last executing test programs:

3.740262489s ago: executing program 0 (id=2130):
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0x541b, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_uring_enter(0xffffffffffffffff, 0x4b44, 0xe9f3, 0x5, &(0x7f0000000000)={[0x2, 0x1]}, 0x8)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000180)={'syztnl1\x00', &(0x7f00000002c0)={'sit0\x00', <r2=>0x0, 0x7, 0x700, 0x5, 0xfff, {{0xb, 0x4, 0x2, 0x1e, 0x2c, 0x67, 0x0, 0x9, 0x0, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote, {[@end, @generic={0x44, 0x6, "7f0e553e"}, @timestamp_addr={0x44, 0xc, 0x3, 0x1, 0x6, [{@multicast1, 0x4}]}, @ra={0x94, 0x4, 0x1}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000200)={'syztnl2\x00', &(0x7f0000000340)={'ip6_vti0\x00', <r3=>0x0, 0x29, 0x2, 0xf8, 0x0, 0x48, @dev={0xfe, 0x80, '\x00', 0x23}, @empty, 0x7800, 0x20, 0x0, 0x598}})
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000006c0)={'vxcan1\x00', <r5=>0x0})
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r6, &(0x7f0000000040)={&(0x7f0000000080)={0x1d, r5, 0x10000000}, 0x10, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="0400"/16, @ANYRES64=0x0, @ANYRES64=0xea60, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="000000000100000000000000fc"], 0x48}}, 0x0)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r0, &(0x7f0000000480)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x5c, r1, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010100}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}]}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x24, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x19}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x14)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x1)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000032680)=""/102392, 0x18ff8)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="042206841c8a05002affffffffffff022288660d7857eb0792e6b4d60a1dae1274090006aaaaaaaaaa100804e472b007000fffffffffffff0602e796f802007f000000000000000000303b57ed864d99c6469e4e1e3d4fa086ff8725f065"], 0x3c)
pwritev2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000040)="d0600b401f39b97bf93ecf49759e94b4519a0de2f87e5c417273a5dce55efb335b22dce602ca972f116438489fdab766171401f130eb1c9e78ec70db15755f97ca197fc3da0b85ea0d2f7bdffcc1caa5810430b5448f4ae272489f5c7ac1e4660c4f7b0446d5457181924a3d4dbfdfee93a14379adfe", 0x76}], 0x1, 0xa, 0x6e6f2b53, 0x10)

2.760156375s ago: executing program 3 (id=2137):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r2, @ANYBLOB="04005b00060065004008"], 0x28}}, 0x0)

2.570702803s ago: executing program 3 (id=2138):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x76, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

2.430689258s ago: executing program 3 (id=2139):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$sndseq(0xffffff9c, &(0x7f0000000080), 0x80)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0xc04c5349, &(0x7f00000000c0)={0xfffffff8, 0x7fff, 0x9})
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r2 = socket$kcm(0x10, 0x3, 0x10)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r3, 0x29, 0x3c, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90524fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg(r2, &(0x7f0000000140)={0x0, 0xffffffffffffff13, 0x0, 0x0, 0x0, 0x0, 0x407006}, 0x143)
openat$cgroup_root(0xffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)

2.240560907s ago: executing program 3 (id=2140):
open(&(0x7f0000000000)='./bus\x00', 0x1c5c7e, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
close(r0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
r2 = syz_init_net_socket$ax25(0x3, 0x5, 0x7)
recvmmsg(r2, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
bind$ax25(r2, &(0x7f0000000140)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

2.110702463s ago: executing program 1 (id=2141):
syz_emit_ethernet(0x1f, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffff000000e8ff000e03424203"], 0x0)

2.110407485s ago: executing program 1 (id=2142):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0xab, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="86ea8670c0aee015349c4cb9092d1447f2661036086c8be58a3161442f88137000000000000000b3ba8de81a5bc0311ffd33f18789d3357b47e462b0d0a59a90973b2d4d3e6d6dac6cded2ac78bb2dfcbb953ba4e09b62f36840611754dfef79fde5eb107587dd5b144f708b024ac27d5b85f5fb7de0f1d6fae0c1245a8a162c850dc5cb7e64f9e5c2d22d6d30d52f3d6e9e4196a9dbe2bcd4d3df0256d7eb90415ceea3776b1c18abf0b60768192c73caaae816a08ca62bbe7643ff4a18e27805cc570ff6a10935cabd2fbf7adb20cc4f9a3f294038fca9146a9d74297512f1bcf47999640eb7ff1439540718969af629f9f0b72aede63e043f51d1a28e33af0bf26faac2afd5059abdd75b75897764c0afedbfd8e0c4ad54487473a50fc6a4dd9db03ce7a6db94513a87852cb01e7c8574448455dfa95b25558e62a710872fad56d8fb73165d893b0812b1d72a", @ANYRESOCT=r2, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003801000018004000300080001"], 0x44}, 0x1, 0x0, 0x0, 0x4805}, 0x0)
r5 = openat$dlm_control(0xffffff9c, &(0x7f0000000240), 0x60000, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r7, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r8, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r5, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x28, r7, 0x100, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x4}, @void, @val={0xc, 0x99, {0x1, 0x2c}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x4004000)
getresuid(&(0x7f0000000040), &(0x7f0000000100), &(0x7f0000000140)=<r9=>0x0)
r10 = socket(0xa, 0x1, 0x0)
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r11=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r11)
write$P9_RGETATTR(r5, &(0x7f0000000280)={0xa0, 0x19, 0x2, {0xd, {0x8, 0x2, 0x8}, 0x10, r9, r11, 0x9cb, 0x2, 0x7, 0x31, 0x4, 0x61, 0x0, 0x101, 0x4, 0x1000, 0x1, 0x5, 0x7, 0x7, 0x80}}, 0xa0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)={0x38, r4, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=@newqdisc={0x58, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x4, 0x8002}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x8, 0xd7, 0x6, 0x8b1e, 0x2, 0x0, 0x5}}, {0x4}}]}]}, 0x58}}, 0x2000400c)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x0, 0x1, 0xfffffffffffffec7})

2.010313662s ago: executing program 0 (id=2143):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x13}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}]}], {0x14}}, 0xc0}}, 0x0)

1.950088466s ago: executing program 1 (id=2144):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001b00)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0, 0x4})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000001c0)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000280)=""/74})
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f0000000480)={0x1, r3})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f00000007c0))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xb5, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

1.949747503s ago: executing program 0 (id=2145):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="000100001a0001000000000000000000fe880000000000000000000000000001ffffffff00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000662b0000002001000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000014000e00ff010000000000000000000000000001"], 0x100}}, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_NEXT_CMD_LEN(r2, 0x2283, &(0x7f0000000380)=0x3)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
clock_getres(0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c000000000000000000000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b007f000001e000000200000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000000000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f000001000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f000001ac141400000000001c00000000000000000000004700000044aa00210a2101"], 0x230}, 0x0)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90324fc60100005000a000248053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB="340000001000390400"/20, @ANYRES32=r5, @ANYBLOB="00000000000000000c002b80080004"], 0x34}}, 0x0)
read$FUSE(r3, &(0x7f0000000440)={0x2020}, 0x2020)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_TDLS_OPER(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000005100000008000300", @ANYRES32=r8, @ANYBLOB="0a00060008021100000100ff05008a0003"], 0x30}}, 0x0)
r9 = fcntl$dupfd(r2, 0x0, r2)
write$sndseq(r9, &(0x7f0000000100)=[{0x0, 0x0, 0x0, 0x0, @time={0x24000000}}, {0x0, 0x0, 0x0, 0x0, @time}], 0x38)
r10 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r10, 0xc0405602, &(0x7f0000000040)={0x4f, 0xa, 0x0, "3258c546dacccfae1e008faa00000000f4ff4000"})
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374"], 0x78}, 0x1, 0x0, 0x0, 0x810}, 0x40095)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d0000006700000005"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r11}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

1.799839041s ago: executing program 0 (id=2146):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg2\x00', <r2=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x68, r1, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x4c, 0x8, 0x0, 0x1, [{0x48, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x20, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x13}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r2}]}, 0x68}}, 0x0)

1.799551296s ago: executing program 1 (id=2147):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{@in=@private, @in=@empty}, {@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0xa000000, 0x2b}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', {}, {}, {0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0x2, 0x2, 0x0, 0x67}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}}, 0x0)

1.799152173s ago: executing program 0 (id=2148):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.kill\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100)={'#! ', './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x1000a)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x23, &(0x7f0000000340)={0x0, 0x5}, 0x8)

1.73996205s ago: executing program 0 (id=2149):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000000)={&(0x7f0000000340)="8c", 0x0, 0x0, 0x0, 0xfffffffd, r0}, 0x38)
r1 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$nci(r2, &(0x7f0000000200)=""/134, 0x86)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_open_dev$swradio(&(0x7f00000000c0), 0x0, 0x2)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)
sendfile64(r4, 0xffffffffffffffff, &(0x7f0000000140)=0x8, 0x5df7e353)
ioctl$IOC_PR_CLEAR(r4, 0x401070cd, &(0x7f0000000100)={0x9})
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x402, 0x0, 0x0, 0x7}, 0x0, 0x0)
ioctl$VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f041})

1.73969102s ago: executing program 1 (id=2150):
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0xb000, 0x1000, 0x0, 0x1}, 0x1c)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'vlan0\x00'})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100))
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
r3 = socket$kcm(0xa, 0x0, 0x87)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000340)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000180)={r4})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000002780)={<r5=>0x0})
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x4008890}, 0x4000)
close(r1)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={r5, 0x3, r2})
clock_getres(0x2, &(0x7f0000000000)={<r8=>0x0})
r9 = socket$inet6(0xa, 0x1, 0x0)
r10 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r10, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x800, 0x1, 0x103, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r9, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xa4}, 0x40000000, 0x0, 0x3, 0x0, 0x0, 0x9}, 0x20)
getsockopt$EBT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x81, &(0x7f00000005c0)={'broute\x00', 0x0, 0x3, 0xc5, [0xfffffff8, 0x8, 0x2, 0x10001, 0x867, 0x6], 0x5, &(0x7f0000000440)=[{}, {}, {}, {}, {}], &(0x7f00000004c0)=""/197}, &(0x7f0000000300)=0x50)
r11 = syz_open_procfs(0x0, &(0x7f0000000080)='net/connector\x00')
socket$nl_generic(0x10, 0x3, 0x10)
r12 = socket$nl_route(0x10, 0x3, 0x0)
epoll_pwait2(r11, &(0x7f00000001c0)=[{}], 0x1, &(0x7f0000000240)={0x77359400}, &(0x7f0000000280)={[0x7, 0xc]}, 0x8)
unshare(0x20000400)
syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/net\x00')
sendmsg$nl_route(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYRESOCT, @ANYRES32=r8, @ANYRESDEC=r3, @ANYRESOCT=r7, @ANYRES32=r1], 0x3c}, 0x1, 0x0, 0x0, 0x44000}, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000140)={'pim6reg0\x00'})

1.350510421s ago: executing program 3 (id=2151):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000900)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0x0, 0x4}}}]}, 0x78}}, 0x0) (fail_nth: 5)

1.259317963s ago: executing program 3 (id=2152):
r0 = creat(&(0x7f00000005c0)='./file0\x00', 0x0)
close(r0)
socket$xdp(0x2c, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x1c8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000580], 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="000000000000000000000000000000000000000f38bb23dd23f44100000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff010000001d00000000000000000065727370616e3000000000000000000062726964676530000000000000000000b43b24af61af8e2f000000000000000065716c00000000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a000000010010000380100006d61726b5f6d00000000000000000000000000000000000000000000000000000c0000000400000001000000000100006e666c6f670000000000000000000000000000000000000000000000000000004c0000006d8000000900090000000000b80eba8ec4468a0538ee0eed5dd9119d918668afa6c019b085be3837595dc113ccf27499f7202a2b59394b2619bcf57ec99b9abb99943198532b0b7bdd0f61e5726564697265637400000000000000000000000000000000000000000000000004000000fdffffff"]}, 0x218)
read$FUSE(0xffffffffffffffff, &(0x7f0000004680)={0x2020, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0xfffffffffffffeff)
move_pages(r3, 0x0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000300)='rxrpc_rx_abort\x00'}, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x4040083)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'nicvf0\x00', 0x3666b165f8ff1357})
ioctl$TUNGETVNETLE(r5, 0x400454de, &(0x7f0000001940))
r6 = syz_io_uring_setup(0x23b, &(0x7f0000000280)={0x0, 0x0, 0x10100, 0x0, 0xfffffffe}, 0x0, &(0x7f0000000340))
io_uring_enter(r6, 0x0, 0x0, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000045c0)={0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x4}, 0x0, &(0x7f0000004640)={0xf8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000000080))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
openat$sndtimer(0xffffff9c, &(0x7f0000000380), 0x80000)
splice(r7, 0x0, r8, 0x0, 0xf3a, 0x0)
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000b, 0x8012, r4, 0x0)

780.470374ms ago: executing program 1 (id=2153):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
socket(0x1a, 0x800, 0x2000000)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf"], 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000600), 0x6828, 0x0)
syz_clone3(&(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, {0x1000}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$EVIOCGKEYCODE(r1, 0x80084504, &(0x7f0000000040)=""/175)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r2, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0xc, 0xfeff, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xfeff})
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040))
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_aout(r3, &(0x7f00000010c0)=ANY=[], 0x1a3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @log={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_LOG_LEVEL={0x8, 0x6, 0x1, 0x0, 0xf08d}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x70}}, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = dup(r7)
r9 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r9, 0xc05c6104, &(0x7f00000001c0)={"f2efe21e", 0x0, 0x6, 0x4d, 0x0, 0x11ff, "2179d46fd08e3c0ced34c7d0c7e6d7", '\x00', "5161dc20", "a2d1d4a2", ["1af0b1ba1cb8fd54c9c9b587", "bed0f3d6ce7a5f7389827f04", "33af343c60abc64f2fdc9ddf", "9b3842fc63849f62b6eb1c3c"]})
ioctl$CEC_TRANSMIT(r9, 0xc0386105, &(0x7f0000000d40)={0x10000000000, 0x0, 0x13e94251, 0x0, 0x0, 0x9e7, "57c121305900", 0x1})
ioctl$KVM_CAP_HYPERV_DIRECT_TLBFLUSH(r8, 0x4068aea3, &(0x7f0000000200))

469.960528ms ago: executing program 2 (id=2154):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x1, 0xf5, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xb4}}, 0x0)

360.485661ms ago: executing program 2 (id=2155):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x3, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x3, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848433f00005e140602000000000e0003000f000000028000001294", 0x2e}], 0x1}, 0x0)

310.222124ms ago: executing program 2 (id=2156):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001b00)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0, 0x4})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000001c0)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000280)=""/74})
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f0000000480)={0x1, r3})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f00000007c0))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xb5, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

230.235885ms ago: executing program 2 (id=2157):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='io.stat\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r0, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="0200002000fd"})

229.96117ms ago: executing program 2 (id=2158):
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = syz_open_dev$sg(&(0x7f00000005c0), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r3, 0x1, &(0x7f0000000380)=ANY=[@ANYBLOB="ea00000009000000a187", @ANYRES32, @ANYBLOB="71e5ef39"])
bind$alg(0xffffffffffffffff, &(0x7f00000009c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-avx2\x00'}, 0x58)
r4 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$inet(r4, &(0x7f0000000d80)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000500)="cc5f56510644c3e79b61b0c49db4aad68547302474fd934ba1fa84e547294b1ad3139619afb418c93cb7eaa8bb1700c956cf731b2bc87abb7e7b3cb85daa14d8", 0x40}, {&(0x7f0000000440)="7faaa3", 0x3}], 0x2}}], 0x1, 0x206b99)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x57, 0x0, 0x0, {0x0, 0x1}, {0x45, 0x6}, @period={0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x40}, 0x0, 0x0}})
r5 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
write$char_usb(r5, &(0x7f0000000040)="e2", 0x12d8) (fail_nth: 30)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="11002bbd7000fedbdf251b000000100002800600018008000100080000001800018014000200776c616e30"], 0x3c}}, 0x4000)

