last executing test programs:

16.716630512s ago: executing program 4 (id=2350):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES64=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r3}, 0x10)
setitimer(0x2, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='io.stat\x00', 0x26e1, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4}, 0xe)
connect$bt_l2cap(r4, 0x0, 0x0)
setsockopt$bt_BT_SECURITY(r4, 0x112, 0x4, 0x0, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @any, 0xfffa}, 0xe)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x2a}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0xe, 0x0, &(0x7f0000000480)="1f6c00c2231bc4cb50017d870800", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r7 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000994bd740f60d5600b5a0000000010902120001000000000904"], 0x0)
syz_usb_control_io$printer(r7, 0x0, &(0x7f00000005c0)={0x34, &(0x7f0000000240)={0x20, 0x12, 0xbf, "7687c59daa0f15f8b0c6b5002f473d883621c24480c5de8a679b862ee9e92bbc9d7779f61ca3c26fbe3fc9619395216be699428eab1c17686c5d0b25d5abe91a72ad06520e8a4028b52e414c7a7803c0284c8fc555e9857a770d507689626ad9fe61d09318b120870b906931b02ee002699e34716bb15f925c858138f34ac6b2e5f58ca0895bf0d3da21adc3c8df113304f12256f10c109cda752e3f2ac1e4b6498a858dd1fbfbed5d011bc4ea719f881b250072808f2b008db40a6081ba04"}, &(0x7f00000003c0)={0x0, 0xa, 0x1}, &(0x7f0000000400)={0x0, 0x8, 0x1, 0x5}, &(0x7f0000000cc0)=ANY=[@ANYBLOB="2000cc00000000cae16f7491621230ed4598432fe21ec31f89cb4fa6729f526aca4f774f260eb3d5330382ee02de00c0d864de031b473060d8ced87edf71b0303f810ece99f4e570fd9e7b1e5cb5a58635c7e9f6baa2f9bc510cbcc51f4ce8a0a54efdd1b4a6eecc693f70bdd66c404f1d2913407e8ce0b8b9f01538d7f7580e0e6989f7cc9ed253e8e95bad97a3e683f3d480a022cb0c25945a7ad6d82ad2441dfa91df725aa8734c529d0bb7d1190e4c9c6faca1729b93a8ef4c40bd72bcf98f105d18d32560003331ba9b9926fb681f7bb8826372308e8c4a50c67fcdc8e459e1fd58a389728f6a485067d94386b06a41bede1dde9bbed6c85414523969f2ab452c12ec9ec74c250debc49f3452626d574fc203b94f70704d4c81aae102db6955f70ad30977"], &(0x7f0000000540)={0x20, 0x1, 0x1}, &(0x7f0000000580)={0x20, 0x0, 0x1, 0xb}})
syz_usb_control_io$cdc_ncm(r7, 0x0, &(0x7f0000000340)={0x44, &(0x7f0000000140)=ANY=[@ANYBLOB="17000600000061e1248a9986"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r7, &(0x7f0000000180)={0x14, &(0x7f00000000c0)={0x40, 0x11, 0x5f, {0x5f, 0x21, "8ddece344d77188a13858adfd77c7980709457b9348930364566cad9220c3bc585f1617e832327b5d7b87c100e814630a038fe41503066a261bea7d30006d4b90056c2af092fa569e558418b6b9981f9299a2047706c4e44bab5ae4e43"}}, &(0x7f0000000140)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000280)={0x0, 0xa, 0x1, 0x3}, &(0x7f00000002c0)={0x0, 0x8, 0x1, 0xf}, &(0x7f0000000300)={0x20, 0x80, 0x1c, {0x101, 0x9, 0x4000000, 0x8, 0x1, 0x40, 0x1, 0x8, 0xfffe, 0x15, 0x458a, 0xc0ea}}, &(0x7f0000000340)={0x20, 0x85, 0x4, 0x5}, &(0x7f0000000380)={0x20, 0x83, 0x2}, &(0x7f00000003c0)={0x20, 0x87, 0x2, 0x1}, &(0x7f0000000400)={0x20, 0x89, 0x2}})
syz_usb_control_io$uac1(r7, &(0x7f00000008c0)={0x14, &(0x7f0000000700)={0x0, 0x2a, 0x63, {0x63, 0x1, "e9d953476826dc0c5a49c688e02c1e93093a21be2c70401647e0acb7bfa581d34aa0be56bd66afb53de347347f861f499f9260b88bf5b8b91b4f1ce82562d9734c9ba41c5905eede836ef5e7315bb2277eb2692fb8ad7fe49266263ce52db7968b"}}, &(0x7f0000000780)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x424}}}, &(0x7f0000000c40)={0x44, &(0x7f0000000a40)={0x0, 0x30, 0xbd, "c01b9870364f4619146b070791c7e2011d219d31eb062a579369a2302419793646e2984dcf38a191c88a0d3985450275a54c7f5ec03abe1057153b942d0708e7aa9e8f4a3f07e13c745784588970d18ca09dffb9f0851dfa43ec1a4445f49e01628b52d3178ca3b4d7af475d338a6b3300ad8dbd16a8d26f00fdb8f67348573d76b969a7fdb3dd0de4447ead970b86af04c8dcd12ec542aec2c9ddaee95f0c859c93962cbc0a7190dc59713629394b3b4dde243888e571acb758fc27e7"}, &(0x7f0000000900)={0x0, 0xa, 0x1, 0x81}, &(0x7f0000000940)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000000600)={0x20, 0x81, 0x2, "9cfc"}, &(0x7f0000000b40)={0x20, 0x82, 0x3, "06c0eb"}, &(0x7f0000000b80)={0x20, 0x83, 0x2, "9ec2"}, &(0x7f0000000980)=ANY=[@ANYBLOB="9d20c207f7f6da0100000021"], &(0x7f0000000c00)={0x20, 0x85, 0x3, "d50800"}})
connect$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
dup3(r1, r5, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x3654}]}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='lp\x00', 0x3)

16.396544939s ago: executing program 0 (id=2351):
r0 = io_uring_setup(0x6a0, &(0x7f00000000c0))
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r1, 0x3ba0, &(0x7f0000000840)={0x48, 0x2, r2})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
mmap$binder(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x11, r3, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000040)={0x28, 0x0, r2, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000})
close_range(r0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r4 = landlock_create_ruleset(&(0x7f0000000000)={0x4060}, 0x10, 0x0)
landlock_restrict_self(r4, 0x2000000)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)

15.381664148s ago: executing program 0 (id=2352):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendto$l2tp6(r0, &(0x7f0000000640)="e202dfa728052a0cb905454ca448db31bb4016391e5ca288ac44d591d898133e66afe3fa06ae3ae18de6ca2e94a63f6580ef956d07e56ec36dff6dc6ddfea69e09570eccbe3e2ea6722ce73dbc7496becbcac5e618af5d5f60fb8ca31dbe49d45a6cb3d0d016d43529befcb5c83c115f2a1e270e3f39f6e87faf9d4bd304d9bb4f818b0c8f3aacaca734a35563434ae65491c7258bb70b181b51843f1488cb39893bf89e55373fac6df7a979f3359cbf465a7fc8ee2b769d684fe8327fdd8f9f94397a58e14b6612cb3c266a6bd035323af69517ba26a0af425c78964952d74a508dbfcf944ae9262a9347b64d2c6a0e45d398c20c20aa24ecb828cf6d4b2758ffc3aa1a686ee432f3a2e267b6bc8545f2a20f3d43b9ef0cb92944e1a2ab27616d5d3a62c7abef7dc57c81f06c22b01691ea2dba90703d5081b5c8556e7eb271b1de3774abba319e57173067d93dfc3e1316643c5b49c8894d080e805597b545a94157a5364340e0d40dc411021d0befdbe00d95e24cda652fecf733a5f8f7ff77bdd508708a080df6ae24e13768002f2c3ebdcf635e91354dca9f67dfbd35eec2fc04f10d8af3e47fcc75296454ee1ae68eb4bba68e7375363e7550b332e31771c16fc44633689b77c8232de096c6ca941afce677c4053b25c72a31db45a38e457967a627f1062a2d0815436f2e6a69b4554ede11555e22524365fd4294a5f8cf6d9b71982e392907c05a973108bd62952334f351a104a79cb9e78562135b021b4e003b3cac01bbf0c1c1aef3586fc4b78ddc575ae6261fe18d9585ca58fabcc786f200e649be0bb289a5db4ef6849561c73aeda52a6d9da62ec9291a0cc6de40f3be8c418555828f9255b3c830c87086c07a7501d8cced25a99f9da9155b719ebedb14431d2d684cf91b8cd9e55d77ef0d2bddeedf4e760c637502e0de060a873b0b7b0e9105046134075cdb767b01b988e31ca06be953e00b6f92e7ad284886995f84d17ac49c3433f43d8cc5910d3698d0aefd3c1ce74b1513f632ba51154c20278b202470ac70c91c8e74252bf7200d9ef35d3209227cb14729cc3b68f3a4acf4a4165101cb19fbbd5932df54ec524f358a9d0fcca179eff2d974c1a7519b0f7c163fb7b4cfe4c2235256984695f8b066ba62dc5c441869570b01cba3bf52775c71a1430c50b32843e2b235663f906049fe20916daac4da581326764e84590be2a25b895d6140899680e69f52b9815030014630920facd374f75eef9236cdc1224221f0569169a79a0cc05a2cec5bcc796b84816daf1d144f890a8c570f562781d7971f7da58d3dcb4e3fdc1c1a20eb7766c5d61b520c70b55cf491bc2542112d195fe04cbe61a51c72aff39c0429942e41d1ace0f3892c669a3683c409cb0ca04039064a12966ff74b5f33ea7e5409ef8aeab159be760f30fc4baa14eef324feac7d501789eef1daac7eba564e8159679a338ac6380a8e4b708b16f7c5adc1137cbe05ab43699d1dd3703a8b3b6c97f6f4da44f2d9970ef4ff98f9268b0f60568dab6907894c2dacc6396b345715a1566ec6ff655f9419268676582d36ad2bd2e22d59ba756b1e728a1be3d8e4a88eff33446031f91b280ff89341a16d08818c6dae47ec83d16e826750cdb44ac3aa187c28470f371efe2d6564bb16f3734ecc5fb4438d2038c3ef9d7f8f21b8d69014270205bd24d35766e55b06bb5d0dde78b8ec1b59aae562237d8dbd0242e5bd862ff22bce71670043c6880b653bc204a8725ffe142ceda4b8408093fbb316f7e98f20877c57760b72d729663d71ba5f85fd1cefb6bbf27d6b0c72c7abcd77d6409f1767a4f7945d83c25aa702dce7e0de3914f727fb6bfeccd8361d242d5e7e6f11b9daecf6597d944f8ec150d85b942316184bf163a2b39d6924c4f04798ae53b4bfb58b833a94577902a25ed90309456dbfc8cb7f5a52735966cb448085e3b66ff1f9fa34655ef8e64bc23573f424a43eebf83015bc3f7b6590d9d79a1d6e3bef490a8b04ec", 0x599, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x3}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
socket$kcm(0xa, 0x0, 0x87)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000340))
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000002780)={<r2=>0x0})
close(0xffffffffffffffff)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00005d4000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000040)="0f782a650f01d1b9800000c00f3235000800000f30c4e14d684c27ee0f16ddc4e1fc51d9660f0f8edf9ca2f897c4c25993bcb09b56295d66b82e000f00d0e500", 0x40}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x90)
preadv(0xffffffffffffffff, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x57)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000080)={r2, 0x3, r1})
syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r6, &(0x7f00000001c0)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000000300)=[{{&(0x7f0000000280)=@x25={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1}}, 0x80, &(0x7f0000000cc0)=[{&(0x7f00000000c0)="211824348283dc7253956f237c8dd81ccbbe708c2bcffffd06", 0x19}, {&(0x7f00000003c0)="1718e6100434870c77b89738bd70b93376b2bd8029f0419b44105cf3ec84fafb26ffe2c95c44324ac9e7690edc243fc831ac8833bc8d6dabdc4e5332109df88e0231c4d4e64a0b63c7e2c33eb8f6da972d88deb2698e6412432a3a36cfbaada332dc756d1ec1ae02b37d8724f5a06a5d5ab762b1d8feb3dbab2814b49f101f892a7f14b107099526ff2464060d4fbfd670215e29fc965662", 0x98}, {&(0x7f0000000200)="29bba99d2d2b635258f3a7f638ba38a7b1f3c8ee8d5605916b7e5cdeaee2b0831f833b526cf9593441af66a298e77e20635af7229e22647b5c358ea77dd22baf6d2779ae1b20707282585dc50852ccd63cbad08b3cc5cf5e02a7489ed1b9e489b344d4609fb7", 0x66}, {&(0x7f00000005c0)="d5992a6e66a5bd2a913303745d511a77b00c96ff086c223146216c25190778276fdede640bbdb9b33a4c7d8ae57017af0b648211f730ba904ac76c3dfd82d9406884b7623304874eaae7d336ad43f2f81aab0a8d1e856240d8941a936a2016fa6ee20f922c191a283c7672149f5f27c83b", 0x71}, {&(0x7f0000000c00)="a2a414c90fd66e8fa19eb5893d0e8f83f05b01b5791a724ca32cac01c4d52aa0da540070737ec815f85fc69cf364012a79b368438f9d5cf9c28b5154164b0251c430ff4e3e064b9edf298ff79419cd4da7b9f851f9f9d9374d56480beb06ddcd107d8473b23647888fc0da5dc7bf5b923678b5a42e024958118542f2d9fcb3657f2a04397a968da3aa9eac0d755e7be502d348fa8030470e8e039ca3f3d9cacbd727", 0xa2}], 0x5, &(0x7f0000000d40)=ANY=[@ANYRESOCT=r2], 0x58}}], 0x1, 0x448c6)

11.389647705s ago: executing program 4 (id=2358):
recvmmsg(0xffffffffffffffff, &(0x7f0000000440), 0x0, 0x2000000022, &(0x7f0000000000)={0x77359400})
recvmmsg(0xffffffffffffffff, &(0x7f0000000080), 0x1, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f00000001c0)={0x14000000, 0xffffffff})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newtaction={0xd4, 0x30, 0x871a15abc695fe3d, 0x0, 0x0, {}, [{0xc0, 0x1, [@m_ctinfo={0xbc, 0x1, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18, 0x24}]}, {0x77, 0x6, "e0a56ac54ff99917d140b0ca47137438e0230274c3b92dde71aa36c28b71c953a5f8bc380be39a0fee97dfed40ee2f1eb1b8846c68483111351a7d81845367cdffeb99eae5eac21987fca922e2bca1b29cb5df9134ebe62417f03ef0623263369c02e0dea34af4a1112fdaf7c3df617f15f01e"}, {0xc}, {0xc}}}]}]}, 0xd4}}, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
pselect6(0x40, &(0x7f00000045c0), 0x0, &(0x7f0000004640)={0xf8}, 0x0, 0x0)
read$eventfd(r2, 0x0, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
socket$inet6_sctp(0xa, 0x0, 0x84)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sched_setaffinity(0x0, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@link_local, @dev, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x10, 0x3a, 0x0, @remote, @mcast2, {[], @ni}}}}}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r7=>0x0})
add_key$keyring(&(0x7f0000000100), &(0x7f0000000000)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYRESDEC=r4, @ANYRES32=r7, @ANYRESOCT=r7], 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c0000000206010100000000000000000000000005000500000000000900020073797a3200000200050004000000000014000304686173683a69702c706f72742c6970000500010007000000317e24ffb201ec3c7a5031e3f1e19a6ade02575b2de2"], 0x4c}}, 0x0)

11.361638554s ago: executing program 2 (id=2359):
socket$inet6_tcp(0xa, 0x1, 0x0)
fsopen(&(0x7f0000000000)='msdos\x00', 0x1)
socket$kcm(0x10, 0x2, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000240)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
shutdown(r0, 0x1)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f00000000c0)={0x0, @in={{0xa, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, &(0x7f0000000040)=0x90)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000440)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0x2}, 0x1c)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000200), 0xfffffd9d)
r3 = syz_io_uring_setup(0x113, &(0x7f0000000140), &(0x7f0000000000)=<r4=>0x0, &(0x7f0000001480)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r3, 0x3f70, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)
sendfile(r1, r2, 0x0, 0x8000002b)

