down_write_slowpath+0xeeb/0x13b0 [ 398.992436][ C1] ? kick_pool+0x45c/0x620 [ 398.992473][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 398.992502][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 398.992534][ C1] ? schedule+0x90/0x320 [ 398.992561][ C1] schedule+0x14b/0x320 [ 398.992592][ C1] schedule_preempt_disabled+0x13/0x30 [ 399.044808][ T30] ? rwsem_down_write_slowpath+0xa06/0x13b0 [ 399.054489][ C1] __mutex_lock+0x6a4/0xd70 [ 399.054519][ C1] ? __mutex_lock+0x527/0xd70 [ 399.054544][ C1] ? switchdev_deferred_process_work+0xe/0x20 [ 399.070117][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 399.074415][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 399.090950][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 399.094104][ C1] ? get_rtnl_holder+0x144/0x190 [ 399.098716][ T30] down_write+0x1d7/0x220 [ 399.108405][ C1] ? process_scheduled_works+0x945/0x1830 [ 399.108435][ C1] switchdev_deferred_process_work+0xe/0x20 [ 399.108460][ C1] process_scheduled_works+0xa2c/0x1830 [ 399.120435][ T5281] radio-keene 1-1:0.0: V4L2 device registered as radio32 [ 399.123845][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 399.149553][ T30] ? __pfx_down_write+0x10/0x10 [ 399.156052][ C1] ? assign_work+0x364/0x3d0 [ 399.174040][ T30] ? trace_nilfs2_transaction_transition+0x9e/0x230 [ 399.184378][ C1] worker_thread+0x86d/0xd40 [ 399.184426][ C1] ? __kthread_parkme+0x169/0x1d0 [ 399.215379][ T30] nilfs_transaction_lock+0x25d/0x4f0 [ 399.223446][ C1] ? __pfx_worker_thread+0x10/0x10 [ 399.223480][ C1] kthread+0x2f0/0x390 [ 399.223500][ C1] ? __pfx_worker_thread+0x10/0x10 [ 399.223528][ C1] ? __pfx_kthread+0x10/0x10 [ 399.223547][ C1] ret_from_fork+0x4b/0x80 [ 399.223576][ C1] ? __pfx_kthread+0x10/0x10 [ 399.223595][ C1] ret_from_fork_asm+0x1a/0x30 [ 399.223640][ C1] [ 399.223650][ C1] DEBUG: waiting rtnl_mutex for 621 jiffies. [ 399.223663][ C1] task:kworker/1:1 state:D stack:19984 pid:46 tgid:46 ppid:2 flags:0x00004000 [ 399.223719][ C1] Workqueue: events linkwatch_event [ 399.223745][ C1] Call Trace: [ 399.223753][ C1] [ 399.223768][ C1] __schedule+0x1800/0x4a60 [ 399.223820][ C1] ? __pfx___schedule+0x10/0x10 [ 399.223851][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 399.223881][ C1] ? __pfx_lock_release+0x10/0x10 [ 399.223911][ C1] ? kick_pool+0x45c/0x620 [ 399.223946][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 399.223973][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 399.224004][ C1] ? schedule+0x90/0x320 [ 399.224033][ C1] schedule+0x14b/0x320 [ 399.224064][ C1] schedule_preempt_disabled+0x13/0x30 [ 399.239528][ T30] nilfs_segctor_thread+0x551/0x11b0 [ 399.244847][ C1] __mutex_lock+0x6a4/0xd70 [ 399.289616][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 399.294251][ C1] ? __mutex_lock+0x527/0xd70 [ 399.320765][ T30] ? __pfx_nilfs_segctor_thread+0x10/0x10 [ 399.325465][ C1] ? linkwatch_event+0xe/0x60 [ 399.325496][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 399.325526][ C1] ? get_rtnl_holder+0x144/0x190 [ 399.325551][ C1] ? process_scheduled_works+0x945/0x1830 [ 399.325577][ C1] linkwatch_event+0xe/0x60 [ 399.325599][ C1] process_scheduled_works+0xa2c/0x1830 [ 399.325656][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 399.325694][ C1] ? assign_work+0x364/0x3d0 [ 399.325732][ C1] worker_thread+0x86d/0xd40 [ 399.325776][ C1] ? __kthread_parkme+0x169/0x1d0 [ 399.325809][ C1] ? __pfx_worker_thread+0x10/0x10 [ 399.325838][ C1] kthread+0x2f0/0x390 [ 399.325858][ C1] ? __pfx_worker_thread+0x10/0x10 [ 399.325886][ C1] ? __pfx_kthread+0x10/0x10 [ 399.325908][ C1] ret_from_fork+0x4b/0x80 [ 399.325937][ C1] ? __pfx_kthread+0x10/0x10 [ 399.325958][ C1] ret_from_fork_asm+0x1a/0x30 [ 399.326002][ C1] [ 399.342633][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 399.345059][ C1] DEBUG: holding rtnl_mutex for 680 jiffies. [ 399.345076][ C1] task:kworker/u8:12 state:D [ 399.347440][ T30] ? __pfx_autoremove_wake_function+0x10/0x10 [ 399.355805][ C1] stack:19472 pid:3000 tgid:3000 ppid:2 flags:0x00004000 [ 399.355831][ C1] Workqueue: netns cleanup_net [ 399.355858][ C1] Call Trace: [ 399.355866][ C1] [ 399.355880][ C1] __schedule+0x1800/0x4a60 [ 399.355928][ C1] ? __pfx___schedule+0x10/0x10 [ 399.362712][ T30] ? __kthread_parkme+0x169/0x1d0 [ 399.377087][ C1] ? __pfx_lock_release+0x10/0x10 [ 399.377126][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 399.388969][ T30] ? __pfx_nilfs_segctor_thread+0x10/0x10 [ 399.400745][ C1] ? kthread_data+0x52/0xd0 [ 399.400787][ C1] ? wq_worker_sleeping+0x66/0x240 [ 399.400818][ C1] ? schedule+0x90/0x320 [ 399.400844][ C1] schedule+0x14b/0x320 [ 399.400875][ C1] synchronize_rcu_expedited+0x684/0x830 [ 399.400903][ C1] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 399.409046][ T30] kthread+0x2f0/0x390 [ 399.423451][ C1] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 399.423482][ C1] ? __pfx___might_resched+0x10/0x10 [ 399.423507][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 399.423536][ C1] ? __pfx_autoremove_wake_function+0x10/0x10 [ 399.423566][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 399.430398][ T30] ? __pfx_nilfs_segctor_thread+0x10/0x10 [ 399.443060][ C1] synchronize_rcu+0x11b/0x360 [ 399.443091][ C1] ? __pfx_synchronize_rcu+0x10/0x10 [ 399.443116][ C1] ? __phys_addr+0x105/0x170 [ 399.443145][ C1] lockdep_unregister_key+0x4b7/0x540 [ 399.443177][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 399.446575][ T30] ? __pfx_kthread+0x10/0x10 [ 399.461024][ C1] ? rcu_is_watching+0x15/0xb0 [ 399.461057][ C1] ? qdisc_reset+0x3bf/0x5b0 [ 399.461086][ C1] __qdisc_destroy+0x165/0x410 [ 399.461112][ C1] dev_shutdown+0x357/0x450 [ 399.461139][ C1] unregister_netdevice_many_notify+0x97b/0x1c40 [ 399.461183][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 399.470307][ T30] ret_from_fork+0x4b/0x80 [ 399.473012][ C1] ? net_generic+0x1f/0x240 [ 399.473040][ C1] ? __pfx_lock_release+0x10/0x10 [ 399.482143][ T30] ? __pfx_kthread+0x10/0x10 [ 399.486448][ C1] ? unregister_netdevice_queue+0x26b/0x370 [ 399.498131][ T30] ret_from_fork_asm+0x1a/0x30 [ 399.509884][ C1] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 399.509928][ C1] ? nexthop_net_exit_batch_rtnl+0x100/0x150 [ 399.509959][ C1] cleanup_net+0x75d/0xcc0 [ 399.509988][ C1] ? __pfx_cleanup_net+0x10/0x10 [ 399.510020][ C1] ? process_scheduled_works+0x945/0x1830 [ 399.540880][ T30] [ 399.545533][ C1] process_scheduled_works+0xa2c/0x1830 [ 399.545597][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 399.562973][ T30] [ 399.562973][ T30] Showing all locks held in the system: [ 399.570381][ C1] ? assign_work+0x364/0x3d0 [ 399.570421][ C1] worker_thread+0x86d/0xd40 [ 399.589162][ T30] 3 locks held by kworker/0:0/8: [ 399.591989][ C1] ? __kthread_parkme+0x169/0x1d0 [ 399.592028][ C1] ? __pfx_worker_thread+0x10/0x10 [ 399.592058][ C1] kthread+0x2f0/0x390 [ 399.597240][ T30] #0: [ 399.599444][ C1] ? __pfx_worker_thread+0x10/0x10 [ 399.599508][ C1] ? __pfx_kthread+0x10/0x10 [ 399.599532][ C1] ret_from_fork+0x4b/0x80 [ 399.599560][ C1] ? __pfx_kthread+0x10/0x10 [ 399.599581][ C1] ret_from_fork_asm+0x1a/0x30 [ 399.599626][ C1] [ 399.599636][ C1] DEBUG: waiting rtnl_mutex for 706 jiffies. [ 399.599655][ C1] task:syz-executor state:D stack:21728 pid:9261 tgid:9261 ppid:9244 flags:0x00004002 [ 399.610499][ T30] ffff888015880948 [ 399.614611][ C1] Call Trace: [ 399.631334][ T30] ( [ 399.635192][ C1] [ 399.635210][ C1] __schedule+0x1800/0x4a60 [ 399.650364][ T30] (wq_completion)events [ 399.654006][ C1] ? __pfx___schedule+0x10/0x10 [ 399.669567][ T30] ){+.+.}-{0:0} [ 399.669872][ C1] ? __pfx_lock_release+0x10/0x10 [ 399.679007][ T30] , at: process_scheduled_works+0x90a/0x1830 [ 399.680606][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 399.695722][ T30] #1: [ 399.696794][ C1] ? schedule+0x90/0x320 [ 399.708530][ T30] ffffc900000d7d00 [ 399.711773][ C1] schedule+0x14b/0x320 [ 399.711812][ C1] schedule_preempt_disabled+0x13/0x30 [ 399.711841][ C1] __mutex_lock+0x6a4/0xd70 [ 399.711867][ C1] ? __mutex_lock+0x527/0xd70 [ 399.711890][ C1] ? unregister_netdevice_notifier_net+0x89/0x3a0 [ 399.711916][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 399.711949][ C1] ? get_rtnl_holder+0x144/0x190 [ 399.711976][ C1] unregister_netdevice_notifier_net+0x89/0x3a0 [ 399.712003][ C1] ? _raw_spin_unlock+0x28/0x50 [ 399.712029][ C1] ? mntput_no_expire+0x2da/0x850 [ 399.723966][ T30] ( [ 399.730478][ C1] ? __pfx_unregister_netdevice_notifier_net+0x10/0x10 [ 399.730514][ C1] ? __pfx_mntput_no_expire+0x10/0x10 [ 399.730549][ C1] ? _raw_spin_unlock+0x28/0x50 [ 399.730576][ C1] ? simple_release_fs+0x9c/0xd0 [ 399.751864][ T30] deferred_process_work [ 399.752565][ C1] nsim_dev_hwstats_exit+0x81/0x290 [ 399.762666][ T30] ){+.+.}-{0:0} [ 399.767488][ C1] ? kfree+0x149/0x360 [ 399.767524][ C1] nsim_dev_reload_destroy+0x2ad/0x490 [ 399.782986][ T30] , at: process_scheduled_works+0x945/0x1830 [ 399.786402][ C1] ? __pfx_nsim_bus_remove+0x10/0x10 [ 399.799493][ T30] #2: [ 399.800170][ C1] nsim_drv_remove+0x58/0x160 [ 399.806634][ T30] ffffffff8fc81d48 [ 399.809123][ C1] device_release_driver_internal+0x4a9/0x7c0 [ 399.837402][ T30] ( [ 399.840078][ C1] bus_remove_device+0x34f/0x420 [ 399.855098][ T30] rtnl_mutex [ 399.855489][ C1] device_del+0x57a/0x9b0 [ 399.866378][ T30] ){+.+.}-{3:3} [ 399.870114][ C1] ? __pfx_device_del+0x10/0x10 [ 399.870155][ C1] device_unregister+0x20/0xc0 [ 399.870179][ C1] del_device_store+0x363/0x480 [ 399.883309][ T30] , at: switchdev_deferred_process_work+0xe/0x20 [ 399.885053][ C1] ? __pfx_del_device_store+0x10/0x10 [ 399.885091][ C1] ? sysfs_kf_write+0x182/0x2a0 [ 399.896439][ T30] 1 lock held by khungtaskd/30: [ 399.900596][ C1] ? bus_attr_store+0x4f/0xa0 [ 399.900631][ C1] ? __pfx_sysfs_kf_write+0x10/0x10 [ 399.900655][ C1] kernfs_fop_write_iter+0x3a1/0x500 [ 399.910900][ T30] #0: [ 399.911029][ C1] vfs_write+0xa72/0xc90 [ 399.921563][ T30] ffffffff8e937a60 [ 399.926644][ C1] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 399.926677][ C1] ? __pfx_vfs_write+0x10/0x10 [ 399.944665][ T30] ( [ 399.947309][ C1] ksys_write+0x1a0/0x2c0 [ 399.959522][ T30] rcu_read_lock [ 399.962025][ C1] ? __pfx_ksys_write+0x10/0x10 [ 399.975960][ T30] ){....