0s ago: executing program 2 (id=2159):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f00000001c0)={0x0, 0xfb, 0x57, 0x3, 0x6, "94ab40101899142f54f39c865da88332", "550da224adf7469f33a35582ba0a47e41a6f6c1fe85149046da454835f328ba64a3bfb1d69016773888da30ddb8b5d81b838a3c27731b9789ddd00ab9064c8347f20"}, 0x57, 0x4)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
select(0x20000000, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect(r4, &(0x7f00000004c0)=@rc={0x1f, @none, 0x8}, 0x80)
clock_gettime(0x0, &(0x7f0000002200)={<r5=>0x0, <r6=>0x0})
timer_settime(0x0, 0x1, &(0x7f000006b000)={{r5, r6+10000000}, {0x0, 0x9}}, 0x0)
timer_gettime(r3, &(0x7f0000002380))
ioctl$CEC_ADAP_G_PHYS_ADDR(r2, 0x80026101, &(0x7f0000000240))
write$RDMA_USER_CM_CMD_BIND_IP(r2, &(0x7f00000013c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0xfffffffc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0xffffffffffffffd6)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000001340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x6b}})
readv(r0, &(0x7f0000000100)=[{&(0x7f0000000340)=""/4096, 0x1000}], 0x1)

kernel console output (not intermixed with test programs):