11.340030767s ago: executing program 0 (id=2360):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0xa00)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
rmdir(&(0x7f0000000180)='./file1\x00')
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

10.953475019s ago: executing program 0 (id=2362):
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x101301)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000016c0)={0x18, {"a2e3ad2119c752f91b5e09091bf70e0dd038e7ff7fc6e5539b3267078b089b3b0838721a0890e0878f0e1ac6e7049b3d63959b509a240d5b67f3988f7ef319520100ffe8d178708c523c921b9b5b31320d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70d998ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f0000000c558cdc0a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5af098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000108000e0a37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b2fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee61e877f76072ea2b8f060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d3a6df40babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f794c9eee1198751adaa13d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f39a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3ffb0467befee5e6342e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60559516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce21265b6e1cd7655b904801784c416b22f73d3246788a60c28b82b6522fb5f6ffcdae6fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f458d8d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d8872fe174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0ccdbed2889a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f980000000203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$USBDEVFS_CONNECTINFO(r0, 0x80045510, &(0x7f0000002a40))
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0xca442)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81101)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f00000000c0)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000001240)={@host})
ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r2, 0x7af, &(0x7f0000000080))
socket(0x2c, 0x5, 0xe8)
ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r2, 0x7af, &(0x7f0000000180)={@hyper})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r2, 0x7b1, &(0x7f0000000140)={&(0x7f0000001280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x800, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa5f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x95d, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x1], 0x1, 0x400})
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r4 = fcntl$dupfd(r3, 0x0, r3)
r5 = syz_usb_connect(0x0, 0x24, &(0x7f0000000280)={{0x12, 0x1, 0x0, 0x70, 0x3a, 0xc0, 0x20, 0x458, 0x7006, 0x6991, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xc7, 0x76, 0x98}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r5, 0x0, &(0x7f0000000780)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r5, &(0x7f00000000c0)={0x14, &(0x7f0000000040)={0x0, 0xf, 0x7, {0x7, 0x6, "688934075a"}}, &(0x7f0000000080)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x2801}}}, &(0x7f00000024c0)={0x44, &(0x7f0000000140)={0x0, 0x14, 0x7, "889697961e6c53"}, &(0x7f0000000180)={0x0, 0xa, 0x1, 0xfd}, &(0x7f00000001c0)={0x0, 0x8, 0x1, 0xf}, &(0x7f0000000280)={0x20, 0x81, 0x1, 'I'}, &(0x7f00000002c0)={0x20, 0x82, 0x3, "6454c9"}, &(0x7f0000000340)={0x20, 0x83, 0x1, "e4"}, &(0x7f0000000380)={0x20, 0x84, 0x4, "bb2e8d7b"}, &(0x7f00000003c0)={0x20, 0x85, 0x3, "104fd2"}})
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffd, 0x6, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="672d6a44b036", 0x0, 0x0, 0x0, 0x0, 0x0})
write$tun(r4, &(0x7f0000000400)=ANY=[], 0xa2)
move_mount(r1, &(0x7f0000001340)='./file0/../file0\x00', r1, &(0x7f0000000300)='./file0\x00', 0x201)

10.782499688s ago: executing program 3 (id=2363):
openat$capi20(0xffffffffffffff9c, &(0x7f0000001f80), 0x0, 0x0)
pipe2$9p(&(0x7f0000000040), 0x4000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
recvmsg$unix(r0, &(0x7f0000000780)={&(0x7f0000000700)=@abs, 0x6e, &(0x7f0000000dc0)=[{&(0x7f0000000840)=""/90, 0x5a}, {&(0x7f0000000ec0)=""/227, 0xe3}, {&(0x7f00000008c0)=""/132, 0x84}, {&(0x7f0000000b40)=""/187, 0xbb}, {&(0x7f0000000c00)=""/179, 0xb3}], 0x5, &(0x7f0000000e40)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x80}, 0x100)
fcntl$getown(0xffffffffffffffff, 0x9)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
r2 = socket(0x10, 0x80803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000005e00010200000000000000", @ANYRES32=0x0, @ANYBLOB="bf"], 0x1c}}, 0x0)
recvmmsg(r2, &(0x7f0000003380)=[{{&(0x7f0000000580)=@l2tp6={0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @broadcast}}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000680)=""/120, 0x78}, {&(0x7f0000000d00)=""/176, 0xb0}, {0x0}], 0x3, &(0x7f00000007c0)=""/89, 0x59}}, {{0x0, 0x0, &(0x7f0000000980)=[{0x0}, {&(0x7f0000001d80)=""/204, 0xcc}, {&(0x7f0000001e80)=""/254, 0xfe}, {&(0x7f0000001f80)=""/252, 0xfc}], 0x4, &(0x7f0000002080)=""/20, 0x14}, 0x81}, {{&(0x7f00000020c0)=@isdn, 0x80, &(0x7f0000003340)=[{&(0x7f0000002140)=""/37, 0x25}, {&(0x7f0000002180)=""/4096, 0x1000}, {&(0x7f0000003180)=""/138, 0x8a}, {&(0x7f0000003440)=""/252, 0xfc}], 0x4}, 0x5}], 0x3, 0x20, 0x0)
futex_waitv(0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
setpriority(0x2, 0x0, 0x1)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0)
madvise(&(0x7f0000165000/0x1000)=nil, 0x1000, 0x1)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r3, 0x40186f40, 0x20000502)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="3c00000011000100000000000000000007000000", @ANYRES32=r5, @ANYBLOB="00000000000000001c001a8018000580140006800800020000000000080001"], 0x3c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f00000002c0)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002502000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe5d6405000000000075040000000d00000701000000000000b70400001000e5206a0700fe00000000850000007d000000b70000000a00000095000000000000006458c2c62fc206000000f909a63796c113a80c19aab9d60700ffffffff483be3f0d3253730e78000000062c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637c48468766aeb39439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c013700e69274f8e9c31975e551558055dc2dc29edc33b375fa325dcf3e91e20f63d7030dbe7ff7f51fe89c3d17cf45a1616ad237682057034dfdc81f5a53cd640212c88e8b687a2446049577c75b76b775c1e301caf2465ed4b2ad56b848d046c52bfc3737127120ab17d82a294d174f240a3cdc725cfe6e839a1f80f59486578e45b008d39ab618f660e3c53ed4409aa92ae4fecd913060ca74ed8a303e22de12087a217d8d7be0ae1117cc791313b1318497dd5ebeef0d7e1795a6ff20f699870ebb137cffa79465da52ab2b3430ba0ba59152496a1ea5dd1e4dee46f6d3688603b5f25a588a31da4e481884074e211dd09a8b8039d0834507656ed7d552a990c1354d7638b2c2215dd9f606b01a92fabc6eb6fa033a86f8920e2168a80d7c86da5ad1d27c8d2a180e56046a49b989128ea736894d3eef8dca16ed63520be4654ddb14bfe4268c487c5a75c044e21021c089608c50adbc4e3f4c6a4ca86c7d2df5bc7c76e413d05e8f57b1e22d4af34f9d4d2e6e4d4f57f47aebdd5f98f67834c656b2fe09df4a1b15116fceaa404a6df278c7c629f584ba8d37c1137c2263ae02ad3718a03a886eb"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfe35}, 0x48)

10.147547974s ago: executing program 4 (id=2364):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
r2 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffe0}, {}, {0x4, 0x3}}}, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000007880)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {}, {0x2, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000003c0)=""/75, 0x0})
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f00000000c0)=0x1c)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x200, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000040)={0x28, 0x7, 0x0, 0x0, &(0x7f0000ff9000/0x7000)=nil, 0x7000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f00000001c0)={0x48})
r6 = dup(r5)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000000)={0x0, r6})
mount(&(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='squashfs\x00', 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x1e, 0x4, 0x0)

10.066682982s ago: executing program 2 (id=2365):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000480), r0)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r0, &(0x7f00000005c0)={0x0, 0x6000, &(0x7f0000000580)={&(0x7f0000000500)={0x20, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x20}}, 0x0)
unshare(0x4020400)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
r3 = userfaultfd(0x1)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
r4 = io_uring_setup(0x3eab, &(0x7f0000000380)={0x0, 0x9f73, 0x0, 0x1})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0), 0x0)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x804)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000000)={@host})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r5, 0x7a5, &(0x7f0000000140)={{@any, 0xffffffff}, 0x1, 0x1, 0x1})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r5, 0x7a5, &(0x7f00000001c0)={{@hyper, 0x4}})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r5, 0x7a5, &(0x7f0000000040)={{@host}, 0x0, 0x2})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r4)
ioctl$UFFDIO_COPY(r3, 0xc028aa05, &(0x7f0000000080)={&(0x7f0000c15000/0x1000)=nil, &(0x7f0000508000/0x4000)=nil, 0x1000})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)

9.52016194s ago: executing program 1 (id=2367):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001800), 0x0)
syz_open_dev$video(&(0x7f0000000100), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(0xffffffffffffffff, 0x3ba0, 0x0)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmmsg$alg(r5, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)}], 0x1, 0x0)
sendmsg$nl_route_sched_retired(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000013c0), 0x43c}}, 0x0)
recvmmsg(r5, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000010100)=[{&(0x7f0000010040)=""/136, 0x88}, {&(0x7f0000000280)=""/195, 0xc3}], 0x2}}], 0x1, 0x12020, 0x0)
write$tun(0xffffffffffffffff, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x0, 0x0, 0x0, {[@window={0x9, 0x3}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
unlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
socket$inet6_sctp(0xa, 0x1, 0x84)

9.375902698s ago: executing program 3 (id=2368):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0)
socket$inet(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
syz_io_uring_setup(0x516d, &(0x7f0000000080), 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
bind$packet(r1, &(0x7f0000000000)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @link_local}, 0x14)
sendto$inet6(r1, &(0x7f0000000280)="020409fcec074802010e0200c52cf7c20675e005b02f0800eb2b2ff0dac8897c6b112002faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x0)
mlock(&(0x7f0000ffd000/0x1000)=nil, 0x1000)

8.794040843s ago: executing program 3 (id=2369):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000200)={0x3c, r1, 0x607, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x3c}}, 0x0) (fail_nth: 3)

8.703497435s ago: executing program 2 (id=2370):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0xfffd)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket(0x22, 0x80000, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_int(r2, &(0x7f0000000100)='cpuset.memory_spread_slab\x00', 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000340)=ANY=[], 0x5)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
socket(0x2b, 0x0, 0x9)
getpid()
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000040)={'syztnl2\x00', &(0x7f0000000400)={'syztnl1\x00', <r5=>0x0, 0x4, 0x3, 0xdf, 0x6, 0x40, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x7, 0x20, 0x5, 0x101}})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@bloom_filter={0x1e, 0x4, 0x401, 0x8, 0x0, 0x1, 0xe5, '\x00', r5, r4, 0x2, 0x4, 0x0, 0xc}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{r6}, &(0x7f0000000d00), 0x0}, 0x20)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000100))
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000001440)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f00000004c0)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r8, 0x40046208, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)

7.696392697s ago: executing program 3 (id=2371):
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xffffff19)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x4c80, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='task\x00')
getdents64(r0, &(0x7f0000000480)=""/4081, 0x103a)
poll(0x0, 0x0, 0x80)
getdents64(r0, &(0x7f00000001c0)=""/33, 0x21)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
rseq(&(0x7f0000000680), 0x20, 0x0, 0x0)
fspick(r0, &(0x7f0000000400)='./file0/file0/file0/file0/file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x3, 0xa, 0xffffffff, 0x7f, 0x2880, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x3}, 0x48)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000003c0)={'vxcan1\x00', <r1=>0x0})
connect$can_bcm(0xffffffffffffffff, &(0x7f00000000c0)={0x1d, r1}, 0x10)
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

5.574659547s ago: executing program 2 (id=2372):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x0, 0xb, 0x801, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_COMPAT_NAME={0x5, 0x1, '\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x2}, 0x8800)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r0, 0x8983, &(0x7f0000000080)={0x1, '\x00', {}, 0x4})

5.453053133s ago: executing program 0 (id=2373):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x20, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x0, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0800be00"}, @main=@item_4={0x3, 0x0, 0x9}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0)

5.236625073s ago: executing program 1 (id=2374):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, 0x0, 0x49}, 0x20)
socket$l2tp6(0xa, 0x2, 0x73)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x162682, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
userfaultfd(0x800)
ioperm(0x0, 0x35a, 0x80000001)
getpid()
dup3(0xffffffffffffffff, r0, 0x80000)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
write$P9_RLCREATE(0xffffffffffffffff, 0x0, 0x0)
add_key$user(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x2}, &(0x7f0000000200)="1d", 0x1, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x1}, &(0x7f0000000740)="69bf05d40ff7e03db3ddca537c6c5612321b25d32064e9ed643d462211406432e87c4d40383939ab8276bfc0294ba021d1ccf9b6b32d1b6c9e8c9737ca2d08305301693ef20a414ca24bed3736d182271d197fc2146a9f55070f3f31155b9081ecbd0fcc0296c88eac143394a776955e8a075194717757c9e085976cac66fd4c5bc83183df2db8205863d7f803e30242", 0x90, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x1}, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r1, 0x40046f41, 0x20000502)
dup(r0)

5.173269516s ago: executing program 3 (id=2375):
add_key$keyring(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000300)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x24, r3, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}}, 0x0)
r5 = eventfd2(0xffffffff, 0x80800)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000100)={0x1, r5})
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x28de, 0x1142, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$inet(r8, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r7, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
syz_usb_control_io(r6, &(0x7f00000001c0)={0x2c, &(0x7f0000000600)=ANY=[@ANYBLOB="0000050000000500b1"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x10)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r5})
write$eventfd(r5, &(0x7f00000000c0), 0x8)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)

5.161840505s ago: executing program 2 (id=2376):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000c00)={0x0, 0x0, @pic={0x0, 0x81, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1}})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000580)=[@text16={0x10, &(0x7f0000000180)="6766c7442400660000006766c7442402050000006766c744240600000000670f011c24ba2100ecba6100baf80c66b8684b258a66efbafc0c66b87400000066efea17939d00660f0d9e0a0065660fe460700f0017baf80c6766c7442400000000006766c7442402907800006766c744240600000000670f01142466efbafc0cec0f32", 0x82}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x8000000)

5.038041924s ago: executing program 1 (id=2377):
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
process_vm_writev(r1, &(0x7f00000001c0)=[{0x0}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, &(0x7f0000001700)=[{&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000240)=""/45, 0x2d}, {&(0x7f0000000280)=""/20, 0x14}, {0x0}, {&(0x7f0000001540)=""/128, 0x80}, {&(0x7f00000015c0)=""/166, 0xa6}, {&(0x7f0000001680)=""/102, 0x66}], 0x7, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a140000001100010000000000000000000000000a515501cf"], 0x28}, 0x1, 0x0, 0x0, 0xc081}, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x20000023896)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb}, 0x48)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv(r7, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r8 = socket(0x200000000000011, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000028c0)=ANY=[@ANYBLOB="b702000026000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643c4e8d41cdb7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6659f28d9961b626c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a08060000000200000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86acac1223331f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f553573c48104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c095162b3b5fb3832ee68e2b53d44bd84bf6770157e96bbb96b5e1f165c87e7a9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3df3572a7d9ef5f6103997f1f9e4b0c3970bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d", @ANYRES16=r8], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, 0x1f}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