}-{1:2} [ 399.980192][ C1] ? do_syscall_64+0x100/0x230 [ 399.980225][ C1] ? do_syscall_64+0xb6/0x230 [ 399.980249][ C1] do_syscall_64+0xf3/0x230 [ 399.989376][ T30] , at: debug_show_all_locks+0x55/0x2a0 [ 399.989581][ C1] ? clear_bhb_loop+0x35/0x90 [ 399.989620][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 399.989646][ C1] RIP: 0033:0x7f2b23375e9f [ 399.989664][ C1] RSP: 002b:00007ffe468e11f0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 399.996159][ T30] 3 locks held by kworker/1:1/46: [ 399.998543][ C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f2b23375e9f [ 399.998565][ C1] RDX: 0000000000000001 RSI: 00007ffe468e1240 RDI: 0000000000000005 [ 399.998581][ C1] RBP: 00007f2b233e5940 R08: 0000000000000000 R09: 00007ffe468e1047 [ 400.014590][ T30] #0: [ 400.015377][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 400.032062][ T30] ffff888015880948 [ 400.034063][ C1] R13: 00007ffe468e1240 R14: 00007f2b24034620 R15: 0000000000000003 [ 400.034102][ C1] [ 400.034113][ C1] DEBUG: waiting rtnl_mutex for 741 jiffies. [ 400.043961][ T30] ( [ 400.048459][ C1] task:syz-executor state:D stack:21728 pid:9432 tgid:9432 ppid:9427 flags:0x00004000 [ 400.065246][ T30] (wq_completion)events [ 400.069626][ C1] Call Trace: [ 400.069640][ C1] [ 400.069655][ C1] __schedule+0x1800/0x4a60 [ 400.069710][ C1] ? __pfx___schedule+0x10/0x10 [ 400.069741][ C1] ? __pfx_lock_release+0x10/0x10 [ 400.086430][ T30] ){+.+.}-{0:0} [ 400.088842][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 400.088884][ C1] ? schedule+0x90/0x320 [ 400.104225][ T30] , at: process_scheduled_works+0x90a/0x1830 [ 400.104365][ C1] schedule+0x14b/0x320 [ 400.116374][ T30] #1: [ 400.121660][ C1] schedule_preempt_disabled+0x13/0x30 [ 400.121698][ C1] __mutex_lock+0x6a4/0xd70 [ 400.121724][ C1] ? __mutex_lock+0x527/0xd70 [ 400.133689][ T30] ffffc90000b67d00 [ 400.133749][ C1] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 400.145388][ T30] ( [ 400.148329][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 400.148370][ C1] ? get_rtnl_holder+0x144/0x190 [ 400.165782][ T30] (linkwatch_work).work [ 400.168963][ C1] rtnetlink_rcv_msg+0x6eb/0xd00 [ 400.194029][ T30] ){+.+.}-{0:0} [ 400.196195][ C1] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 400.207385][ T30] , at: process_scheduled_works+0x945/0x1830 [ 400.210143][ C1] ? __lock_acquire+0x1384/0x2050 [ 400.210178][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 400.210226][ C1] netlink_rcv_skb+0x1e3/0x430 [ 400.222654][ T30] #2: [ 400.225442][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 400.225485][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 400.242017][ T30] ffffffff8fc81d48 [ 400.242144][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 400.254693][ T30] ( [ 400.255775][ C1] netlink_unicast+0x7f6/0x990 [ 400.268909][ T30] rtnl_mutex [ 400.275034][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 400.275070][ C1] ? __virt_addr_valid+0x183/0x530 [ 400.275096][ C1] ? __check_object_size+0x49c/0x900 [ 400.275122][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 400.275154][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 400.275191][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 400.275212][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 400.292464][ T30] ){+.+.}-{3:3} [ 400.294345][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 400.301598][ T30] , at: linkwatch_event+0xe/0x60 [ 400.303496][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 400.308498][ T30] 3 locks held by kworker/u8:7/2462: [ 400.311333][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 400.311362][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 400.311383][ C1] __sock_sendmsg+0x221/0x270 [ 400.311416][ C1] __sys_sendto+0x3a4/0x4f0 [ 400.311447][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 400.311491][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 400.311520][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 400.311553][ C1] __x64_sys_sendto+0xde/0x100 [ 400.311581][ C1] do_syscall_64+0xf3/0x230 [ 400.311601][ C1] ? clear_bhb_loop+0x35/0x90 [ 400.311631][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 400.311654][ C1] RIP: 0033:0x7f228957914c [ 400.311681][ C1] RSP: 002b:00007ffea79998d0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 400.311708][ C1] RAX: ffffffffffffffda RBX: 00007f228a234620 RCX: 00007f228957914c [ 400.311724][ C1] RDX: 0000000000000028 RSI: 00007f228a234670 RDI: 0000000000000003 [ 400.311738][ C1] RBP: 0000000000000000 R08: 00007ffea7999924 R09: 000000000000000c [ 400.311754][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 400.311768][ C1] R13: 0000000000000000 R14: 00007f228a234670 R15: 0000000000000000 [ 400.311801][ C1] [ 400.311812][ C1] [ 400.311812][ C1] Showing all locks held in the system: [ 400.311822][ C1] 3 locks held by kworker/0:0/8: [ 400.311835][ C1] #0: ffff888015880948 ( [ 400.319556][ T30] #0: [ 400.320827][ C1] (wq_completion)events [ 400.326624][ T30] ffff88802a894948 [ 400.330150][ C1] ){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 400.336741][ T30] ( [ 400.339142][ C1] #1: ffffc900000d7d00 (deferred_process_work [ 400.361044][ T30] (wq_completion)ipv6_addrconf [ 400.361766][ C1] ){+.+.}-{0:0} [ 400.367385][ T30] ){+.+.}-{0:0} [ 400.370395][ C1] , at: process_scheduled_works+0x945/0x1830 [ 400.370427][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 400.370496][ C1] 5 locks held by khungtaskd/30: [ 400.385101][ T30] , at: process_scheduled_works+0x90a/0x1830 [ 400.389784][ C1] 3 locks held by kworker/1:1/46: [ 400.389802][ C1] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 400.389871][ C1] #1: ffffc90000b67d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 400.389934][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 400.390018][ C1] 3 locks held by kworker/u8:7/2462: [ 400.401484][ T30] #1: [ 400.402447][ C1] #0: [ 400.411783][ T30] ffffc9000986fd00 [ 400.415724][ C1] ffff88802a894948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0} [ 400.429187][ T30] ( [ 400.431329][ C1] , at: process_scheduled_works+0x90a/0x1830 [ 400.431362][ C1] #1: ffffc9000986fd00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 400.438741][ T30] (work_completion)(&(&net->ipv6.addr_chk_work)->work) [ 400.441348][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 400.441423][ C1] 5 locks held by kworker/u8:12/3000: [ 400.457851][ T30] ){+.+.}-{0:0} [ 400.460018][ C1] #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 400.469554][ T30] , at: process_scheduled_works+0x945/0x1830 [ 400.472247][ C1] #1: [ 400.481448][ T30] #2: [ 400.482002][ C1] ffffc9000a3ffd00 [ 400.490412][ T30] ffffffff8fc81d48 [ 400.491303][ C1] ( [ 400.499421][ T30] ( [ 400.504232][ C1] net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 400.504282][ C1] #2: ffffffff8fc751d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 400.504342][ C1] #3: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: cleanup_net+0x6af/0xcc0 [ 400.504400][ C1] #4: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3} [ 400.522863][ T30] rtnl_mutex [ 400.523100][ C1] , at: synchronize_rcu_expedited+0x381/0x830 [ 400.531232][ T30] ){+.+.}-{3:3} [ 400.532842][ C1] 2 locks held by getty/4980: [ 400.532861][ C1] #0: [ 400.537612][ T30] , at: addrconf_verify_work+0x19/0x30 [ 400.540271][ C1] ffff88802b23f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 400.545476][ T30] 5 locks held by kworker/u8:12/3000: [ 400.547794][ C1] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock [ 400.559413][ T30] #0: [ 400.560874][ C1] ){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 400.560916][ C1] 6 locks held by kworker/1:3/5279: [ 400.572458][ T30] ffff8880166e5948 [ 400.577429][ C1] #0: ffff8880192b3d48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 400.594039][ T30] ( [ 400.597022][ C1] #1: ffffc90003a27d00 ((work_completion)(&hub->events) [ 400.611179][ T30] (wq_completion)netns [ 400.613036][ C1] ){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 400.622325][ T30] ){+.+.}-{0:0} [ 400.623596][ C1] #2: [ 400.627215][ T30] , at: process_scheduled_works+0x90a/0x1830 [ 400.630397][ C1] ffff888023d50190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150 [ 400.630461][ C1] #3: ffff888023d53518 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x25b9/0x5150 [ 400.637341][ T30] #1: [ 400.638764][ C1] #4: ffff88801c3c1f68 (hcd->address0_mutex [ 400.647808][ T30] ffffc9000a3ffd00 [ 400.651674][ C1] ){+.+.}-{3:3}, at: hub_event+0x25f7/0x5150 [ 400.651716][ C1] #5: ffffffff8f54f770 (ehci_cf_port_reset_rwsem){.+.+}-{3:3}, at: hub_port_reset+0x1f8/0x1b30 [ 400.651786][ C1] 2 locks held by syz.3.273/6510: [ 400.666993][ T30] ( [ 400.672386][ C1] 1 lock held by segctord/6511: [ 400.672405][ C1] #0: ffff88807c1612a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 400.682859][ T30] net_cleanup_work [ 400.685295][ C1] 7 locks held by syz-executor/9261: [ 400.698189][ T30] ){+.+.