 leftover after parsing attributes in process `syz.0.1665'.
[  272.631470][T11418] netlink: 'syz.0.1665': attribute type 9 has an invalid length.
[  272.638502][T11418] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1665'.
[  272.684810][T11422] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  273.277293][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  273.777903][T11449] FAULT_INJECTION: forcing a failure.
[  273.777903][T11449] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  273.782647][T11449] CPU: 1 UID: 0 PID: 11449 Comm: syz.3.1672 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  273.786549][T11449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  273.790254][T11449] Call Trace:
[  273.791361][T11449]  <TASK>
[  273.792362][T11449]  dump_stack_lvl+0x16c/0x1f0
[  273.793679][T11449]  should_fail_ex+0x497/0x5b0
[  273.794945][T11449]  _copy_from_user+0x30/0xf0
[  273.796228][T11449]  input_event_from_user+0x22d/0x3b0
[  273.797656][T11449]  ? __pfx_input_event_from_user+0x10/0x10
[  273.799678][T11449]  ? input_inject_event+0x193/0x370
[  273.801601][T11449]  evdev_write+0x377/0x750
[  273.803207][T11449]  ? __pfx_evdev_write+0x10/0x10
[  273.804967][T11449]  ? bpf_lsm_file_permission+0x9/0x10
[  273.806922][T11449]  ? security_file_permission+0x71/0x210
[  273.809126][T11449]  ? __pfx_evdev_write+0x10/0x10
[  273.810741][T11449]  vfs_write+0x28e/0x1140
[  273.811836][T11449]  ? __fget_files+0x23a/0x3f0
[  273.813057][T11449]  ? __pfx_lock_release+0x10/0x10
[  273.814317][T11449]  ? trace_lock_acquire+0x14a/0x1d0
[  273.815633][T11449]  ? __pfx_vfs_write+0x10/0x10
[  273.816861][T11449]  ? lock_acquire+0x2f/0xb0
[  273.818026][T11449]  ? __fget_files+0x40/0x3f0
[  273.819215][T11449]  ? __fget_files+0x244/0x3f0
[  273.820459][T11449]  ksys_write+0x1fa/0x260
[  273.821629][T11449]  ? __pfx_ksys_write+0x10/0x10
[  273.822912][T11449]  ? rcu_is_watching+0x12/0xc0
[  273.824176][T11449]  __do_fast_syscall_32+0x73/0x120
[  273.825569][T11449]  do_fast_syscall_32+0x32/0x80
[  273.826849][T11449]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  273.828496][T11449] RIP: 0023:0xf7f4f579
[  273.829578][T11449] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  273.834444][T11449] RSP: 002b:00000000f56b556c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  273.836592][T11449] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[  273.838650][T11449] RDX: 0000000000001068 RSI: 0000000000000000 RDI: 0000000000000000
[  273.840676][T11449] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  273.842716][T11449] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  273.844773][T11449] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  273.846820][T11449]  </TASK>
[  274.227415][ T5357] Bluetooth: hci0: command 0x0c1a tx timeout
[  274.307315][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  274.524438][T11458] netlink: 'syz.0.1676': attribute type 10 has an invalid length.
[  274.527163][T11458] netdevsim netdevsim0 netdevsim0: left allmulticast mode
[  274.531231][T11456] netlink: 'syz.1.1675': attribute type 9 has an invalid length.
[  274.533727][T11458] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[  274.535657][T11458] bridge0: port 3(netdevsim0) entered disabled state
[  274.537276][T11456] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1675'.
[  274.544180][T11458] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  274.546463][T11458] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  274.568203][T11456] netlink: 'syz.1.1675': attribute type 9 has an invalid length.
[  274.572615][T11456] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1675'.
[  274.589118][T11462] futex_wake_op: syz.0.1678 tries to shift op by -1; fix this program
[  274.622916][T11462] program syz.0.1678 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  274.672615][T11462] FAULT_INJECTION: forcing a failure.
[  274.672615][T11462] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  274.676082][T11462] CPU: 0 UID: 0 PID: 11462 Comm: syz.0.1678 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  274.678933][T11462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  274.681837][T11462] Call Trace:
[  274.682979][T11462]  <TASK>
[  274.683995][T11462]  dump_stack_lvl+0x16c/0x1f0
[  274.685633][T11462]  should_fail_ex+0x497/0x5b0
[  274.687256][T11462]  _copy_from_user+0x30/0xf0
[  274.688835][T11462]  input_event_from_user+0x22d/0x3b0
[  274.690630][T11462]  ? __pfx_input_event_from_user+0x10/0x10
[  274.692657][T11462]  ? input_inject_event+0x193/0x370
[  274.694413][T11462]  evdev_write+0x377/0x750
[  274.694479][T11460] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1677'.
[  274.695963][T11462]  ? __pfx_evdev_write+0x10/0x10
[  274.701771][T11462]  ? bpf_lsm_file_permission+0x9/0x10
[  274.703403][T11462]  ? security_file_permission+0x71/0x210
[  274.705232][T11462]  ? __pfx_evdev_write+0x10/0x10
[  274.706639][T11462]  vfs_write+0x28e/0x1140
[  274.708041][T11462]  ? __fget_files+0x23a/0x3f0
[  274.709664][T11462]  ? __pfx_lock_release+0x10/0x10
[  274.711382][T11462]  ? trace_lock_acquire+0x14a/0x1d0
[  274.713160][T11462]  ? __pfx_vfs_write+0x10/0x10
[  274.714799][T11462]  ? lock_acquire+0x2f/0xb0
[  274.716352][T11462]  ? __fget_files+0x40/0x3f0
[  274.717936][T11462]  ? __fget_files+0x244/0x3f0
[  274.719547][T11462]  ksys_write+0x1fa/0x260
[  274.721109][T11462]  ? __pfx_ksys_write+0x10/0x10
[  274.722923][T11462]  ? rcu_is_watching+0x12/0xc0
[  274.724674][T11462]  __do_fast_syscall_32+0x73/0x120
[  274.726499][T11462]  do_fast_syscall_32+0x32/0x80
[  274.728125][T11462]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  274.730280][T11462] RIP: 0023:0xf7eff579
[  274.731670][T11462] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  274.738408][T11462] RSP: 002b:00000000f568656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  274.741279][T11462] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000040
[  274.743976][T11462] RDX: 00000000000012d8 RSI: 0000000000000000 RDI: 0000000000000000
[  274.746825][T11462] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  274.749721][T11462] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  274.751908][T11462] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  274.754595][T11462]  </TASK>
[  274.755842][    C0] vkms_vblank_simulate: vblank timer overrun
[  274.939164][T11471] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  275.058749][ T5410] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  275.160634][T11483] FAULT_INJECTION: forcing a failure.
[  275.160634][T11483] name failslab, interval 1, probability 0, space 0, times 0
[  275.165711][T11483] CPU: 1 UID: 0 PID: 11483 Comm: syz.3.1684 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  275.169024][T11483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  275.172332][T11483] Call Trace:
[  275.173229][T11483]  <TASK>
[  275.174323][T11483]  dump_stack_lvl+0x16c/0x1f0
[  275.176142][T11483]  should_fail_ex+0x497/0x5b0
[  275.177675][T11483]  ? fs_reclaim_acquire+0xae/0x160
[  275.179325][T11483]  should_failslab+0xc2/0x120
[  275.180745][T11483]  __kmalloc_cache_noprof+0x6b/0x310
[  275.182311][T11483]  ? packet_setsockopt+0x247e/0x4000
[  275.184111][T11483]  packet_setsockopt+0x247e/0x4000
[  275.185801][T11483]  ? __pfx_packet_setsockopt+0x10/0x10
[  275.187793][T11483]  ? __pfx___might_resched+0x10/0x10
[  275.189761][T11483]  ? __pfx___lock_acquire+0x10/0x10
[  275.191597][T11483]  ? aa_sk_perm+0x2f5/0xb20
[  275.193351][T11483]  ? __pfx_aa_sk_perm+0x10/0x10
[  275.194628][T11483]  ? __pfx_packet_setsockopt+0x10/0x10
[  275.196088][T11483]  do_sock_setsockopt+0x222/0x480
[  275.197421][T11483]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  275.198917][T11483]  ? fdget+0x176/0x210
[  275.199990][T11483]  __sys_setsockopt+0x1a4/0x270
[  275.201282][T11483]  ? __pfx___sys_setsockopt+0x10/0x10
[  275.202719][T11483]  ? __pfx_bpf_trace_run2+0x10/0x10
[  275.204043][T11483]  ? fput+0x30/0x390
[  275.205088][T11483]  ? __pfx_ksys_write+0x10/0x10
[  275.206406][T11483]  __ia32_sys_setsockopt+0xbc/0x160
[  275.207797][T11483]  ? syscall_trace_enter+0x1ce/0x240
[  275.209203][T11483]  __do_fast_syscall_32+0x73/0x120
[  275.210573][T11483]  do_fast_syscall_32+0x32/0x80
[  275.210582][ T5410] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  275.211881][T11483]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  275.215194][ T5410] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.216834][T11483] RIP: 0023:0xf7f4f579
[  275.220704][T11483] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  275.225811][T11483] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  275.227264][ T5410] usb 6-1: Product: syz
[  275.228124][T11483] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000107
[  275.229624][ T5410] usb 6-1: Manufacturer: syz
[  275.231700][T11483] RDX: 0000000000000012 RSI: 00000000200000c0 RDI: 0000000000000004
[  275.231711][T11483] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  275.231718][T11483] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  275.231724][T11483] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  275.231740][T11483]  </TASK>
[  275.247612][ T5410] usb 6-1: SerialNumber: syz
[  275.250766][ T5410] usb 6-1: config 0 descriptor??
[  275.299175][T11489] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1686'.
[  275.307447][T11489] sp0: Synchronizing with TNC
[  275.357309][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  275.421295][T11490] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1687'.
[  275.438449][ T1067] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  275.440816][ T1067] ata1: failed to read log page 10h (errno=-5)
[  275.443019][ T1067] ata1.00: exception Emask 0x1 SAct 0x4000 SErr 0x0 action 0x0
[  275.448459][ T1067] ata1.00: irq_stat 0x40000000
[  275.450366][ T1067] ata1.00: failed command: WRITE FPDMA QUEUED
[  275.452302][ T1067] ata1.00: cmd 61/18:70:52:c6:09/00:00:00:00:00/40 tag 14 ncq dma 12288 out
[  275.452302][ T1067]          res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  275.467736][ T1067] ata1.00: status: { DRDY }
[  275.469938][ T1067] ata1.00: configured for UDMA/100
[  275.472963][ T1067] ata1: EH complete
[  275.562227][ T5410] usb 6-1: USB disconnect, device number 27
[  275.634910][T11508] kAFS: No cell specified
[  276.273558][T11530] cannot load conntrack support for proto=3
[  276.387358][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  276.578722][T11544] kAFS: No cell specified
[  276.682432][T11552] fuse: Bad value for 'fd'
[  276.687502][ T5410] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  276.847392][ T5410] usb 6-1: Using ep0 maxpacket: 8
[  276.852617][ T5410] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  276.859189][ T5410] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  276.866865][ T5410] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  276.874509][ T5410] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  276.886914][ T5410] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  276.893480][ T5410] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.947719][ T4779] Bluetooth: hci0: command 0x0c1a tx timeout
[  277.100388][ T5410] usb 6-1: GET_CAPABILITIES returned 0
[  277.105477][ T5410] usbtmc 6-1:16.0: can't read capabilities
[  277.305844][T11540] FAULT_INJECTION: forcing a failure.
[  277.305844][T11540] name failslab, interval 1, probability 0, space 0, times 0
[  277.317283][T11540] CPU: 3 UID: 0 PID: 11540 Comm: syz.1.1702 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  277.320085][T11540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  277.321459][ T4779] Bluetooth: hci0: unexpected event for opcode 0x040e
[  277.322801][T11540] Call Trace:
[  277.325755][T11540]  <TASK>
[  277.326554][T11540]  dump_stack_lvl+0x16c/0x1f0
[  277.327821][T11540]  should_fail_ex+0x497/0x5b0
[  277.329036][T11540]  ? fs_reclaim_acquire+0xae/0x160
[  277.330363][T11540]  should_failslab+0xc2/0x120
[  277.331615][T11540]  __kmalloc_noprof+0xcb/0x410
[  277.332887][T11540]  ? __get_fs_type+0x21/0x170
[  277.334153][T11540]  tomoyo_encode2+0x100/0x3e0
[  277.335164][T11566] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1710'.
[  277.335398][T11540]  tomoyo_encode+0x2c/0x40
[  277.339791][T11540]  tomoyo_mount_acl+0x314/0x880
[  277.341102][T11540]  ? hlock_class+0x4e/0x130
[  277.342307][T11540]  ? __lock_acquire+0x163e/0x3ce0
[  277.343644][T11540]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  277.345132][T11540]  ? __pfx___lock_acquire+0x10/0x10
[  277.346469][T11540]  ? stack_trace_save+0x95/0xd0
[  277.347764][T11540]  ? __pfx_lock_release+0x10/0x10
[  277.349124][T11540]  ? trace_lock_acquire+0x14a/0x1d0
[  277.350515][T11540]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  277.352242][T11540]  ? tomoyo_mount_permission+0x146/0x410
[  277.353756][T11540]  ? lock_acquire+0x2f/0xb0
[  277.354962][T11540]  ? tomoyo_mount_permission+0x146/0x410
[  277.356445][T11540]  tomoyo_mount_permission+0x16b/0x410
[  277.357894][T11540]  ? tomoyo_mount_permission+0x146/0x410
[  277.359259][T11540]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  277.360839][T11540]  ? get_current_fs_domain+0x188/0x1f0
[  277.362285][T11540]  security_sb_mount+0x9b/0x260
[  277.363569][T11540]  path_mount+0x129/0x1f10
[  277.364763][T11540]  ? kmem_cache_free+0x152/0x4b0
[  277.366097][T11540]  ? __pfx_path_mount+0x10/0x10
[  277.367380][T11540]  ? putname+0x12e/0x170
[  277.368503][T11540]  __ia32_sys_mount+0x292/0x310
[  277.369795][T11540]  ? __pfx___ia32_sys_mount+0x10/0x10
[  277.371211][T11540]  ? rcu_is_watching+0x12/0xc0
[  277.372447][T11540]  __do_fast_syscall_32+0x73/0x120
[  277.373752][T11540]  do_fast_syscall_32+0x32/0x80
[  277.375043][T11540]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  277.376755][T11540] RIP: 0023:0xf7f58579
[  277.377854][T11540] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  277.382827][T11540] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  277.385027][T11540] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000180
[  277.387078][T11540] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000020000440
[  277.389159][T11540] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  277.391248][T11540] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  277.393332][T11540] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  277.395435][T11540]  </TASK>
[  277.402443][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  277.402455][   T40] audit: type=1326 audit(2000000426.011:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11541 comm="syz.2.1703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7fc00000
[  277.411100][   T40] audit: type=1326 audit(2000000426.011:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11541 comm="syz.2.1703" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f15579 code=0x7fc00000
[  277.418432][   T40] audit: type=1326 audit(2000000426.011:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11541 comm="syz.2.1703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7fc00000
[  277.424203][   T40] audit: type=1326 audit(2000000426.011:1250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11541 comm="syz.2.1703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7fc00000
[  277.427302][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  277.428280][   T25] usb 6-1: USB disconnect, device number 28
[  277.430962][   T40] audit: type=1326 audit(2000000426.011:1251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11541 comm="syz.2.1703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7fc00000
[  277.445085][   T40] audit: type=1326 audit(2000000426.011:1252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11541 comm="syz.2.1703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7fc00000
[  277.454525][   T40] audit: type=1326 audit(2000000426.011:1253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11541 comm="syz.2.1703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7fc00000
[  277.462900][   T40] audit: type=1326 audit(2000000426.011:1254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11541 comm="syz.2.1703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7fc00000
[  277.468881][   T40] audit: type=1326 audit(2000000426.011:1255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11541 comm="syz.2.1703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7fc00000
[  277.474391][   T40] audit: type=1326 audit(2000000426.011:1256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11541 comm="syz.2.1703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7fc00000
[  277.546413][T11569] FAULT_INJECTION: forcing a failure.
[  277.546413][T11569] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  277.554461][T11569] CPU: 0 UID: 0 PID: 11569 Comm: syz.2.1712 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  277.558220][T11569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  277.561943][T11569] Call Trace:
[  277.563085][T11569]  <TASK>
[  277.564129][T11569]  dump_stack_lvl+0x16c/0x1f0
[  277.565821][T11569]  should_fail_ex+0x497/0x5b0
[  277.567511][T11569]  _copy_from_user+0x30/0xf0
[  277.569163][T11569]  get_compat_msghdr+0xa8/0x170
[  277.570777][T11569]  ? __pfx_get_compat_msghdr+0x10/0x10
[  277.572495][T11569]  ? find_held_lock+0x2d/0x110
[  277.573876][T11569]  ___sys_recvmsg+0x193/0x1a0
[  277.575148][T11569]  ? __pfx____sys_recvmsg+0x10/0x10
[  277.577053][T11569]  ? lock_acquire+0x2f/0xb0
[  277.578395][T11569]  ? __fget_files+0x40/0x3f0
[  277.579693][T11569]  ? __pfx___might_resched+0x10/0x10
[  277.581212][T11569]  ? fdget+0x176/0x210
[  277.582582][T11569]  do_recvmmsg+0x51a/0x750
[  277.584218][T11569]  ? __pfx_do_recvmmsg+0x10/0x10
[  277.585961][T11569]  ? __pfx_lock_release+0x10/0x10
[  277.587548][T11569]  ? lock_acquire.part.0+0x11b/0x380
[  277.589029][T11569]  ? __pfx___cant_migrate+0x10/0x10
[  277.590384][T11569]  ? bpf_trace_run2+0x1c2/0x590
[  277.591977][T11569]  __sys_recvmmsg+0x21e/0x280
[  277.593601][T11569]  ? __pfx___sys_recvmmsg+0x10/0x10
[  277.595288][T11569]  ? __pfx_ksys_write+0x10/0x10
[  277.596555][T11569]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  277.598198][T11569]  ? syscall_trace_enter+0x1ce/0x240
[  277.599756][T11569]  __do_fast_syscall_32+0x73/0x120
[  277.601539][T11569]  do_fast_syscall_32+0x32/0x80
[  277.603198][T11569]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  277.605413][T11569] RIP: 0023:0xf7f15579
[  277.606860][T11569] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  277.613430][T11569] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  277.616247][T11569] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000840
[  277.618599][T11569] RDX: 0000000000000414 RSI: 0000000000000000 RDI: 0000000000000000
[  277.620642][T11569] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  277.623030][T11569] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  277.625712][T11569] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  277.628371][T11569]  </TASK>
[  277.629621][    C0] vkms_vblank_simulate: vblank timer overrun
[  277.768243][T11574] kAFS: No cell specified
[  277.901378][T11576] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1714'.
[  277.904872][T11576] FAULT_INJECTION: forcing a failure.
[  277.904872][T11576] name failslab, interval 1, probability 0, space 0, times 0
[  277.909038][T11576] CPU: 0 UID: 0 PID: 11576 Comm: syz.2.1714 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  277.911843][T11576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  277.914553][T11576] Call Trace:
[  277.915438][T11576]  <TASK>
[  277.916220][T11576]  dump_stack_lvl+0x16c/0x1f0
[  277.917512][T11576]  should_fail_ex+0x497/0x5b0
[  277.919073][T11576]  ? fs_reclaim_acquire+0xae/0x160
[  277.920588][T11576]  should_failslab+0xc2/0x120
[  277.921847][T11576]  __kmalloc_node_track_caller_noprof+0xcf/0x440
[  277.923514][T11576]  ? trace_contention_end+0xea/0x140
[  277.924932][T11576]  ? kasprintf+0xc8/0x100
[  277.926095][T11576]  kvasprintf+0xbd/0x160
[  277.927218][T11576]  ? __pfx_kvasprintf+0x10/0x10
[  277.928737][T11576]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  277.930605][T11576]  kasprintf+0xc8/0x100
[  277.931701][T11576]  ? __pfx_kasprintf+0x10/0x10
[  277.932952][T11576]  ? __pfx_lockdep_lock+0x10/0x10
[  277.934226][T11576]  ? lockdep_unlock+0x11a/0x290
[  277.935493][T11576]  alloc_workqueue+0x115/0x200
[  277.936737][T11576]  ? __pfx_alloc_workqueue+0x10/0x10
[  277.938243][T11576]  ? rcu_is_watching+0x12/0xc0
[  277.939692][T11576]  ? __kmalloc_noprof+0x207/0x410
[  277.941344][T11576]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  277.943281][T11576]  ieee80211_register_hw+0x1e21/0x3fb0
[  277.944777][T11576]  ? remove_waiter+0x9b2/0xfc0
[  277.946519][T11576]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  277.948436][T11576]  ? rcu_is_watching+0x12/0xc0
[  277.950057][T11576]  ? trace_hrtimer_init+0x19d/0x220
[  277.951839][T11576]  ? __hrtimer_init+0x106/0x2c0
[  277.953258][T11576]  mac80211_hwsim_new_radio+0x2c47/0x56c0
[  277.954980][T11576]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  277.956757][T11576]  hwsim_new_radio_nl+0xb42/0x12b0
[  277.958429][T11576]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  277.960276][T11576]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  277.962627][T11576]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  277.964978][T11576]  genl_family_rcv_msg_doit+0x202/0x2f0
[  277.966835][T11578] [U] 
[  277.966904][T11576]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  277.969673][T11578] [U] 
[  277.970023][T11576]  ? bpf_lsm_capable+0x9/0x10
[  277.970877][T11578] [U] ��ћ�T��$GYSRըї��<�]3������T�ѿ�\J�(�
[  277.972286][T11576]  ? security_capable+0x7e/0x260
[  277.975569][T11576]  ? ns_capable+0xd7/0x110
[  277.975828][T11578] [U] 
[  277.976827][T11576]  genl_rcv_msg+0x565/0x800
[  277.978000][T11578] [U] CW����* �9J�Q�#E��SW���C��V�1����!�	��GP�X
[  277.979137][T11576]  ? __pfx_genl_rcv_msg+0x10/0x10
[  277.981196][T11578] [U] N%�9���C�_��Nʅ�BC��$���4�(���
[  277.982508][T11576]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  277.984597][T11578] [U] H� Q�؛T��O�R�I#ı�TNBS_RЬ���ƫ�
:�؀�ɦT�ȯ��0�������ÏWڙ_[HN%
[  277.985569][T11576]  ? __pfx___lock_acquire+0x10/0x10
[  277.988625][T11578] [U] Ϡ����4�RЛ���<)�6JG؃��K�^�R\
[  277.989730][T11576]  netlink_rcv_skb+0x165/0x410
[  277.991700][T11578] [U] 7�R:�J37�
[  277.993183][T11576]  ? __pfx_genl_rcv_msg+0x10/0x10
[  277.994913][T11578] [U] Y�P�<��ԅ�U��
H�3ư-�̤��\PQBX�!Q6���SO'}��[���P5O�>�D��֎Y�J>|H0=�ԷT�X��Z�Y֦ʢ
Ě4��IǢ�5AZ��~ZA�~�K�^�TG�S�J�I:�����OD!M2K�W��R>ƈΗKC?X�8��H��*�@QEۻ�U	��.J9�ȓ~�{��`���'R)�-�Ǭ��=5��֝JLY �C�B��;+LP��,F�N����Y�%�3�P���&�)��][�ȋ4�L�ö��!�J�>	��
[  277.995743][T11576]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  278.004013][T11578] [U] �.”C�֯��EJ�J
�@�K�J�605RXU�TT�O�&�X�O��֕�\��&�����N
%Y����17�6`��I�W
[  278.004953][T11576]  ? down_read+0xc9/0x330
[  278.008412][T11578] [U] ���M<@N��KJ(��6)�)�V��LR�
[  278.008929][T11576]  ? __pfx_down_read+0x10/0x10
[  278.010827][T11578] [U] >YG��Z�?��`�O�M�X؍Ӈ�"������9+��DE���{�Ō$~B�YD�UME�!X�ݛA��AU�}J��£2N%MB�Q���
[  278.011907][T11576]  ? netlink_deliver_tap+0x1ae/0xcf0
[  278.015126][T11578] [U] �WV���W�@HZ�=�(��E��J�~�OS@��B�H�:"����!�JI��UJ=��)ΎU��	G����Ԗ=Y=�K�AD��
R�����:=�S����AX���X
[  278.016404][T11576]  genl_rcv+0x28/0x40
[  278.021126][T11576]  netlink_unicast+0x53c/0x7f0
[  278.021323][T11578] [U] BIޙE��}�ET�@�3�(� ����V����{�κ��~�UK+�{3T��$ƻ.�N[8S�ʇ��""�ʔ̺�]R�G�5
[  278.022673][T11576]  ? __pfx_netlink_unicast+0x10/0x10
[  278.025579][T11578] [U] V�{ը�VNB>DM��T���Q�T�
����
[  278.026863][T11576]  ? __phys_addr_symbol+0x30/0x80
[  278.028988][T11578] [U] G�*|�9ٺ�ņ�
[  278.029600][T11576]  ? __check_object_size+0x4a1/0x710
[  278.030819][T11578] [U] G��MIU�E!��T
ό*ߐ�8A7I5�-|��6LK
[  278.032297][T11576]  netlink_sendmsg+0x8b8/0xd70
[  278.034300][T11578] [U] Nū�D���	��S}R��B��Y�W<����C�����H�\�F��D.�����F�PK�ϋ,���C�ڜ.�;
��EY��K��]Z>��I����OQ&
O������,P��]�,7͛��U���I���
[  278.035317][T11576]  ? __pfx_netlink_sendmsg+0x10/0x10
[  278.040833][T11578] [U] ��	$�L�U2��F_3�+|NW�µZ�EǗ�P1W~���N�(�O͝��8�D�	�S��CDʮF�65�Z�G�R�ް�{���T���K�"@�����:�5}G�B��DѸ��\K�
[  278.040851][T11576]  ? lock_acquire+0x2f/0xb0
[  278.044866][T11578] [U] ����Y��ҟ8�4�4N<;
[  278.045790][T11576]  ____sys_sendmsg+0x9ae/0xb40
[  278.048090][T11578] [U] ���U�I�7X#E�4VML��ȋ���G͔�A��)-���(�N̗N����L#�)׌SU��6�
[  278.048280][T11576]  ? __pfx_____sys_sendmsg+0x10/0x10
[  278.051108][T11578] [U] )�<��E?�A��Uܤ�9��%]��DCC�E+L<'T��1Kȅ��3��.ɻ����WS������ZY�ϼ9I>����
]�Ȝ}{�
/`�ܿ5'�E�	41�TNAX߿ʯ�ϭQ��ëI T�%�G�7L~�B�S
[  278.052004][T11576]  ? get_compat_msghdr+0x11b/0x170
[  278.056183][T11578] [U] �͢���
[  278.057360][T11576]  ? __pfx___lock_acquire+0x10/0x10
[  278.059380][T11578] [U] Z��U�Ī�4��&˙�E~�8E�σ1��L{ȨGV�Y$PN�O4M���*F�`��A��T��M0?*I�#;�Ѥ+4V
���GA
�ݬ�%H��[�A�YX)LG]F ��H�|�ZV�E�/�ϧ1�7Ǭ�-ǽ��H�O+��^�)8�&E�@A8G˅�-�WR��S��-V�-ұ�O>�ŝQ���#9�UA�H�)F������SA֙�I�N��Z@�C���>K�L�VD^1�)�M$/��Є78..��Q���A�|��Ȧ)�9�">D>E��#I��`\�|{�U�FH.. �EM�W}]5��-,ŢRK}�F��Q���C�O*�P������N�F��
[  278.059617][T11576]  ___sys_sendmsg+0x135/0x1e0
[  278.068588][T11578] [U] ����
[  278.069435][T11576]  ? __pfx____sys_sendmsg+0x10/0x10