3.509551118s ago: executing program 1 (id=2378):
accept4$packet(0xffffffffffffffff, &(0x7f0000000400), &(0x7f0000000440)=0x14, 0x80800)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040))
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)='=\n\x9b\xa1Q\x83\xe9\n@\xf6\"2a\xd7\x1fch\x1a}#\xfa\xe4\n\xdc[\x03\x97\xcd\xf1\xa6b\x9a\x1f\xff\xff\xffIT\xe4\x8c&\xac\xe6:\xc5\xe8\xd9\"\x82\xd5\xeb\x90\xef1:\xba\xc3\xc3\xd3\xad\'\xc44\x17,,\x8dZz\x04\x17-#F\xc7<\xe6\xf5]%gC\x9e\xca\nS\xc3\xc8\x98\xd8\xc8\x9eZ\xa76\x9f\xc2=\xaa\xcet7\xb9\xbd\xd47\xe3\xc8@$8\v\x9f\xfd\xe1!\x11\x19Y\x06J\x8f\x80\xef9Tw8\x1b\xe2\xf3\x85\xd5}\xa5\xb7\xd5|')
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0xa440)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000000)=@sack_info={0x0, 0x0, 0x6}, 0xc)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd, 0x0, 0x20000001, 0x8020, 0x0, 0x0, {0x401}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18c4aebce2d250e5effb000000e386225d000000000000fbff6119500000000000950000000000"], &(0x7f0000000080)='syzkaller\x00'}, 0x90)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000000340)=""/158, 0x9e}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
syz_pidfd_open(r4, 0x0)
r5 = fcntl$dupfd(r3, 0x0, r3)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x90)
ioctl$SCSI_IOCTL_GET_PCI(r5, 0x5393, &(0x7f0000000000))
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c)
mount(&(0x7f0000000100)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f0000000280)='cpuset\x00', 0x80, &(0x7f00000002c0)='/dev/snd/timer\x00')
sendto$inet6(r1, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

3.321692955s ago: executing program 2 (id=2379):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32], 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48)
socket$inet(0x2, 0x0, 0x0)
r1 = syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a440000000010109023b000101006000090400001a02060000052406000005240000000d240f01000000003900000000090582020002000000090503020002"], 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
recvfrom(r0, &(0x7f0000000280)=""/197, 0xc5, 0x40000140, 0x0, 0x0)
syz_usb_ep_write(r1, 0x82, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_usb_connect(0x0, 0x24, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000059d360205f0501d09288000000010902120001000000000904"], 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x2, 0x0, 0x3}]}, &(0x7f0000000040)='GPL\x00', 0x8, 0xe8, &(0x7f00000001c0)=""/232}, 0x90)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x48, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, @IFLA_BR_GROUP_FWD_MASK={0x6}]}}}]}, 0x48}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getegid()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000ab, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000007000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c0000005a00e923"], 0x1c}}, 0x0)

3.001653163s ago: executing program 4 (id=2380):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x800, 0x29, 0x3, 0x10, 0xffffffffffffffff, 0x2c6, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x2, 0x2}, 0x48)
prlimit64(0x0, 0xd, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x6e3754f8c93de59f, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x42000, 0x0)
preadv(r0, &(0x7f0000000180), 0x0, 0x0, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000580)=@ipv4_delrule={0x24, 0x21, 0x1, 0x0, 0x0, {0x2, 0x20}, [@FRA_DST={0x8, 0x1, @dev}]}, 0x24}}, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$tipc(0x1e, 0x2, 0x0)
socket(0x11, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000038100000086dd607a9d0700102100fc000000000000008000000000000000000000000000aa00004e200401907804dba20d20060000"], 0x0)
eventfd2(0x8000, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000006, 0x31, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_API(r2, 0xc018aa3f, 0x0)
r3 = syz_open_dev$cec(0x0, 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r3, 0x80026101, &(0x7f0000000080)={"a0453822", 0x0, 0x0, 0x0, 0x0, 0x0, "33793e77c734c4df2a87ba315ab8da", "000100", "00007f10", "8606ba80", ["d8085781ae0cff21223446fe", "51f3d17dc9ed6f291acb3a10", "2ce50f8a285d9500c522afe1"]})
r4 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f00000000c0)={0x80000043, 0x0, 0x0, 0x3}, 0x10)
bind$tipc(r4, 0x0, 0x0)
r5 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r5, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x3, {0x0, 0x3, 0x4}}, 0x10)
sendmsg$tipc(r4, &(0x7f0000001b80)={0x0, 0x0, 0x0}, 0x0)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})

2.798311277s ago: executing program 4 (id=2381):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000)={'#! ', '', [{0x20, '):'}, {0x20, 'hugetlb.2MB.usage_in_bytes\x00'}]}, 0x23)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
quotactl_fd$Q_SETINFO(r1, 0xffffffff80000601, 0xffffffffffffffff, &(0x7f0000000080)={0x1, 0x800, 0x0, 0x3})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f00000000c0)={'wpan1\x00', <r5=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000001700000008000300", @ANYRES32=r5, @ANYBLOB=' \x000'], 0x3c}}, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TCSETS(r6, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000279600"})
r7 = syz_open_pts(r6, 0x0)
r8 = dup(r7)
ioctl$TCSBRK(r8, 0x5409, 0x7)
ioctl$KVM_SET_CLOCK(r2, 0x4030ae7b, &(0x7f0000000040)={0xa914, 0x6, 0x2, 0xe55, 0x1})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000180)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
recvmsg(r9, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000005c0)=""/151, 0x97}], 0x1, &(0x7f0000002f40)=""/229, 0xe5}, 0x0)
close(r10)

2.366440277s ago: executing program 1 (id=2382):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0xfffd)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket(0x22, 0x80000, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_int(r2, &(0x7f0000000100)='cpuset.memory_spread_slab\x00', 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000340)=ANY=[], 0x5)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
socket(0x2b, 0x0, 0x9)
getpid()
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000040)={'syztnl2\x00', &(0x7f0000000400)={'syztnl1\x00', <r5=>0x0, 0x4, 0x3, 0xdf, 0x6, 0x40, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x7, 0x20, 0x5, 0x101}})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@bloom_filter={0x1e, 0x4, 0x401, 0x8, 0x0, 0x1, 0xe5, '\x00', r5, r4, 0x2, 0x4, 0x0, 0xc}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{r6}, &(0x7f0000000d00), 0x0}, 0x20)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000100))
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000001440)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f00000004c0)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r8, 0x40046208, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)

2.239748586s ago: executing program 4 (id=2383):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x13, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c1300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000048aa0080850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000540)={r0}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
unshare(0x0)
io_submit(0x0, 0x0, 0x0)
unshare(0x6a040000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=ANY=[], 0x3c}}, 0x800)
sendmsg$inet6(r2, &(0x7f0000000340)={&(0x7f0000000200)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1c, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1200000000000000110000006700000020010000000000000009000000000000001ab6069c9e103e6603b255dd3aa9c6d988dc9070a7f4f227fdb41db3f3", @ANYRES32=<r4=>r3, @ANYBLOB='\x00\x00\x00\x00'], 0x28}, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000840)=@mangle={'mangle\x00', 0x64, 0x6, 0x560, 0x100, 0x1d8, 0x100, 0x100, 0x2a8, 0x490, 0x490, 0x490, 0x490, 0x490, 0x6, 0x0, {[{{@ipv6={@empty, @loopback, [], [], 'gre0\x00', 'bond0\x00'}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@srh={{0x30}}]}, @common=@unspec=@CONNSECMARK={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x3c0}}, {{@ipv6={@mcast2, @private1, [], [], 'pim6reg1\x00', 'vlan1\x00'}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@hl={{0x28}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@remote, @ipv6=@mcast1}}}, {{@ipv6={@private0, @remote, [], [], 'tunl0\x00', 'bond_slave_0\x00'}, 0x0, 0xa8, 0xd0}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5c0)
syz_emit_vhci(&(0x7f0000000580)=ANY=[@ANYBLOB="126189a02c2c9c60d848f1469842ee2bac949c64df8e9dc5b53e72640a813731303ebac5ce6acbff860fe4406d13d79fc3a01586ea615f56156ea64d3ac54e1e224948c5b96c21c3b92b84f4ef7ba932f4f96fbaf0d0a11f4f2952fa866f20476ac3a852eb6fe9af0497028e9d7cb5108086175c4e65d7ef83bdc855ba58e853a91451fb61e949b661", @ANYRES32=r1, @ANYRES8=r4], 0x22)
syz_emit_vhci(0x0, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000040)={0x7ff, 0xef9, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f00000000c0)={0x5, 0x8, 0xd5b})
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x11, r6, 0x1000f0000)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x14, 0x16, 0x1e40, 0x7f}, 0x48)
socket(0xa, 0x3, 0x3a)

2.137550878s ago: executing program 0 (id=2384):
r0 = openat$smackfs_ipv6host(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$smackfs_ipv6host(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="3078303030303030303030303030656335363a3078303030303030303030303030623231323a3078303030303030303030303030303030393a3078303030303030303030303030303030313a3078303030303030303038303030303030303a3078303030303030303030303030303034303a3078303030303030303030303030303030353a30786666666666666666666666666666661e6c9467fb0e8cef39905541e3775cd2652f31383434363734343037333730393535313631352063b118dc8683b58f71f8580595072e51b5c570b936e60042086cb5f5c12fb951e7a760cfccac76c8b1d9d2cd33beb330db519221620fd6a573e6e058d9b72dbad7fb89ba068c73b8df47f4c2ea06a56e4cb6d9081937eb81346bf67d175fe76392554f475c2cdffc33396dd4c360000000009a4c436c02f03d050f45e0b97a39bd5a4d1865d5cf611b79"], 0x147)
r1 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r1, 0x3ba0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000011"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000040), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x10012, r3, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
r4 = socket(0x10, 0x80002, 0x4)
sendmsg$nl_route_sched(r4, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000029c0)=@newtaction={0x98, 0x13, 0x53b, 0x0, 0x0, {}, [{0x84, 0x1, [@m_sample={0x50, 0x0, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}, @m_mpls={0x30, 0x1, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}}, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r5, 0x0, 0x0, 0x0)

446.008664ms ago: executing program 1 (id=2385):
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xffffff19)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x4c80, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='task\x00')
getdents64(r0, &(0x7f0000000480)=""/4081, 0x103a)
poll(0x0, 0x0, 0x80)
getdents64(r0, &(0x7f00000001c0)=""/33, 0x21)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
rseq(&(0x7f0000000680), 0x20, 0x0, 0x0)
fspick(r0, &(0x7f0000000400)='./file0/file0/file0/file0/file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x3, 0xa, 0xffffffff, 0x7f, 0x2880, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x3}, 0x48)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000003c0)={'vxcan1\x00', <r1=>0x0})
connect$can_bcm(0xffffffffffffffff, &(0x7f00000000c0)={0x1d, r1}, 0x10)
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

0s ago: executing program 3 (id=2386):
ptrace(0x10, 0x0)
ptrace$getregset(0x4204, 0x0, 0x204, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x0)
mkdir(&(0x7f0000001280)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000740)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000050000006a0a00fe00000000850000000a000000b70000000000000095000000000000009cc6b3fcd62c7d376238975d43a4505f80fc88943c4f0cf08e467b592f868ee30a0e8c1bf176db2a6b2feb4b6fd3d5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872061ce618117c56f0979bd10b97163c953ab1abda4589e9cbe8d0d26b5069f8a98f7dc8f76b"], 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c40)={0x0, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018120000f637efa9a86dcfb1aad3702e58fa69844080e8ebd411f5d32d9b2078156102efdf733ac61179fe5fa1290f0e0ab6874a116e3d9c074b3612b2a1f0a341d2dca71cbd272828990ba8141fb511f4818ebffca7f7e00d0bf5a0d768d272ded1c5479453c8508d82ffd8353655b68eb1b0bc25b77dc039ed8763e8cc342d69bf226061a10bf0f5934891e9dc", @ANYRES32, @ANYRES16=r0, @ANYRES32, @ANYRESDEC=r0, @ANYRES32, @ANYRES64=r1], 0x0}, 0x90)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet_opts(r2, 0x0, 0x6, &(0x7f0000000380)='\a', 0x1)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000001000)=0x43aa, 0x4)
setsockopt$inet6_int(r2, 0x29, 0x31, &(0x7f0000000000)=0xb2, 0x4)
sendmmsg$inet6(r2, &(0x7f00000002c0)=[{{&(0x7f0000000b00)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x63, 0x0}}], 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000800), 0x62, 0x12141, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000080)={0x0, 0x0, 0x20}, 0xc)
socket$key(0xf, 0x3, 0x2)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x818400, &(0x7f00000001c0)=ANY=[@ANYRES16=0x0, @ANYRES8, @ANYRES64, @ANYRESDEC])
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f00000000c0)='./file1\x00', r4, &(0x7f0000000100)='./file1\x00')
ioctl$AUTOFS_IOC_CATATONIC(r3, 0x9362, 0x0)
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r5, 0x40049366, &(0x7f0000000180))
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)

kernel console output (not intermixed with test programs):