}-{0:0} [ 400.698251][ C1] #0: [ 400.715118][ T30] , at: process_scheduled_works+0x945/0x1830 [ 400.716974][ C1] ffff8880301c6420 (sb_writers#8 [ 400.737895][ T30] #2: [ 400.739717][ C1] ){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 400.739762][ C1] #1: [ 400.753601][ T30] ffffffff8fc751d0 [ 400.758359][ C1] ffff88802dcc3888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 400.758419][ C1] #2: ffff8880208d1878 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 400.758481][ C1] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 400.758546][ C1] #4: ffff888054a700e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 400.758610][ C1] #5: ffff888054a73250 (&devlink->lock_key#18){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 400.758679][ C1] #6: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: unregister_netdevice_notifier_net+0x89/0x3a0 [ 400.758740][ C1] 1 lock held by syz-executor/9432: [ 400.758754][ C1] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 400.758821][ C1] 3 locks held by syz.0.1017/9538: [ 400.758835][ C1] #0: ffff8880608ea8e0 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x2f9/0x6e0 [ 400.758893][ C1] #1: ffff88802ff7a518 (sb_pagefaults){.+.+}-{0:0}, at: ext4_page_mkwrite+0x1f0/0xdf0 [ 400.774259][ T30] ( [ 400.778645][ C1] #2: ffff88802ff7e958 (jbd2_handle){++++}-{0:0} [ 400.794456][ T30] pernet_ops_rwsem [ 400.796842][ C1] , at: start_this_handle+0x1e94/0x2110 [ 400.796875][ C1] 2 locks held by rm/9556: [ 400.813015][ T30] ){++++}-{3:3} [ 400.815246][ C1] #0: ffffc9000470fb40 (net/core/rtnetlink.c:83){+.-.}-{0:0} [ 400.826530][ T30] , at: cleanup_net+0x16a/0xcc0 [ 400.828137][ C1] , at: call_timer_fn+0xc0/0x650 [ 400.828163][ C1] #1: ffffffff8e937a60 [ 400.842327][ T30] #3: [ 400.845730][ C1] (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 400.859760][ T30] ffffffff8fc81d48 [ 400.863410][ C1] [ 400.863421][ C1] ============================================= [ 400.863421][ C1] [ 401.279532][ T5279] usb 2-1: device not accepting address 10, error -71 [ 401.413321][ T5281] usb 1-1: USB disconnect, device number 18 [ 401.439529][ T30] (rtnl_mutex){+.+.}-{3:3}, at: cleanup_net+0x6af/0xcc0 [ 401.779634][ T30] #4: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 401.792173][ T30] 2 locks held by dhcpcd/4898: [ 401.796945][ T30] #0: ffff888022c53678 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0x119/0x790 [ 401.807387][ T30] #1: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x9e/0x210 [ 401.816287][ T30] 2 locks held by getty/4980: [ 401.821158][ T30] #0: ffff88802b23f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 401.838657][ T30] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 401.848870][ T30] 6 locks held by kworker/1:3/5279: [ 401.854603][ T30] #0: ffff8880192b3d48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 401.866066][ T30] #1: ffffc90003a27d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 401.878025][ T30] #2: ffff888023d50190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150 [ 401.897179][ T30] #3: ffff888023d53518 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x25b9/0x5150 [ 401.907219][ T30] #4: ffff88801c3c1f68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x25f7/0x5150 [ 401.917316][ C1] DEBUG: waiting rtnl_mutex for 919 jiffies. [ 401.917337][ C1] task:kworker/0:0 state:D stack:20296 pid:8 tgid:8 ppid:2 flags:0x00004000 [ 401.917383][ C1] Workqueue: events switchdev_deferred_process_work [ 401.917417][ C1] Call Trace: [ 401.917426][ C1] [ 401.917441][ C1] __schedule+0x1800/0x4a60 [ 401.917497][ C1] ? __pfx___schedule+0x10/0x10 [ 401.917530][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 401.917560][ C1] ? __pfx_lock_release+0x10/0x10 [ 401.917592][ C1] ? kick_pool+0x45c/0x620 [ 401.917628][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 401.917657][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 401.917695][ C1] ? schedule+0x90/0x320 [ 401.917723][ C1] schedule+0x14b/0x320 [ 401.917755][ C1] schedule_preempt_disabled+0x13/0x30 [ 401.917786][ C1] __mutex_lock+0x6a4/0xd70 [ 401.917813][ C1] ? __mutex_lock+0x527/0xd70 [ 401.917837][ C1] ? switchdev_deferred_process_work+0xe/0x20 [ 401.917865][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 401.917898][ C1] ? get_rtnl_holder+0x144/0x190 [ 401.917925][ C1] ? process_scheduled_works+0x945/0x1830 [ 401.917953][ C1] switchdev_deferred_process_work+0xe/0x20 [ 401.917978][ C1] process_scheduled_works+0xa2c/0x1830 [ 401.918036][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 401.918075][ C1] ? assign_work+0x364/0x3d0 [ 401.918110][ C1] worker_thread+0x86d/0xd40 [ 401.918155][ C1] ? __kthread_parkme+0x169/0x1d0 [ 401.918190][ C1] ? __pfx_worker_thread+0x10/0x10 [ 401.918218][ C1] kthread+0x2f0/0x390 [ 401.918239][ C1] ? __pfx_worker_thread+0x10/0x10 [ 401.918265][ C1] ? __pfx_kthread+0x10/0x10 [ 401.918287][ C1] ret_from_fork+0x4b/0x80 [ 401.918315][ C1] ? __pfx_kthread+0x10/0x10 [ 401.918337][ C1] ret_from_fork_asm+0x1a/0x30 [ 401.918384][ C1] [ 401.918395][ C1] DEBUG: waiting rtnl_mutex for 890 jiffies. [ 401.918408][ C1] task:kworker/1:1 state:D stack:19984 pid:46 tgid:46 ppid:2 flags:0x00004000 [ 401.918449][ C1] Workqueue: events linkwatch_event [ 401.918475][ C1] Call Trace: [ 401.918484][ C1] [ 401.918498][ C1] __schedule+0x1800/0x4a60 [ 401.918552][ C1] ? __pfx___schedule+0x10/0x10 [ 401.918583][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 401.918613][ C1] ? __pfx_lock_release+0x10/0x10 [ 401.918645][ C1] ? kick_pool+0x45c/0x620 [ 401.918685][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 401.918714][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 401.918745][ C1] ? schedule+0x90/0x320 [ 401.918774][ C1] schedule+0x14b/0x320 [ 401.918806][ C1] schedule_preempt_disabled+0x13/0x30 [ 401.918836][ C1] __mutex_lock+0x6a4/0xd70 [ 401.918863][ C1] ? __mutex_lock+0x527/0xd70 [ 401.918888][ C1] ? linkwatch_event+0xe/0x60 [ 401.918913][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 401.918947][ C1] ? get_rtnl_holder+0x144/0x190 [ 401.918973][ C1] ? process_scheduled_works+0x945/0x1830 [ 401.919001][ C1] linkwatch_event+0xe/0x60 [ 401.919024][ C1] process_scheduled_works+0xa2c/0x1830 [ 401.919083][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 401.919121][ C1] ? assign_work+0x364/0x3d0 [ 401.919156][ C1] worker_thread+0x86d/0xd40 [ 401.919200][ C1] ? __kthread_parkme+0x169/0x1d0 [ 401.919235][ C1] ? __pfx_worker_thread+0x10/0x10 [ 401.919264][ C1] kthread+0x2f0/0x390 [ 401.919285][ C1] ? __pfx_worker_thread+0x10/0x10 [ 401.919313][ C1] ? __pfx_kthread+0x10/0x10 [ 401.919335][ C1] ret_from_fork+0x4b/0x80 [ 401.919362][ C1] ? __pfx_kthread+0x10/0x10 [ 401.919383][ C1] ret_from_fork_asm+0x1a/0x30 [ 401.919428][ C1] [ 401.919488][ C1] DEBUG: holding rtnl_mutex for 938 jiffies. [ 401.919502][ C1] task:kworker/u8:12 state:D stack:19472 pid:3000 tgid:3000 ppid:2 flags:0x00004000 [ 401.919539][ C1] Workqueue: netns cleanup_net [ 401.919563][ C1] Call Trace: [ 401.919571][ C1] [ 401.919585][ C1] __schedule+0x1800/0x4a60 [ 401.919641][ C1] ? __pfx___schedule+0x10/0x10 [ 401.919675][ C1] ? __pfx_lock_release+0x10/0x10 [ 401.919708][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 401.919745][ C1] ? kthread_data+0x52/0xd0 [ 401.919773][ C1] ? wq_worker_sleeping+0x66/0x240 [ 401.919803][ C1] ? schedule+0x90/0x320 [ 401.919830][ C1] schedule+0x14b/0x320 [ 401.919862][ C1] synchronize_rcu_expedited+0x684/0x830 [ 401.919888][ C1] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 401.919924][ C1] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 401.919944][ C1] ? __pfx___might_resched+0x10/0x10 [ 401.919968][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 401.919995][ C1] ? __pfx_autoremove_wake_function+0x10/0x10 [ 401.920024][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 401.920065][ C1] synchronize_rcu+0x11b/0x360 [ 401.920088][ C1] ? __pfx_synchronize_rcu+0x10/0x10 [ 401.920114][ C1] ? __phys_addr+0x105/0x170 [ 401.920145][ C1] lockdep_unregister_key+0x4b7/0x540 [ 401.920179][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 401.920208][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 401.920242][ C1] ? __qdisc_destroy+0x150/0x410 [ 401.920265][ C1] ? kfree+0x149/0x360 [ 401.920290][ C1] ? __pfx_pfifo_fast_destroy+0x10/0x10 [ 401.920316][ C1] __qdisc_destroy+0x165/0x410 [ 401.920342][ C1] dev_shutdown+0x357/0x450 [ 401.920370][ C1] unregister_netdevice_many_notify+0x97b/0x1c40 [ 401.920416][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 401.920444][ C1] ? net_generic+0x1f/0x240 [ 401.920466][ C1] ? __pfx_lock_release+0x10/0x10 [ 401.920500][ C1] ? unregister_netdevice_queue+0x26b/0x370 [ 401.920529][ C1] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 401.920565][ C1] ? nexthop_net_exit_batch_rtnl+0x100/0x150 [ 401.920595][ C1] cleanup_net+0x75d/0xcc0 [ 401.920625][ C1] ? __pfx_cleanup_net+0x10/0x10 [ 401.920661][ C1] ? process_scheduled_works+0x945/0x1830 [ 401.920696][ C1] process_scheduled_works+0xa2c/0x1830 [ 401.920754][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 401.920793][ C1] ? assign_work+0x364/0x3d0 [ 401.920827][ C1] worker_thread+0x86d/0xd40 [ 401.920872][ C1] ? __kthread_parkme+0x169/0x1d0 [ 401.920906][ C1] ? __pfx_worker_thread+0x10/0x10 [ 401.920935][ C1] kthread+0x2f0/0x390 [ 401.920955][ C1] ? __pfx_worker_thread+0x10/0x10 [ 401.920987][ C1] ? __pfx_kthread+0x10/0x10 [ 401.921010][ C1] ret_from_fork+0x4b/0x80 [ 401.921039][ C1] ? __pfx_kthread+0x10/0x10 [ 401.921060][ C1] ret_from_fork_asm+0x1a/0x30 [ 401.921106][ C1] [ 401.921116][ C1] DEBUG: waiting rtnl_mutex for 938 jiffies. [ 401.921129][ C1] task:syz-executor state:D stack:21728 pid:9261 tgid:9261 ppid:9244 flags:0x00004002 [ 401.921173][ C1] Call Trace: [ 401.921182][ C1] [ 401.921196][ C1] __schedule+0x1800/0x4a60 [ 401.921250][ C1] ? __pfx___schedule+0x10/0x10 [ 401.921284][ C1] ? __pfx_lock_release+0x10/0x10 [ 401.921314][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 401.921349][ C1] ? schedule+0x90/0x320 [ 401.921379][ C1] schedule+0x14b/0x320 [ 401.921411][ C1] schedule_preempt_disabled+0x13/0x30 [ 401.921441][ C1] __mutex_lock+0x6a4/0xd70 [ 401.921468][ C1] ? __mutex_lock+0x527/0xd70 [ 401.921492][ C1] ? unregister_netdevice_notifier_net+0x89/0x3a0 [ 401.921537][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 401.921571][ C1] ? get_rtnl_holder+0x144/0x190 [ 401.921598][ C1] unregister_netdevice_notifier_net+0x89/0x3a0 [ 401.921624][ C1] ? _raw_spin_unlock+0x28/0x50 [ 401.921650][ C1] ? mntput_no_expire+0x2da/0x850 [ 401.921682][ C1] ? __pfx_unregister_netdevice_notifier_net+0x10/0x10 [ 401.921709][ C1] ? __pfx_mntput_no_expire+0x10/0x10 [ 401.921742][ C1] ? _raw_spin_unlock+0x28/0x50 [ 401.921769][ C1] ? simple_release_fs+0x9c/0xd0 [ 401.921799][ C1] nsim_dev_hwstats_exit+0x81/0x290 [ 401.921829][ C1] ? kfree+0x149/0x360 [ 401.921858][ C1] nsim_dev_reload_destroy+0x2ad/0x490 [ 401.921885][ C1] ? __pfx_nsim_bus_remove+0x10/0x10 [ 401.921912][ C1] nsim_drv_remove+0x58/0x160 [ 401.921936][ C1] device_release_driver_internal+0x4a9/0x7c0 [ 401.921973][ C1] bus_remove_device+0x34f/0x420 [ 401.922011][ C1] device_del+0x57a/0x9b0 [ 401.922045][ C1] ? __pfx_device_del+0x10/0x10 [ 401.922079][ C1] device_unregister+0x20/0xc0 [ 401.922104][ C1] del_device_store+0x363/0x480 [ 401.922135][ C1] ? __pfx_del_device_store+0x10/0x10 [ 401.922168][ C1] ? sysfs_kf_write+0x182/0x2a0 [ 401.922193][ C1] ? bus_attr_store+0x4f/0xa0 [ 401.922216][ C1] ? __pfx_sysfs_kf_write+0x10/0x10 [ 401.922240][ C1] kernfs_fop_write_iter+0x3a1/0x500 [ 401.922270][ C1] vfs_write+0xa72/0xc90 [ 401.922304][ C1] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 401.922329][ C1] ? __pfx_vfs_write+0x10/0x10 [ 401.922381][ C1] ksys_write+0x1a0/0x2c0 [ 401.922417][ C1] ? __pfx_ksys_write+0x10/0x10 [ 401.922446][ C1] ? do_syscall_64+0x100/0x230 [ 401.922470][ C1] ? do_syscall_64+0xb6/0x230 [ 401.922494][ C1] do_syscall_64+0xf3/0x230 [ 401.922516][ C1] ? clear_bhb_loop+0x35/0x90 [ 401.922545][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 401.922570][ C1] RIP: 0033:0x7f2b23375e9f [ 401.922589][ C1] RSP: 002b:00007ffe468e11f0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 401.922615][ C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f2b23375e9f [ 401.922633][ C1] RDX: 0000000000000001 RSI: 00007ffe468e1240 RDI: 0000000000000005 [ 401.922648][ C1] RBP: 00007f2b233e5940 R08: 0000000000000000 R09: 00007ffe468e1047 [ 401.922663][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 401.922683][ C1] R13: 00007ffe468e1240 R14: 00007f2b24034620 R15: 0000000000000003 [ 401.922715][ C1] [ 401.922724][ C1] DEBUG: waiting rtnl_mutex for 930 jiffies. [ 401.922737][ C1] task:syz-executor state:D stack:21728 pid:9432 tgid:9432 ppid:9427 flags:0x00004000 [ 401.922774][ C1] Call Trace: [ 401.922782][ C1] [ 401.922795][ C1] __schedule+0x1800/0x4a60 [ 401.922847][ C1] ? __pfx___schedule+0x10/0x10 [ 401.922881][ C1] ? __pfx_lock_release+0x10/0x10 [ 401.922910][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 401.922945][ C1] ? schedule+0x90/0x320 [ 401.922973][ C1] schedule+0x14b/0x320 [ 401.923005][ C1] schedule_preempt_disabled+0x13/0x30 [ 401.923034][ C1] __mutex_lock+0x6a4/0xd70 [ 401.923060][ C1] ? __mutex_lock+0x527/0xd70 [ 401.923084][ C1] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 401.923116][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 401.923149][ C1] ? get_rtnl_holder+0x144/0x190 [ 401.923175][ C1] rtnetlink_rcv_msg+0x6eb/0xd00 [ 401.923205][ C1] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 401.923237][ C1] ? __lock_acquire+0x1384/0x2050 [ 401.923269][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 401.923319][ C1] netlink_rcv_skb+0x1e3/0x430 [ 401.923345][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 401.923378][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 401.923435][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 401.923461][ C1] netlink_unicast+0x7f6/0x990 [ 401.923500][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 401.923528][ C1] ? __virt_addr_valid+0x183/0x530 [ 401.923553][ C1] ? __check_object_size+0x49c/0x900 [ 401.923579][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 401.923614][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 401.923651][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 401.923674][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 401.923711][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 401.923741][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 401.923762][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 401.923788][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 401.923810][ C1] __sock_sendmsg+0x221/0x270 [ 401.923844][ C1] __sys_sendto+0x3a4/0x4f0 [ 401.923874][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 401.923922][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 401.923954][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 401.923991][ C1] __x64_sys_sendto+0xde/0x100 [ 401.924019][ C1] do_syscall_64+0xf3/0x230 [ 401.924040][ C1] ? clear_bhb_loop+0x35/0x90 [ 401.924069][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 401.924094][ C1] RIP: 0033:0x7f228957914c [ 401.924113][ C1] RSP: 002b:00007ffea79998d0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 401.924139][ C1] RAX: ffffffffffffffda RBX: 00007f228a234620 RCX: 00007f228957914c [ 401.924157][ C1] RDX: 0000000000000028 RSI: 00007f228a234670 RDI: 0000000000000003 [ 401.924171][ C1] RBP: 0000000000000000 R08: 00007ffea7999924 R09: 000000000000000c [ 401.924186][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 401.924201][ C1] R13: 0000000000000000 R14: 00007f228a234670 R15: 0000000000000000 [ 401.924233][ C1] [ 401.924244][ C1] [ 401.924244][ C1] Showing all locks held in the system: [ 401.924255][ C1] 3 locks held by kworker/0:0/8: [ 401.924269][ C1] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 401.924338][ C1] #1: ffffc900000d7d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 401.924404][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 401.924467][ C1] 5 locks held by khungtaskd/30: [ 401.924480][ C1] #0: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 401.924546][ C1] #1: ffffffff8e813280 (console_lock){+.+.}-{0:0}, at: _printk+0xd5/0x120 [ 401.924610][ C1] #2: ffffffff8e812e90 (console_srcu){....}-{0:0}, at: console_flush_all+0x147/0xf50 [ 401.924671][ C1] #3: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 401.924737][ C1] #4: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 401.924808][ C1] 3 locks held by kworker/1:1/46: [ 401.924821][ C1] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 401.924887][ C1] #1: ffffc90000b67d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 401.924951][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 401.925033][ C1] 3 locks held by kworker/u8:7/2462: [ 401.925048][ C1] #0: ffff88802a894948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 401.925112][ C1] #1: ffffc9000986fd00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 401.925177][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 401.925246][ C1] 5 locks held by kworker/u8:12/3000: [ 401.925260][ C1] #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 401.925323][ C1] #1: ffffc9000a3ffd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 401.925386][ C1] #2: ffffffff8fc751d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 401.925444][ C1] #3: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: cleanup_net+0x6af/0xcc0 [ 401.925502][ C1] #4: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 401.925564][ C1] 1 lock held by klogd/4673: [ 401.925578][ C1] 2 locks held by dhcpcd/4898: [ 401.925592][ C1] #0: ffff888022c53678 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0x119/0x790 [ 401.925661][ C1] #1: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x9e/0x210 [ 401.925735][ C1] 2 locks held by getty/4980: [ 401.925749][ C1] #0: ffff88802b23f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 401.925816][ C1] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 401.925880][ C1] 6 locks held by kworker/1:3/5279: [ 401.925894][ C1] #0: ffff8880192b3d48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 401.925959][ C1] #1: ffffc90003a27d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 401.926026][ C1] #2: ffff888023d50190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150 [ 401.926088][ C1] #3: ffff888023d53518 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x25b9/0x5150 [ 401.926150][ C1] #4: ffff88801c3c1f68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x25f7/0x5150 [ 401.926214][ C1] #5: ffffffff8f54f770 (ehci_cf_port_reset_rwsem){.+.+}-{3:3}, at: hub_port_reset+0x1f8/0x1b30 [ 401.926279][ C1] 2 locks held by syz.3.273/6510: [ 401.926293][ C1] 1 lock held by segctord/6511: [ 401.926306][ C1] #0: ffff88807c1612a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 401.926380][ C1] 7 locks held by syz-executor/9261: [ 401.926393][ C1] #0: ffff8880301c6420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 401.926462][ C1] #1: ffff88802dcc3888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 401.926521][ C1] #2: ffff8880208d1878 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 401.926585][ C1] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 401.926650][ C1] #4: ffff888054a700e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 401.926718][ C1] #5: ffff888054a73250 (&devlink->lock_key#18){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 401.926782][ C1] #6: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: unregister_netdevice_notifier_net+0x89/0x3a0 [ 401.926843][ C1] 1 lock held by syz-executor/9432: [ 401.926857][ C1] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 401.926922][ C1] 2 locks held by dhcpcd/9561: [ 401.926936][ C1] #0: ffff88805085c408 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x90/0x240 [ 401.927010][ C1] #1: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 401.927074][ C1] [ 401.927081][ C1] ============================================= [ 401.927081][ C1] [ 402.649647][ T6510] bio_check_eod: 71726 callbacks suppressed [ 402.649665][ T6510] syz.3.273: attempt to access beyond end of device [ 402.649665][ T6510] loop3: rw=3, sector=16944502238408, nr_sectors = 8388600 limit=2048 [ 402.663560][ T30] #5: [ 402.709758][ T6510] syz.3.273: attempt to access beyond end of device [ 402.709758][ T6510] loop3: rw=3, sector=16944510627008, nr_sectors = 8388600 limit=2048 [ 402.714904][ T30] ffffffff8f54f770 (ehci_cf_port_reset_rwsem [ 402.727913][ T6510] syz.3.273: attempt to access beyond end of device [ 402.727913][ T6510] loop3: rw=3, sector=16944519015608, nr_sectors = 8388600 limit=2048 [ 402.730322][ T30] ){.