[  278.070536][T11578] [U] T�0ԝ�*�հ�
�XA����ɣ�A4W�K����C]X����]�L���=�
[  278.071718][T11576]  ? lock_acquire+0x2f/0xb0
[  278.073755][T11578] [U] �$C
UGS�EԲ6���������T�τPP˒Z3T2ȍ���9W-��֑̙�AR���ݻNB�ڎ�
��:^X��ϧ��B�����̲~�{J��
[  278.074726][T11576]  ? __fget_files+0x40/0x3f0
[  278.078730][T11578] [U] ��T̷E��' 2���L*�A��-�;P;BT��.�N�`��_Ӯ�;��*�U;��5C#R/��Q�K�*M���S�A����#)A�B��>�Yؐ�O\;^��'��O�5_�Y�H����L
�CE��&A�`;œ�ԸЕ�S��S��Ƈ{�H�� �TM�0����BI^L��>���8�٢VV8<��-�{$>�D	���ý]�W����U���0?K�˼ڹ�[UIRB_IL�/ES��I*�W�S�*�ZS���͎ђ��
[  278.078759][T11578] [U] 
[  278.085301][T11576]  ? fdget+0x176/0x210
[  278.087265][T11576]  __sys_sendmsg+0x117/0x1f0
[  278.088497][T11576]  ? __pfx___sys_sendmsg+0x10/0x10
[  278.089591][T11577] [U] 
[  278.089846][T11576]  ? bpf_trace_run2+0x2a6/0x590
[  278.092468][T11576]  ? rcu_is_watching+0x12/0xc0
[  278.093734][T11576]  __do_fast_syscall_32+0x73/0x120
[  278.095078][T11576]  do_fast_syscall_32+0x32/0x80
[  278.096394][T11576]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  278.097986][T11576] RIP: 0023:0xf7f15579
[  278.099156][T11576] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  278.104042][T11576] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  278.106138][T11576] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080
[  278.108124][T11576] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  278.110164][T11576] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  278.112783][T11576] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  278.115510][T11576] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  278.117625][T11576]  </TASK>
[  278.118519][    C0] vkms_vblank_simulate: vblank timer overrun
[  278.467268][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  278.472198][T11589] FAULT_INJECTION: forcing a failure.
[  278.472198][T11589] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  278.475647][T11589] CPU: 1 UID: 0 PID: 11589 Comm: syz.0.1719 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  278.478496][T11589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  278.481294][T11589] Call Trace:
[  278.482183][T11589]  <TASK>
[  278.482971][T11589]  dump_stack_lvl+0x16c/0x1f0
[  278.484224][T11589]  should_fail_ex+0x497/0x5b0
[  278.485489][T11589]  _copy_from_user+0x30/0xf0
[  278.486712][T11589]  do_compat_sigaltstack+0xf7/0x2f0
[  278.488085][T11589]  ? __pfx_do_compat_sigaltstack+0x10/0x10
[  278.489633][T11589]  ? ia32_restore_sigcontext+0x416/0x5d0
[  278.491105][T11589]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  278.492688][T11589]  ? _raw_spin_unlock_irq+0x23/0x50
[  278.494096][T11589]  ? lockdep_hardirqs_on+0x7c/0x110
[  278.495811][T11589]  compat_restore_altstack+0x17/0x40
[  278.497256][T11589]  __do_compat_sys_rt_sigreturn+0x18c/0x1f0
[  278.498837][T11589]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  278.500541][T11589]  ? rcu_is_watching+0x12/0xc0
[  278.501842][T11589]  do_int80_emulation+0x104/0x200
[  278.503208][T11589]  asm_int80_emulation+0x1a/0x20
[  278.504524][T11589] RIP: 0023:0xf7eff577
[  278.505644][T11589] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  278.510675][T11589] RSP: 002b:00000000f568656c EFLAGS: 00000296
[  278.512271][T11589] RAX: 00000000000000f0 RBX: 000000002000cffc RCX: 000000000000000b
[  278.514356][T11589] RDX: 0000000000000004 RSI: 000000002000b000 RDI: 0000000020048000
[  278.516436][T11589] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  278.518634][T11589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  278.520766][T11589] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  278.522840][T11589]  </TASK>
[  279.507313][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  280.053604][    T8] kernel write not supported for file /uinput (pid: 8 comm: kworker/0:0)
[  280.447306][    T8] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  280.508853][T11627] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  280.557267][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  280.577458][    T8] usb 6-1: device descriptor read/64, error -71
[  280.817926][    T8] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  280.947353][    T8] usb 6-1: device descriptor read/64, error -71
[  281.060656][    T8] usb usb6-port1: attempt power cycle
[  281.407336][    T8] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  281.428317][    T8] usb 6-1: device descriptor read/8, error -71
[  281.587275][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  281.687415][    T8] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  281.707915][    T8] usb 6-1: device descriptor read/8, error -71
[  281.757943][T11649] netlink: 188 bytes leftover after parsing attributes in process `syz.3.1735'.
[  281.760344][T11649] netlink: 'syz.3.1735': attribute type 1 has an invalid length.
[  281.762376][T11649] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1735'.
[  281.770662][T11649] Process accounting resumed
[  281.817672][    T8] usb usb6-port1: unable to enumerate USB device
[  282.627322][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  282.930296][T11665] misc userio: Invalid payload size
[  282.935634][T11665] misc userio: No port type given on /dev/userio
[  283.307718][T11668] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  283.667333][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  283.999388][   T40] kauditd_printk_skb: 19 callbacks suppressed
[  283.999400][   T40] audit: type=1326 audit(2000000432.611:1276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11667 comm="syz.3.1739" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7fc00000
[  284.030533][   T40] audit: type=1326 audit(2000000432.611:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11667 comm="syz.3.1739" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f4f579 code=0x7fc00000
[  284.053619][   T40] audit: type=1326 audit(2000000432.611:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11667 comm="syz.3.1739" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7fc00000
[  284.068948][   T40] audit: type=1326 audit(2000000432.611:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11667 comm="syz.3.1739" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7fc00000
[  284.088346][   T40] audit: type=1326 audit(2000000432.611:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11667 comm="syz.3.1739" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7fc00000
[  284.717277][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  285.747313][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  285.877390][ T5406] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  286.028389][ T5406] usb 7-1: Using ep0 maxpacket: 32
[  286.031438][ T5406] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  286.033631][ T5406] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  286.036511][ T5406] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  286.047095][ T5406] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  286.055458][ T5406] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  286.065774][ T5406] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  286.077612][ T5406] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  286.080159][ T5406] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.088260][ T5406] usb 7-1: config 0 descriptor??
[  286.298857][ T5406] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 22 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  286.501279][T11695] vivid-004: disconnect
[  286.504353][T11694] vivid-004: reconnect
[  286.506714][ T8453] usb 7-1: USB disconnect, device number 22
[  286.510834][ T8453] usblp0: removed
[  286.537533][   T40] audit: type=1326 audit(2000000435.141:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11702 comm="syz.0.1749" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7eff579 code=0x0
[  286.592801][T11704] fuse: Bad value for 'group_id'
[  286.594616][T11704] fuse: Bad value for 'group_id'
[  286.797322][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  287.827264][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  287.917384][   T25] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  288.047293][   T25] usb 6-1: device descriptor read/64, error -71
[  288.267348][T11725] netlink: 728 bytes leftover after parsing attributes in process `syz.2.1756'.
[  288.270051][T11725] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1756'.
[  288.457289][   T25] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  288.657341][   T25] usb 6-1: device descriptor read/64, error -71
[  288.779682][   T25] usb usb6-port1: attempt power cycle
[  288.867289][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  289.117270][   T25] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  289.137781][   T25] usb 6-1: device descriptor read/8, error -71
[  289.387929][   T25] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  289.409284][   T25] usb 6-1: device descriptor read/8, error -71
[  289.517483][   T25] usb usb6-port1: unable to enumerate USB device
[  289.907310][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  290.832863][T11742] FAULT_INJECTION: forcing a failure.
[  290.832863][T11742] name failslab, interval 1, probability 0, space 0, times 0
[  290.836121][T11742] CPU: 3 UID: 0 PID: 11742 Comm: syz.1.1760 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  290.838931][T11742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  290.842147][T11742] Call Trace:
[  290.843385][T11742]  <TASK>
[  290.844232][T11742]  dump_stack_lvl+0x16c/0x1f0
[  290.845512][T11742]  should_fail_ex+0x497/0x5b0
[  290.846750][T11742]  ? fs_reclaim_acquire+0xae/0x160
[  290.848127][T11742]  should_failslab+0xc2/0x120
[  290.849385][T11742]  __kmalloc_cache_noprof+0x6b/0x310
[  290.850843][T11742]  ? vlan_vid_add+0x2e8/0x730
[  290.852074][T11742]  vlan_vid_add+0x2e8/0x730
[  290.853273][T11742]  register_vlan_dev+0xc2/0x940
[  290.854555][T11742]  ? vlan_changelink+0x2c3/0x5e0
[  290.855862][T11742]  vlan_newlink+0x40e/0x6a0
[  290.857068][T11742]  ? __pfx_vlan_newlink+0x10/0x10
[  290.858437][T11742]  __rtnl_newlink+0x119c/0x1920
[  290.859720][T11742]  ? __pfx___rtnl_newlink+0x10/0x10
[  290.861179][T11742]  rtnl_newlink+0x67/0xa0
[  290.862319][T11742]  ? __pfx_rtnl_newlink+0x10/0x10
[  290.863647][T11742]  rtnetlink_rcv_msg+0x3c7/0xea0
[  290.864978][T11742]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  290.866409][T11742]  ? __pfx___lock_acquire+0x10/0x10
[  290.867818][T11742]  netlink_rcv_skb+0x165/0x410
[  290.869095][T11742]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  290.870517][T11742]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  290.871939][T11742]  ? netlink_deliver_tap+0x1ae/0xcf0
[  290.873286][T11742]  netlink_unicast+0x53c/0x7f0
[  290.874518][T11742]  ? __pfx_netlink_unicast+0x10/0x10
[  290.875883][T11742]  ? __phys_addr_symbol+0x30/0x80
[  290.877221][T11742]  ? __check_object_size+0x488/0x710
[  290.878646][T11742]  netlink_sendmsg+0x8b8/0xd70
[  290.879905][T11742]  ? __pfx_netlink_sendmsg+0x10/0x10
[  290.881510][T11742]  ? lock_acquire+0x2f/0xb0
[  290.883207][T11742]  ____sys_sendmsg+0x9ae/0xb40
[  290.884754][T11742]  ? __pfx_____sys_sendmsg+0x10/0x10
[  290.886169][T11742]  ? get_compat_msghdr+0x11b/0x170
[  290.887489][T11742]  ? __pfx___lock_acquire+0x10/0x10
[  290.888910][T11742]  ___sys_sendmsg+0x135/0x1e0
[  290.890802][T11742]  ? __pfx____sys_sendmsg+0x10/0x10
[  290.893167][T11742]  ? lock_acquire+0x2f/0xb0
[  290.895051][T11742]  ? __fget_files+0x40/0x3f0
[  290.896815][T11742]  ? fdget+0x176/0x210
[  290.898374][T11742]  __sys_sendmsg+0x117/0x1f0
[  290.900059][T11742]  ? __pfx___sys_sendmsg+0x10/0x10
[  290.901966][T11742]  ? bpf_trace_run2+0x2a6/0x590
[  290.903803][T11742]  ? rcu_is_watching+0x12/0xc0
[  290.905605][T11742]  __do_fast_syscall_32+0x73/0x120
[  290.907524][T11742]  do_fast_syscall_32+0x32/0x80
[  290.909313][T11742]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  290.911587][T11742] RIP: 0023:0xf7f58579
[  290.913113][T11742] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  290.918941][T11742] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  290.921599][T11742] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000300
[  290.924442][T11742] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  290.926974][T11742] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  290.929048][T11742] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  290.931207][T11742] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  290.933207][T11742]  </TASK>
[  290.947372][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  291.258950][T11751] openvswitch: netlink: nsh attribute has 4 unknown bytes.
[  291.271687][T11751] loop7: detected capacity change from 0 to 16384
[  291.987301][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  292.404701][T11763] fuse: Bad value for 'user_id'
[  292.406067][T11763] fuse: Bad value for 'user_id'
[  293.027272][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  293.122609][T11782] misc userio: Invalid payload size
[  293.148897][T11782] misc userio: No port type given on /dev/userio
[  293.431193][T11786] mkiss: ax0: crc mode is auto.
[  294.067336][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  294.698708][T11811] netlink: 'syz.3.1782': attribute type 12 has an invalid length.
[  295.107300][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  296.147283][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  296.627665][T11830] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  296.629458][T11830] FAULT_INJECTION: forcing a failure.
[  296.629458][T11830] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.635820][T11830] CPU: 0 UID: 0 PID: 11830 Comm: syz.1.1788 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  296.638587][T11830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  296.641332][T11830] Call Trace:
[  296.642205][T11830]  <TASK>
[  296.642972][T11830]  dump_stack_lvl+0x16c/0x1f0
[  296.644217][T11830]  should_fail_ex+0x497/0x5b0
[  296.645437][T11830]  _copy_from_user+0x30/0xf0
[  296.646628][T11830]  do_compat_sigaltstack+0xf7/0x2f0
[  296.647944][T11830]  ? __pfx_do_compat_sigaltstack+0x10/0x10
[  296.649473][T11830]  ? ia32_restore_sigcontext+0x416/0x5d0
[  296.650948][T11830]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  296.652521][T11830]  ? _raw_spin_unlock_irq+0x23/0x50
[  296.653896][T11830]  ? lockdep_hardirqs_on+0x7c/0x110
[  296.655272][T11830]  compat_restore_altstack+0x17/0x40
[  296.656631][T11830]  __do_compat_sys_rt_sigreturn+0x18c/0x1f0
[  296.658120][T11830]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  296.659799][T11830]  ? rcu_is_watching+0x12/0xc0
[  296.661072][T11830]  do_int80_emulation+0x104/0x200
[  296.662377][T11830]  asm_int80_emulation+0x1a/0x20
[  296.663627][T11830] RIP: 0023:0xf7f58579
[  296.664710][T11830] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  296.669753][T11830] RSP: 002b:00000000f56d656c EFLAGS: 00000296
[  296.671315][T11830] RAX: 00000000ffffffea RBX: 00000000ffffff9c RCX: 00000000200002c0
[  296.673349][T11830] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[  296.675357][T11830] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  296.677427][T11830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  296.679428][T11830] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  296.681366][T11830]  </TASK>
[  297.187314][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  297.527937][T11849] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1792'.
[  298.227324][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  298.242564][T11866] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  298.249399][T11866] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1798'.
[  298.259439][T11866] mac80211_hwsim hwsim3 wlan1: left allmulticast mode
[  298.708391][ T4779] Bluetooth: hci0: command 0x0c1a tx timeout
[  298.840936][T11884] 9pnet_fd: Insufficient options for proto=fd
[  298.911813][T11889] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  298.911813][T11889] �U�e�[���%#s'
[  299.277312][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  299.308115][T11893] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  299.327296][ T8452] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  299.348827][T11895] syzkaller1: entered promiscuous mode
[  299.350658][T11895] syzkaller1: entered allmulticast mode
[  299.478919][ T8452] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  299.482539][ T8452] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  299.485352][ T8452] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  299.501557][ T8452] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.507819][ T8452] usb 5-1: config 0 descriptor??
[  299.555729][T11902] FAULT_INJECTION: forcing a failure.
[  299.555729][T11902] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  299.575892][T11902] CPU: 0 UID: 0 PID: 11902 Comm: syz.1.1813 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  299.578665][T11902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  299.581376][T11902] Call Trace:
[  299.582259][T11902]  <TASK>
[  299.583026][T11902]  dump_stack_lvl+0x16c/0x1f0
[  299.584118][T11902]  should_fail_ex+0x497/0x5b0
[  299.585377][T11902]  ? fs_reclaim_acquire+0xae/0x160
[  299.586714][T11902]  should_fail_alloc_page+0xe7/0x130
[  299.588078][T11902]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  299.589630][T11902]  __alloc_pages_noprof+0x190/0x25c0
[  299.591000][T11902]  ? __pfx___lock_acquire+0x10/0x10
[  299.592347][T11902]  ? hlock_class+0x4e/0x130
[  299.593543][T11902]  ? mark_lock+0xb5/0xc60
[  299.594669][T11902]  ? __pfx_mark_lock+0x10/0x10
[  299.595927][T11902]  ? __lock_acquire+0xbdd/0x3ce0
[  299.597225][T11902]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  299.598701][T11902]  ? __pfx_lock_release+0x10/0x10
[  299.600018][T11902]  ? hlock_class+0x4e/0x130
[  299.601206][T11902]  ? __lock_acquire+0xbdd/0x3ce0
[  299.602507][T11902]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  299.604058][T11902]  ? policy_nodemask+0xea/0x4e0
[  299.605386][T11902]  alloc_pages_mpol_noprof+0x2c9/0x610
[  299.606817][T11902]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  299.608384][T11902]  pte_alloc_one+0x20/0x360
[  299.609600][T11902]  do_pte_missing+0x1ae0/0x3e50
[  299.610900][T11902]  __handle_mm_fault+0x100a/0x2a10
[  299.612249][T11902]  ? __pfx_mt_find+0x10/0x10
[  299.613486][T11902]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  299.614943][T11902]  ? __pfx___handle_mm_fault+0x10/0x10
[  299.616320][T11902]  ? find_vma+0xc0/0x140
[  299.617411][T11902]  ? __pfx_find_vma+0x10/0x10
[  299.618650][T11902]  handle_mm_fault+0x3fa/0xaa0
[  299.619915][T11902]  do_user_addr_fault+0x7a3/0x13f0
[  299.621268][T11902]  exc_page_fault+0x5c/0xc0
[  299.622443][T11902]  asm_exc_page_fault+0x26/0x30
[  299.623677][T11902] RIP: 0010:_copy_from_user+0xc1/0xf0
[  299.625103][T11902] Code: 89 df e8 72 24 04 fd 4d 85 f6 75 9e e8 b8 22 04 fd 0f ae e8 89 ee 4c 89 ef e8 4b 73 65 fd 0f 01 cb 48 89 e9 4c 89 ef 48 89 de <f3> a4 0f 1f 00 48 89 cb 0f 01 ca e9 73 ff ff ff e8 8a 22 04 fd 48
[  299.629893][T11902] RSP: 0018:ffffc90003107bb0 EFLAGS: 00050246
[  299.631492][T11902] RAX: 0000000000000001 RBX: 0000000020000340 RCX: 0000000000000008
[  299.633456][T11902] RDX: ffffed100454f589 RSI: 0000000020000340 RDI: ffff888022a7ac40
[  299.635323][T11902] RBP: 0000000000000008 R08: 0000000000000001 R09: ffffed100454f588
[  299.637348][T11902] R10: ffff888022a7ac47 R11: 0000000000000000 R12: 0000000020000348
[  299.639272][T11902] R13: ffff888022a7ac40 R14: 0000000000000000 R15: 0000000000000008
[  299.641366][T11902]  sctp_setsockopt+0x422/0xb880
[  299.642653][T11902]  ? __pfx_sctp_setsockopt+0x10/0x10
[  299.644045][T11902]  ? __pfx_aa_sk_perm+0x10/0x10
[  299.645355][T11902]  ? sock_common_setsockopt+0x2e/0xf0
[  299.646761][T11902]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  299.648304][T11902]  do_sock_setsockopt+0x222/0x480
[  299.649628][T11902]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  299.651070][T11902]  ? fdget+0x176/0x210
[  299.652144][T11902]  __sys_setsockopt+0x1a4/0x270
[  299.653454][T11902]  ? __pfx___sys_setsockopt+0x10/0x10
[  299.654863][T11902]  ? __pfx_bpf_trace_run2+0x10/0x10
[  299.656254][T11902]  ? fput+0x30/0x390
[  299.657328][T11902]  ? __pfx_ksys_write+0x10/0x10
[  299.658608][T11902]  __ia32_sys_setsockopt+0xbc/0x160
[  299.659971][T11902]  ? syscall_trace_enter+0x1ce/0x240
[  299.661376][T11902]  __do_fast_syscall_32+0x73/0x120
[  299.662715][T11902]  do_fast_syscall_32+0x32/0x80
[  299.663990][T11902]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  299.665661][T11902] RIP: 0023:0xf7f58579
[  299.666743][T11902] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  299.671691][T11902] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  299.673887][T11902] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000084
[  299.676179][T11902] RDX: 0000000000000023 RSI: 0000000020000340 RDI: 0000000000000008
[  299.678313][T11902] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  299.680412][T11902] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  299.682630][T11902] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  299.684790][T11902]  </TASK>
[  299.740742][T11907] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1815'.
[  299.747595][T11907] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1815'.
[  299.801675][T11912] netlink: 'syz.1.1818': attribute type 9 has an invalid length.
[  299.803753][T11912] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1818'.
[  299.987319][T11923] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.1823'.
[  299.993753][T11923] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1823'.
[  299.995252][T11922] netlink: 484 bytes leftover after parsing attributes in process `syz.2.1822'.
[  300.048887][T11923] sg_write: data in/out 452984796/17 bytes for SCSI command 0x0-- guessing data in;
[  300.048887][T11923]    program syz.1.1823 not setting count and/or reply_len properly
[  300.123850][T11928] netlink: 'syz.1.1826': attribute type 1 has an invalid length.
[  300.125974][T11928] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1826'.
[  300.155083][T11928] loop2: detected capacity change from 0 to 16384
[  300.160675][T11929] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[  300.162826][T11931] binder: 11930:11931 ioctl c0306201 20000140 returned -14
[  300.164499][T11929] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  300.171109][ T8452] usbhid 5-1:0.0: can't add hid device: -71
[  300.172162][T11929] Buffer I/O error on dev loop2, logical block 0, async page read
[  300.172758][ T8452] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  300.178269][ T8452] usb 5-1: USB disconnect, device number 33
[  300.307299][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  301.347337][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  301.882014][T11955] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1834'.
[  302.307393][T11940] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  302.307471][ T4779] Bluetooth: hci0: command 0x0c1a tx timeout
[  302.387363][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  302.547301][ T1303] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  302.701221][ T1303] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  302.705091][ T1303] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  302.709196][ T1303] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  302.712925][ T1303] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  302.718297][ T1303] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  302.721519][ T1303] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  302.729618][ T1303] usb 7-1: config 0 descriptor??
[  302.854305][T11960] FAULT_INJECTION: forcing a failure.
[  302.854305][T11960] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  302.858367][T11960] CPU: 0 UID: 0 PID: 11960 Comm: syz.1.1836 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  302.861562][T11960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  302.864339][T11960] Call Trace:
[  302.865259][T11960]  <TASK>
[  302.866036][T11960]  dump_stack_lvl+0x16c/0x1f0
[  302.867415][T11960]  should_fail_ex+0x497/0x5b0
[  302.869010][T11960]  _copy_from_user+0x30/0xf0
[  302.870273][T11960]  move_addr_to_kernel+0x68/0x160
[  302.871941][T11960]  __sys_bind+0xc4/0x220
[  302.873519][T11960]  ? __pfx___sys_bind+0x10/0x10
[  302.875032][T11960]  ? __pfx___cant_migrate+0x10/0x10
[  302.876508][T11960]  ? __pfx_ksys_write+0x10/0x10
[  302.877901][T11960]  __ia32_sys_bind+0x71/0xb0
[  302.879213][T11960]  __do_fast_syscall_32+0x73/0x120
[  302.880595][T11960]  do_fast_syscall_32+0x32/0x80
[  302.881962][T11960]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  302.883680][T11960] RIP: 0023:0xf7f58579
[  302.884811][T11960] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  302.889876][T11960] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000169
[  302.892473][T11960] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100