 strongly recommended to keep mac addresses unique to avoid problems!
[  668.760805][ T5274] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input25
[  668.770775][T12222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  668.808553][T12222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  668.830400][ T5274] usb 4-1: USB disconnect, device number 51
[  669.457266][T12222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  669.472812][T12222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.518669][T12222] batman_adv: batadv0: Interface activated: batadv_slave_0
[  669.621519][T12222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  669.682721][T12222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.722121][T12222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  669.760068][T12222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.793528][T12222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  669.810172][T12222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.829641][T12222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  669.856849][T12222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.888556][T12222] batman_adv: batadv0: Interface activated: batadv_slave_1
[  669.922132][T12222] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  669.941622][T12222] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  670.206897][T12222] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  670.216173][T12222] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  670.488776][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  670.531650][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  671.165095][  T938] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  671.254523][  T938] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  671.633262][T12507] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  672.248393][T12512] binder: 12511:12512 ioctl c018620c 20000000 returned -1
[  672.510066][T12497] xt_CONNSECMARK: invalid mode: 0
[  673.686205][T12528] xt_l2tp: v2 sid > 0xffff: 16777216
[  674.374483][T12546] ip6_tunnel: non-ECT from fc00:0000:0800:0000:0000:0000:0000:0000 with DS=0x2
[  676.492263][    T9] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  676.928207][    T9] usb 4-1: Using ep0 maxpacket: 16
[  676.944529][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  676.985034][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  677.008825][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  677.056981][    T9] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  677.072195][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  677.099459][    T9] usb 4-1: config 0 descriptor??
[  677.123234][   T29] kauditd_printk_skb: 33 callbacks suppressed
[  677.123254][   T29] audit: type=1326 audit(1723686965.811:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12572 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  677.167937][   T29] audit: type=1326 audit(1723686965.811:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12572 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  677.228214][   T29] audit: type=1326 audit(1723686965.811:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12572 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  677.311631][   T29] audit: type=1326 audit(1723686965.811:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12572 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  677.415158][   T29] audit: type=1326 audit(1723686965.811:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12572 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  677.459826][   T29] audit: type=1326 audit(1723686965.811:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12572 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  678.447387][   T29] audit: type=1326 audit(1723686965.811:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12572 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  678.493092][    T9] usbhid 4-1:0.0: can't add hid device: -71
[  678.507840][    T9] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  678.526836][   T29] audit: type=1326 audit(1723686965.811:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12572 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  678.577737][    T9] usb 4-1: USB disconnect, device number 52
[  679.471800][   T29] audit: type=1326 audit(1723686965.811:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12572 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  679.546852][   T29] audit: type=1326 audit(1723686965.811:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12572 comm="syz.2.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  681.076164][T12612] FAULT_INJECTION: forcing a failure.
[  681.076164][T12612] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  681.091071][T12612] CPU: 0 UID: 0 PID: 12612 Comm: syz.2.1847 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  681.101877][T12612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  681.113362][T12612] Call Trace:
[  681.116641][T12612]  <TASK>
[  681.119592][T12612]  dump_stack_lvl+0x241/0x360
[  681.124325][T12612]  ? __pfx_dump_stack_lvl+0x10/0x10
[  681.129591][T12612]  ? __pfx__printk+0x10/0x10
[  681.134227][T12612]  ? snprintf+0xda/0x120
[  681.138519][T12612]  should_fail_ex+0x3b0/0x4e0
[  681.143219][T12612]  _copy_to_user+0x2f/0xb0
[  681.147670][T12612]  simple_read_from_buffer+0xca/0x150
[  681.153066][T12612]  proc_fail_nth_read+0x1e9/0x250
[  681.158116][T12612]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  681.163687][T12612]  ? rw_verify_area+0x520/0x6b0
[  681.168563][T12612]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  681.174131][T12612]  vfs_read+0x204/0xbc0
[  681.178394][T12612]  ? __pfx_lock_release+0x10/0x10
[  681.183436][T12612]  ? _raw_spin_unlock_irq+0x2e/0x50
[  681.188653][T12612]  ? __pfx_vfs_read+0x10/0x10
[  681.193347][T12612]  ? __fget_files+0x29/0x470
[  681.197951][T12612]  ? __fget_files+0x3f6/0x470
[  681.202657][T12612]  ksys_read+0x1a0/0x2c0
[  681.206934][T12612]  ? __pfx_ksys_read+0x10/0x10
[  681.211736][T12612]  ? do_syscall_64+0x100/0x230
[  681.216682][T12612]  ? do_syscall_64+0xb6/0x230
[  681.221393][T12612]  do_syscall_64+0xf3/0x230
[  681.225904][T12612]  ? clear_bhb_loop+0x35/0x90
[  681.230597][T12612]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  681.236499][T12612] RIP: 0033:0x7f6ba93783fc
[  681.240926][T12612] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  681.260805][T12612] RSP: 002b:00007f6baa1e5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  681.269235][T12612] RAX: ffffffffffffffda RBX: 00007f6ba9515f80 RCX: 00007f6ba93783fc
[  681.277220][T12612] RDX: 000000000000000f RSI: 00007f6baa1e50a0 RDI: 0000000000000003
[  681.285200][T12612] RBP: 00007f6baa1e5090 R08: 0000000000000000 R09: 0000000000000008
[  681.293181][T12612] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[  681.301186][T12612] R13: 0000000000000000 R14: 00007f6ba9515f80 R15: 00007fffc5b05c68
[  681.309200][T12612]  </TASK>
[  682.175639][T12635] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  682.377250][ T5220] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  682.586837][ T5220] usb 4-1: Using ep0 maxpacket: 32
[  683.266477][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88802d46e000: rx timeout, send abort
[  683.341632][ T5220] usb 4-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  683.351184][ T5220] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  683.367424][ T5220] usb 4-1: config 0 descriptor??
[  683.400816][ T5220] gspca_main: sunplus-2.14.0 probing 0458:7006
[  683.815402][   T29] kauditd_printk_skb: 22 callbacks suppressed
[  683.815421][   T29] audit: type=1326 audit(1723686972.501:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12648 comm="syz.4.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  683.852074][    T8] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  683.918812][   T29] audit: type=1326 audit(1723686972.541:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12648 comm="syz.4.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  683.974728][   T29] audit: type=1326 audit(1723686972.541:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12648 comm="syz.4.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  684.046862][    T8] usb 3-1: Using ep0 maxpacket: 32
[  684.064301][   T29] audit: type=1326 audit(1723686972.541:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12648 comm="syz.4.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  684.066351][    T8] usb 3-1: config index 0 descriptor too short (expected 156, got 27)
[  684.096885][    T8] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  684.109285][    T8] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  684.122094][    T8] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  684.132417][   T29] audit: type=1326 audit(1723686972.561:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12648 comm="syz.4.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  684.173458][    T8] usb 3-1: config 0 interface 0 has no altsetting 0
[  684.195077][T12650] xt_CONNSECMARK: invalid mode: 0
[  684.195573][    T8] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  684.203449][   T29] audit: type=1326 audit(1723686972.561:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12648 comm="syz.4.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  684.209653][    T8] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  684.243942][   T29] audit: type=1326 audit(1723686972.561:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12648 comm="syz.4.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  684.293612][   T29] audit: type=1326 audit(1723686972.561:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12648 comm="syz.4.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  684.308588][    T8] usb 3-1: Product: syz
[  684.347627][    T8] usb 3-1: Manufacturer: syz
[  684.362550][   T29] audit: type=1326 audit(1723686972.561:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12648 comm="syz.4.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  684.363767][    T8] usb 3-1: SerialNumber: syz
[  684.396143][   T29] audit: type=1326 audit(1723686972.561:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12648 comm="syz.4.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  684.511470][    T8] usb 3-1: config 0 descriptor??
[  684.533603][    T8] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  684.557551][    T8] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  684.801061][    T8] usb 3-1: USB disconnect, device number 46
[  684.816686][    T8] ldusb 3-1:0.0: LD USB Device #0 now disconnected
[  684.900699][ T5220] gspca_sunplus: reg_r err -71
[  684.905656][ T5220] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  684.933663][ T5220] usb 4-1: USB disconnect, device number 53
[  686.073600][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  686.086223][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  686.708116][T12678] netlink: 'syz.4.1865': attribute type 5 has an invalid length.
[  687.007382][ T5302] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  687.226850][ T5302] usb 5-1: Using ep0 maxpacket: 32
[  687.236162][ T5302] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  687.255818][ T5302] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  687.303331][ T5302] usb 5-1: Product: syz
[  687.314055][ T5302] usb 5-1: Manufacturer: syz
[  687.327117][ T5302] usb 5-1: SerialNumber: syz
[  687.345584][ T5302] usb 5-1: config 0 descriptor??
[  688.800079][ T5302] rtl8150 5-1:0.0: couldn't reset the device
[  688.818296][ T5302] rtl8150 5-1:0.0: probe with driver rtl8150 failed with error -5
[  688.852277][ T5302] usb 5-1: USB disconnect, device number 42
[  690.359241][T12712] tap0: tun_chr_ioctl cmd 1074025677
[  690.378016][T12712] tap0: linktype set to 512
[  690.536700][T12718] dummy0: entered promiscuous mode
[  690.554899][T12718] dummy0: entered allmulticast mode
[  690.615045][T12720] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1874'.
[  690.640842][T12720] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1874'.
[  690.708131][T12720] ip6gretap0: entered promiscuous mode
[  690.723534][T12720] batadv_slave_1: entered promiscuous mode
[  690.867025][T12731] FAULT_INJECTION: forcing a failure.
[  690.867025][T12731] name failslab, interval 1, probability 0, space 0, times 0
[  690.880830][T12731] CPU: 0 UID: 0 PID: 12731 Comm: syz.1.1880 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  690.891737][T12731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  690.901841][T12731] Call Trace:
[  690.905234][T12731]  <TASK>
[  690.908210][T12731]  dump_stack_lvl+0x241/0x360
[  690.912934][T12731]  ? __pfx_dump_stack_lvl+0x10/0x10
[  690.918179][T12731]  ? __pfx__printk+0x10/0x10
[  690.923244][T12731]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  690.928833][T12731]  ? __pfx___might_resched+0x10/0x10
[  690.934167][T12731]  should_fail_ex+0x3b0/0x4e0
[  690.938881][T12731]  ? getname_kernel+0x59/0x2f0
[  690.943700][T12731]  should_failslab+0xac/0x100
[  690.948412][T12731]  ? getname_kernel+0x59/0x2f0
[  690.953207][T12731]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  690.958622][T12731]  getname_kernel+0x59/0x2f0
[  690.963276][T12731]  kern_path+0x1d/0x50
[  690.967384][T12731]  lookup_bdev+0xc5/0x290
[  690.971758][T12731]  ? __pfx___might_resched+0x10/0x10
[  690.977081][T12731]  ? __pfx_lookup_bdev+0x10/0x10
[  690.982064][T12731]  ? __pfx___mutex_trylock_common+0x10/0x10
[  690.988002][T12731]  get_tree_mtd+0x303/0x820
[  690.992545][T12731]  ? __pfx_cramfs_mtd_fill_super+0x10/0x10
[  690.998392][T12731]  ? __pfx_get_tree_mtd+0x10/0x10
[  691.003464][T12731]  ? vfs_write+0x7c4/0xc90
[  691.007922][T12731]  ? cap_capable+0x1b4/0x250
[  691.012552][T12731]  ? safesetid_security_capable+0xb2/0x1d0
[  691.018408][T12731]  cramfs_get_tree+0x1d/0x50
[  691.023741][T12731]  vfs_get_tree+0x90/0x2a0
[  691.028199][T12731]  vfs_cmd_create+0xa0/0x1f0
[  691.032815][T12731]  ? __se_sys_fsconfig+0xa1b/0xf80
[  691.037959][T12731]  __se_sys_fsconfig+0xa25/0xf80
[  691.042942][T12731]  ? __pfx___se_sys_fsconfig+0x10/0x10
[  691.048459][T12731]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  691.054579][T12731]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  691.060960][T12731]  ? do_syscall_64+0x100/0x230
[  691.065758][T12731]  ? __x64_sys_fsconfig+0x20/0xc0
[  691.070824][T12731]  do_syscall_64+0xf3/0x230
[  691.075355][T12731]  ? clear_bhb_loop+0x35/0x90
[  691.080054][T12731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.085984][T12731] RIP: 0033:0x7fb5027799b9
[  691.090438][T12731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  691.110081][T12731] RSP: 002b:00007fb5035b6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  691.118534][T12731] RAX: ffffffffffffffda RBX: 00007fb502915f80 RCX: 00007fb5027799b9
[  691.126540][T12731] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000004
[  691.134546][T12731] RBP: 00007fb5035b6090 R08: 0000000000000000 R09: 0000000000000000
[  691.142552][T12731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  691.150553][T12731] R13: 0000000000000000 R14: 00007fb502915f80 R15: 00007ffd87153108
[  691.158576][T12731]  </TASK>
[  691.239417][ T5220] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  691.537054][ T5220] usb 3-1: Using ep0 maxpacket: 32
[  691.600145][ T5220] usb 3-1: config index 0 descriptor too short (expected 156, got 27)
[  691.750923][ T5220] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  691.914014][ T5220] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  691.986234][ T5220] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  692.056071][ T5220] usb 3-1: config 0 interface 0 has no altsetting 0
[  692.106403][ T5220] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  692.125840][ T5220] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  692.151666][T12750] fuse: Bad value for 'fd'
[  692.154802][ T5220] usb 3-1: Product: syz
[  692.163607][ T5220] usb 3-1: Manufacturer: syz
[  692.286052][   T29] kauditd_printk_skb: 47 callbacks suppressed
[  692.286108][   T29] audit: type=1326 audit(1723686980.969:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12747 comm="syz.4.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  692.308134][   T29] audit: type=1326 audit(1723686980.999:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12747 comm="syz.4.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  692.471790][ T5220] usb 3-1: SerialNumber: syz
[  692.772790][ T5220] usb 3-1: config 0 descriptor??
[  692.874646][ T5220] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  692.918273][ T5220] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  693.097944][ T5302] usb 3-1: USB disconnect, device number 47
[  693.098003][    C1] ldusb 3-1:0.0: usb_submit_urb failed (-19)
[  693.123903][ T5302] ldusb 3-1:0.0: LD USB Device #0 now disconnected
[  693.491604][T12769] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1891'.
[  693.516978][T12769] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes.
[  694.970704][T12785] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1895'.
[  695.940120][T12801] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1903'.
[  696.509068][    T9] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  696.879230][    T9] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  696.902479][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  696.937558][    T9] usb 5-1: config 0 descriptor??
[  696.959893][    T9] cp210x 5-1:0.0: cp210x converter detected
[  697.056873][ T5302] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  697.147689][ T5220] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  697.289856][ T5302] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  697.306789][ T5302] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  697.327391][ T5302] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  697.341998][T12822] tracefs: Unknown parameter 'uid?0x0000000000000000'
[  697.356969][ T5220] usb 4-1: Using ep0 maxpacket: 32
[  697.362541][ T5302] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  697.381358][ T5220] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  697.382689][ T5302] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  697.414950][ T5220] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  697.452866][ T5302] usb 2-1: config 0 descriptor??
[  697.456989][ T5220] usb 4-1: Product: syz
[  697.472637][ T5220] usb 4-1: Manufacturer: syz
[  697.502841][ T5220] usb 4-1: SerialNumber: syz
[  697.547272][ T5220] usb 4-1: config 0 descriptor??
[  697.569096][    T9] usb 5-1: cp210x converter now attached to ttyUSB0
[  698.183904][ T5220] rtl8150 4-1:0.0: couldn't reset the device
[  698.201840][ T5220] rtl8150 4-1:0.0: probe with driver rtl8150 failed with error -5
[  698.254704][ T5220] usb 4-1: USB disconnect, device number 54
[  699.512601][ T5302] plantronics 0003:047F:FFFF.0021: ignoring exceeding usage max
[  699.554136][ T5302] plantronics 0003:047F:FFFF.0021: unbalanced collection at end of report description
[  699.618796][ T5302] plantronics 0003:047F:FFFF.0021: parse failed
[  699.664812][ T5302] plantronics 0003:047F:FFFF.0021: probe with driver plantronics failed with error -22
[  699.706864][ T5273] usb 5-1: USB disconnect, device number 43
[  699.758730][ T5273] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  699.798302][ T5273] cp210x 5-1:0.0: device disconnected
[  700.716952][ T5302] usb 2-1: USB disconnect, device number 37
[  701.167468][T12874] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  701.316669][   T29] audit: type=1326 audit(1723686989.999:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12876 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  701.340124][   T29] audit: type=1326 audit(1723686989.999:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12876 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  701.362504][   T29] audit: type=1326 audit(1723686990.009:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12876 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  701.385689][   T29] audit: type=1326 audit(1723686990.009:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12876 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  701.407673][   T29] audit: type=1326 audit(1723686990.009:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12876 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  701.432283][   T29] audit: type=1326 audit(1723686990.009:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12876 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  701.472594][   T29] audit: type=1326 audit(1723686990.009:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12876 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  701.509591][   T29] audit: type=1326 audit(1723686990.009:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12876 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  701.552595][   T29] audit: type=1326 audit(1723686990.009:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12876 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  701.688872][   T29] audit: type=1326 audit(1723686990.009:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12876 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ba93799b9 code=0x7ffc0000