+.+}-{3:3}, at: hub_port_reset+0x1f8/0x1b30 [ 402.730370][ T30] 2 locks held by syz.3.273/6510: [ 402.730383][ T30] 1 lock held by segctord/6511: [ 402.736033][ T6510] syz.3.273: attempt to access beyond end of device [ 402.736033][ T6510] loop3: rw=3, sector=16944527404208, nr_sectors = 8388600 limit=2048 [ 402.740019][ T30] #0: ffff88807c1612a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 402.750959][ T6510] syz.3.273: attempt to access beyond end of device [ 402.750959][ T6510] loop3: rw=3, sector=16944535792808, nr_sectors = 8388600 limit=2048 [ 402.755374][ T30] 7 locks held by syz-executor/9261: [ 402.767092][ T6510] syz.3.273: attempt to access beyond end of device [ 402.767092][ T6510] loop3: rw=3, sector=16944544181408, nr_sectors = 8388600 limit=2048 [ 402.770842][ T30] #0: [ 402.775490][ T6510] syz.3.273: attempt to access beyond end of device [ 402.775490][ T6510] loop3: rw=3, sector=16944552570008, nr_sectors = 8388600 limit=2048 [ 402.787809][ T30] ffff8880301c6420 [ 402.791546][ T6510] syz.3.273: attempt to access beyond end of device [ 402.791546][ T6510] loop3: rw=3, sector=16944560958608, nr_sectors = 8388600 limit=2048 [ 402.795208][ T30] ( [ 402.808527][ T6510] syz.3.273: attempt to access beyond end of device [ 402.808527][ T6510] loop3: rw=3, sector=16944569347208, nr_sectors = 8388600 limit=2048 [ 402.811694][ T30] sb_writers [ 402.818003][ T6510] syz.3.273: attempt to access beyond end of device [ 402.818003][ T6510] loop3: rw=3, sector=16944577735808, nr_sectors = 8388600 limit=2048 [ 402.821196][ T30] #8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 402.821247][ T30] #1: ffff88802dcc3888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 402.821303][ T30] #2: ffff8880208d1878 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 402.821362][ T30] #3: ffffffff8f51eae8 ( [ 402.950464][ C1] DEBUG: waiting rtnl_mutex for 1023 jiffies. [ 402.950487][ C1] task:kworker/0:0 state:D stack:20296 pid:8 tgid:8 ppid:2 flags:0x00004000 [ 402.950530][ C1] Workqueue: events switchdev_deferred_process_work [ 402.950560][ C1] Call Trace: [ 402.950570][ C1] [ 402.950594][ C1] __schedule+0x1800/0x4a60 [ 402.950649][ C1] ? __pfx___schedule+0x10/0x10 [ 402.950680][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 402.950712][ C1] ? __pfx_lock_release+0x10/0x10 [ 402.950743][ C1] ? kick_pool+0x45c/0x620 [ 402.950777][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 402.950806][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 402.950838][ C1] ? schedule+0x90/0x320 [ 402.950866][ C1] schedule+0x14b/0x320 [ 402.950898][ C1] schedule_preempt_disabled+0x13/0x30 [ 402.950928][ C1] __mutex_lock+0x6a4/0xd70 [ 402.950955][ C1] ? __mutex_lock+0x527/0xd70 [ 402.950979][ C1] ? switchdev_deferred_process_work+0xe/0x20 [ 402.951006][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 402.951039][ C1] ? get_rtnl_holder+0x144/0x190 [ 402.951066][ C1] ? process_scheduled_works+0x945/0x1830 [ 402.951094][ C1] switchdev_deferred_process_work+0xe/0x20 [ 402.951116][ C1] process_scheduled_works+0xa2c/0x1830 [ 402.951171][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 402.951211][ C1] ? assign_work+0x364/0x3d0 [ 402.951247][ C1] worker_thread+0x86d/0xd40 [ 402.951292][ C1] ? __kthread_parkme+0x169/0x1d0 [ 402.951328][ C1] ? __pfx_worker_thread+0x10/0x10 [ 402.951357][ C1] kthread+0x2f0/0x390 [ 402.951379][ C1] ? __pfx_worker_thread+0x10/0x10 [ 402.951408][ C1] ? __pfx_kthread+0x10/0x10 [ 402.951431][ C1] ret_from_fork+0x4b/0x80 [ 402.951460][ C1] ? __pfx_kthread+0x10/0x10 [ 402.951482][ C1] ret_from_fork_asm+0x1a/0x30 [ 402.951528][ C1] [ 402.951538][ C1] DEBUG: waiting rtnl_mutex for 994 jiffies. [ 402.951552][ C1] task:kworker/1:1 state:D stack:19984 pid:46 tgid:46 ppid:2 flags:0x00004000 [ 402.951599][ C1] Workqueue: events linkwatch_event [ 402.951625][ C1] Call Trace: [ 402.951634][ C1] [ 402.951649][ C1] __schedule+0x1800/0x4a60 [ 402.951702][ C1] ? __pfx___schedule+0x10/0x10 [ 402.951734][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 402.951764][ C1] ? __pfx_lock_release+0x10/0x10 [ 402.951795][ C1] ? kick_pool+0x45c/0x620 [ 402.951830][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 402.951860][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 402.951891][ C1] ? schedule+0x90/0x320 [ 402.951919][ C1] schedule+0x14b/0x320 [ 402.951952][ C1] schedule_preempt_disabled+0x13/0x30 [ 402.951980][ C1] __mutex_lock+0x6a4/0xd70 [ 402.952007][ C1] ? __mutex_lock+0x527/0xd70 [ 402.952032][ C1] ? linkwatch_event+0xe/0x60 [ 402.952057][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 402.952090][ C1] ? get_rtnl_holder+0x144/0x190 [ 402.952117][ C1] ? process_scheduled_works+0x945/0x1830 [ 402.952144][ C1] linkwatch_event+0xe/0x60 [ 402.952167][ C1] process_scheduled_works+0xa2c/0x1830 [ 402.952223][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 402.952260][ C1] ? assign_work+0x364/0x3d0 [ 402.952293][ C1] worker_thread+0x86d/0xd40 [ 402.952337][ C1] ? __kthread_parkme+0x169/0x1d0 [ 402.952370][ C1] ? __pfx_worker_thread+0x10/0x10 [ 402.952398][ C1] kthread+0x2f0/0x390 [ 402.952419][ C1] ? __pfx_worker_thread+0x10/0x10 [ 402.952447][ C1] ? __pfx_kthread+0x10/0x10 [ 402.952469][ C1] ret_from_fork+0x4b/0x80 [ 402.952497][ C1] ? __pfx_kthread+0x10/0x10 [ 402.952518][ C1] ret_from_fork_asm+0x1a/0x30 [ 402.952563][ C1] [ 402.952574][ C1] DEBUG: holding rtnl_mutex for 1041 jiffies. [ 402.952592][ C1] task:kworker/u8:12 state:D stack:19472 pid:3000 tgid:3000 ppid:2 flags:0x00004000 [ 402.952630][ C1] Workqueue: netns cleanup_net [ 402.952654][ C1] Call Trace: [ 402.952663][ C1] [ 402.952677][ C1] __schedule+0x1800/0x4a60 [ 402.952730][ C1] ? __pfx___schedule+0x10/0x10 [ 402.952763][ C1] ? __pfx_lock_release+0x10/0x10 [ 402.952791][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 402.952827][ C1] ? kthread_data+0x52/0xd0 [ 402.952857][ C1] ? wq_worker_sleeping+0x66/0x240 [ 402.952889][ C1] ? schedule+0x90/0x320 [ 402.952917][ C1] schedule+0x14b/0x320 [ 402.952949][ C1] synchronize_rcu_expedited+0x684/0x830 [ 402.952978][ C1] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 402.953019][ C1] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 402.953042][ C1] ? __pfx___might_resched+0x10/0x10 [ 402.953069][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 402.953099][ C1] ? __pfx_autoremove_wake_function+0x10/0x10 [ 402.953129][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 402.953171][ C1] synchronize_rcu+0x11b/0x360 [ 402.953194][ C1] ? __pfx_synchronize_rcu+0x10/0x10 [ 402.953221][ C1] ? __phys_addr+0x105/0x170 [ 402.953251][ C1] lockdep_unregister_key+0x4b7/0x540 [ 402.953286][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 402.953315][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 402.953349][ C1] ? __qdisc_destroy+0x150/0x410 [ 402.953371][ C1] ? kfree+0x149/0x360 [ 402.953396][ C1] ? __pfx_pfifo_fast_destroy+0x10/0x10 [ 402.953421][ C1] __qdisc_destroy+0x165/0x410 [ 402.953449][ C1] dev_shutdown+0x357/0x450 [ 402.953479][ C1] unregister_netdevice_many_notify+0x97b/0x1c40 [ 402.953526][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 402.953557][ C1] ? net_generic+0x1f/0x240 [ 402.953585][ C1] ? __pfx_lock_release+0x10/0x10 [ 402.953619][ C1] ? unregister_netdevice_queue+0x26b/0x370 [ 402.953649][ C1] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 402.953688][ C1] ? nexthop_net_exit_batch_rtnl+0x100/0x150 [ 402.953720][ C1] cleanup_net+0x75d/0xcc0 [ 402.953751][ C1] ? __pfx_cleanup_net+0x10/0x10 [ 402.953788][ C1] ? process_scheduled_works+0x945/0x1830 [ 402.953817][ C1] process_scheduled_works+0xa2c/0x1830 [ 402.953875][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 402.953913][ C1] ? assign_work+0x364/0x3d0 [ 402.953947][ C1] worker_thread+0x86d/0xd40 [ 402.953992][ C1] ? __kthread_parkme+0x169/0x1d0 [ 402.954026][ C1] ? __pfx_worker_thread+0x10/0x10 [ 402.954056][ C1] kthread+0x2f0/0x390 [ 402.954077][ C1] ? __pfx_worker_thread+0x10/0x10 [ 402.954105][ C1] ? __pfx_kthread+0x10/0x10 [ 402.954128][ C1] ret_from_fork+0x4b/0x80 [ 402.954157][ C1] ? __pfx_kthread+0x10/0x10 [ 402.954178][ C1] ret_from_fork_asm+0x1a/0x30 [ 402.954224][ C1] [ 402.954234][ C1] DEBUG: waiting rtnl_mutex for 1041 jiffies. [ 402.954248][ C1] task:syz-executor state:D stack:21728 pid:9261 tgid:9261 ppid:9244 flags:0x00004002 [ 402.954286][ C1] Call Trace: [ 402.954295][ C1] [ 402.954309][ C1] __schedule+0x1800/0x4a60 [ 402.954361][ C1] ? __pfx___schedule+0x10/0x10 [ 402.954395][ C1] ? __pfx_lock_release+0x10/0x10 [ 402.954426][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 402.954459][ C1] ? schedule+0x90/0x320 [ 402.954487][ C1] schedule+0x14b/0x320 [ 402.954519][ C1] schedule_preempt_disabled+0x13/0x30 [ 402.954549][ C1] __mutex_lock+0x6a4/0xd70 [ 402.954575][ C1] ? __mutex_lock+0x527/0xd70 [ 402.954605][ C1] ? unregister_netdevice_notifier_net+0x89/0x3a0 [ 402.954631][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 402.954665][ C1] ? get_rtnl_holder+0x144/0x190 [ 402.954693][ C1] unregister_netdevice_notifier_net+0x89/0x3a0 [ 402.954720][ C1] ? _raw_spin_unlock+0x28/0x50 [ 402.954747][ C1] ? mntput_no_expire+0x2da/0x850 [ 402.954776][ C1] ? __pfx_unregister_netdevice_notifier_net+0x10/0x10 [ 402.954805][ C1] ? __pfx_mntput_no_expire+0x10/0x10 [ 402.954837][ C1] ? _raw_spin_unlock+0x28/0x50 [ 402.954865][ C1] ? simple_release_fs+0x9c/0xd0 [ 402.954896][ C1] nsim_dev_hwstats_exit+0x81/0x290 [ 402.954928][ C1] ? kfree+0x149/0x360 [ 402.954958][ C1] nsim_dev_reload_destroy+0x2ad/0x490 [ 402.954987][ C1] ? __pfx_nsim_bus_remove+0x10/0x10 [ 402.955015][ C1] nsim_drv_remove+0x58/0x160 [ 402.955040][ C1] device_release_driver_internal+0x4a9/0x7c0 [ 402.955078][ C1] bus_remove_device+0x34f/0x420 [ 402.955117][ C1] device_del+0x57a/0x9b0 [ 402.955151][ C1] ? __pfx_device_del+0x10/0x10 [ 402.955187][ C1] device_unregister+0x20/0xc0 [ 402.955214][ C1] del_device_store+0x363/0x480 [ 402.955247][ C1] ? __pfx_del_device_store+0x10/0x10 [ 402.955280][ C1] ? sysfs_kf_write+0x182/0x2a0 [ 402.955306][ C1] ? bus_attr_store+0x4f/0xa0 [ 402.955330][ C1] ? __pfx_sysfs_kf_write+0x10/0x10 [ 402.955355][ C1] kernfs_fop_write_iter+0x3a1/0x500 [ 402.955387][ C1] vfs_write+0xa72/0xc90 [ 402.955422][ C1] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 402.955449][ C1] ? __pfx_vfs_write+0x10/0x10 [ 402.955502][ C1] ksys_write+0x1a0/0x2c0 [ 402.955538][ C1] ? __pfx_ksys_write+0x10/0x10 [ 402.955569][ C1] ? do_syscall_64+0x100/0x230 [ 402.955599][ C1] ? do_syscall_64+0xb6/0x230 [ 402.955626][ C1] do_syscall_64+0xf3/0x230 [ 402.955649][ C1] ? clear_bhb_loop+0x35/0x90 [ 402.955679][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 402.955705][ C1] RIP: 0033:0x7f2b23375e9f [ 402.955726][ C1] RSP: 002b:00007ffe468e11f0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 402.955753][ C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f2b23375e9f [ 402.955771][ C1] RDX: 0000000000000001 RSI: 00007ffe468e1240 RDI: 0000000000000005 [ 402.955787][ C1] RBP: 00007f2b233e5940 R08: 0000000000000000 R09: 00007ffe468e1047 [ 402.955804][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 402.955819][ C1] R13: 00007ffe468e1240 R14: 00007f2b24034620 R15: 0000000000000003 [ 402.955854][ C1] [ 402.955864][ C1] DEBUG: waiting rtnl_mutex for 1033 jiffies. [ 402.955878][ C1] task:syz-executor state:D stack:21728 pid:9432 tgid:9432 ppid:9427 flags:0x00004000 [ 402.955918][ C1] Call Trace: [ 402.955928][ C1] [ 402.955943][ C1] __schedule+0x1800/0x4a60 [ 402.955997][ C1] ? __pfx___schedule+0x10/0x10 [ 402.956032][ C1] ? __pfx_lock_release+0x10/0x10 [ 402.956064][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 402.956100][ C1] ? schedule+0x90/0x320 [ 402.956130][ C1] schedule+0x14b/0x320 [ 402.956164][ C1] schedule_preempt_disabled+0x13/0x30 [ 402.956195][ C1] __mutex_lock+0x6a4/0xd70 [ 402.956222][ C1] ? __mutex_lock+0x527/0xd70 [ 402.956247][ C1] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 402.956281][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 402.956317][ C1] ? get_rtnl_holder+0x144/0x190 [ 402.956343][ C1] rtnetlink_rcv_msg+0x6eb/0xd00 [ 402.956374][ C1] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 402.956407][ C1] ? __lock_acquire+0x1384/0x2050 [ 402.956440][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 402.956490][ C1] netlink_rcv_skb+0x1e3/0x430 [ 402.956515][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 402.956551][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 402.956613][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 402.956639][ C1] netlink_unicast+0x7f6/0x990 [ 402.956678][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 402.956706][ C1] ? __virt_addr_valid+0x183/0x530 [ 402.956733][ C1] ? __check_object_size+0x49c/0x900 [ 402.956759][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 402.956793][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 402.956830][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 402.956852][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 402.956885][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 402.956915][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 402.956936][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 402.956963][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 402.956985][ C1] __sock_sendmsg+0x221/0x270 [ 402.957021][ C1] __sys_sendto+0x3a4/0x4f0 [ 402.957053][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 402.957106][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 402.957139][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 402.957176][ C1] __x64_sys_sendto+0xde/0x100 [ 402.957209][ C1] do_syscall_64+0xf3/0x230 [ 402.957232][ C1] ? clear_bhb_loop+0x35/0x90 [ 402.957261][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 402.957286][ C1] RIP: 0033:0x7f228957914c [ 402.957305][ C1] RSP: 002b:00007ffea79998d0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 402.957329][ C1] RAX: ffffffffffffffda RBX: 00007f228a234620 RCX: 00007f228957914c [ 402.957347][ C1] RDX: 0000000000000028 RSI: 00007f228a234670 RDI: 0000000000000003 [ 402.957363][ C1] RBP: 0000000000000000 R08: 00007ffea7999924 R09: 000000000000000c [ 402.957379][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 402.957394][ C1] R13: 0000000000000000 R14: 00007f228a234670 R15: 0000000000000000 [ 402.957427][ C1] [ 402.957438][ C1] [ 402.957438][ C1] Showing all locks held in the system: [ 402.957450][ C1] 3 locks held by kworker/0:0/8: [ 402.957465][ C1] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 402.957534][ C1] #1: ffffc900000d7d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 402.957605][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 402.957669][ C1] 2 locks held by kworker/u8:0/11: [ 402.957686][ C1] 5 locks held by khungtaskd/30: [ 402.957700][ C1] #0: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 402.957767][ C1] #1: ffffffff8e813280 (console_lock){+.+.}-{0:0}, at: vprintk_emit+0x4ed/0x900 [ 402.957828][ C1] #2: ffffffff8e812e90 (console_srcu){....}-{0:0}, at: console_flush_all+0x147/0xf50 [ 402.957893][ C1] #3: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 402.957955][ C1] #4: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 402.958027][ C1] 3 locks held by kworker/1:1/46: [ 402.958042][ C1] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 402.958109][ C1] #1: ffffc90000b67d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 402.958176][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 402.958261][ C1] 3 locks held by kworker/u8:7/2462: [ 402.958276][ C1] #0: ffff88802a894948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 402.958344][ C1] #1: ffffc9000986fd00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 402.958412][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 402.958484][ C1] 5 locks held by kworker/u8:12/3000: [ 402.958498][ C1] #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 402.958565][ C1] #1: ffffc9000a3ffd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 402.958638][ C1] #2: ffffffff8fc751d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 402.958699][ C1] #3: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: cleanup_net+0x6af/0xcc0 [ 402.958760][ C1] #4: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 402.958825][ C1] 2 locks held by dhcpcd/4898: [ 402.958839][ C1] #0: ffff888022c53678 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0x119/0x790 [ 402.958906][ C1] #1: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x9e/0x210 [ 402.958973][ C1] 2 locks held by getty/4980: [ 402.958987][ C1] #0: ffff88802b23f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 402.959055][ C1] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 402.959118][ C1] 6 locks held by kworker/1:3/5279: [ 402.959134][ C1] 2 locks held by syz.3.273/6510: [ 402.959148][ C1] 1 lock held by segctord/6511: [ 402.959162][ C1] #0: ffff88807c1612a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 402.959238][ C1] 7 locks held by syz-executor/9261: [ 402.959252][ C1] #0: ffff8880301c6420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 402.959325][ C1] #1: ffff88802dcc3888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 402.959385][ C1] #2: ffff8880208d1878 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 402.959501][ C1] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 402.959569][ C1] #4: ffff888054a700e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 402.959637][ C1] #5: ffff888054a73250 (&devlink->lock_key#18){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 402.959702][ C1] #6: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: unregister_netdevice_notifier_net+0x89/0x3a0 [ 402.959767][ C1] 1 lock held by syz-executor/9432: [ 402.959782][ C1] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 402.959852][ C1] 2 locks held by dhcpcd/9561: [ 402.959866][ C1] #0: ffff88805085c408 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x90/0x240 [ 402.959926][ C1] #1: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 402.959985][ C1] [ 402.959993][ C1] ============================================= [ 402.959993][ C1] [ 403.993436][ C1] DEBUG: waiting rtnl_mutex for 1127 jiffies. [ 403.993461][ C1] task:kworker/0:0 state:D stack:20296 pid:8 tgid:8 ppid:2 flags:0x00004000 [ 403.993508][ C1] Workqueue: events switchdev_deferred_process_work [ 403.993543][ C1] Call Trace: [ 403.993555][ C1] [ 403.993571][ C1] __schedule+0x1800/0x4a60 [ 403.993629][ C1] ? __pfx___schedule+0x10/0x10 [ 403.993663][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 403.993695][ C1] ? __pfx_lock_release+0x10/0x10 [ 403.993727][ C1] ? kick_pool+0x45c/0x620 [ 403.993763][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 403.993793][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 403.993826][ C1] ? schedule+0x90/0x320 [ 403.993855][ C1] schedule+0x14b/0x320 [ 403.993889][ C1] schedule_preempt_disabled+0x13/0x30 [ 403.993920][ C1] __mutex_lock+0x6a4/0xd70 [ 403.993947][ C1] ? __mutex_lock+0x527/0xd70 [ 403.993971][ C1] ? switchdev_deferred_process_work+0xe/0x20 [ 403.993999][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 403.994033][ C1] ? get_rtnl_holder+0x144/0x190 [ 403.994061][ C1] ? process_scheduled_works+0x945/0x1830 [ 403.994090][ C1] switchdev_deferred_process_work+0xe/0x20 [ 403.994115][ C1] process_scheduled_works+0xa2c/0x1830 [ 403.994174][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 403.994220][ C1] ? assign_work+0x364/0x3d0 [ 403.994252][ C1] worker_thread+0x86d/0xd40 [ 403.994296][ C1] ? __kthread_parkme+0x169/0x1d0 [ 403.994332][ C1] ? __pfx_worker_thread+0x10/0x10 [ 403.994361][ C1] kthread+0x2f0/0x390 [ 403.994382][ C1] ? __pfx_worker_thread+0x10/0x10 [ 403.994411][ C1] ? __pfx_kthread+0x10/0x10 [ 403.994434][ C1] ret_from_fork+0x4b/0x80 [ 403.994463][ C1] ? __pfx_kthread+0x10/0x10 [ 403.994485][ C1] ret_from_fork_asm+0x1a/0x30 [ 403.994532][ C1] [ 403.994543][ C1] DEBUG: waiting rtnl_mutex for 1098 jiffies. [ 403.994557][ C1] task:kworker/1:1 state:D stack:19984 pid:46 tgid:46 ppid:2 flags:0x00004000 [ 403.994597][ C1] Workqueue: events linkwatch_event [ 403.994623][ C1] Call Trace: [ 403.994633][ C1] [ 403.994648][ C1] __schedule+0x1800/0x4a60 [ 403.994701][ C1] ? __pfx___schedule+0x10/0x10 [ 403.994734][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 403.994764][ C1] ? __pfx_lock_release+0x10/0x10 [ 403.994795][ C1] ? kick_pool+0x45c/0x620 [ 403.994830][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 403.994860][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 403.994892][ C1] ? schedule+0x90/0x320 [ 403.994922][ C1] schedule+0x14b/0x320 [ 403.994955][ C1] schedule_preempt_disabled+0x13/0x30 [ 403.994986][ C1] __mutex_lock+0x6a4/0xd70 [ 403.995013][ C1] ? __mutex_lock+0x527/0xd70 [ 403.995039][ C1] ? linkwatch_event+0xe/0x60 [ 403.995065][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 403.995099][ C1] ? get_rtnl_holder+0x144/0x190 [ 403.995126][ C1] ? process_scheduled_works+0x945/0x1830 [ 403.995154][ C1] linkwatch_event+0xe/0x60 [ 403.995177][ C1] process_scheduled_works+0xa2c/0x1830 [ 403.995243][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 403.995282][ C1] ? assign_work+0x364/0x3d0 [ 403.995317][ C1] worker_thread+0x86d/0xd40 [ 403.995359][ C1] ? __kthread_parkme+0x169/0x1d0 [ 403.995393][ C1] ? __pfx_worker_thread+0x10/0x10 [ 403.995422][ C1] kthread+0x2f0/0x390 [ 403.995444][ C1] ? __pfx_worker_thread+0x10/0x10 [ 403.995473][ C1] ? __pfx_kthread+0x10/0x10 [ 403.995496][ C1] ret_from_fork+0x4b/0x80 [ 403.995526][ C1] ? __pfx_kthread+0x10/0x10 [ 403.995549][ C1] ret_from_fork_asm+0x1a/0x30 [ 403.995594][ C1] [ 403.995604][ C1] DEBUG: waiting rtnl_mutex for 539 jiffies. [ 403.995618][ C1] task:kworker/u8:7 state:D stack:20176 pid:2462 tgid:2462 ppid:2 flags:0x00004000 [ 403.995660][ C1] Workqueue: ipv6_addrconf addrconf_verify_work [ 403.995695][ C1] Call Trace: [ 403.995705][ C1] [ 403.995720][ C1] __schedule+0x1800/0x4a60 [ 403.995775][ C1] ? __pfx___schedule+0x10/0x10 [ 403.995809][ C1] ? __pfx_lock_release+0x10/0x10 [ 403.995840][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 403.995867][ C1] ? kthread_data+0x52/0xd0 [ 403.995895][ C1] ? schedule+0x90/0x320 [ 403.995924][ C1] ? wq_worker_sleeping+0x66/0x240 [ 403.995957][ C1] ? schedule+0x90/0x320 [ 403.995986][ C1] schedule+0x14b/0x320 [ 403.996019][ C1] schedule_preempt_disabled+0x13/0x30 [ 403.996049][ C1] __mutex_lock+0x6a4/0xd70 [ 403.996077][ C1] ? __mutex_lock+0x527/0xd70 [ 403.996102][ C1] ? addrconf_verify_work+0x19/0x30 [ 403.996135][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 403.996157][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 403.996191][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 403.996235][ C1] ? get_rtnl_holder+0x144/0x190 [ 403.996261][ C1] ? process_scheduled_works+0x945/0x1830 [ 403.996290][ C1] addrconf_verify_work+0x19/0x30 [ 403.996321][ C1] process_scheduled_works+0xa2c/0x1830 [ 403.996380][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 403.996420][ C1] ? assign_work+0x364/0x3d0 [ 403.996453][ C1] worker_thread+0x86d/0xd40 [ 403.996491][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 403.996525][ C1] ? __kthread_parkme+0x169/0x1d0 [ 403.996559][ C1] ? __pfx_worker_thread+0x10/0x10 [ 403.996589][ C1] kthread+0x2f0/0x390 [ 403.996611][ C1] ? __pfx_worker_thread+0x10/0x10 [ 403.996639][ C1] ? __pfx_kthread+0x10/0x10 [ 403.996662][ C1] ret_from_fork+0x4b/0x80 [ 403.996692][ C1] ? __pfx_kthread+0x10/0x10 [ 403.996714][ C1] ret_from_fork_asm+0x1a/0x30 [ 403.996761][ C1] [ 403.996773][ C1] DEBUG: holding rtnl_mutex for 1145 jiffies. [ 403.996786][ C1] task:kworker/u8:12 state:D stack:19472 pid:3000 tgid:3000 ppid:2 flags:0x00004000 [ 403.996826][ C1] Workqueue: netns cleanup_net [ 403.996851][ C1] Call Trace: [ 403.996861][ C1] [ 403.996876][ C1] __schedule+0x1800/0x4a60 [ 403.996929][ C1] ? __pfx___schedule+0x10/0x10 [ 403.996964][ C1] ? __pfx_lock_release+0x10/0x10 [ 403.996992][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 403.997030][ C1] ? kthread_data+0x52/0xd0 [ 403.997062][ C1] ? wq_worker_sleeping+0x66/0x240 [ 403.997094][ C1] ? schedule+0x90/0x320 [ 403.997123][ C1] schedule+0x14b/0x320 [ 403.997156][ C1] synchronize_rcu_expedited+0x684/0x830 [ 403.997186][ C1] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 403.997233][ C1] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 403.997258][ C1] ? __pfx___might_resched+0x10/0x10 [ 403.997285][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 403.997316][ C1] ? __pfx_autoremove_wake_function+0x10/0x10 [ 403.997347][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 403.997389][ C1] synchronize_rcu+0x11b/0x360 [ 403.997414][ C1] ? __pfx_synchronize_rcu+0x10/0x10 [ 403.997441][ C1] ? __phys_addr+0x105/0x170 [ 403.997473][ C1] lockdep_unregister_key+0x4b7/0x540 [ 403.997509][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 403.997539][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 403.997574][ C1] ? __qdisc_destroy+0x150/0x410 [ 403.997598][ C1] ? kfree+0x149/0x360 [ 403.997623][ C1] ? __pfx_pfifo_fast_destroy+0x10/0x10 [ 403.997648][ C1] __qdisc_destroy+0x165/0x410 [ 403.997677][ C1] dev_shutdown+0x357/0x450 [ 403.997707][ C1] unregister_netdevice_many_notify+0x97b/0x1c40 [ 403.997755][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 403.997787][ C1] ? net_generic+0x1f/0x240 [ 403.997811][ C1] ? __pfx_lock_release+0x10/0x10 [ 403.997846][ C1] ? unregister_netdevice_queue+0x26b/0x370 [ 403.997877][ C1] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 403.997917][ C1] ? nexthop_net_exit_batch_rtnl+0x100/0x150 [ 403.997949][ C1] cleanup_net+0x75d/0xcc0 [ 403.997980][ C1] ? __pfx_cleanup_net+0x10/0x10 [ 403.998018][ C1] ? process_scheduled_works+0x945/0x1830 [ 403.998047][ C1] process_scheduled_works+0xa2c/0x1830 [ 403.998106][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 403.998146][ C1] ? assign_work+0x364/0x3d0 [ 403.998180][ C1] worker_thread+0x86d/0xd40 [ 403.998232][ C1] ? __kthread_parkme+0x169/0x1d0 [ 403.998267][ C1] ? __pfx_worker_thread+0x10/0x10 [ 403.998297][ C1] kthread+0x2f0/0x390 [ 403.998319][ C1] ? __pfx_worker_thread+0x10/0x10 [ 403.998348][ C1] ? __pfx_kthread+0x10/0x10 [ 403.998372][ C1] ret_from_fork+0x4b/0x80 [ 403.998401][ C1] ? __pfx_kthread+0x10/0x10 [ 403.998424][ C1] ret_from_fork_asm+0x1a/0x30 [ 403.998470][ C1] [ 403.998480][ C1] DEBUG: waiting rtnl_mutex for 1145 jiffies. [ 403.998493][ C1] task:syz-executor state:D stack:21728 pid:9261 tgid:9261 ppid:9244 flags:0x00004002 [ 403.998533][ C1] Call Trace: [ 403.998543][ C1] [ 403.998558][ C1] __schedule+0x1800/0x4a60 [ 403.998611][ C1] ? __pfx___schedule+0x10/0x10 [ 403.998646][ C1] ? __pfx_lock_release+0x10/0x10 [ 403.998676][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 403.998710][ C1] ? schedule+0x90/0x320 [ 403.998739][ C1] schedule+0x14b/0x320 [ 403.998772][ C1] schedule_preempt_disabled+0x13/0x30 [ 403.998803][ C1] __mutex_lock+0x6a4/0xd70 [ 403.998831][ C1] ? __mutex_lock+0x527/0xd70 [ 403.998856][ C1] ? unregister_netdevice_notifier_net+0x89/0x3a0 [ 403.998883][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 403.998918][ C1] ? get_rtnl_holder+0x144/0x190 [ 403.998946][ C1] unregister_netdevice_notifier_net+0x89/0x3a0 [ 403.998974][ C1] ? _raw_spin_unlock+0x28/0x50 [ 403.999003][ C1] ? mntput_no_expire+0x2da/0x850 [ 403.999033][ C1] ? __pfx_unregister_netdevice_notifier_net+0x10/0x10 [ 403.999063][ C1] ? __pfx_mntput_no_expire+0x10/0x10 [ 403.999098][ C1] ? _raw_spin_unlock+0x28/0x50 [ 403.999127][ C1] ? simple_release_fs+0x9c/0xd0 [ 403.999160][ C1] nsim_dev_hwstats_exit+0x81/0x290 [ 403.999192][ C1] ? kfree+0x149/0x360 [ 403.999228][ C1] nsim_dev_reload_destroy+0x2ad/0x490 [ 403.999257][ C1] ? __pfx_nsim_bus_remove+0x10/0x10 [ 403.999285][ C1] nsim_drv_remove+0x58/0x160 [ 403.999311][ C1] device_release_driver_internal+0x4a9/0x7c0 [ 403.999350][ C1] bus_remove_device+0x34f/0x420 [ 403.999389][ C1] device_del+0x57a/0x9b0 [ 403.999424][ C1] ? __pfx_device_del+0x10/0x10 [ 403.999514][ C1] device_unregister+0x20/0xc0 [ 403.999541][ C1] del_device_store+0x363/0x480 [ 403.999575][ C1] ? __pfx_del_device_store+0x10/0x10 [ 403.999610][ C1] ? sysfs_kf_write+0x182/0x2a0 [ 403.999636][ C1] ? bus_attr_store+0x4f/0xa0 [ 403.999659][ C1] ? __pfx_sysfs_kf_write+0x10/0x10 [ 403.999685][ C1] kernfs_fop_write_iter+0x3a1/0x500 [ 403.999716][ C1] vfs_write+0xa72/0xc90 [ 403.999751][ C1] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 403.999777][ C1] ? __pfx_vfs_write+0x10/0x10 [ 403.999828][ C1] ksys_write+0x1a0/0x2c0 [ 403.999864][ C1] ? __pfx_ksys_write+0x10/0x10 [ 403.999896][ C1] ? do_syscall_64+0x100/0x230 [ 403.999922][ C1] ? do_syscall_64+0xb6/0x230 [ 403.999948][ C1] do_syscall_64+0xf3/0x230 [ 403.999971][ C1] ? clear_bhb_loop+0x35/0x90 [ 404.000001][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 404.000022][ C1] RIP: 0033:0x7f2b23375e9f [ 404.000040][ C1] RSP: 002b:00007ffe468e11f0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 404.000067][ C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f2b23375e9f [ 404.000085][ C1] RDX: 0000000000000001 RSI: 00007ffe468e1240 RDI: 0000000000000005 [ 404.000101][ C1] RBP: 00007f2b233e5940 R08: 0000000000000000 R09: 00007ffe468e1047 [ 404.000119][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 404.000134][ C1] R13: 00007ffe468e1240 R14: 00007f2b24034620 R15: 0000000000000003 [ 404.000168][ C1] [ 404.000179][ C1] DEBUG: waiting rtnl_mutex for 1138 jiffies. [ 404.000193][ C1] task:syz-executor state:D stack:21728 pid:9432 tgid:9432 ppid:9427 flags:0x00004000 [ 404.000240][ C1] Call Trace: [ 404.000249][ C1] [ 404.000261][ C1] __schedule+0x1800/0x4a60 [ 404.000314][ C1] ? __pfx___schedule+0x10/0x10 [ 404.000349][ C1] ? __pfx_lock_release+0x10/0x10 [ 404.000381][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 404.000418][ C1] ? schedule+0x90/0x320 [ 404.000446][ C1] schedule+0x14b/0x320 [ 404.000479][ C1] schedule_preempt_disabled+0x13/0x30 [ 404.000509][ C1] __mutex_lock+0x6a4/0xd70 [ 404.000532][ C1] ? __mutex_lock+0x527/0xd70 [ 404.000556][ C1] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 404.000590][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 404.000625][ C1] ? get_rtnl_holder+0x144/0x190 [ 404.000651][ C1] rtnetlink_rcv_msg+0x6eb/0xd00 [ 404.000682][ C1] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 404.000715][ C1] ? __lock_acquire+0x1384/0x2050 [ 404.000745][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 404.000790][ C1] netlink_rcv_skb+0x1e3/0x430 [ 404.000815][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 404.000849][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 404.000892][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 404.000917][ C1] netlink_unicast+0x7f6/0x990 [ 404.000955][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 404.000984][ C1] ? __virt_addr_valid+0x183/0x530 [ 404.001011][ C1] ? __check_object_size+0x49c/0x900 [ 404.001038][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 404.001073][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 404.001110][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 404.001132][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 404.001157][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 404.001183][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 404.001209][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 404.001232][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 404.001250][ C1] __sock_sendmsg+0x221/0x270 [ 404.001284][ C1] __sys_sendto+0x3a4/0x4f0 [ 404.001312][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 404.001363][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 404.001393][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 404.001427][ C1] __x64_sys_sendto+0xde/0x100 [ 404.001455][ C1] do_syscall_64+0xf3/0x230 [ 404.001479][ C1] ? clear_bhb_loop+0x35/0x90 [ 404.001506][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 404.001530][ C1] RIP: 0033:0x7f228957914c [ 404.001549][ C1] RSP: 002b:00007ffea79998d0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 404.001574][ C1] RAX: ffffffffffffffda RBX: 00007f228a234620 RCX: 00007f228957914c [ 404.001591][ C1] RDX: 0000000000000028 RSI: 00007f228a234670 RDI: 0000000000000003 [ 404.001608][ C1] RBP: 0000000000000000 R08: 00007ffea7999924 R09: 000000000000000c [ 404.001623][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 404.001638][ C1] R13: 0000000000000000 R14: 00007f228a234670 R15: 0000000000000000 [ 404.001671][ C1] [ 404.001682][ C1] [ 404.001682][ C1] Showing all locks held in the system: [ 404.001694][ C1] 3 locks held by kworker/0:0/8: [ 404.001709][ C1] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 404.001777][ C1] #1: ffffc900000d7d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 404.001843][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 404.001909][ C1] 5 locks held by khungtaskd/30: [ 404.001923][ C1] #0: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 404.001990][ C1] #1: ffffffff8e813280 (console_lock){+.+.}-{0:0}, at: vprintk_emit+0x4ed/0x900 [ 404.002051][ C1] #2: ffffffff8e812e90 (console_srcu){....}-{0:0}, at: console_flush_all+0x147/0xf50 [ 404.002113][ C1] #3: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 404.002174][ C1] #4: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 404.002250][ C1] 3 locks held by kworker/1:1/46: [ 404.002265][ C1] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 404.002331][ C1] #1: ffffc90000b67d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 404.002395][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 404.002479][ C1] 3 locks held by kworker/u8:7/2462: [ 404.002493][ C1] #0: ffff88802a894948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 404.002559][ C1] #1: ffffc9000986fd00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 404.002625][ C1] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 404.002694][ C1] 5 locks held by kworker/u8:12/3000: [ 404.002709][ C1] #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 404.002774][ C1] #1: ffffc9000a3ffd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 404.002838][ C1] #2: ffffffff8fc751d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 404.002899][ C1] #3: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: cleanup_net+0x6af/0xcc0 [ 404.002958][ C1] #4: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 404.003020][ C1] 4 locks held by klogd/4673: [ 404.003035][ C1] 2 locks held by dhcpcd/4898: [ 404.003048][ C1] #0: ffff888022c53678 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0x119/0x790 [ 404.003117][ C1] #1: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x9e/0x210 [ 404.003198][ C1] 2 locks held by getty/4980: [ 404.003212][ C1] #0: ffff88802b23f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 404.003279][ C1] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 404.003341][ C1] 6 locks held by kworker/1:3/5279: [ 404.003356][ C1] 2 locks held by syz.3.273/6510: [ 404.003369][ C1] 1 lock held by segctord/6511: [ 404.003382][ C1] #0: ffff88807c1612a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 404.003454][ C1] 7 locks held by syz-executor/9261: [ 404.003468][ C1] #0: ffff8880301c6420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 404.003545][ C1] #1: ffff88802dcc3888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 404.003606][ C1] #2: ffff8880208d1878 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 404.003673][ C1] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 404.003740][ C1] #4: ffff888054a700e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 404.003805][ C1] #5: ffff888054a73250 (&devlink->lock_key#18){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 404.003872][ C1] #6: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: unregister_netdevice_notifier_net+0x89/0x3a0 [ 404.003936][ C1] 1 lock held by syz-executor/9432: [ 404.003951][ C1] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 404.004021][ C1] 2 locks held by dhcpcd/9561: [ 404.004035][ C1] #0: ffff88805085c408 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x90/0x240 [ 404.004110][ C1] #1: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 404.004173][ C1] [ 404.004181][ C1] ============================================= [ 404.004181][ C1] [ 405.033274][ C1] DEBUG: waiting rtnl_mutex for 1231 jiffies. [ 405.033299][ C1] task:kworker/0:0 state:D stack:20296 pid:8 tgid:8 ppid:2 flags:0x00004000 [ 405.033344][ C1] Workqueue: events switchdev_deferred_process_work [ 405.033382][ C1] Call Trace: [ 405.033393][ C1] [ 405.033409][ C1] __schedule+0x1800/0x4a60 [ 405.033466][ C1] ? __pfx___schedule+0x10/0x10 [ 405.033498][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 405.033529][ C1] ? __pfx_lock_release+0x10/0x10 [ 405.033561][ C1] ? kick_pool+0x45c/0x620 [ 405.033597][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 405.033626][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 405.033659][ C1] ? schedule+0x90/0x320 [ 405.033688][ C1] schedule+0x14b/0x320 [ 405.033721][ C1] schedule_preempt_disabled+0x13/0x30 [ 405.033752][ C1] __mutex_lock+0x6a4/0xd70 [ 405.033779][ C1] ? __mutex_lock+0x527/0xd70 [ 405.033804][ C1] ? switchdev_deferred_process_work+0xe/0x20 [ 405.033832][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 405.033866][ C1] ? get_rtnl_holder+0x144/0x190 [ 405.033894][ C1] ? process_scheduled_works+0x945/0x1830 [ 405.033923][ C1] switchdev_deferred_process_work+0xe/0x20 [ 405.033948][ C1] process_scheduled_works+0xa2c/0x1830 [ 405.034008][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 405.034047][ C1] ? assign_work+0x364/0x3d0 [ 405.034082][ C1] worker_thread+0x86d/0xd40 [ 405.034126][ C1] ? __kthread_parkme+0x169/0x1d0 [ 405.034162][ C1] ? __pfx_worker_thread+0x10/0x10 [ 405.034192][ C1] kthread+0x2f0/0x390 [ 405.034213][ C1] ? __pfx_worker_thread+0x10/0x10 [ 405.034242][ C1] ? __pfx_kthread+0x10/0x10 [ 405.034265][ C1] ret_from_fork+0x4b/0x80 [ 405.034295][ C1] ? __pfx_kthread+0x10/0x10 [ 405.034317][ C1] ret_from_fork_asm+0x1a/0x30 [ 405.034364][ C1] [ 405.034379][ C1] DEBUG: waiting rtnl_mutex for 1202 jiffies.