[  302.894773][T11960] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  302.897353][T11960] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  302.899343][T11960] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  302.901353][T11960] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  302.903311][T11960]  </TASK>
[  303.154516][T11972] netlink: 'syz.0.1841': attribute type 9 has an invalid length.
[  303.193935][T11972] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1841'.
[  303.427354][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  303.827331][T11980] netlink: 'syz.1.1843': attribute type 10 has an invalid length.
[  303.830990][T11980] team0: left allmulticast mode
[  303.832536][T11980] team_slave_0: left allmulticast mode
[  303.833976][T11980] team_slave_1: left allmulticast mode
[  303.835647][T11980] team0: left promiscuous mode
[  303.837152][T11980] team_slave_0: left promiscuous mode
[  303.842899][T11980] team_slave_1: left promiscuous mode
[  303.844739][T11980] bridge0: port 3(team0) entered disabled state
[  303.848867][T11980] batman_adv: batadv0: Adding interface: team0
[  303.850534][T11980] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.860079][T11980] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  303.869568][T11980] netlink: 'syz.1.1843': attribute type 10 has an invalid length.
[  303.871890][T11980] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1843'.
[  303.874520][T11980] team0: entered promiscuous mode
[  303.875877][T11980] team_slave_0: entered promiscuous mode
[  303.877877][T11980] team_slave_1: entered promiscuous mode
[  303.880903][T11980] 8021q: adding VLAN 0 to HW filter on device team0
[  303.883853][T11980] batman_adv: batadv0: Interface activated: team0
[  303.885696][T11980] batman_adv: batadv0: Interface deactivated: team0
[  303.888292][T11980] batman_adv: batadv0: Removing interface: team0
[  303.890573][T11980] bridge0: port 3(team0) entered blocking state
[  303.893823][T11980] bridge0: port 3(team0) entered disabled state
[  303.896942][T11980] team0: entered allmulticast mode
[  303.900002][T11980] team_slave_0: entered allmulticast mode
[  303.901773][T11980] team_slave_1: entered allmulticast mode
[  304.168700][ T1303] usbhid 7-1:0.0: can't add hid device: -71
[  304.176010][ T1303] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  304.179637][ T1303] usb 7-1: USB disconnect, device number 23
[  304.329354][T11975] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  304.467311][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  304.532739][T12001] netlink: 'syz.2.1850': attribute type 9 has an invalid length.
[  304.535317][T12001] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1850'.
[  304.555480][T12001] netlink: 'syz.2.1850': attribute type 9 has an invalid length.
[  304.558903][T12001] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1850'.
[  304.653721][T11980] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  305.081047][T12020] libceph: resolve '.
[  305.081047][T12020] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  305.081047][T12020] ' (ret=-3): failed
[  305.517294][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  306.547337][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  307.597274][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  308.382159][T12024] FAULT_INJECTION: forcing a failure.
[  308.382159][T12024] name failslab, interval 1, probability 0, space 0, times 0
[  308.385489][T12024] CPU: 3 UID: 0 PID: 12024 Comm: syz.3.1855 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  308.388352][T12024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  308.391300][T12024] Call Trace:
[  308.392273][T12024]  <TASK>
[  308.393031][T12024]  dump_stack_lvl+0x16c/0x1f0
[  308.394274][T12024]  should_fail_ex+0x497/0x5b0
[  308.395511][T12024]  should_failslab+0xc2/0x120
[  308.396761][T12024]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  308.398388][T12024]  ? skb_clone+0x190/0x3f0
[  308.399593][T12024]  skb_clone+0x190/0x3f0
[  308.400824][T12024]  netlink_deliver_tap+0xb26/0xcf0
[  308.402286][T12024]  netlink_dump+0xb2d/0xcc0
[  308.403488][T12024]  ? __pfx_netlink_dump+0x10/0x10
[  308.404852][T12024]  ? __mutex_lock+0x1a6/0x9c0
[  308.406098][T12024]  ? find_held_lock+0x2d/0x110
[  308.407432][T12024]  ? lock_acquire+0x2f/0xb0
[  308.408772][T12024]  ? netlink_lookup+0x3d/0x270
[  308.410046][T12024]  __netlink_dump_start+0x6d9/0x980
[  308.411507][T12024]  ? __pfx_ipmr_rtm_dumproute+0x10/0x10
[  308.412987][T12024]  rtnetlink_rcv_msg+0xb44/0xea0
[  308.414293][T12024]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  308.415732][T12024]  ? __pfx_rtnl_dumpit+0x10/0x10
[  308.417065][T12024]  ? __pfx_ipmr_rtm_dumproute+0x10/0x10
[  308.418725][T12024]  netlink_rcv_skb+0x165/0x410
[  308.419998][T12024]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  308.421518][T12024]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  308.423008][T12024]  ? netlink_deliver_tap+0x1ae/0xcf0
[  308.424430][T12024]  netlink_unicast+0x53c/0x7f0
[  308.425742][T12024]  ? __pfx_netlink_unicast+0x10/0x10
[  308.427132][T12024]  ? __phys_addr_symbol+0x30/0x80
[  308.428865][T12024]  ? __check_object_size+0x4a1/0x710
[  308.430381][T12024]  netlink_sendmsg+0x8b8/0xd70
[  308.431895][T12024]  ? __pfx_netlink_sendmsg+0x10/0x10
[  308.433686][T12024]  ? __pfx_netlink_sendmsg+0x10/0x10
[  308.435412][T12024]  sock_write_iter+0x4fe/0x5b0
[  308.437062][T12024]  ? __pfx_sock_write_iter+0x10/0x10
[  308.438880][T12024]  ? bpf_lsm_file_permission+0x9/0x10
[  308.440460][T12024]  ? security_file_permission+0x71/0x210
[  308.442040][T12024]  vfs_write+0x6b5/0x1140
[  308.443148][T12024]  ? __pfx_sock_write_iter+0x10/0x10
[  308.444512][T12024]  ? trace_lock_acquire+0x14a/0x1d0
[  308.445833][T12024]  ? __pfx_vfs_write+0x10/0x10
[  308.447068][T12024]  ? __fget_files+0x40/0x3f0
[  308.448296][T12024]  ksys_write+0x1fa/0x260
[  308.449445][T12024]  ? __pfx_ksys_write+0x10/0x10
[  308.450970][T12024]  ? rcu_is_watching+0x12/0xc0
[  308.452539][T12024]  __do_fast_syscall_32+0x73/0x120
[  308.454024][T12024]  do_fast_syscall_32+0x32/0x80
[  308.455299][T12024]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  308.457017][T12024] RIP: 0023:0xf7f4f579
[  308.458117][T12024] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  308.463098][T12024] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  308.465561][T12024] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080
[  308.468042][T12024] RDX: 0000000000000024 RSI: 0000000000000000 RDI: 0000000000000000
[  308.470173][T12024] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  308.472276][T12024] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  308.474472][T12024] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  308.476694][T12024]  </TASK>
[  308.637272][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  308.676361][T12035] netlink: 'syz.3.1859': attribute type 9 has an invalid length.
[  308.681294][T12035] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1859'.
[  308.728778][T12035] netlink: 'syz.3.1859': attribute type 9 has an invalid length.
[  308.730828][T12035] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1859'.
[  308.806827][T12044] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1863'.
[  309.667310][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  309.879900][T12064] ALSA: seq fatal error: cannot create timer (-22)
[  310.478265][T12074] netlink: 'syz.0.1870': attribute type 9 has an invalid length.
[  310.482539][T12074] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1870'.
[  310.707318][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  311.287315][ T8453] usb 6-1: new low-speed USB device number 37 using dummy_hcd
[  311.441235][ T8453] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  311.444758][ T8453] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  311.448353][ T8453] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  311.456944][ T8453] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  311.464650][ T8453] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.470407][T12086] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  311.472968][ T8453] hub 6-1:1.0: bad descriptor, ignoring hub
[  311.474542][ T8453] hub 6-1:1.0: probe with driver hub failed with error -5
[  311.476572][ T8453] cdc_wdm 6-1:1.0: skipping garbage
[  311.479753][ T8453] cdc_wdm 6-1:1.0: skipping garbage
[  311.481568][ T8453] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  311.483124][ T8453] cdc_wdm 6-1:1.0: Unknown control protocol
[  311.747310][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  311.797745][ T1284] usb 6-1: USB disconnect, device number 37
[  312.070834][T12092] overlayfs: failed to resolve './file0': -2
[  312.075882][T12092] netlink: 188 bytes leftover after parsing attributes in process `syz.3.1875'.
[  312.079671][T12092] netlink: 'syz.3.1875': attribute type 1 has an invalid length.
[  312.082452][T12092] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1875'.
[  312.157424][ T5385] usb 6-1: new low-speed USB device number 38 using dummy_hcd
[  312.309460][ T5385] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  312.312126][ T5385] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  312.314535][ T5385] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  312.317951][ T5385] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  312.320491][ T5385] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.324802][T12085] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  312.327599][ T5385] hub 6-1:1.0: bad descriptor, ignoring hub
[  312.329800][ T5385] hub 6-1:1.0: probe with driver hub failed with error -5
[  312.332700][ T5385] cdc_wdm 6-1:1.0: skipping garbage
[  312.334547][ T5385] cdc_wdm 6-1:1.0: skipping garbage
[  312.336780][ T5385] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  312.338456][ T5385] cdc_wdm 6-1:1.0: Unknown control protocol
[  312.419366][T12096] FAULT_INJECTION: forcing a failure.
[  312.419366][T12096] name failslab, interval 1, probability 0, space 0, times 0
[  312.455804][T12096] CPU: 1 UID: 0 PID: 12096 Comm: syz.3.1877 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  312.458565][T12096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  312.461149][T12096] Call Trace:
[  312.461994][T12096]  <TASK>
[  312.462737][T12096]  dump_stack_lvl+0x16c/0x1f0
[  312.463915][T12096]  should_fail_ex+0x497/0x5b0
[  312.465358][T12096]  should_failslab+0xc2/0x120
[  312.466925][T12096]  __kmalloc_cache_noprof+0x6b/0x310
[  312.468719][T12096]  ? __sctp_v6_cmp_addr+0x206/0x530
[  312.470488][T12096]  ? sctp_add_bind_addr+0x9d/0x3e0
[  312.472261][T12096]  sctp_add_bind_addr+0x9d/0x3e0
[  312.473983][T12096]  sctp_copy_local_addr_list+0x39e/0x5a0
[  312.475924][T12096]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  312.478038][T12096]  ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360
[  312.480065][T12096]  ? sctp_bind_addr_copy+0xe0/0x530
[  312.481821][T12096]  sctp_bind_addr_copy+0xe0/0x530
[  312.483533][T12096]  sctp_connect_new_asoc+0x1d8/0x790
[  312.485377][T12096]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  312.487342][T12096]  ? mark_held_locks+0x9f/0xe0
[  312.488979][T12096]  ? sctp_sendmsg+0x112f/0x1f10
[  312.490682][T12096]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  312.492602][T12096]  sctp_sendmsg+0x162a/0x1f10
[  312.494225][T12096]  ? __pfx___lock_acquire+0x10/0x10
[  312.495980][T12096]  ? __pfx_mark_lock+0x10/0x10
[  312.497617][T12096]  ? __pfx_sctp_sendmsg+0x10/0x10
[  312.499364][T12096]  ? lock_acquire+0x2f/0xb0
[  312.500987][T12096]  ? __pfx_aa_sk_perm+0x10/0x10
[  312.502673][T12096]  ? __pfx_sctp_sendmsg+0x10/0x10
[  312.504210][T12096]  inet_sendmsg+0x119/0x140
[  312.505782][T12096]  __sys_sendto+0x426/0x4d0
[  312.507178][T12096]  ? __pfx___sys_sendto+0x10/0x10
[  312.508495][T12096]  ? find_held_lock+0x2d/0x110
[  312.510398][T12096]  ? __pfx___cant_migrate+0x10/0x10
[  312.511844][T12096]  ? bpf_trace_run2+0x1c2/0x590
[  312.513205][T12096]  ? __pfx_ksys_write+0x10/0x10
[  312.514496][T12096]  __ia32_sys_sendto+0xdd/0x1b0
[  312.516087][T12096]  ? syscall_trace_enter+0x1ce/0x240
[  312.517964][T12096]  __do_fast_syscall_32+0x73/0x120
[  312.519733][T12096]  do_fast_syscall_32+0x32/0x80
[  312.521374][T12096]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  312.523049][T12096] RIP: 0023:0xf7f4f579
[  312.524121][T12096] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  312.530873][T12096] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  312.533545][T12096] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020847fff
[  312.536176][T12096] RDX: 0000000000034000 RSI: 0000000000000000 RDI: 000000002005ffe4
[  312.538931][T12096] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  312.541652][T12096] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  312.544384][T12096] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  312.546858][T12096]  </TASK>
[  312.547771][    C1] vkms_vblank_simulate: vblank timer overrun
[  312.677540][ T8453] usb 6-1: USB disconnect, device number 38
[  312.787289][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  313.016198][T12110] netlink: 'syz.2.1883': attribute type 9 has an invalid length.
[  313.020807][T12110] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1883'.
[  313.327343][ T5385] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  313.479006][ T5385] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  313.483108][ T5385] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  313.485842][ T5385] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  313.488290][ T5385] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.510237][T12113] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  313.515027][ T5385] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  313.716142][T12112] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  313.778527][ T1284] usb 7-1: USB disconnect, device number 24
[  313.827297][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  314.780250][T12156] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1897'.
[  314.784628][   T40] audit: type=1800 audit(2000000463.391:1282): pid=12156 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1897" name="/" dev="fuse" ino=1 res=0 errno=0
[  314.877304][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  315.917284][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  315.944318][T12171] misc userio: Invalid payload size
[  315.963189][T12171] misc userio: No port type given on /dev/userio
[  316.355285][T12174] netlink: 'syz.1.1901': attribute type 9 has an invalid length.
[  316.375803][T12174] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1901'.
[  316.582869][T12179] netfs: Couldn't get user pages (rc=-14)
[  316.957364][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  317.745935][T12202] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1909'.
[  317.818971][T12206] netlink: 'syz.2.1912': attribute type 9 has an invalid length.
[  317.825840][T12206] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1912'.
[  317.888165][T12213] random: crng reseeded on system resumption
[  317.997273][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  318.380324][T12221] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1915'.
[  318.384912][T12221] netlink: 277 bytes leftover after parsing attributes in process `syz.0.1915'.
[  318.400484][T12221] netlink: 277 bytes leftover after parsing attributes in process `syz.0.1915'.
[  318.551946][T12226] misc userio: Invalid payload size
[  318.558226][T12226] misc userio: No port type given on /dev/userio
[  318.806976][   T40] audit: type=1326 audit(2000000467.411:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12231 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000
[  318.822856][   T40] audit: type=1326 audit(2000000467.411:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12231 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000
[  318.830349][   T40] audit: type=1326 audit(2000000467.421:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12231 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f15579 code=0x7ffc0000
[  318.846030][   T40] audit: type=1326 audit(2000000467.421:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12231 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000
[  318.855994][   T40] audit: type=1326 audit(2000000467.421:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12231 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000
[  318.867265][   T40] audit: type=1326 audit(2000000467.421:1288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12231 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf7f15579 code=0x7ffc0000
[  318.872809][   T40] audit: type=1326 audit(2000000467.421:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12231 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000
[  318.897482][   T40] audit: type=1326 audit(2000000467.421:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12231 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000
[  318.902785][   T40] audit: type=1326 audit(2000000467.421:1291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12231 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=156 compat=1 ip=0xf7f15579 code=0x7ffc0000
[  318.986345][T12240] netlink: 'syz.1.1922': attribute type 9 has an invalid length.
[  318.997278][T12240] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1922'.
[  319.037277][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  320.067303][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  320.356879][T12291] netlink: 'syz.1.1935': attribute type 4 has an invalid length.
[  320.364806][T12291] netlink: 'syz.1.1935': attribute type 4 has an invalid length.
[  320.431104][T12292] UBIFS error (pid: 12292): cannot open "./file0", error -22
[  321.107340][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  321.219226][T12303] can0: slcan on ttyS3.
[  321.281948][T12301] can0 (unregistered): slcan off ttyS3.
[  321.348288][T12312] fuse: Bad value for 'user_id'
[  321.350101][T12312] fuse: Bad value for 'user_id'
[  321.406193][T12312] netlink: 'syz.1.1943': attribute type 7 has an invalid length.
[  321.459923][T12312] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1943'.
[  321.546020][   T40] kauditd_printk_skb: 21 callbacks suppressed
[  321.546030][   T40] audit: type=1800 audit(2000000470.151:1313): pid=12315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1944" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  321.622609][T12321] FAULT_INJECTION: forcing a failure.
[  321.622609][T12321] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  321.626623][T12321] CPU: 2 UID: 0 PID: 12321 Comm: syz.1.1945 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  321.630314][T12321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  321.633196][T12321] Call Trace:
[  321.634101][T12321]  <TASK>
[  321.634926][T12321]  dump_stack_lvl+0x16c/0x1f0
[  321.636374][T12321]  should_fail_ex+0x497/0x5b0
[  321.638051][T12321]  ? fs_reclaim_acquire+0xae/0x160
[  321.639667][T12321]  should_fail_alloc_page+0xe7/0x130
[  321.641132][T12321]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  321.642781][T12321]  ? __pfx_mark_lock+0x10/0x10
[  321.644057][T12321]  __alloc_pages_noprof+0x190/0x25c0
[  321.645555][T12321]  ? mark_lock+0xb5/0xc60
[  321.647017][T12321]  ? __pfx_mark_lock+0x10/0x10
[  321.648700][T12321]  ? hlock_class+0x4e/0x130
[  321.650290][T12321]  ? mark_lock+0xb5/0xc60
[  321.651832][T12321]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  321.653671][T12321]  ? __pfx_mark_lock+0x10/0x10
[  321.655351][T12321]  ? hlock_class+0x4e/0x130
[  321.656962][T12321]  ? mark_lock+0xb5/0xc60
[  321.658493][T12321]  ? hlock_class+0x4e/0x130
[  321.660108][T12321]  ? __lock_acquire+0xbdd/0x3ce0
[  321.661887][T12321]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  321.663973][T12321]  ? policy_nodemask+0xea/0x4e0
[  321.665719][T12321]  alloc_pages_mpol_noprof+0x2c9/0x610
[  321.667625][T12321]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  321.669745][T12321]  ? find_held_lock+0x2d/0x110
[  321.671450][T12321]  folio_alloc_mpol_noprof+0x36/0xd0
[  321.673323][T12321]  shmem_alloc_folio+0x135/0x160
[  321.675048][T12321]  shmem_alloc_and_add_folio+0x48b/0xc00
[  321.677023][T12321]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  321.679155][T12321]  ? shmem_allowable_huge_orders+0x208/0x440
[  321.681142][T12321]  shmem_get_folio_gfp+0x689/0x1530
[  321.682539][T12321]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  321.684035][T12321]  ? filemap_map_pages+0xf93/0x16a0
[  321.685660][T12321]  shmem_fault+0x200/0xae0
[  321.687209][T12321]  ? __pfx_shmem_fault+0x10/0x10
[  321.688952][T12321]  ? do_pte_missing+0xdc2/0x3e50
[  321.690673][T12321]  ? __pfx_lock_release+0x10/0x10
[  321.692414][T12321]  __do_fault+0x10a/0x490
[  321.693959][T12321]  do_pte_missing+0xea8/0x3e50
[  321.695674][T12321]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  321.697616][T12321]  ? rcu_is_watching+0x12/0xc0
[  321.699318][T12321]  __handle_mm_fault+0x100a/0x2a10
[  321.701142][T12321]  ? __pfx___handle_mm_fault+0x10/0x10
[  321.703058][T12321]  ? __pfx_lock_release+0x10/0x10
[  321.704848][T12321]  ? follow_page_pte+0x50d/0x1eb0
[  321.706636][T12321]  handle_mm_fault+0x3fa/0xaa0
[  321.708352][T12321]  __get_user_pages+0x90f/0x3b90
[  321.710114][T12321]  ? __pfx_mt_find+0x10/0x10
[  321.711779][T12321]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  321.713791][T12321]  ? __pfx___get_user_pages+0x10/0x10
[  321.715717][T12321]  populate_vma_page_range+0x27f/0x3a0
[  321.717665][T12321]  ? __pfx_populate_vma_page_range+0x10/0x10
[  321.719771][T12321]  ? __pfx_find_vma_intersection+0x10/0x10
[  321.721824][T12321]  ? vm_mmap_pgoff+0x25b/0x360
[  321.723472][T12321]  __mm_populate+0x1d6/0x380
[  321.725086][T12321]  ? __pfx___mm_populate+0x10/0x10
[  321.726868][T12321]  ? up_write+0x1b2/0x520
[  321.728032][T12321]  vm_mmap_pgoff+0x293/0x360
[  321.729245][T12321]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  321.730621][T12321]  ksys_mmap_pgoff+0x7d/0x5c0
[  321.731879][T12321]  ? rcu_is_watching+0x12/0xc0
[  321.733463][T12321]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[  321.735373][T12321]  __do_fast_syscall_32+0x73/0x120
[  321.737178][T12321]  do_fast_syscall_32+0x32/0x80
[  321.738881][T12321]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  321.741097][T12321] RIP: 0023:0xf7f58579
[  321.742531][T12321] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  321.749239][T12321] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[  321.751990][T12321] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000
[  321.754759][T12321] RDX: 0000000000000007 RSI: 0000000000008031 RDI: 00000000ffffffff
[  321.757332][T12321] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  321.760002][T12321] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  321.762260][T12321] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  321.764364][T12321]  </TASK>
[  322.147312][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  322.409561][T12333] netlink: 'syz.3.1946': attribute type 2 has an invalid length.
[  322.502703][T12333] : entered promiscuous mode
[  323.197284][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  323.521502][T12350] netlink: set zone limit has 4 unknown bytes
[  323.711022][T12355] UBIFS error (pid: 12355): cannot open "./file0", error -22
[  324.174755][T12364] netlink: 'syz.2.1957': attribute type 9 has an invalid length.
[  324.179462][T12364] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1957'.
[  324.214032][T12364] netlink: 'syz.2.1957': attribute type 9 has an invalid length.
[  324.216189][T12364] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1957'.
[  324.227264][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  324.372668][T12373] netlink: set zone limit has 4 unknown bytes
[  325.267302][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  325.431004][ T8247] Bluetooth: hci4: Frame reassembly failed (-84)
[  325.447919][T12426] binder: BINDER_SET_CONTEXT_MGR bad uid 60929 != 0
[  325.450359][T12426] binder: 12418:12426 ioctl 4018620d 20000040 returned -1
[  326.147253][   T40] audit: type=1326 audit(2000000474.741:1314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12413 comm="syz.3.1974" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7fc00000
[  326.152669][   T40] audit: type=1326 audit(2000000474.741:1315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12413 comm="syz.3.1974" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f4f579 code=0x7fc00000
[  326.167283][   T40] audit: type=1326 audit(2000000474.741:1316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12413 comm="syz.3.1974" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7fc00000
[  326.172632][   T40] audit: type=1326 audit(2000000474.741:1317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12413 comm="syz.3.1974" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7fc00000
[  326.186387][   T40] audit: type=1326 audit(2000000474.741:1318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12413 comm="syz.3.1974" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7fc00000
[  326.197270][   T40] audit: type=1326 audit(2000000474.741:1319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12413 comm="syz.3.1974" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7fc00000