[  701.736004][T12867] xt_CONNSECMARK: invalid mode: 0
[  701.876886][    T9] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  702.089950][    T9] usb 2-1: Using ep0 maxpacket: 32
[  702.105263][    T9] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  702.134365][    T9] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  702.218800][    T9] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  702.230812][    T9] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  702.244524][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  702.255947][    T9] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  702.272595][    T9] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  702.307398][    T9] usb 2-1: Product: syz
[  702.325190][    T9] usb 2-1: Manufacturer: syz
[  702.330317][    T9] usb 2-1: SerialNumber: syz
[  702.358232][    T9] usb 2-1: config 0 descriptor??
[  702.369073][    T9] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  702.382406][    T9] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  702.573161][    T9] usb 2-1: USB disconnect, device number 38
[  702.579114][    C0] ldusb 2-1:0.0: usb_submit_urb failed (-19)
[  702.586967][T12890] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1928'.
[  702.642252][    T9] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  703.706462][T12904] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  703.736269][T12908] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  704.357943][ T5220] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  704.569553][ T5220] usb 4-1: unable to get BOS descriptor or descriptor too short
[  704.597081][ T5220] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  704.621278][ T5220] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  704.674195][ T5220] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  704.699016][ T5220] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  704.723195][ T5220] usb 4-1: Product: syz
[  704.737263][ T5220] usb 4-1: SerialNumber: syz
[  706.531076][ T5220] usb 4-1: 0:1 : does not exist
[  707.429087][ T5220] usb 4-1: USB disconnect, device number 55
[  707.706930][T12946] ubi0: attaching mtd0
[  707.713222][T12946] ubi0: scanning is finished
[  707.793038][T12229] udevd[12229]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  707.912322][T12946] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  707.954672][T12946] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  707.973748][T12946] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  708.000426][T12946] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  708.013650][T12946] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  708.024507][T12946] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  708.036035][T12946] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 664002295
[  708.049033][T12946] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  708.066818][T12960] ubi0: background thread "ubi_bgt0d" started, PID 12960
[  709.031461][T12980] netlink: 'syz.2.1954': attribute type 1 has an invalid length.
[  709.354558][T12980] bond1: entered promiscuous mode
[  709.457147][T12985] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1954'.
[  709.498398][T12991] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1954'.
[  709.549882][T12991] bond1: left promiscuous mode
[  709.574523][T12991] 8021q: adding VLAN 0 to HW filter on device bond1
[  709.845663][T12999] fuse: Unknown parameter 'rootmodÛùÙý3[¾“0000000000100000'
[  710.690351][T13011] xt_CONNSECMARK: invalid mode: 0
[  712.461115][T13048] UBIFS error (pid: 13048): cannot open "./file0", error -22
[  714.005355][T13075] FAULT_INJECTION: forcing a failure.
[  714.005355][T13075] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  714.043452][T13075] CPU: 1 UID: 0 PID: 13075 Comm: syz.4.1972 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  714.054376][T13075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  714.064467][T13075] Call Trace:
[  714.067774][T13075]  <TASK>
[  714.070729][T13075]  dump_stack_lvl+0x241/0x360
[  714.075454][T13075]  ? __pfx_dump_stack_lvl+0x10/0x10
[  714.080699][T13075]  ? __pfx__printk+0x10/0x10
[  714.085333][T13075]  ? __pfx_lock_release+0x10/0x10
[  714.090399][T13075]  ? __lock_acquire+0x137a/0x2040
[  714.095464][T13075]  should_fail_ex+0x3b0/0x4e0
[  714.100175][T13075]  _copy_from_user+0x2f/0xe0
[  714.104809][T13075]  do_ipv6_setsockopt+0x2f1/0x3630
[  714.109975][T13075]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  714.115561][T13075]  ? get_pid_task+0x23/0x1f0
[  714.120181][T13075]  ? __pfx_lock_release+0x10/0x10
[  714.125245][T13075]  ? kstrtouint_from_user+0x128/0x190
[  714.130654][T13075]  ? mark_lock+0x9a/0x350
[  714.135050][T13075]  ? __lock_acquire+0x137a/0x2040
[  714.140141][T13075]  ? __pfx_lock_acquire+0x10/0x10
[  714.145217][T13075]  ipv6_setsockopt+0x5c/0x1a0
[  714.149956][T13075]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  714.155888][T13075]  do_sock_setsockopt+0x3af/0x720
[  714.160953][T13075]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  714.166530][T13075]  ? __fget_files+0x29/0x470
[  714.171151][T13075]  ? __fget_files+0x3f6/0x470
[  714.175877][T13075]  __sys_setsockopt+0x1ae/0x250
[  714.180766][T13075]  __x64_sys_setsockopt+0xb5/0xd0
[  714.185828][T13075]  do_syscall_64+0xf3/0x230
[  714.190362][T13075]  ? clear_bhb_loop+0x35/0x90
[  714.195070][T13075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  714.200990][T13075] RIP: 0033:0x7f1f815799b9
[  714.205440][T13075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  714.225089][T13075] RSP: 002b:00007f1f8238c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  714.233548][T13075] RAX: ffffffffffffffda RBX: 00007f1f81715f80 RCX: 00007f1f815799b9
[  714.241537][T13075] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000003
[  714.249534][T13075] RBP: 00007f1f8238c090 R08: 0000000000000020 R09: 0000000000000000
[  714.257528][T13075] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  714.265520][T13075] R13: 0000000000000000 R14: 00007f1f81715f80 R15: 00007fff7ae30e08
[  714.273523][T13075]  </TASK>
[  714.328080][T13077] netlink: 7 bytes leftover after parsing attributes in process `syz.3.1973'.
[  714.346645][T13077] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  714.466059][T13081] atomic_op ffff88805f75f998 conn xmit_atomic 0000000000000000
[  714.827411][   T49] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  715.051942][   T49] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  715.065546][   T49] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  715.075825][   T49] usb 5-1: Product: syz
[  715.081452][   T49] usb 5-1: Manufacturer: syz
[  715.089815][   T49] usb 5-1: SerialNumber: syz
[  715.109680][   T49] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  715.173048][ T5271] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  716.241434][ T5271] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  716.263974][T13091] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  716.264842][ T5271] ath9k_htc: Failed to initialize the device
[  716.306262][T13091] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  716.317492][T11948] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  722.224460][T11948] usb 2-1: Using ep0 maxpacket: 16
[  722.382594][ T5271] usb 5-1: ath9k_htc: USB layer deinitialized
[  722.479996][    T9] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  722.497465][ T5220] usb 5-1: USB disconnect, device number 44
[  722.514149][T11948] usb 2-1: device descriptor read/all, error -71
[  722.606015][   T29] kauditd_printk_skb: 52 callbacks suppressed
[  722.606035][   T29] audit: type=1326 audit(1723687011.289:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13099 comm="syz.3.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  722.648654][T13100] program syz.3.1982 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  722.687247][   T29] audit: type=1326 audit(1723687011.289:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13099 comm="syz.3.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  722.786921][   T29] audit: type=1326 audit(1723687011.289:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13099 comm="syz.3.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  722.829940][T13104] FAULT_INJECTION: forcing a failure.
[  722.829940][T13104] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  722.854290][T13104] CPU: 1 UID: 0 PID: 13104 Comm: syz.1.1983 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  722.857372][   T29] audit: type=1326 audit(1723687011.329:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13099 comm="syz.3.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  722.865087][T13104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  722.865106][T13104] Call Trace:
[  722.865116][T13104]  <TASK>
[  722.865127][T13104]  dump_stack_lvl+0x241/0x360
[  722.865174][T13104]  ? __pfx_dump_stack_lvl+0x10/0x10
[  722.865210][T13104]  ? __pfx__printk+0x10/0x10
[  722.917643][T13104]  ? __pfx_lock_release+0x10/0x10
[  722.922906][T13104]  should_fail_ex+0x3b0/0x4e0
[  722.927634][T13104]  _copy_from_user+0x2f/0xe0
[  722.932273][T13104]  copy_msghdr_from_user+0xae/0x680
[  722.937527][T13104]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  722.943411][T13104]  __sys_sendmsg+0x23d/0x3a0
[  722.948056][T13104]  ? __pfx___sys_sendmsg+0x10/0x10
[  722.953203][T13104]  ? vfs_write+0x7c4/0xc90
[  722.957700][T13104]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  722.964070][T13104]  ? do_syscall_64+0x100/0x230
[  722.968872][T13104]  ? do_syscall_64+0xb6/0x230
[  722.970467][   T29] audit: type=1326 audit(1723687011.329:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13099 comm="syz.3.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  722.973571][T13104]  do_syscall_64+0xf3/0x230
[  722.973600][T13104]  ? clear_bhb_loop+0x35/0x90
[  722.973630][T13104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  723.010268][T13104] RIP: 0033:0x7fb5027799b9
[  723.014722][T13104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  723.034371][T13104] RSP: 002b:00007fb5035b6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  723.042841][T13104] RAX: ffffffffffffffda RBX: 00007fb502915f80 RCX: 00007fb5027799b9
[  723.050943][T13104] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  723.058955][T13104] RBP: 00007fb5035b6090 R08: 0000000000000000 R09: 0000000000000000
[  723.066962][   T29] audit: type=1326 audit(1723687011.329:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13099 comm="syz.3.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f00e8378350 code=0x7ffc0000
[  723.067020][   T29] audit: type=1326 audit(1723687011.329:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13099 comm="syz.3.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  723.088502][T13104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  723.088522][T13104] R13: 0000000000000000 R14: 00007fb502915f80 R15: 00007ffd87153108
[  723.088559][T13104]  </TASK>
[  723.235830][   T29] audit: type=1326 audit(1723687011.339:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13099 comm="syz.3.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  723.345227][   T29] audit: type=1326 audit(1723687011.339:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13099 comm="syz.3.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  723.458095][   T29] audit: type=1326 audit(1723687011.339:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13099 comm="syz.3.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  723.500984][ T5226] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  723.512483][ T5226] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  723.550471][ T5226] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  723.560955][ T5226] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  723.568984][ T5226] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  723.576473][ T5226] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  723.813333][T13108] ubi: mtd0 is already attached to ubi0
[  724.581732][T13109] chnl_net:caif_netlink_parms(): no params data found
[  724.731400][T13131] veth0_vlan: left promiscuous mode
[  724.770272][T13131] veth0_vlan: entered promiscuous mode
[  725.006543][T13136] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  725.664757][T13140] netlink: 'syz.0.1990': attribute type 1 has an invalid length.
[  725.677412][T13140] netlink: 9328 bytes leftover after parsing attributes in process `syz.0.1990'.
[  725.682043][ T5226] Bluetooth: hci4: command tx timeout
[  725.709745][T13109] bridge0: port 1(bridge_slave_0) entered blocking state
[  725.717145][T13109] bridge0: port 1(bridge_slave_0) entered disabled state
[  725.718626][T13142] FAULT_INJECTION: forcing a failure.
[  725.718626][T13142] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  725.724519][T13109] bridge_slave_0: entered allmulticast mode
[  725.746474][T13109] bridge_slave_0: entered promiscuous mode
[  725.765818][T13109] bridge0: port 2(bridge_slave_1) entered blocking state
[  725.767079][T13140] netlink: 'syz.0.1990': attribute type 1 has an invalid length.
[  725.777131][T13109] bridge0: port 2(bridge_slave_1) entered disabled state
[  725.788614][T13109] bridge_slave_1: entered allmulticast mode
[  725.796189][T13109] bridge_slave_1: entered promiscuous mode
[  725.829390][T13142] CPU: 1 UID: 0 PID: 13142 Comm: syz.4.1991 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  725.840270][T13142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  725.850355][T13142] Call Trace:
[  725.853675][T13142]  <TASK>
[  725.856631][T13142]  dump_stack_lvl+0x241/0x360
[  725.861370][T13142]  ? __pfx_dump_stack_lvl+0x10/0x10
[  725.866640][T13142]  ? __pfx__printk+0x10/0x10
[  725.871456][T13142]  ? __pfx_lock_release+0x10/0x10
[  725.876537][T13142]  should_fail_ex+0x3b0/0x4e0
[  725.881359][T13142]  _copy_from_user+0x2f/0xe0
[  725.886000][T13142]  copy_msghdr_from_user+0xae/0x680
[  725.891254][T13142]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  725.897119][T13142]  __sys_sendmsg+0x23d/0x3a0
[  725.901730][T13142]  ? __pfx___sys_sendmsg+0x10/0x10
[  725.906941][T13142]  ? vfs_write+0x7c4/0xc90
[  725.911403][T13142]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  725.917755][T13142]  ? do_syscall_64+0x100/0x230
[  725.922535][T13142]  ? do_syscall_64+0xb6/0x230
[  725.927223][T13142]  do_syscall_64+0xf3/0x230
[  725.931741][T13142]  ? clear_bhb_loop+0x35/0x90
[  725.936436][T13142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  725.942340][T13142] RIP: 0033:0x7f1f815799b9
[  725.946767][T13142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  725.966382][T13142] RSP: 002b:00007f1f8238c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  725.974825][T13142] RAX: ffffffffffffffda RBX: 00007f1f81715f80 RCX: 00007f1f815799b9
[  725.982806][T13142] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  725.990821][T13142] RBP: 00007f1f8238c090 R08: 0000000000000000 R09: 0000000000000000
[  725.998801][T13142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  726.006783][T13142] R13: 0000000000000000 R14: 00007f1f81715f80 R15: 00007fff7ae30e08
[  726.014781][T13142]  </TASK>
[  726.054269][T13109] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  726.069023][T13109] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  726.179170][ T5274] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  726.188900][T13109] team0: Port device team_slave_0 added
[  726.221622][T13109] team0: Port device team_slave_1 added
[  726.887125][ T5274] usb 2-1: Using ep0 maxpacket: 16
[  726.904750][ T5274] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  726.937018][ T5274] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  726.964515][T13109] batman_adv: batadv0: Adding interface: batadv_slave_0
[  726.971922][ T5274] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  726.995409][T13109] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  727.056818][ T5274] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  727.066125][ T5274] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  727.084139][T13109] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  727.098408][T13109] batman_adv: batadv0: Adding interface: batadv_slave_1
[  727.106641][T13109] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  727.120457][ T5274] usb 2-1: config 0 descriptor??
[  727.143178][T13109] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  727.295098][T13109] hsr_slave_0: entered promiscuous mode
[  727.314936][T13109] hsr_slave_1: entered promiscuous mode
[  727.341241][T13109] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  727.357050][T13109] Cannot create hsr debugfs directory
[  727.595494][ T5271] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  727.748746][ T5226] Bluetooth: hci4: command tx timeout
[  727.826984][ T5271] usb 5-1: Using ep0 maxpacket: 32
[  727.842857][ T5271] usb 5-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  727.853169][ T5271] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  728.175944][ T5271] usb 5-1: config 0 descriptor??
[  728.404836][ T5274] usbhid 2-1:0.0: can't add hid device: -71
[  728.415015][ T5274] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  728.432934][ T5274] usb 2-1: USB disconnect, device number 41
[  728.468596][ T5271] gspca_main: sunplus-2.14.0 probing 0458:7006
[  728.516970][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88807b9f1c00: rx timeout, send abort
[  728.883460][T13109] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  729.150548][T13109] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  729.320695][T13109] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  729.526384][T13109] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  729.838883][ T5226] Bluetooth: hci4: command tx timeout
[  729.865852][ T5271] gspca_sunplus: reg_w_riv err -71
[  729.871850][ T5271] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  729.884022][ T5271] usb 5-1: USB disconnect, device number 45
[  730.234318][T13109] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  730.265940][T13109] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  730.288767][T13109] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  730.317032][ T5274] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  730.331395][T13109] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  730.497248][ T5274] usb 4-1: Using ep0 maxpacket: 32
[  730.504993][ T5274] usb 4-1: config index 0 descriptor too short (expected 156, got 27)
[  730.520135][T13109] 8021q: adding VLAN 0 to HW filter on device bond0
[  730.533302][ T5274] usb 4-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  730.576894][ T5274] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  730.622948][ T5274] usb 4-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  730.638606][T13109] 8021q: adding VLAN 0 to HW filter on device team0
[  730.664733][  T938] bridge0: port 1(bridge_slave_0) entered blocking state
[  730.671994][  T938] bridge0: port 1(bridge_slave_0) entered forwarding state
[  730.685592][ T5274] usb 4-1: config 0 interface 0 has no altsetting 0
[  730.697669][ T5274] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  730.707377][ T5274] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  730.727213][ T5274] usb 4-1: Product: syz
[  730.731439][ T5274] usb 4-1: Manufacturer: syz
[  730.736154][ T5274] usb 4-1: SerialNumber: syz
[  730.753785][ T5274] usb 4-1: config 0 descriptor??
[  730.763176][ T5274] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  730.789910][ T5274] ldusb 4-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  730.812625][  T938] bridge0: port 2(bridge_slave_1) entered blocking state
[  730.819821][  T938] bridge0: port 2(bridge_slave_1) entered forwarding state
[  731.074863][ T5274] usb 4-1: USB disconnect, device number 57
[  731.074918][    C0] ldusb 4-1:0.0: usb_submit_urb failed (-19)
[  731.115092][ T5274] ldusb 4-1:0.0: LD USB Device #0 now disconnected
[  731.314503][T13178] ldusb: No device or device unplugged -19
[  731.911279][ T5226] Bluetooth: hci4: command tx timeout
[  731.927078][T13204] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2008'.
[  732.195899][T13109] 8021q: adding VLAN 0 to HW filter on device batadv0
[  732.342400][T13109] veth0_vlan: entered promiscuous mode
[  732.568864][T13109] veth1_vlan: entered promiscuous mode
[  732.650997][T13210] ubi: mtd0 is already attached to ubi0
[  732.687932][T13109] veth0_macvtap: entered promiscuous mode
[  732.705282][T13215] ubi0: detaching mtd0
[  732.725076][T13109] veth1_macvtap: entered promiscuous mode
[  732.731495][T13215] ubi0: mtd0 is detached
[  732.777814][ T5302] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  732.835223][T13109] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  732.859345][T13109] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  732.887516][T13109] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  732.923482][T13109] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  733.146846][T13109] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  733.156822][ T5302] usb 5-1: Using ep0 maxpacket: 16
[  733.164561][ T5302] usb 5-1: config 0 has an invalid interface number: 4 but max is 0
[  733.173148][T13109] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  733.449661][ T5302] usb 5-1: config 0 has no interface number 0
[  733.455921][ T5302] usb 5-1: config 0 interface 4 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  733.472554][ T5302] usb 5-1: config 0 interface 4 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  733.482631][ T5302] usb 5-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00
[  733.492393][ T5302] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.503076][ T5302] usb 5-1: config 0 descriptor??
[  733.580577][T13109] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  733.604577][T13109] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  733.614906][T13109] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  733.625642][T13109] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  733.626884][T11948] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  733.646247][T13109] batman_adv: batadv0: Interface activated: batadv_slave_0
[  733.681777][T13109] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  733.710402][T13109] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  733.721709][T13109] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  733.733491][T13109] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  733.744247][T13109] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  733.755848][T13109] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  733.766274][T13109] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  733.780731][T13109] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  733.792419][T13109] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  733.827440][T11948] usb 2-1: Using ep0 maxpacket: 32
[  733.841471][T11948] usb 2-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  733.857187][T11948] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  733.865230][T11948] usb 2-1: Product: syz
[  733.876790][T11948] usb 2-1: Manufacturer: syz
[  733.881725][T11948] usb 2-1: SerialNumber: syz
[  733.897401][T11948] usb 2-1: config 0 descriptor??
[  733.921726][T13109] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  733.944972][T13109] batman_adv: batadv0: Interface activated: batadv_slave_1
[  734.003009][T13109] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  734.017538][T13109] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  734.029656][ T5302] wacom 0003:056A:0084.0022: hidraw0: USB HID v0.00 Device [HID 056a:0084] on usb-dummy_hcd.4-1/input4
[  734.057010][T13109] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  734.076505][T13109] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  734.787509][ T5271] usb 5-1: USB disconnect, device number 46
[  734.831325][T11948] airspy 2-1:0.0: Board ID: 00
[  734.837956][T11948] airspy 2-1:0.0: Firmware version: 
[  735.632017][T13219] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  735.689614][T13219] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  735.703022][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  735.712362][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  735.849690][ T1118] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  735.889551][ T1118] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  736.318097][T11948] airspy 2-1:0.0: usb_control_msg() failed -71 request 0f
[  736.331151][T11948] airspy 2-1:0.0: Registered as swradio16
[  736.350879][T11948] airspy 2-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  736.381740][T11948] usb 2-1: USB disconnect, device number 42
[  736.468066][ T5273] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  736.518517][T13257] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  736.557071][T13231] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  736.669774][ T5273] usb 5-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[  736.687239][ T5273] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  736.716445][ T5273] usb 5-1: config 0 descriptor??
[  736.771446][T13231] usb 4-1: unable to get BOS descriptor or descriptor too short
[  736.789632][T13231] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  736.804672][T13231] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 9
[  736.825318][T13231] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  736.838678][T13231] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  736.853393][T13231] usb 4-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[  736.887021][T13231] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  736.913269][T13231] usb 4-1: Product: syz
[  736.920952][T13231] usb 4-1: Manufacturer: syz
[  736.925598][T13231] usb 4-1: SerialNumber: syz
[  736.957218][T13231] usb 4-1: config 0 descriptor??
[  736.981843][T13246] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  737.015124][    C0] usb 4-1: NFC: Urb failure (status -71)
[  737.052004][T13231] usb 4-1: NFC: Unable to get FW version
[  737.069785][T13231] pn533_usb 4-1:0.0: probe with driver pn533_usb failed with error -90
[  737.098255][ T5271] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  737.447834][ T5271] usb 3-1: Using ep0 maxpacket: 16
[  737.524388][ T5271] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  737.601730][ T5271] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  738.063940][ T5271] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  738.080131][ T5273] asix 5-1:0.0 eth1: register 'asix' at usb-dummy_hcd.4-1, ASIX AX88178 USB 2.0 Ethernet, 76:87:c5:9d:aa:0f
[  738.106998][ T5271] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  738.140730][ T5273] usb 5-1: USB disconnect, device number 47
[  738.167808][ T5273] asix 5-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.4-1, ASIX AX88178 USB 2.0 Ethernet
[  738.186771][ T5271] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  738.312764][ T5271] usb 3-1: config 0 descriptor??
[  739.535371][T13286] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  739.578881][ T5271] usbhid 3-1:0.0: can't add hid device: -71
[  739.584915][ T5271] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  739.670868][ T5271] usb 3-1: USB disconnect, device number 48
[  740.481037][ T5271] usb 4-1: USB disconnect, device number 58
[  743.835517][T13327] ubi0: attaching mtd0
[  743.843616][T13327] ubi0: scanning is finished
[  743.852918][T13337] sp0: Synchronizing with TNC
[  743.870063][T13342] netlink: 'syz.4.2044': attribute type 3 has an invalid length.
[  743.886238][T13342] netlink: 'syz.4.2044': attribute type 1 has an invalid length.
[  743.940191][T13342] netlink: 191384 bytes leftover after parsing attributes in process `syz.4.2044'.
[  744.198867][T13327] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  744.222379][T13327] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  744.280245][T13327] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  744.288061][T13327] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  744.346805][T13327] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  744.363077][T13327] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  744.384451][T13327] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 664002295
[  744.432315][T13327] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  744.567259][   T29] kauditd_printk_skb: 19 callbacks suppressed
[  744.567275][   T29] audit: type=1326 audit(1723687033.239:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13351 comm="syz.0.2048" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f13979799b9 code=0x0
[  744.621592][T13349] ubi0: background thread "ubi_bgt0d" started, PID 13349
[  745.653858][T13369] ubi0: detaching mtd0
[  745.699145][T13366] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  745.725895][T13369] ubi0: mtd0 is detached
[  747.561569][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  747.979856][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  749.696646][T13398] FAULT_INJECTION: forcing a failure.
[  749.696646][T13398] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  749.710390][T13398] CPU: 0 UID: 0 PID: 13398 Comm: syz.3.2057 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  749.721202][T13398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  749.731370][T13398] Call Trace:
[  749.734746][T13398]  <TASK>
[  749.737700][T13398]  dump_stack_lvl+0x241/0x360
[  749.742479][T13398]  ? __pfx_dump_stack_lvl+0x10/0x10
[  749.747717][T13398]  ? __pfx__printk+0x10/0x10
[  749.752361][T13398]  should_fail_ex+0x3b0/0x4e0
[  749.757076][T13398]  strncpy_from_user+0x36/0x2e0
[  749.761958][T13398]  __se_sys_delete_module+0x153/0x630
[  749.767365][T13398]  ? bpf_trace_run2+0x1fc/0x540
[  749.772250][T13398]  ? __pfx___se_sys_delete_module+0x10/0x10
[  749.778185][T13398]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  749.784208][T13398]  ? rcu_is_watching+0x15/0xb0
[  749.789005][T13398]  ? trace_sys_enter+0x1f/0xd0
[  749.793793][T13398]  do_syscall_64+0xf3/0x230
[  749.798331][T13398]  ? clear_bhb_loop+0x35/0x90
[  749.803044][T13398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  749.808964][T13398] RIP: 0033:0x7f00e83799b9
[  749.813410][T13398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  749.833305][T13398] RSP: 002b:00007f00e91b5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b0
[  749.841767][T13398] RAX: ffffffffffffffda RBX: 00007f00e8516130 RCX: 00007f00e83799b9
[  749.849761][T13398] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  749.857752][T13398] RBP: 00007f00e91b5090 R08: 0000000000000000 R09: 0000000000000000
[  749.865740][T13398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  749.873740][T13398] R13: 0000000000000000 R14: 00007f00e8516130 R15: 00007fff90e6fdc8
[  749.881763][T13398]  </TASK>
[  751.577110][T13412] input: syz0 as /devices/virtual/input/input29
[  752.882621][   T29] audit: type=1326 audit(1723687041.299:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13431 comm="syz.2.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  752.946910][T11948] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  753.008355][   T29] audit: type=1326 audit(1723687041.299:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13431 comm="syz.2.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  753.127212][   T29] audit: type=1326 audit(1723687041.299:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13431 comm="syz.2.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  753.141305][T11948] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  753.181218][T11948] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  753.204705][T11948] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  753.236858][T11948] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  753.260843][T11948] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  753.271418][   T29] audit: type=1326 audit(1723687041.299:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13431 comm="syz.2.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  753.274992][T11948] usb 5-1: config 0 descriptor??
[  753.293037][    C1] vkms_vblank_simulate: vblank timer overrun
[  753.339142][T13430] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  753.479275][   T29] audit: type=1326 audit(1723687041.299:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13431 comm="syz.2.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  753.509005][T13443] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  753.994981][   T29] audit: type=1326 audit(1723687041.299:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13431 comm="syz.2.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  754.056881][   T29] audit: type=1326 audit(1723687041.299:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13431 comm="syz.2.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  754.143883][   T29] audit: type=1326 audit(1723687041.299:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13431 comm="syz.2.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  754.202187][   T29] audit: type=1326 audit(1723687041.299:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13431 comm="syz.2.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  754.223937][    C1] vkms_vblank_simulate: vblank timer overrun
[  754.232877][   T29] audit: type=1326 audit(1723687041.299:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13431 comm="syz.2.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  754.325508][T13448] xt_l2tp: v2 sid > 0xffff: 16777216
[  754.490972][T11948] usbhid 5-1:0.0: can't add hid device: -71
[  754.513359][T11948] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  754.557723][T11948] usb 5-1: USB disconnect, device number 48
[  754.867928][T12226] Bluetooth: hci2: command 0x0406 tx timeout
[  756.053605][T13468] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  756.092624][T13473] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2075'.
[  757.964613][T13490] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  758.725221][T13504] No control pipe specified
[  758.945054][T13502] 8021q: adding VLAN 0 to HW filter on device batadv1
[  758.957007][   T49] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  758.996909][    T9] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  759.040028][ T5271] usb 5-1: new full-speed USB device number 49 using dummy_hcd
[  759.177388][   T49] usb 4-1: Using ep0 maxpacket: 32
[  759.195847][   T49] usb 4-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  759.206798][   T49] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  759.206919][    T9] usb 2-1: Using ep0 maxpacket: 32
[  759.226461][   T49] usb 4-1: config 0 descriptor??
[  759.243134][   T29] kauditd_printk_skb: 14 callbacks suppressed
[  759.243152][   T29] audit: type=1326 audit(1723687047.929:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13508 comm="syz.2.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  759.273816][ T5271] usb 5-1: config 0 has an invalid interface number: 179 but max is 0
[  759.284461][   T49] gspca_main: sunplus-2.14.0 probing 0458:7006
[  759.287574][    T9] usb 2-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  759.305580][ T5271] usb 5-1: config 0 has no interface number 0
[  759.336966][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  759.356349][ T5271] usb 5-1: config 0 interface 179 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  759.390932][    T9] usb 2-1: config 0 descriptor??
[  759.400122][ T5271] usb 5-1: New USB device found, idVendor=19d2, idProduct=1021, bcdDevice=ec.0d
[  759.416936][   T29] audit: type=1326 audit(1723687047.929:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13508 comm="syz.2.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  759.440285][ T5271] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  759.465516][    T9] gspca_main: sunplus-2.14.0 probing 0458:7006
[  759.473707][ T5271] usb 5-1: Product: syz
[  759.489440][ T5271] usb 5-1: Manufacturer: syz
[  759.519943][ T5271] usb 5-1: SerialNumber: syz
[  759.526843][   T29] audit: type=1326 audit(1723687047.929:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13508 comm="syz.2.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  759.559814][ T5271] usb 5-1: config 0 descriptor??
[  759.590652][ T5271] option 5-1:0.179: GSM modem (1-port) converter detected
[  759.604028][   T29] audit: type=1326 audit(1723687047.929:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13508 comm="syz.2.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  759.693834][   T29] audit: type=1326 audit(1723687047.929:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13508 comm="syz.2.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  759.830704][   T29] audit: type=1326 audit(1723687047.959:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13508 comm="syz.2.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  759.926818][   T29] audit: type=1326 audit(1723687047.959:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13508 comm="syz.2.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  760.025559][   T29] audit: type=1326 audit(1723687047.959:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13508 comm="syz.2.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  760.090495][   T29] audit: type=1326 audit(1723687047.959:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13508 comm="syz.2.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  760.133477][   T29] audit: type=1326 audit(1723687047.959:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13508 comm="syz.2.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  760.700642][   T49] gspca_sunplus: reg_w_riv err -71
[  760.745856][   T49] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  760.774992][   T49] usb 4-1: USB disconnect, device number 59
[  760.918297][    T9] gspca_sunplus: reg_w_riv err -71
[  760.928303][    T9] sunplus 2-1:0.0: probe with driver sunplus failed with error -71
[  760.955274][    T9] usb 2-1: USB disconnect, device number 43
[  761.553925][    T9] usb 5-1: USB disconnect, device number 49
[  761.627761][    T9] option 5-1:0.179: device disconnected
[  761.958857][T13540] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  762.188133][T13545] xt_CONNSECMARK: invalid mode: 0
[  763.267838][T13537] ubi0: attaching mtd0
[  763.288604][T13537] ubi0: scanning is finished
[  764.244664][T13537] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[  765.816887][T12226] Bluetooth: hci4: command 0x0406 tx timeout
[  766.711782][T13585] netlink: 900 bytes leftover after parsing attributes in process `syz.1.2104'.
[  767.306904][ T5273] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  767.527431][ T5273] usb 3-1: Using ep0 maxpacket: 32
[  767.558834][ T5273] usb 3-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  767.584026][ T5273] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  767.606036][ T5273] usb 3-1: config 0 descriptor??
[  767.637778][ T5273] gspca_main: sunplus-2.14.0 probing 0458:7006
[  767.766861][   T49] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  767.783780][T13591] netlink: 'syz.4.2105': attribute type 4 has an invalid length.
[  767.916866][T13231] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  767.956878][   T49] usb 4-1: Using ep0 maxpacket: 32
[  767.969222][   T49] usb 4-1: config index 0 descriptor too short (expected 156, got 27)
[  767.980332][   T49] usb 4-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  768.004040][   T49] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  768.015779][   T49] usb 4-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  768.029613][   T49] usb 4-1: config 0 interface 0 has no altsetting 0
[  768.043085][   T49] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  768.054853][   T49] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  768.063591][   T49] usb 4-1: Product: syz
[  768.068581][   T49] usb 4-1: Manufacturer: syz
[  768.073415][   T49] usb 4-1: SerialNumber: syz
[  768.107147][T13231] usb 2-1: Using ep0 maxpacket: 32
[  768.107757][   T49] usb 4-1: config 0 descriptor??
[  768.119836][T13231] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  768.146285][   T49] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  768.155131][T13231] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  768.169781][   T49] ldusb 4-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  768.176239][T13231] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  768.196637][T13231] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  768.235065][T13231] usb 2-1: config 0 interface 0 has no altsetting 0
[  768.255333][T13231] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  768.270462][T13231] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  768.290682][T13231] usb 2-1: Product: syz
[  768.294989][T13231] usb 2-1: Manufacturer: syz
[  768.305549][T13231] usb 2-1: SerialNumber: syz
[  768.321786][T13231] usb 2-1: config 0 descriptor??
[  768.344622][T13231] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  768.373201][T13231] ldusb 2-1:0.0: LD USB Device #1 now attached to major 180 minor 1
[  768.461010][    C0] ldusb 4-1:0.0: usb_submit_urb failed (-19)
[  768.494337][T13231] usb 4-1: USB disconnect, device number 60
[  768.525881][T13231] ldusb 4-1:0.0: LD USB Device #0 now disconnected
[  768.577426][ T5271] usb 2-1: USB disconnect, device number 44
[  768.613237][ T5271] ldusb 2-1:0.0: LD USB Device #1 now disconnected
[  768.856878][ T5273] gspca_sunplus: reg_w_riv err -71
[  768.868516][ T5273] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  768.897174][ T5273] usb 3-1: USB disconnect, device number 49
[  769.278885][   T29] kauditd_printk_skb: 17 callbacks suppressed