[  326.202623][   T40] audit: type=1326 audit(2000000474.741:1320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12413 comm="syz.3.1974" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7fc00000
[  326.227326][   T40] audit: type=1326 audit(2000000474.741:1321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12413 comm="syz.3.1974" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7fc00000
[  326.232983][   T40] audit: type=1326 audit(2000000474.741:1322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12413 comm="syz.3.1974" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x7fc00000
[  326.307374][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  326.395198][T12431] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  327.336857][T12468] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1989'.
[  327.342667][T12468] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1989'.
[  327.347307][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  327.439435][T12471] FAULT_INJECTION: forcing a failure.
[  327.439435][T12471] name failslab, interval 1, probability 0, space 0, times 0
[  327.442833][T12471] CPU: 2 UID: 0 PID: 12471 Comm: syz.0.1990 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  327.445480][T12471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  327.448398][T12471] Call Trace:
[  327.449304][T12471]  <TASK>
[  327.450090][T12471]  dump_stack_lvl+0x16c/0x1f0
[  327.451346][T12471]  should_fail_ex+0x497/0x5b0
[  327.452628][T12471]  ? fs_reclaim_acquire+0xae/0x160
[  327.453976][T12471]  should_failslab+0xc2/0x120
[  327.455218][T12471]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  327.456640][T12471]  ? getname_flags.part.0+0x4c/0x550
[  327.458030][T12471]  getname_flags.part.0+0x4c/0x550
[  327.459383][T12471]  getname+0x8d/0xe0
[  327.460435][T12471]  do_sys_openat2+0x104/0x1e0
[  327.461690][T12471]  ? __pfx_do_sys_openat2+0x10/0x10
[  327.463104][T12471]  ? bpf_trace_run2+0x1c2/0x590
[  327.464411][T12471]  __ia32_compat_sys_openat+0x16e/0x210
[  327.465876][T12471]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  327.467470][T12471]  ? rcu_is_watching+0x12/0xc0
[  327.468740][T12471]  __do_fast_syscall_32+0x73/0x120
[  327.470089][T12471]  do_fast_syscall_32+0x32/0x80
[  327.471376][T12471]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  327.473063][T12471] RIP: 0023:0xf7eff579
[  327.474136][T12471] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  327.479118][T12471] RSP: 002b:00000000f5686110 EFLAGS: 00000293 ORIG_RAX: 0000000000000127
[  327.481284][T12471] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5686160
[  327.483386][T12471] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f738bff4
[  327.485461][T12471] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  327.487519][T12471] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  327.489484][T12471] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  327.491372][T12471]  </TASK>
[  327.509464][ T5357] Bluetooth: hci4: command 0xfc11 tx timeout
[  327.513240][ T4779] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  328.111821][T12499] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1998'.
[  328.351604][T12505] @: renamed from vlan0 (while UP)
[  328.397324][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  328.786663][T12510] block nbd3: not configured, cannot reconfigure
[  328.944869][T12516] 9pnet_fd: Insufficient options for proto=fd
[  329.437297][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  329.764894][T12523] netlink: 'syz.3.2006': attribute type 10 has an invalid length.
[  329.784083][T12523] netdevsim netdevsim3 : renamed from netdevsim0
[  329.914922][T12525] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  330.063783][T12528] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2008'.
[  330.222760][T12530] ./file0: Can't lookup blockdev
[  330.467293][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  330.503285][T12532] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2009'.
[  330.516207][T12532] sp0: Synchronizing with TNC
[  330.699738][T12525] syz.3.2007: page allocation failure: order:1, mode:0x10cc0(GFP_KERNEL|__GFP_NORETRY), nodemask=(null),cpuset=/,mems_allowed=0-1
[  330.727367][T12525] CPU: 2 UID: 0 PID: 12525 Comm: syz.3.2007 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  330.730178][T12525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  330.732972][T12525] Call Trace:
[  330.733855][T12525]  <TASK>
[  330.734646][T12525]  dump_stack_lvl+0x16c/0x1f0
[  330.735899][T12525]  warn_alloc+0x24d/0x3a0
[  330.737065][T12525]  ? __pfx_warn_alloc+0x10/0x10
[  330.738372][T12525]  ? psi_memstall_leave+0x17d/0x250
[  330.739743][T12525]  ? __alloc_pages_direct_compact+0x1b1/0x590
[  330.741346][T12525]  ? __pfx___alloc_pages_direct_compact+0x10/0x10
[  330.743028][T12525]  ? psi_memstall_leave+0x17d/0x250
[  330.744420][T12525]  __alloc_pages_noprof+0x15ae/0x25c0
[  330.745838][T12525]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  330.747346][T12525]  ? __pfx___schedule+0x10/0x10
[  330.748637][T12525]  ? lockdep_hardirqs_on+0x7c/0x110
[  330.750008][T12525]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  330.751563][T12525]  ? policy_nodemask+0xea/0x4e0
[  330.752868][T12525]  alloc_pages_mpol_noprof+0x2c9/0x610
[  330.754309][T12525]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  330.755848][T12525]  ? lockdep_hardirqs_on+0x7c/0x110
[  330.757227][T12525]  kimage_alloc_pages+0x75/0x300
[  330.758649][T12525]  kimage_alloc_control_pages+0x148/0x8e0
[  330.760156][T12525]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  330.761820][T12525]  do_kexec_load+0x38a/0x8c0
[  330.763046][T12525]  ? __pfx_do_kexec_load+0x10/0x10
[  330.764403][T12525]  __do_compat_sys_kexec_load+0x2cf/0x330
[  330.765908][T12525]  ? __pfx___do_compat_sys_kexec_load+0x10/0x10
[  330.767548][T12525]  ? rcu_is_watching+0x12/0xc0
[  330.768814][T12525]  __do_fast_syscall_32+0x73/0x120
[  330.770173][T12525]  do_fast_syscall_32+0x32/0x80
[  330.771470][T12525]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  330.773137][T12525] RIP: 0023:0xf7f4f579
[  330.774223][T12525] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  330.779204][T12525] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 000000000000011b
[  330.781395][T12525] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000001
[  330.783465][T12525] RDX: 00000000200012c0 RSI: 0000000000160000 RDI: 0000000000000000
[  330.785548][T12525] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  330.787616][T12525] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  330.789686][T12525] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  330.791762][T12525]  </TASK>
[  330.829588][T12525] Mem-Info:
[  330.830463][T12525] active_anon:2526 inactive_anon:7959 isolated_anon:0
[  330.830463][T12525]  active_file:8857 inactive_file:8703 isolated_file:0
[  330.830463][T12525]  unevictable:790 dirty:369 writeback:0
[  330.830463][T12525]  slab_reclaimable:5974 slab_unreclaimable:58328
[  330.830463][T12525]  mapped:17735 shmem:8692 pagetables:724
[  330.830463][T12525]  sec_pagetables:324 bounce:0
[  330.830463][T12525]  kernel_misc_reclaimable:0
[  330.830463][T12525]  free:21390 free_pcp:616 free_cma:0
[  330.862554][T12525] Node 0 active_anon:72kB inactive_anon:48kB active_file:0kB inactive_file:8kB unevictable:1576kB isolated(anon):0kB isolated(file):0kB mapped:3072kB dirty:56kB writeback:0kB shmem:1540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9536kB pagetables:1556kB sec_pagetables:1220kB all_unreclaimable? no
[  330.882995][T12525] Node 1 active_anon:10332kB inactive_anon:31388kB active_file:35428kB inactive_file:33204kB unevictable:1584kB isolated(anon):0kB isolated(file):0kB mapped:67868kB dirty:1420kB writeback:0kB shmem:32728kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2420kB pagetables:1340kB sec_pagetables:76kB all_unreclaimable? no
[  330.903239][T12525] Node 0 DMA free:752kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  330.919707][T12534] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  330.923588][T12525] lowmem_reserve[]: 0 273 0 0 0
[  330.924938][T12525] Node 0 DMA32 free:14824kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:4096KB active_anon:4kB inactive_anon:48kB active_file:0kB inactive_file:84kB unevictable:1880kB writepending:56kB present:1032196kB managed:306280kB mlocked:344kB bounce:0kB free_pcp:244kB local_pcp:212kB free_cma:0kB
[  330.943985][T12525] lowmem_reserve[]: 0 0 0 0 0
[  330.945308][T12525] Node 1 DMA32 free:70008kB boost:20480kB min:67624kB low:79408kB high:91192kB reserved_highatomic:2048KB active_anon:1100kB inactive_anon:39352kB active_file:26128kB inactive_file:41824kB unevictable:1756kB writepending:1420kB present:1048432kB managed:948252kB mlocked:220kB bounce:0kB free_pcp:2000kB local_pcp:996kB free_cma:0kB
[  330.965481][T12525] lowmem_reserve[]: 0 0 0 0 0
[  330.966798][T12525] Node 0 DMA: 45*4kB (UE) 20*8kB (E) 15*16kB (UE) 6*32kB (UE) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 772kB
[  330.975275][T12543] netlink: 9 bytes leftover after parsing attributes in process `syz.2.2014'.
[  330.977251][T12525] Node 0 DMA32: 253*4kB (UMEH) 37*8kB (MEH) 35*16kB (UME) 41*32kB (UMEH) 29*64kB (UME) 22*128kB (ME) 6*256kB (M) 7*512kB (M) 0*1024kB 1*2048kB (U) 0*4096kB = 15020kB
[  330.979826][T12543] 0�: renamed from hsr0
[  330.983819][T12525] Node 1 DMA32: 899*4kB (UM) 950*8kB (UME) 530*16kB (UME) 527*32kB (ME) 204*64kB (MEH) 49*128kB (UME) 18*256kB (UME) 17*512kB (ME) 5*1024kB (M) 0*2048kB 0*4096kB = 74300kB
[  330.990414][T12525] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  330.993907][T12525] Node 0 hugepages_total=1 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  330.997690][T12525] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  331.001771][T12525] Node 1 hugepages_total=3 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  331.004331][T12525] 24564 total pagecache pages
[  331.005612][T12525] 804 pages in swap cache
[  331.006756][T12525] Free swap  = 100408kB
[  331.006889][T12543] 0�: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  331.008343][T12525] Total swap = 124996kB
[  331.012800][T12525] 524155 pages RAM
[  331.013101][T12543] 0�: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  331.013787][T12525] 0 pages HighMem/MovableOnly
[  331.013794][T12525] 206682 pages reserved
[  331.013798][T12525] 0 pages cma reserved
[  331.019702][T12543] 0�: entered allmulticast mode
[  331.024014][T12543] hsr_slave_0: entered allmulticast mode
[  331.026096][T12543] hsr_slave_1: entered allmulticast mode
[  331.032849][T12543] A link change request failed with some changes committed already. Interface 
70� may have been left with an inconsistent configuration, please check.
[  331.056001][T12543] bridge0: port 1(ipvlan0) entered blocking state
[  331.059997][T12543] bridge0: port 1(ipvlan0) entered disabled state
[  331.062858][T12543] ipvlan0: entered allmulticast mode
[  331.064839][T12543] veth0_vlan: entered allmulticast mode
[  331.081150][T12543] ipvlan0: left allmulticast mode
[  331.083045][T12543] veth0_vlan: left allmulticast mode
[  331.316412][T12525] kexec: Could not allocate control_code_buffer
[  331.477125][T12567] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2021'.
[  331.480149][T12567] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2021'.
[  331.507352][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  331.532996][T12572] tmpfs: Unknown parameter 'mpo�'
[  331.535400][T12572] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2023'.
[  331.564031][T12574] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2024'.
[  331.594463][   T40] audit: type=1326 audit(2000000480.191:1323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12533 comm="syz.1.2010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58579 code=0x7fc00000
[  331.607640][   T40] audit: type=1326 audit(2000000480.191:1324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12533 comm="syz.1.2010" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f58579 code=0x7fc00000
[  331.613169][   T40] audit: type=1326 audit(2000000480.191:1325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12533 comm="syz.1.2010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58579 code=0x7fc00000
[  331.635974][   T40] audit: type=1326 audit(2000000480.191:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12533 comm="syz.1.2010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58579 code=0x7fc00000
[  331.642743][   T40] audit: type=1326 audit(2000000480.191:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12533 comm="syz.1.2010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58579 code=0x7fc00000
[  331.648577][   T40] audit: type=1326 audit(2000000480.191:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12533 comm="syz.1.2010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58579 code=0x7fc00000
[  331.654187][   T40] audit: type=1326 audit(2000000480.191:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12533 comm="syz.1.2010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58579 code=0x7fc00000
[  331.660865][   T40] audit: type=1326 audit(2000000480.191:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12533 comm="syz.1.2010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58579 code=0x7fc00000
[  331.800129][T12593] cannot load conntrack support for proto=3
[  331.887340][ T8452] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  332.038355][ T8452] usb 6-1: Using ep0 maxpacket: 8
[  332.045059][T12597] FAULT_INJECTION: forcing a failure.
[  332.045059][T12597] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  332.045085][ T8452] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  332.045105][T12597] CPU: 1 UID: 0 PID: 12597 Comm: syz.3.2033 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  332.053420][T12597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  332.056191][T12597] Call Trace:
[  332.057082][T12597]  <TASK>
[  332.057864][T12597]  dump_stack_lvl+0x16c/0x1f0
[  332.059114][T12597]  should_fail_ex+0x497/0x5b0
[  332.060358][T12597]  _copy_to_user+0x30/0xc0
[  332.061539][T12597]  simple_read_from_buffer+0xd0/0x160
[  332.062945][T12597]  proc_fail_nth_read+0x198/0x270
[  332.064279][T12597]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  332.065732][T12597]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  332.067179][T12597]  vfs_read+0x1ce/0xbd0
[  332.068312][T12597]  ? __fget_files+0x23a/0x3f0
[  332.069581][T12597]  ? fdget_pos+0x24c/0x360
[  332.070752][T12597]  ? __pfx_lock_release+0x10/0x10
[  332.072068][T12597]  ? trace_lock_acquire+0x14a/0x1d0
[  332.073441][T12597]  ? __pfx_vfs_read+0x10/0x10
[  332.074672][T12597]  ? __pfx___mutex_lock+0x10/0x10
[  332.075997][T12597]  ? __fget_files+0x244/0x3f0
[  332.077248][T12597]  ksys_read+0x12f/0x260
[  332.078372][T12597]  ? __pfx_ksys_read+0x10/0x10
[  332.079628][T12597]  ? rcu_is_watching+0x12/0xc0
[  332.080899][T12597]  __do_fast_syscall_32+0x73/0x120
[  332.082254][T12597]  do_fast_syscall_32+0x32/0x80
[  332.083539][T12597]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  332.085215][T12597] RIP: 0023:0xf7f4f579
[  332.086289][T12597] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  332.091289][T12597] RSP: 002b:00000000f56945a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  332.093458][T12597] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000f5694620
[  332.095500][T12597] RDX: 000000000000000f RSI: 00000000f73dbff4 RDI: 0000000000000000
[  332.097537][T12597] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  332.099420][T12597] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  332.101478][T12597] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  332.103540][T12597]  </TASK>
[  332.104464][    C1] vkms_vblank_simulate: vblank timer overrun
[  332.104507][ T8452] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  332.117348][ T8452] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  332.119930][ T8452] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  332.122513][ T8452] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  332.125910][ T8452] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  332.141646][ T8452] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.362098][T12601] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2035'.
[  332.364524][T12601] nbd: must specify at least one socket
[  332.547311][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  332.614230][ T8452] usb 6-1: usb_control_msg returned -32
[  332.615739][ T8452] usbtmc 6-1:16.0: can't read capabilities
[  333.587294][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  334.627311][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  334.747330][ T1284] usb 6-1: USB disconnect, device number 39
[  335.667356][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  336.707331][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  337.757309][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  338.787283][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  339.554426][T12674] openvswitch: netlink: nsh attribute has 4 unknown bytes.
[  339.575861][T12674] loop7: detected capacity change from 0 to 16384
[  339.637723][T12674] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  339.646164][T12674] Buffer I/O error on dev loop7, logical block 0, async page read
[  339.656877][T12674] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  339.660611][T12674] Buffer I/O error on dev loop7, logical block 0, async page read
[  339.664055][T12674] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  339.668211][T12674] Buffer I/O error on dev loop7, logical block 0, async page read
[  339.671895][T12674] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  339.675349][T12674] Buffer I/O error on dev loop7, logical block 0, async page read
[  339.713968][T12674] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  339.732126][T12674] Buffer I/O error on dev loop7, logical block 0, async page read
[  339.743459][T12674] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  339.746309][T12674] Buffer I/O error on dev loop7, logical block 0, async page read
[  339.749415][T12674] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  339.753429][T12674] Buffer I/O error on dev loop7, logical block 0, async page read
[  339.756075][T12674] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  339.769884][T12674] Buffer I/O error on dev loop7, logical block 0, async page read
[  339.775032][T12674] ldm_validate_partition_table(): Disk read failed.
[  339.778527][T12674] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  339.780967][T12674] Buffer I/O error on dev loop7, logical block 0, async page read
[  339.785245][T12674] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  339.787935][T12674] Buffer I/O error on dev loop7, logical block 0, async page read
[  339.799482][T12674] Dev loop7: unable to read RDB block 0
[  339.804099][T12674]  loop7: unable to read partition table
[  339.806170][T12674] loop_reread_partitions: partition scan of loop7 (K�C����4H0���#�	�$q�Z����I�����[�u�@3b�������!5MM�]
z) failed (rc=-5)
[  339.837323][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  340.867296][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  341.779135][T12704] UBIFS error (pid: 12704): cannot open "./file0", error -22
[  341.917336][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  342.009720][T12706] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  342.011474][T12706] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  342.026840][T12706] vhci_hcd vhci_hcd.0: Device attached
[  342.125592][T12712] overlay: Bad value for 'metacopy'
[  342.207399][   T57] vhci_hcd: vhci_device speed not set
[  342.277337][   T57] usb 19-1: new full-speed USB device number 3 using vhci_hcd
[  342.567286][ T8453] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[  342.727407][ T8453] usb 6-1: Using ep0 maxpacket: 32
[  342.732020][ T8453] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  342.736368][ T8453] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  342.739591][ T8453] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  342.743059][ T8453] usb 6-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  342.745646][ T8453] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.755120][ T8453] usb 6-1: config 0 descriptor??
[  342.760750][ T8453] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  342.882801][T12707] vhci_hcd: connection reset by peer
[  342.884575][T12056] vhci_hcd: stop threads
[  342.885939][T12056] vhci_hcd: release socket
[  342.889064][T12056] vhci_hcd: disconnect device
[  342.947317][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  343.987329][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  345.027281][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  345.405336][ T5410] usb 6-1: USB disconnect, device number 40
[  346.067298][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  347.107379][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  347.432687][   T57] vhci_hcd: vhci_device speed not set
[  348.017589][T12755] netlink: 116 bytes leftover after parsing attributes in process `syz.3.2073'.
[  348.147318][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  349.187292][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  349.553581][T12773] syzkaller0: entered promiscuous mode
[  349.555182][T12773] syzkaller0: entered allmulticast mode
[  350.207325][ T1303] usb 7-1: new full-speed USB device number 25 using dummy_hcd
[  350.227439][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  350.358470][ T1303] usb 7-1: config index 0 descriptor too short (expected 25183, got 18)
[  350.360631][ T1303] usb 7-1: config 116 has too many interfaces: 121, using maximum allowed: 32
[  350.362815][ T1303] usb 7-1: config 116 has an invalid descriptor of length 0, skipping remainder of the config
[  350.365418][ T1303] usb 7-1: config 116 has 0 interfaces, different from the descriptor's value: 121
[  350.378867][ T1303] usb 7-1: New USB device found, idVendor=0fe9, idProduct=db59, bcdDevice=e9.9b
[  350.381271][ T1303] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  350.383416][ T1303] usb 7-1: Product: syz
[  350.384548][ T1303] usb 7-1: Manufacturer: syz
[  350.385765][ T1303] usb 7-1: SerialNumber: syz
[  351.267363][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  351.506356][ T1303] usb 7-1: USB disconnect, device number 25
[  352.317326][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  352.419390][T12801] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2090'.
[  352.518114][T12812] netlink: 'syz.1.2095': attribute type 9 has an invalid length.
[  352.520511][T12812] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2095'.
[  352.555567][T12812] netlink: 'syz.1.2095': attribute type 9 has an invalid length.
[  352.558961][T12812] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2095'.
[  352.634210][T12815] netlink: 'syz.3.2096': attribute type 9 has an invalid length.
[  352.642255][T12815] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2096'.
[  352.816859][T12832] netlink: 'syz.3.2102': attribute type 12 has an invalid length.
[  353.347356][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  353.687692][T12859] netlink: 'syz.1.2108': attribute type 9 has an invalid length.
[  353.690443][T12859] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2108'.
[  353.708751][T12859] netlink: 'syz.1.2108': attribute type 9 has an invalid length.
[  353.712740][T12859] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2108'.
[  353.748396][T12858] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  353.750189][T12858] FAULT_INJECTION: forcing a failure.
[  353.750189][T12858] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  353.763333][T12858] CPU: 0 UID: 0 PID: 12858 Comm: syz.0.2110 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  353.766765][T12858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  353.769909][T12858] Call Trace:
[  353.770993][T12858]  <TASK>
[  353.771848][T12858]  dump_stack_lvl+0x16c/0x1f0
[  353.773166][T12858]  should_fail_ex+0x497/0x5b0
[  353.774564][T12858]  _copy_from_user+0x30/0xf0
[  353.775998][T12858]  kstrtouint_from_user+0xd7/0x1c0
[  353.777722][T12858]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  353.779310][T12858]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  353.780793][T12858]  proc_fail_nth_write+0x84/0x250
[  353.782111][T12858]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  353.783483][T12858]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  353.785196][T12858]  vfs_write+0x28e/0x1140
[  353.786329][T12858]  ? __fget_files+0x23a/0x3f0
[  353.787625][T12858]  ? fdget_pos+0x24c/0x360
[  353.788944][T12858]  ? __pfx_lock_release+0x10/0x10
[  353.790334][T12858]  ? trace_lock_acquire+0x14a/0x1d0
[  353.791869][T12858]  ? __pfx_vfs_write+0x10/0x10
[  353.793434][T12858]  ? __pfx___mutex_lock+0x10/0x10
[  353.794745][T12858]  ? __fget_files+0x244/0x3f0
[  353.795962][T12858]  ksys_write+0x12f/0x260
[  353.797112][T12858]  ? __pfx_ksys_write+0x10/0x10
[  353.798450][T12858]  ? rcu_is_watching+0x12/0xc0
[  353.799708][T12858]  __do_fast_syscall_32+0x73/0x120
[  353.801314][T12858]  do_fast_syscall_32+0x32/0x80
[  353.802898][T12858]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  353.805012][T12858] RIP: 0023:0xf7eff579
[  353.806240][T12858] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  353.811503][T12858] RSP: 002b:00000000f56865a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  353.814102][T12858] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5686620
[  353.816704][T12858] RDX: 0000000000000001 RSI: 00000000f738bff4 RDI: 0000000000000000
[  353.819362][T12858] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  353.821810][T12858] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  353.824117][T12858] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  353.826227][T12858]  </TASK>
[  353.837904][T12867] netlink: 'syz.1.2112': attribute type 1 has an invalid length.
[  353.893372][T12867] 8021q: adding VLAN 0 to HW filter on device bond2
[  353.896468][T12867] bond0: (slave bond2): Enslaving as an active interface with an up link
[  353.956587][T12875] netfs: Couldn't get user pages (rc=-14)
[  354.033468][T12882] input: syz0 as /devices/virtual/input/input25
[  354.108911][T12887] netlink: 'syz.1.2120': attribute type 9 has an invalid length.
[  354.111153][T12887] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2120'.
[  354.161453][T12887] netlink: 'syz.1.2120': attribute type 9 has an invalid length.
[  354.163531][T12887] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2120'.
[  354.377169][T12897] dlm: no local IP address has been set
[  354.381399][T12897] dlm: cannot start dlm midcomms -107
[  354.387311][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  354.445736][T12898] FAULT_INJECTION: forcing a failure.
[  354.445736][T12898] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  354.450415][T12898] CPU: 0 UID: 0 PID: 12898 Comm: syz.0.2122 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  354.454203][T12898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  354.457826][T12898] Call Trace:
[  354.458970][T12898]  <TASK>
[  354.459989][T12898]  dump_stack_lvl+0x16c/0x1f0
[  354.461628][T12898]  should_fail_ex+0x497/0x5b0
[  354.463370][T12898]  _copy_from_user+0x30/0xf0
[  354.465100][T12898]  generic_map_update_batch+0x3ff/0x5f0
[  354.467154][T12898]  ? __pfx_generic_map_update_batch+0x10/0x10
[  354.469492][T12898]  ? __pfx_generic_map_update_batch+0x10/0x10
[  354.471678][T12898]  bpf_map_do_batch+0x576/0x640
[  354.473188][T12898]  __sys_bpf+0x1c9f/0x5780
[  354.474801][T12898]  ? ksys_write+0x21e/0x260
[  354.476015][T12898]  ? __pfx___sys_bpf+0x10/0x10
[  354.477393][T12898]  ? lock_acquire.part.0+0x11b/0x380
[  354.478818][T12898]  ? find_held_lock+0x2d/0x110
[  354.480157][T12898]  ? bpf_trace_run2+0x266/0x590
[  354.481635][T12898]  ? __pfx_lock_release+0x10/0x10
[  354.483346][T12898]  ? __pfx_bpf_trace_run2+0x10/0x10
[  354.485061][T12898]  ? fput+0x30/0x390
[  354.486282][T12898]  ? __pfx_ksys_write+0x10/0x10
[  354.487645][T12898]  __ia32_sys_bpf+0x76/0xe0
[  354.488883][T12898]  __do_fast_syscall_32+0x73/0x120
[  354.490523][T12898]  do_fast_syscall_32+0x32/0x80
[  354.491934][T12898]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  354.494212][T12898] RIP: 0023:0xf7eff579
[  354.495699][T12898] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  354.502287][T12898] RSP: 002b:00000000f566556c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  354.505226][T12898] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000020000340
[  354.508219][T12898] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  354.511043][T12898] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  354.513738][T12898] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  354.516425][T12898] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  354.519153][T12898]  </TASK>
[  355.260652][T12921] netlink: 'syz.1.2129': attribute type 9 has an invalid length.
[  355.262713][T12921] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2129'.
[  355.318757][T12921] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2129'.
[  355.426973][T12919] FAULT_INJECTION: forcing a failure.
[  355.426973][T12919] name failslab, interval 1, probability 0, space 0, times 0
[  355.437314][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  355.439394][T12919] CPU: 0 UID: 0 PID: 12919 Comm: syz.3.2128 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  355.442255][T12919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  355.445085][T12919] Call Trace:
[  355.445973][T12919]  <TASK>
[  355.446774][T12919]  dump_stack_lvl+0x16c/0x1f0
[  355.448050][T12919]  should_fail_ex+0x497/0x5b0
[  355.449444][T12919]  ? fs_reclaim_acquire+0xae/0x160
[  355.450799][T12919]  should_failslab+0xc2/0x120
[  355.452059][T12919]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  355.453495][T12919]  ? ptlock_alloc+0x1f/0x70
[  355.454713][T12919]  ptlock_alloc+0x1f/0x70
[  355.455874][T12919]  pte_alloc_one+0x74/0x360
[  355.457097][T12919]  __pte_alloc+0x6e/0x390
[  355.458262][T12919]  ? __pfx___pte_alloc+0x10/0x10
[  355.459568][T12919]  ? __pfx___might_resched+0x10/0x10
[  355.460980][T12919]  copy_page_range+0x389a/0x5a50
[  355.462314][T12919]  ? __pfx_copy_page_range+0x10/0x10
[  355.463722][T12919]  ? mas_store+0x53b/0xad0
[  355.464927][T12919]  ? lock_acquire+0x2f/0xb0
[  355.466133][T12919]  ? copy_mm+0x1063/0x2550
[  355.467337][T12919]  ? up_write+0x1b2/0x520
[  355.468500][T12919]  copy_mm+0x134f/0x2550
[  355.469638][T12919]  ? __pfx_copy_mm+0x10/0x10
[  355.470868][T12919]  ? copy_process+0x3c7d/0x6ee0
[  355.472161][T12919]  ? __raw_spin_lock_init+0x3a/0x110
[  355.473568][T12919]  copy_process+0x3e43/0x6ee0
[  355.474821][T12919]  ? __pfx_copy_process+0x10/0x10
[  355.476173][T12919]  ? __pfx___lock_acquire+0x10/0x10
[  355.477549][T12919]  kernel_clone+0xfd/0x960
[  355.478635][T12919]  ? __pfx_kernel_clone+0x10/0x10
[  355.479945][T12919]  ? __pfx_lock_release+0x10/0x10
[  355.481294][T12919]  ? trace_lock_acquire+0x14a/0x1d0
[  355.482693][T12919]  __do_compat_sys_ia32_clone+0xb7/0x100
[  355.484201][T12919]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[  355.485853][T12919]  ? rcu_is_watching+0x12/0xc0
[  355.487110][T12919]  __do_fast_syscall_32+0x73/0x120
[  355.488398][T12919]  do_fast_syscall_32+0x32/0x80
[  355.489687][T12919]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  355.491354][T12919] RIP: 0023:0xf7f4f579
[  355.492442][T12919] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  355.497440][T12919] RSP: 002b:00000000f56d651c EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[  355.499607][T12919] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[  355.501676][T12919] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  355.503701][T12919] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  355.505777][T12919] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  355.507842][T12919] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  355.509918][T12919]  </TASK>
[  356.107544][T12942] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2135'.
[  356.113799][T12942] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2135'.
[  356.467379][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  356.625865][T12950] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2139'.
[  356.814414][   T40] audit: type=1326 audit(2000000505.421:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12952 comm="syz.3.2140" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f4f579 code=0x0
[  357.088439][T12965] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.2145'.
[  357.143776][T12965] sg_write: data in/out 603979740/17 bytes for SCSI command 0x0-- guessing data in;
[  357.143776][T12965]    program syz.0.2145 not setting count and/or reply_len properly
[  357.507373][    C2] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  357.527320][   T57] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  357.674294][T12984] FAULT_INJECTION: forcing a failure.
[  357.674294][T12984] name failslab, interval 1, probability 0, space 0, times 0
[  357.677621][T12984] CPU: 2 UID: 0 PID: 12984 Comm: syz.3.2151 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  357.680390][T12984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  357.683141][T12984] Call Trace:
[  357.684049][T12984]  <TASK>
[  357.684841][T12984]  dump_stack_lvl+0x16c/0x1f0
[  357.686089][T12984]  should_fail_ex+0x497/0x5b0
[  357.687328][T12984]  should_failslab+0xc2/0x120
[  357.688577][T12984]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  357.689981][T12984]  ? skb_clone+0x190/0x3f0
[  357.691167][T12984]  skb_clone+0x190/0x3f0
[  357.692331][T12984]  netlink_deliver_tap+0xb26/0xcf0
[  357.693683][T12984]  netlink_unicast+0x5e1/0x7f0
[  357.694969][T12984]  ? __pfx_netlink_unicast+0x10/0x10
[  357.696377][T12984]  ? __phys_addr_symbol+0x30/0x80
[  357.697721][T12984]  ? __check_object_size+0x488/0x710
[  357.699274][T12984]  netlink_sendmsg+0x8b8/0xd70
[  357.700540][T12984]  ? __pfx_netlink_sendmsg+0x10/0x10
[  357.701922][T12984]  ? lock_acquire+0x2f/0xb0
[  357.703130][T12984]  ____sys_sendmsg+0x9ae/0xb40
[  357.704414][T12984]  ? __pfx_____sys_sendmsg+0x10/0x10
[  357.705794][T12984]  ? get_compat_msghdr+0x11b/0x170
[  357.707140][T12984]  ? __pfx___lock_acquire+0x10/0x10
[  357.708519][T12984]  ___sys_sendmsg+0x135/0x1e0
[  357.709767][T12984]  ? __pfx____sys_sendmsg+0x10/0x10
[  357.711111][T12984]  ? lock_acquire+0x2f/0xb0
[  357.712254][T12984]  ? __fget_files+0x40/0x3f0
[  357.713486][T12984]  ? fdget+0x176/0x210
[  357.714565][T12984]  __sys_sendmsg+0x117/0x1f0
[  357.715798][T12984]  ? __pfx___sys_sendmsg+0x10/0x10
[  357.717161][T12984]  ? bpf_trace_run2+0x2a6/0x590
[  357.718454][T12984]  ? rcu_is_watching+0x12/0xc0
[  357.719718][T12984]  __do_fast_syscall_32+0x73/0x120
[  357.721065][T12984]  do_fast_syscall_32+0x32/0x80
[  357.722343][T12984]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  357.724007][T12984] RIP: 0023:0xf7f4f579
[  357.725084][T12984] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  357.730098][T12984] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  357.732239][T12984] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020005840
[  357.734283][T12984] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  357.736328][T12984] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  357.738397][T12984] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  357.740447][T12984] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  357.742488][T12984]  </TASK>
[  357.767899][   T57] usb 5-1: Using ep0 maxpacket: 32
[  357.787968][   T57] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  357.791173][   T57] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  357.793474][   T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  357.795782][   T57] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  357.798515][   T57] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  357.801007][   T57] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  357.804357][   T57] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  357.806668][   T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  357.809932][   T57] usb 5-1: config 0 descriptor??
[  358.016727][   T57] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 34 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  358.547297][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  358.666938][T13000] validate_nla: 2 callbacks suppressed
[  358.666954][T13000] netlink: 'syz.2.2155': attribute type 10 has an invalid length.
[  358.674389][T13000] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  358.727727][ T5406] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  358.832239][T13008] futex_wake_op: syz.2.2158 tries to shift op by -1; fix this program
[  358.869878][T13008] program syz.2.2158 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  358.877388][ T5406] usb 6-1: Using ep0 maxpacket: 16
[  358.880587][ T5406] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  358.883303][ T5406] usb 6-1: config 0 has no interface number 0
[  358.885203][ T5406] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  358.889002][ T5406] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  358.893593][ T5406] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  358.896713][ T5406] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  358.899868][ T5406] usb 6-1: Product: syz
[  358.901261][ T5406] usb 6-1: SerialNumber: syz
[  358.904628][ T5406] usb 6-1: config 0 descriptor??
[  358.912513][ T5406] cm109 6-1:0.8: invalid payload size 0, expected 4
[  358.915862][ T5406] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.8/input/input26
[  358.928514][T13009] FAULT_INJECTION: forcing a failure.
[  358.928514][T13009] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  358.932006][T13009] CPU: 2 UID: 0 PID: 13009 Comm: syz.2.2158 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  358.935035][T13009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  358.938139][T13009] Call Trace:
[  358.939123][T13009]  <TASK>
[  358.939933][T13009]  dump_stack_lvl+0x16c/0x1f0
[  358.941369][T13009]  should_fail_ex+0x497/0x5b0
[  358.942699][T13009]  _copy_from_user+0x30/0xf0
[  358.944082][T13009]  input_event_from_user+0x22d/0x3b0
[  358.945560][T13009]  ? __pfx_input_event_from_user+0x10/0x10
[  358.947092][T13009]  ? input_inject_event+0x51/0x370
[  358.948459][T13009]  evdev_write+0x377/0x750
[  358.949638][T13009]  ? __pfx_evdev_write+0x10/0x10
[  358.950939][T13009]  ? bpf_lsm_file_permission+0x9/0x10
[  358.952352][T13009]  ? security_file_permission+0x71/0x210
[  358.953820][T13009]  ? __pfx_evdev_write+0x10/0x10
[  358.955123][T13009]  vfs_write+0x28e/0x1140
[  358.956273][T13009]  ? __fget_files+0x23a/0x3f0
[  358.957504][T13009]  ? __pfx_lock_release+0x10/0x10
[  358.958822][T13009]  ? trace_lock_acquire+0x14a/0x1d0
[  358.960185][T13009]  ? __pfx_vfs_write+0x10/0x10
[  358.961436][T13009]  ? lock_acquire+0x2f/0xb0
[  358.962629][T13009]  ? __fget_files+0x40/0x3f0
[  358.963851][T13009]  ? __fget_files+0x244/0x3f0
[  358.965100][T13009]  ksys_write+0x1fa/0x260
[  358.966233][T13009]  ? __pfx_ksys_write+0x10/0x10
[  358.967535][T13009]  ? rcu_is_watching+0x12/0xc0
[  358.968804][T13009]  __do_fast_syscall_32+0x73/0x120
[  358.970148][T13009]  do_fast_syscall_32+0x32/0x80
[  358.971433][T13009]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  358.973032][T13009] RIP: 0023:0xf7f15579
[  358.974104][T13009] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  358.979058][T13009] RSP: 002b:00000000f567556c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  358.981184][T13009] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000040
[  358.983248][T13009] RDX: 00000000000012d8 RSI: 0000000000000000 RDI: 0000000000000000
[  358.985325][T13009] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  358.987374][T13009] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  358.989452][T13009] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  358.991510][T13009]  </TASK>
[  359.597263][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  359.858145][T13012] 
[  359.859076][T13012] ======================================================
[  359.861605][T13012] WARNING: possible circular locking dependency detected
[  359.864265][T13012] 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0 Not tainted
[  359.868523][T13012] ------------------------------------------------------
[  359.871381][T13012] syz.2.2159/13012 is trying to acquire lock:
[  359.873534][T13012] ffff888022d22258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: rfcomm_sk_state_change+0x6d/0x3b0
[  359.877653][T13012] 
[  359.877653][T13012] but task is already holding lock:
[  359.880305][T13012] ffff888011d31528 (&d->lock){+.+.}-{3:3}, at: __rfcomm_dlc_close+0x235/0x700
[  359.883545][T13012] 
[  359.883545][T13012] which lock already depends on the new lock.
[  359.883545][T13012] 
[  359.887230][T13012] 
[  359.887230][T13012] the existing dependency chain (in reverse order) is:
[  359.890467][T13012] 
[  359.890467][T13012] -> #2 (&d->lock){+.+.}-{3:3}:
[  359.893037][T13012]        __mutex_lock+0x175/0x9c0
[  359.894870][T13012]        rfcomm_dev_ioctl+0x12ae/0x1e70
[  359.896889][T13012]        rfcomm_sock_compat_ioctl+0xba/0xe0
[  359.899037][T13012]        compat_sock_ioctl+0x17b/0x7e0
[  359.901060][T13012]        __do_compat_sys_ioctl+0x259/0x2b0
[  359.903245][T13012]        __do_fast_syscall_32+0x73/0x120
[  359.905409][T13012]        do_fast_syscall_32+0x32/0x80
[  359.907436][T13012]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  359.909741][T13012] 
[  359.909741][T13012] -> #1 (rfcomm_dev_lock){+.+.}-{3:3}:
[  359.912541][T13012]        __mutex_lock+0x175/0x9c0
[  359.914406][T13012]        rfcomm_dev_get+0x6e/0x2b0
[  359.916300][T13012]        rfcomm_dev_ioctl+0x378/0x1e70
[  359.918310][T13012]        rfcomm_sock_compat_ioctl+0xba/0xe0
[  359.920470][T13012]        compat_sock_ioctl+0x17b/0x7e0
[  359.922482][T13012]        __do_compat_sys_ioctl+0x259/0x2b0
[  359.924581][T13012]        __do_fast_syscall_32+0x73/0x120
[  359.926058][T13012]        do_fast_syscall_32+0x32/0x80
[  359.927520][T13012]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  359.929314][T13012] 
[  359.929314][T13012] -> #0 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}:
[  359.931761][T13012]        __lock_acquire+0x250b/0x3ce0
[  359.933156][T13012]        lock_acquire.part.0+0x11b/0x380
[  359.934542][T13012]        lock_sock_nested+0x3a/0xf0
[  359.935835][T13012]        rfcomm_sk_state_change+0x6d/0x3b0
[  359.937296][T13012]        __rfcomm_dlc_close+0x28c/0x700
[  359.938765][T13012]        rfcomm_dlc_close+0x1eb/0x240
[  359.940278][T13012]        __rfcomm_sock_close+0xa7/0x230
[  359.941779][T13012]        rfcomm_sock_shutdown+0xd5/0x230
[  359.943296][T13012]        rfcomm_sock_release+0x5d/0x140
[  359.944773][T13012]        __sock_release+0xb0/0x270
[  359.946119][T13012]        sock_close+0x1c/0x30
[  359.947358][T13012]        __fput+0x3f6/0xb60
[  359.948558][T13012]        task_work_run+0x14e/0x250
[  359.949899][T13012]        get_signal+0x1d3/0x26d0
[  359.951223][T13012]        arch_do_signal_or_restart+0x90/0x7e0
[  359.952826][T13012]        syscall_exit_to_user_mode+0x150/0x2a0
[  359.954432][T13012]        __do_fast_syscall_32+0x80/0x120
[  359.955884][T13012]        do_fast_syscall_32+0x32/0x80
[  359.957313][T13012]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  359.959047][T13012] 
[  359.959047][T13012] other info that might help us debug this:
[  359.959047][T13012] 
[  359.961742][T13012] Chain exists of:
[  359.961742][T13012]   sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM --> rfcomm_dev_lock --> &d->lock
[  359.961742][T13012] 
[  359.965486][T13012]  Possible unsafe locking scenario:
[  359.965486][T13012] 
[  359.967443][T13012]        CPU0                    CPU1
[  359.968856][T13012]        ----                    ----
[  359.970251][T13012]   lock(&d->lock);
[  359.971276][T13012]                                lock(rfcomm_dev_lock);
[  359.973083][T13012]                                lock(&d->lock);
[  359.974741][T13012]   lock(sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM);
[  359.976370][T13012] 
[  359.976370][T13012]  *** DEADLOCK ***
[  359.976370][T13012] 
[  359.978522][T13012] 3 locks held by syz.2.2159/13012:
[  359.979928][T13012]  #0: ffff88804a109408 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x270
[  359.982762][T13012]  #1: ffffffff8fd51e28 (rfcomm_mutex){+.+.}-{3:3}, at: rfcomm_dlc_close+0x33/0x240
[  359.985115][T13012]  #2: ffff888011d31528 (&d->lock){+.+.}-{3:3}, at: __rfcomm_dlc_close+0x235/0x700
[  359.987513][T13012] 
[  359.987513][T13012] stack backtrace:
[  359.989074][T13012] CPU: 2 UID: 0 PID: 13012 Comm: syz.2.2159 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[  359.991838][T13012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  359.994571][T13012] Call Trace:
[  359.995450][T13012]  <TASK>
[  359.996259][T13012]  dump_stack_lvl+0x116/0x1f0
[  359.997510][T13012]  print_circular_bug+0x419/0x5d0
[  359.998851][T13012]  check_noncircular+0x31a/0x400
[  360.000210][T13012]  ? __pfx_check_noncircular+0x10/0x10
[  360.001579][T13012]  ? lockdep_lock+0xc6/0x200
[  360.002791][T13012]  ? __pfx_lockdep_lock+0x10/0x10
[  360.004059][T13012]  __lock_acquire+0x250b/0x3ce0
[  360.005307][T13012]  ? __pfx___lock_acquire+0x10/0x10
[  360.006626][T13012]  ? __mutex_trylock_common+0xea/0x250
[  360.008039][T13012]  ? __pfx___mutex_trylock_common+0x10/0x10
[  360.009628][T13012]  ? __rfcomm_dlc_close+0x235/0x700
[  360.011013][T13012]  lock_acquire.part.0+0x11b/0x380
[  360.012393][T13012]  ? rfcomm_sk_state_change+0x6d/0x3b0
[  360.013827][T13012]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  360.015317][T13012]  ? rcu_is_watching+0x12/0xc0
[  360.016598][T13012]  ? trace_lock_acquire+0x14a/0x1d0
[  360.017977][T13012]  ? rfcomm_sk_state_change+0x6d/0x3b0
[  360.019422][T13012]  ? lock_acquire+0x2f/0xb0
[  360.020635][T13012]  ? rfcomm_sk_state_change+0x6d/0x3b0
[  360.022064][T13012]  lock_sock_nested+0x3a/0xf0
[  360.023312][T13012]  ? rfcomm_sk_state_change+0x6d/0x3b0
[  360.024776][T13012]  rfcomm_sk_state_change+0x6d/0x3b0
[  360.026176][T13012]  __rfcomm_dlc_close+0x28c/0x700
[  360.027580][T13012]  rfcomm_dlc_close+0x1eb/0x240
[  360.028935][T13012]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  360.030514][T13012]  __rfcomm_sock_close+0xa7/0x230
[  360.031806][T13012]  rfcomm_sock_shutdown+0xd5/0x230
[  360.033151][T13012]  rfcomm_sock_release+0x5d/0x140
[  360.034489][T13012]  __sock_release+0xb0/0x270
[  360.035718][T13012]  ? __pfx_sock_close+0x10/0x10
[  360.037016][T13012]  sock_close+0x1c/0x30
[  360.038122][T13012]  __fput+0x3f6/0xb60
[  360.039185][T13012]  ? _raw_spin_unlock_irq+0x23/0x50
[  360.040568][T13012]  task_work_run+0x14e/0x250
[  360.041797][T13012]  ? __pfx_task_work_run+0x10/0x10
[  360.043150][T13012]  get_signal+0x1d3/0x26d0
[  360.044357][T13012]  ? kick_process+0xf6/0x1b0
[  360.045590][T13012]  ? task_work_add+0x1d6/0x370
[  360.046869][T13012]  ? __pfx_task_work_add+0x10/0x10
[  360.048233][T13012]  ? __pfx_get_signal+0x10/0x10
[  360.049513][T13012]  arch_do_signal_or_restart+0x90/0x7e0
[  360.050961][T13012]  ? __pfx___sys_connect+0x10/0x10
[  360.052312][T13012]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  360.053918][T13012]  ? rcu_is_watching+0x12/0xc0
[  360.055177][T13012]  syscall_exit_to_user_mode+0x150/0x2a0
[  360.056657][T13012]  __do_fast_syscall_32+0x80/0x120
[  360.057996][T13012]  do_fast_syscall_32+0x32/0x80
[  360.059275][T13012]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  360.060940][T13012] RIP: 0023:0xf7f15579
[  360.062018][T13012] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  360.067066][T13012] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  360.069252][T13012] RAX: fffffffffffffffc RBX: 0000000000000008 RCX: 00000000200004c0
[  360.071319][T13012] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[  360.073391][T13012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  360.075465][T13012] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  360.077538][T13012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  360.079599][T13012]  </TASK>
[  360.081541][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  360.083559][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  360.085417][    C1] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  360.087809][ T5406] usb 6-1: USB disconnect, device number 41
[  360.091584][ T5406] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  360.147861][ T1067] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  360.149622][ T1067] ata1: failed to read log page 10h (errno=-5)
[  360.151221][ T1067] ata1.00: NCQ disabled due to excessive errors
[  360.152852][ T1067] ata1.00: exception Emask 0x1 SAct 0x8 SErr 0x0 action 0x0
[  360.154751][ T1067] ata1.00: irq_stat 0x40000000
[  360.156042][ T1067] ata1.00: failed command: WRITE FPDMA QUEUED
[  360.158337][ T1067] ata1.00: cmd 61/18:18:b2:10:10/00:00:00:00:00/40 tag 3 ncq dma 12288 out
[  360.158337][ T1067]          res 50/04:01:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  360.162701][ T1067] ata1.00: status: { DRDY }
[  360.163898][ T1067] ata1.00: error: { ABRT }
[  360.165677][ T1067] ata1.00: configured for UDMA/100
[  360.167187][ T1067] ata1: EH complete
[  360.282546][ T5406] usb 5-1: USB disconnect, device number 34
[  360.285576][ T5406] usblp0: removed
[  360.637276][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  361.667260][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  362.707274][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  363.747317][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  364.797350][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  365.827295][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  366.867285][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  367.907255][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  368.947315][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available