[  769.278905][   T29] audit: type=1326 audit(1723687057.969:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13615 comm="syz.4.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  769.308554][   T29] audit: type=1326 audit(1723687057.969:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13615 comm="syz.4.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  769.336215][   T29] audit: type=1326 audit(1723687057.969:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13615 comm="syz.4.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  769.396796][   T29] audit: type=1326 audit(1723687057.969:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13615 comm="syz.4.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  769.420724][   T29] audit: type=1326 audit(1723687057.969:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13615 comm="syz.4.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  769.444824][   T29] audit: type=1326 audit(1723687057.969:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13615 comm="syz.4.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  769.470706][   T29] audit: type=1326 audit(1723687057.969:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13615 comm="syz.4.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  769.526848][   T29] audit: type=1326 audit(1723687057.969:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13615 comm="syz.4.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  769.617415][   T29] audit: type=1326 audit(1723687057.969:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13615 comm="syz.4.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  769.666097][   T29] audit: type=1326 audit(1723687057.969:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13615 comm="syz.4.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f815799b9 code=0x7ffc0000
[  769.791849][T13634] bridge0: port 2(batadv0) entered blocking state
[  769.799876][T13634] bridge0: port 2(batadv0) entered disabled state
[  769.808589][T13634] batadv0: entered allmulticast mode
[  769.819697][T13634] batadv0: entered promiscuous mode
[  769.829063][T13634] bridge0: port 2(batadv0) entered blocking state
[  769.836022][T13634] bridge0: port 2(batadv0) entered forwarding state
[  770.201416][T13644] kvm: requested 6704 ns i8254 timer period limited to 200000 ns
[  770.221422][T13644] FAULT_INJECTION: forcing a failure.
[  770.221422][T13644] name failslab, interval 1, probability 0, space 0, times 0
[  770.269436][T13644] CPU: 1 UID: 0 PID: 13644 Comm: syz.2.2120 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  770.280363][T13644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  770.290422][T13644] Call Trace:
[  770.293718][T13644]  <TASK>
[  770.296829][T13644]  dump_stack_lvl+0x241/0x360
[  770.301733][T13644]  ? __pfx_dump_stack_lvl+0x10/0x10
[  770.306940][T13644]  ? __pfx__printk+0x10/0x10
[  770.311624][T13644]  ? fs_reclaim_acquire+0x93/0x140
[  770.316745][T13644]  ? __pfx___might_resched+0x10/0x10
[  770.322064][T13644]  should_fail_ex+0x3b0/0x4e0
[  770.326754][T13644]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  770.332508][T13644]  should_failslab+0xac/0x100
[  770.337197][T13644]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  770.342926][T13644]  __kmalloc_noprof+0xd8/0x400
[  770.347692][T13644]  ? kfree+0x4e/0x360
[  770.351695][T13644]  tomoyo_realpath_from_path+0xcf/0x5e0
[  770.357264][T13644]  tomoyo_path_number_perm+0x23a/0x880
[  770.362734][T13644]  ? tomoyo_path_number_perm+0x208/0x880
[  770.368370][T13644]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  770.374385][T13644]  ? __fget_files+0x29/0x470
[  770.378991][T13644]  ? __fget_files+0x3f6/0x470
[  770.383689][T13644]  ? __fget_files+0x29/0x470
[  770.388292][T13644]  security_file_ioctl+0x75/0xb0
[  770.393252][T13644]  __se_sys_ioctl+0x47/0x170
[  770.397877][T13644]  do_syscall_64+0xf3/0x230
[  770.402390][T13644]  ? clear_bhb_loop+0x35/0x90
[  770.407082][T13644]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.413020][T13644] RIP: 0033:0x7f1c01d799b9
[  770.417437][T13644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  770.437063][T13644] RSP: 002b:00007f1c02bc9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  770.445479][T13644] RAX: ffffffffffffffda RBX: 00007f1c01f15f80 RCX: 00007f1c01d799b9
[  770.453461][T13644] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  770.461454][T13644] RBP: 00007f1c02bc9090 R08: 0000000000000000 R09: 0000000000000000
[  770.469432][T13644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  770.477420][T13644] R13: 0000000000000000 R14: 00007f1c01f15f80 R15: 00007ffdd6ae61f8
[  770.485403][T13644]  </TASK>
[  770.524523][  T938] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  770.534479][  T938] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  770.566943][T13644] ERROR: Out of memory at tomoyo_realpath_from_path.
[  770.653705][T13644] kvm: requested 39390 ns i8254 timer period limited to 200000 ns
[  770.695349][T13644] kvm: requested 95542 ns i8254 timer period limited to 200000 ns
[  770.714189][T13644] kvm: requested 82971 ns i8254 timer period limited to 200000 ns
[  770.762825][T13644] kvm: requested 96381 ns i8254 timer period limited to 200000 ns
[  770.784433][T13644] kvm: requested 90514 ns i8254 timer period limited to 200000 ns
[  770.802882][T13644] kvm: requested 39390 ns i8254 timer period limited to 200000 ns
[  770.833339][T13644] kvm: requested 84647 ns i8254 timer period limited to 200000 ns
[  770.866289][T13644] kvm: requested 39390 ns i8254 timer period limited to 200000 ns
[  770.889300][T13644] kvm: requested 85485 ns i8254 timer period limited to 200000 ns
[  770.923686][T13653] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  771.187385][ T5271] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  771.424785][T13662] FAULT_INJECTION: forcing a failure.
[  771.424785][T13662] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  771.463245][T13662] CPU: 0 UID: 0 PID: 13662 Comm: syz.2.2129 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  771.474161][T13662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  771.484257][T13662] Call Trace:
[  771.487570][T13662]  <TASK>
[  771.490525][T13662]  dump_stack_lvl+0x241/0x360
[  771.495252][T13662]  ? __pfx_dump_stack_lvl+0x10/0x10
[  771.500501][T13662]  ? __pfx__printk+0x10/0x10
[  771.505131][T13662]  ? __pfx_lock_release+0x10/0x10
[  771.510211][T13662]  should_fail_ex+0x3b0/0x4e0
[  771.514934][T13662]  _copy_from_user+0x2f/0xe0
[  771.519561][T13662]  copy_msghdr_from_user+0xae/0x680
[  771.524801][T13662]  ? _parse_integer_limit+0x1b5/0x200
[  771.530225][T13662]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  771.536080][T13662]  __sys_sendmmsg+0x374/0x740
[  771.540793][T13662]  ? __pfx___sys_sendmmsg+0x10/0x10
[  771.546023][T13662]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  771.551926][T13662]  ? ksys_write+0x23e/0x2c0
[  771.556438][T13662]  ? __pfx_lock_release+0x10/0x10
[  771.561488][T13662]  ? vfs_write+0x7c4/0xc90
[  771.565927][T13662]  ? __mutex_unlock_slowpath+0x21d/0x750
[  771.571584][T13662]  ? __pfx_vfs_write+0x10/0x10
[  771.576379][T13662]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  771.582491][T13662]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  771.588880][T13662]  ? do_syscall_64+0x100/0x230
[  771.593679][T13662]  __x64_sys_sendmmsg+0xa0/0xb0
[  771.598584][T13662]  do_syscall_64+0xf3/0x230
[  771.603105][T13662]  ? clear_bhb_loop+0x35/0x90
[  771.607666][ T5271] usb 5-1: Using ep0 maxpacket: 32
[  771.607789][T13662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  771.618837][T13662] RIP: 0033:0x7f1c01d799b9
[  771.623294][T13662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  771.643099][T13662] RSP: 002b:00007f1c02bc9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  771.651532][T13662] RAX: ffffffffffffffda RBX: 00007f1c01f15f80 RCX: 00007f1c01d799b9
[  771.659523][T13662] RDX: 0000000000000001 RSI: 0000000020005c40 RDI: 0000000000000004
[  771.667502][T13662] RBP: 00007f1c02bc9090 R08: 0000000000000000 R09: 0000000000000000
[  771.675492][T13662] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  771.683466][T13662] R13: 0000000000000000 R14: 00007f1c01f15f80 R15: 00007ffdd6ae61f8
[  771.691456][T13662]  </TASK>
[  771.713137][ T5271] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[  771.724353][ T5271] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  771.760666][ T5271] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  771.854015][ T5271] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  771.871244][ T5271] usb 5-1: config 0 interface 0 has no altsetting 0
[  771.948080][ T5271] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  771.961940][ T5271] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  771.976918][ T5271] usb 5-1: Product: syz
[  771.981346][ T5271] usb 5-1: Manufacturer: syz
[  771.986142][ T5271] usb 5-1: SerialNumber: syz
[  772.015781][ T5271] usb 5-1: config 0 descriptor??
[  772.032264][ T5271] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  772.050375][ T5271] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  772.078282][   T49] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  772.244634][ T5271] usb 5-1: USB disconnect, device number 50
[  772.244801][    C0] ldusb 5-1:0.0: usb_submit_urb failed (-19)
[  772.276477][ T5271] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  772.327577][   T49] usb 2-1: Using ep0 maxpacket: 8
[  772.341214][   T49] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  772.352488][   T49] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  772.374769][   T49] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  772.418240][   T49] usb 2-1: config 0 descriptor??
[  772.439486][   T49] gspca_main: vc032x-2.14.0 probing 046d:0892
[  773.284441][T13681] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2134'.
[  774.239340][ T5272] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  774.717668][   T49] gspca_vc032x: reg_w err -110
[  774.723078][   T49] vc032x 2-1:0.0: probe with driver vc032x failed with error -110
[  774.877464][ T5271] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  774.922921][ T5272] usb 5-1: unable to get BOS descriptor or descriptor too short
[  774.938220][ T5272] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  774.971392][ T5272] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 9
[  774.997126][ T5272] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  775.016944][ T5272] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  775.047097][ T5272] usb 5-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[  775.065768][ T5272] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  775.075743][ T5272] usb 5-1: Product: syz
[  775.084851][ T5272] usb 5-1: Manufacturer: syz
[  775.093743][T13704] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  775.098001][ T5272] usb 5-1: SerialNumber: syz
[  775.120045][ T5271] usb 3-1: New USB device found, idVendor=1235, idProduct=000e, bcdDevice=f0.ee
[  775.142035][ T5272] usb 5-1: config 0 descriptor??
[  775.143719][ T5271] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  775.171992][T13690] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  775.197063][ T5271] usb 3-1: config 0 descriptor??
[  775.208110][    C0] usb 5-1: NFC: Urb failure (status -71)
[  775.224676][ T5272] usb 5-1: NFC: Unable to get FW version
[  775.229448][ T5271] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  775.247021][ T5272] pn533_usb 5-1:0.0: probe with driver pn533_usb failed with error -90
[  775.267825][T13703] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2142'.
[  775.343739][T13703] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2142'.
[  775.371114][ T5271] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -2
[  775.427752][ T5271] usb 3-1: USB disconnect, device number 50
[  775.735508][ T5271] usb 2-1: USB disconnect, device number 45
[  777.367553][T13718] xt_CONNSECMARK: invalid mode: 0
[  777.707476][ T5271] usb 5-1: USB disconnect, device number 51
[  777.714969][   T29] kauditd_printk_skb: 98 callbacks suppressed
[  777.714985][   T29] audit: type=1326 audit(1723687066.339:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13722 comm="syz.0.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13979799b9 code=0x7ffc0000
[  777.981035][   T29] audit: type=1326 audit(1723687066.339:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13722 comm="syz.0.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13979799b9 code=0x7ffc0000
[  778.126985][   T29] audit: type=1326 audit(1723687066.349:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13722 comm="syz.0.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13979799b9 code=0x7ffc0000
[  778.213787][   T29] audit: type=1326 audit(1723687066.349:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13722 comm="syz.0.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13979799b9 code=0x7ffc0000
[  778.510316][   T29] audit: type=1326 audit(1723687066.349:1073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13722 comm="syz.0.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13979799b9 code=0x7ffc0000
[  778.584832][   T29] audit: type=1326 audit(1723687066.379:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13722 comm="syz.0.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13979799b9 code=0x7ffc0000
[  778.618076][   T29] audit: type=1326 audit(1723687066.379:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13722 comm="syz.0.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f13979799b9 code=0x7ffc0000
[  778.667071][   T29] audit: type=1326 audit(1723687066.379:1076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13722 comm="syz.0.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13979799b9 code=0x7ffc0000
[  778.690047][   T29] audit: type=1326 audit(1723687066.379:1077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13722 comm="syz.0.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f13979799b9 code=0x7ffc0000
[  778.713514][   T29] audit: type=1326 audit(1723687066.379:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13722 comm="syz.0.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13979799b9 code=0x7ffc0000
[  779.716906][ T5272] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  779.743101][T13766] cgroup: Unknown parameter '/dev/snd/timer'
[  779.928257][ T5272] usb 5-1: Using ep0 maxpacket: 16
[  779.944940][ T5272] usb 5-1: config 0 has no interfaces?
[  779.962747][ T5272] usb 5-1: New USB device found, idVendor=05ac, idProduct=1226, bcdDevice=b2.89
[  779.998649][ T5272] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  780.013132][ T5272] usb 5-1: Product: syz
[  780.052179][ T5272] usb 5-1: Manufacturer: syz
[  780.067229][ T5272] usb 5-1: SerialNumber: syz
[  780.097326][ T5272] apple-mfi-fastcharge 5-1: config 0 descriptor??
[  780.301964][T13782] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  780.307869][T13784] netlink: 33224 bytes leftover after parsing attributes in process `syz.0.2162'.
[  780.367995][T13758] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  780.404625][T13758] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  780.441885][T13782] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  780.574174][T13780] ubi0: attaching mtd0
[  780.624302][T13780] ubi0: scanning is finished
[  780.764803][T13780] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  780.774676][T13780] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  780.782586][T13780] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  780.796633][T13780] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  780.805986][T13780] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  780.819235][T13780] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  780.832483][T13780] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 664002295
[  780.850567][T13780] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  780.862170][T13790] ubi0: background thread "ubi_bgt0d" started, PID 13790
[  780.892242][T13791] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  781.243049][T13800] xt_CT: You must specify a L4 protocol and not use inversions on it
[  781.262811][T13796] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2165'.
[  781.823598][T13814] ubi0: detaching mtd0
[  781.841445][T13814] ubi0: mtd0 is detached
[  782.261629][T13819] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  782.706075][   T49] apple-mfi-fastcharge 5-1: USB disconnect, device number 52
[  783.129035][T13840] netlink: 'syz.3.2177': attribute type 3 has an invalid length.
[  783.284126][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  783.823091][T13843] xt_CONNSECMARK: invalid mode: 0
[  784.344474][T13854] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  784.791069][T13863] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  785.347009][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  786.082752][T13874] ubi0: attaching mtd0
[  786.105739][T13874] ubi0: scanning is finished
[  786.583429][T13874] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  786.607439][T13874] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  786.615518][T13874] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  786.657979][T13874] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  786.685654][T13874] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  786.701576][T13874] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  786.730605][T13874] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 664002295
[  786.770658][T13874] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  786.802295][T13893] ubi0: background thread "ubi_bgt0d" started, PID 13893
[  787.135369][T13902] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  787.537083][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  788.526967][T13231] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[  788.735879][T13231] usb 4-1: Using ep0 maxpacket: 32
[  788.750136][T13231] usb 4-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  788.777513][T13231] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  788.812499][T13231] usb 4-1: config 0 descriptor??
[  788.845913][T13231] gspca_main: sunplus-2.14.0 probing 0458:7006
[  789.573695][T13925] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2201'.
[  789.596933][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  789.616870][T13925] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2201'.
[  790.295280][T13934] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2203'.
[  790.312344][T13231] gspca_sunplus: reg_w_riv err -71
[  790.334128][T13231] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  790.388333][T13231] usb 4-1: USB disconnect, device number 61
[  791.668646][T12226] Bluetooth: hci3: command 0x0406 tx timeout
[  792.176201][T13944] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  792.306305][T13947] cgroup: Unknown parameter '/dev/snd/timer'
[  793.907233][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  794.441947][T13968] ubi0: detaching mtd0
[  794.462033][T13968] ubi0: mtd0 is detached
[  794.740233][ T5226] Bluetooth: unknown link type 194
[  794.748917][ T5226] Bluetooth: hci4: connection err: -111
[  794.858429][   T29] kauditd_printk_skb: 30 callbacks suppressed
[  794.858445][   T29] audit: type=1326 audit(1723687083.539:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13969 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7fc00000
[  794.896563][T13982] xt_l2tp: v2 sid > 0xffff: 16777216
[  794.931691][   T29] audit: type=1326 audit(1723687083.579:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13969 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fb5027799b9 code=0x7fc00000
[  795.502480][   T29] audit: type=1326 audit(1723687084.179:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13969 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7fc00000
[  795.586953][   T29] audit: type=1326 audit(1723687084.179:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13969 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7fc00000
[  795.657715][   T29] audit: type=1326 audit(1723687084.179:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13969 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7fc00000
[  795.710169][   T29] audit: type=1326 audit(1723687084.179:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13969 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7fc00000
[  795.745477][   T29] audit: type=1326 audit(1723687084.179:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13969 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7fc00000
[  795.800016][   T29] audit: type=1326 audit(1723687084.179:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13969 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7fc00000
[  795.807178][   T49] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  795.823109][   T29] audit: type=1326 audit(1723687084.189:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13969 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7fc00000
[  795.987047][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  796.017015][    T9] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  796.057090][   T49] usb 4-1: Using ep0 maxpacket: 16
[  796.064348][   T49] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  796.097493][   T49] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  796.136955][   T49] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  796.166945][   T49] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  796.185006][   T49] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  796.220232][   T49] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  796.237053][   T49] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  796.245224][   T49] usb 4-1: Manufacturer: syz
[  796.246976][    T9] usb 3-1: Using ep0 maxpacket: 16
[  796.257643][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  796.288363][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  796.290164][   T49] usb 4-1: config 0 descriptor??