VM DIAGNOSIS:
04:34:12  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffc90004de7968 RCX=ffffc90004de7a00 RDX=1ffff920009bcf2d
RSI=ffffffff81789535 RDI=ffffc90004de7968 RBP=ffffc90004de79f8 RSP=ffffc90004de78f8
R8 =ffffc90004de799c R9 =ffffffff90ab91aa R10=ffffc90004de7968 R11=000000000000342f
R12=ffffffff81789280 R13=ffffc90004de7968 R14=0000000000000000 R15=ffff88802ab22440
RIP=ffffffff813ced06 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f22504bf280 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5675da4 CR3=0000000028536000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000004 Opmask01=0000000000000000 Opmask02=00000000fffffdff Opmask03=2040000404420020
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055bf8445f790 000055bf8446ea00
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055bf8445f790 000055bf8446ea00
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737373 7373737373737373
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffff00000000ff
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffff0000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffff00000000ff
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffffffffffffff
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b9374679620495e6 737326c9accc0f5d
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737142 7373737373737373
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 73202c297325286b 636f6c66206f7420 656c62616e55006e 6f69746974726170
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 302c393230302c38 3230302c37323030 2c36323030003536 3d5145534b534944
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0d11040f0d0d1105 0f0d0d110a0f0d0d 110b0f0d0d00080b 005145534b534944
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000002e1 0000000000000000 37706f6f6c2f6b63 6f6c622f6c617574
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055bf8446f280 000055bf8446cd60 0000000000000021 0000000000000031
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f225066e270 00007f225066e270 000000000000ab91 0000003177617264
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 49383a3a2648383a 3a2633383a3a2632 383a3a263d383a3a 263c383a3a263f38
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000c93144 RBX=0000000000000001 RCX=ffffffff8b12f709 RDX=ffffed10056a7026
RSI=ffffffff8bb120a0 RDI=ffffffff816407fc RBP=ffffed10036e9910 RSP=ffffc90000477e08
R8 =0000000000000000 R9 =ffffed10056a7025 R10=ffff88802b53812b R11=0000000000000001
R12=0000000000000001 R13=ffff88801b74c880 R14=ffffffff901cce88 R15=0000000000000000
RIP=ffffffff8b130aef RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000031f0fff8 CR3=000000006a716000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000069 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85034e45 RDI=ffffffff9a63a220 RBP=ffffffff9a63a1e0 RSP=ffffc90003b5f1a8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e32312e36
R12=0000000000000000 R13=0000000000000069 R14=ffffffff85034de0 R15=0000000000000000
RIP=ffffffff85034e6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000031f0bff8 CR3=00000000630e0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f806b5fa271945ca 09c58c34f6a108bc
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cb7f2631057269b7 a6845328d94af36c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 80940f2142a06df8 8cc6906cfefc541b
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 78e51a7ca1308f79 9b760caf9344d529
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000003400
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 da7feeecda9359f6 6200000010000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 da8a2e00da9bec66 db012dc100001249
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 da902b1864000000 86000000e6000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 620000001a000000 dae49db9fe000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 373a87d9b0746b24 7d563adbbc3e4a28
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 db279a61d040569e 0e52378d060d925f
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=00fff80000020038 RCX=ffffffff81c7d01d RDX=ffff88801f540000
RSI=ffffffff81c7e185 RDI=0000000000000004 RBP=ffffea00004b2ac0 RSP=ffffc90000eff2a8
R8 =0000000000000004 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000001
R12=00fff20000020001 R13=0000000000000003 R14=ffff88801acb4048 R15=0000000000000000
RIP=ffffffff818ca801 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000056a514c0 CR3=000000005c3a0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000