[  796.342963][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  796.370151][    T9] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  796.385432][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  796.413761][    T9] usb 3-1: config 0 descriptor??
[  797.196924][T14008] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2226'.
[  797.400852][    T9] usbhid 3-1:0.0: can't add hid device: -71
[  797.433763][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  797.450559][    T9] usb 3-1: USB disconnect, device number 51
[  797.717248][   T49] rc_core: IR keymap rc-hauppauge not found
[  798.066872][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  798.149360][   T49] Registered IR keymap rc-empty
[  798.157139][   T49] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  798.205472][   T49] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  798.251830][   T49] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  798.461369][T14023] Can't find ip_set type las
[  798.488055][   T49] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input30
[  798.727322][   T49] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  798.927267][   T49] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  798.977309][   T49] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  799.051246][   T49] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  799.107374][   T49] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  799.159101][   T49] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  799.293895][   T49] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  799.828174][T14025] __vm_enough_memory: pid: 14025, comm: syz.4.2229, bytes: 549895745536 not enough memory for the allocation
[  799.844429][   T49] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  799.956589][ T5273] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  800.057096][   T49] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  800.097221][   T49] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  800.132837][   T49] mceusb 4-1:0.0: Registered  with mce emulator interface version 1
[  800.141610][   T49] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  800.158889][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  800.162481][   T49] usb 4-1: USB disconnect, device number 62
[  800.277147][ T5273] usb 3-1: Using ep0 maxpacket: 32
[  800.293742][ T5273] usb 3-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  800.314231][ T5273] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  800.377713][ T5273] usb 3-1: config 0 descriptor??
[  800.450082][ T5273] gspca_main: sunplus-2.14.0 probing 0458:7006
[  802.236955][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  802.370893][ T5273] gspca_sunplus: reg_w_riv err -110
[  802.376236][ T5273] sunplus 3-1:0.0: probe with driver sunplus failed with error -110
[  802.531548][T13231] usb 3-1: USB disconnect, device number 52
[  804.037622][T14078] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2242'.
[  804.316900][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  805.730914][ T5271] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  805.930941][ T5271] usb 2-1: Using ep0 maxpacket: 32
[  805.967395][ T5271] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  805.989087][ T5271] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  806.519472][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  806.648319][ T5271] usb 2-1: Product: syz
[  806.676114][ T5271] usb 2-1: Manufacturer: syz
[  806.680961][ T5271] usb 2-1: SerialNumber: syz
[  806.700677][ T5271] usb 2-1: config 0 descriptor??
[  808.212875][T14128] Can't find ip_set type lash:net
[  808.708382][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  808.914843][ T5271] rtl8150 2-1:0.0: couldn't reset the device
[  808.976572][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  808.983481][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  808.997132][ T5271] rtl8150 2-1:0.0: probe with driver rtl8150 failed with error -5
[  809.077225][ T5271] usb 2-1: USB disconnect, device number 46
[  809.154888][T14114] xt_CONNSECMARK: invalid mode: 0
[  809.165598][ T5302] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[  809.513007][ T5302] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  809.577424][ T5302] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  809.616816][ T5302] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  809.684648][ T5302] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  809.716341][ T5302] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  809.745958][ T5302] usb 4-1: config 0 descriptor??
[  809.774138][T14133] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  809.990432][T14148] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  810.476558][ T5302] usbhid 4-1:0.0: can't add hid device: -71
[  810.488585][ T5302] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  810.506789][T13231] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  810.787110][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  810.845433][ T5302] usb 4-1: USB disconnect, device number 63
[  811.108205][T13231] usb 5-1: Using ep0 maxpacket: 16
[  811.119134][T13231] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 48, changing to 9
[  811.131637][T13231] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 8240, setting to 1024
[  811.143165][T13231] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  811.152648][T13231] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  811.164838][T13231] usb 5-1: config 0 descriptor??
[  811.596110][T14150] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  811.633565][T14150] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  811.659956][T13231] usbhid 5-1:0.0: can't add hid device: -71
[  811.673985][T13231] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  811.688476][T13231] usb 5-1: USB disconnect, device number 53
[  811.976164][T14173] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  812.472464][   T29] audit: type=1326 audit(1723687100.819:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14172 comm="syz.2.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  812.877144][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  812.987733][   T29] audit: type=1326 audit(1723687100.819:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14172 comm="syz.2.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  813.086785][   T29] audit: type=1326 audit(1723687100.829:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14172 comm="syz.2.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  813.139366][   T29] audit: type=1326 audit(1723687100.829:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14172 comm="syz.2.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  813.190871][   T29] audit: type=1326 audit(1723687100.829:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14172 comm="syz.2.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  813.221992][   T29] audit: type=1326 audit(1723687100.829:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14172 comm="syz.2.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  813.330535][   T29] audit: type=1326 audit(1723687100.829:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14172 comm="syz.2.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  813.352222][    C1] vkms_vblank_simulate: vblank timer overrun
[  813.928428][   T29] audit: type=1326 audit(1723687100.829:1125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14172 comm="syz.2.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  813.950093][    C1] vkms_vblank_simulate: vblank timer overrun
[  814.084954][   T29] audit: type=1326 audit(1723687100.839:1126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14172 comm="syz.2.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  814.284897][   T29] audit: type=1326 audit(1723687100.839:1127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14172 comm="syz.2.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  814.947560][T12226] Bluetooth: hci3: command 0x0406 tx timeout
[  816.147745][T12226] Bluetooth: hci5: command 0x0405 tx timeout
[  816.356030][    C0] vcan0: j1939_tp_rxtimer: 0xffff888022dbf000: rx timeout, send abort
[  816.864600][    C0] vcan0: j1939_tp_rxtimer: 0xffff888022dbf000: abort rx timeout. Force session deactivation
[  817.158357][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  817.537320][   T49] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  817.758566][   T49] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  817.794314][   T49] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  817.825893][   T49] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  817.920890][   T49] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  818.030894][   T49] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  818.169093][   T49] usb 2-1: config 0 descriptor??
[  818.211500][T14204] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  818.600915][T14220] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  818.937144][T14209] ubi0: attaching mtd0
[  818.963210][T14209] ubi0: scanning is finished
[  819.189712][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  819.240297][T14209] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[  819.378281][T11948] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[  819.596868][T11948] usb 4-1: device descriptor read/64, error -71
[  819.897163][   T29] kauditd_printk_skb: 2 callbacks suppressed
[  819.897217][   T29] audit: type=1326 audit(1723687108.209:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14236 comm="syz.2.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  820.438193][   T29] audit: type=1326 audit(1723687108.209:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14236 comm="syz.2.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  820.515745][   T49] usbhid 2-1:0.0: can't add hid device: -71
[  820.548865][   T49] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  820.559687][   T29] audit: type=1326 audit(1723687108.209:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14236 comm="syz.2.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  820.579795][   T49] usb 2-1: USB disconnect, device number 47
[  820.646994][T11948] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[  820.689868][   T29] audit: type=1326 audit(1723687108.209:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14236 comm="syz.2.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  820.778400][   T29] audit: type=1326 audit(1723687108.209:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14236 comm="syz.2.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  820.824915][T11948] usb 4-1: device descriptor read/64, error -71
[  820.863395][   T29] audit: type=1326 audit(1723687108.209:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14236 comm="syz.2.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  820.929744][   T29] audit: type=1326 audit(1723687108.209:1136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14236 comm="syz.2.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  820.968180][T11948] usb usb4-port1: attempt power cycle
[  821.030783][   T29] audit: type=1326 audit(1723687108.209:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14236 comm="syz.2.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  821.107442][   T29] audit: type=1326 audit(1723687108.219:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14236 comm="syz.2.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  821.182768][   T29] audit: type=1326 audit(1723687108.219:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14236 comm="syz.2.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c01d799b9 code=0x7ffc0000
[  821.266934][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  821.386776][T11948] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[  821.439076][T11948] usb 4-1: device descriptor read/8, error -71
[  822.563422][T14267] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  822.657535][T14267] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  823.446864][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  823.669777][ T5271] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  823.902797][ T5271] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  823.932443][ T5271] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  823.943500][ T5271] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  823.957021][ T5271] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  823.966059][ T5271] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  824.014416][ T5271] usb 2-1: config 0 descriptor??
[  824.265381][ T5271] usbhid 2-1:0.0: can't add hid device: -71
[  824.273898][ T5271] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  824.345851][ T5271] usb 2-1: USB disconnect, device number 48
[  825.036342][T14298] ubi0: attaching mtd0
[  825.056242][T14298] ubi0: scanning is finished
[  825.287385][T14298] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  825.295066][T14298] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  825.303657][T14298] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  825.333680][T14298] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  825.364320][T14298] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  825.373829][T14298] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  825.400575][T14298] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 664002295
[  825.435710][T14298] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  825.516762][T14310] ubi0: background thread "ubi_bgt0d" started, PID 14310
[  825.516981][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  825.978766][T14324] ubi0: detaching mtd0
[  826.028129][T14324] ubi0: mtd0 is detached
[  827.588316][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  827.916174][T14346] xt_CONNSECMARK: invalid mode: 0
[  830.180459][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  832.227148][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  832.247438][T14381] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  832.958235][T14394] cgroup: Unknown parameter '/dev/snd/timer'
[  833.494488][T14391] ubi0: attaching mtd0
[  834.462840][T14391] ubi0: scanning is finished
[  834.637009][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  834.823550][T14391] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[  834.827501][T14410] overlayfs: missing 'lowerdir'
[  834.888223][T14413] xt_l2tp: v2 sid > 0xffff: 16777216
[  836.034346][T14424] Can't find ip_set type lash:net
[  836.331834][T14427] input input31: cannot allocate more than FF_MAX_EFFECTS effects
[  836.417295][    T9] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  836.617465][    T9] usb 5-1: Using ep0 maxpacket: 16
[  836.631067][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  836.659780][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  836.673730][    T9] usb 5-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[  836.701439][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  836.709924][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  836.741418][    T9] usb 5-1: config 0 descriptor??
[  836.891516][T11948] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  836.957018][T14449] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  837.706184][    T9] uclogic 0003:5543:0781.0023: No inputs registered, leaving
[  837.721566][T11948] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  837.749301][T11948] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  837.761799][    T9] uclogic 0003:5543:0781.0023: hidraw0: USB HID v0.00 Device [HID 5543:0781] on usb-dummy_hcd.4-1/input0
[  837.786878][T11948] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  837.788905][T14455] fuse: Bad value for 'user_id'
[  837.802702][T14455] fuse: Bad value for 'user_id'
[  837.817617][T11948] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  837.866900][T11948] usb 2-1: New USB device found, idVendor=044f, idProduct=b653, bcdDevice= 0.00
[  837.885299][T11948] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  837.915382][ T5273] usb 5-1: USB disconnect, device number 54
[  837.927158][T11948] usb 2-1: config 0 descriptor??
[  838.600109][T11948] thrustmaster 0003:044F:B653.0024: unknown main item tag 0x0
[  838.624663][T11948] thrustmaster 0003:044F:B653.0024: unknown main item tag 0x0
[  838.789348][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  838.937147][T11948] thrustmaster 0003:044F:B653.0024: unknown main item tag 0x0
[  838.944685][T11948] thrustmaster 0003:044F:B653.0024: unknown main item tag 0x0
[  838.946435][T14434] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  838.966791][T11948] thrustmaster 0003:044F:B653.0024: unknown main item tag 0x0
[  838.990721][T11948] thrustmaster 0003:044F:B653.0024: unknown main item tag 0x0
[  839.006734][T11948] thrustmaster 0003:044F:B653.0024: unknown main item tag 0x0
[  839.045146][T11948] thrustmaster 0003:044F:B653.0024: hidraw0: USB HID v0.00 Device [HID 044f:b653] on usb-dummy_hcd.1-1/input0
[  839.076844][T11948] thrustmaster 0003:044F:B653.0024: no inputs found
[  839.099608][T14434] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  839.264364][T14465] overlayfs: missing 'workdir'
[  839.497075][T11948] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  839.986757][T11948] usb 3-1: Using ep0 maxpacket: 32
[  840.060710][T11948] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  840.085609][T11948] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  840.094269][T11948] usb 3-1: Product: syz
[  840.098536][T11948] usb 3-1: Manufacturer: syz
[  840.103176][T11948] usb 3-1: SerialNumber: syz
[  840.234863][T11948] usb 3-1: config 0 descriptor??
[  840.245505][T14477] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  840.440484][T14469] xt_CONNSECMARK: invalid mode: 0
[  840.696893][   T49] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  840.867169][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  840.889147][   T49] usb 5-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[  840.911486][   T49] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  840.945877][   T49] usb 5-1: config 0 descriptor??
[  841.024745][T11948] rtl8150 3-1:0.0: couldn't reset the device
[  841.037847][T11948] rtl8150 3-1:0.0: probe with driver rtl8150 failed with error -5
[  841.042513][ T5271] usb 2-1: USB disconnect, device number 49
[  841.067768][T11948] usb 3-1: USB disconnect, device number 53
[  841.091126][T14485] veth1_macvtap: left promiscuous mode
[  841.103193][T14485] macsec0: entered allmulticast mode
[  841.176201][T14485] A link change request failed with some changes committed already. Interface macsec0 may have been left with an inconsistent configuration, please check.
[  842.475238][   T49] asix 5-1:0.0 eth1: register 'asix' at usb-dummy_hcd.4-1, ASIX AX88178 USB 2.0 Ethernet, 76:87:c5:9d:aa:0f
[  842.946979][T12226] Bluetooth: hci3: command 0x0406 tx timeout
[  844.546842][T12226] Bluetooth: hci4: command 0x0406 tx timeout
[  844.626492][    T9] usb 5-1: USB disconnect, device number 55
[  844.650893][    T9] asix 5-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.4-1, ASIX AX88178 USB 2.0 Ethernet
[  844.812447][   T29] kauditd_printk_skb: 15 callbacks suppressed
[  844.812467][   T29] audit: type=1326 audit(1723687133.499:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14505 comm="syz.1.2357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7ffc0000
[  844.839606][T14510] overlayfs: missing 'workdir'
[  844.850914][   T29] audit: type=1326 audit(1723687133.499:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14505 comm="syz.1.2357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7ffc0000
[  844.914859][   T29] audit: type=1326 audit(1723687133.599:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14505 comm="syz.1.2357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5027799b9 code=0x7ffc0000
[  845.011239][   T29] audit: type=1326 audit(1723687133.599:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14505 comm="syz.1.2357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7ffc0000
[  845.027196][T12226] Bluetooth: hci3: command 0x0406 tx timeout
[  845.450143][T14533] xt_l2tp: v2 sid > 0xffff: 16777216
[  845.946962][T14540] ubi0: attaching mtd0
[  845.952254][T14540] ubi0: scanning is finished
[  846.417775][T14540] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[  846.977034][T14550] syz.4.2364: attempt to access beyond end of device
[  846.977034][T14550] nbd4: rw=2048, sector=0, nr_sectors = 8 limit=0
[  847.011202][T14550] SQUASHFS error: Failed to read block 0x0: -5
[  847.028493][T14550] unable to read squashfs_super_block
[  847.113452][T12226] Bluetooth: hci3: command 0x0406 tx timeout
[  849.186948][T12226] Bluetooth: hci3: command 0x0406 tx timeout
[  850.806259][   T29] audit: type=1326 audit(1723687139.489:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14580 comm="syz.3.2371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  850.907008][   T29] audit: type=1326 audit(1723687139.489:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14580 comm="syz.3.2371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  850.988562][   T29] audit: type=1326 audit(1723687139.489:1161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14580 comm="syz.3.2371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  851.082457][   T29] audit: type=1326 audit(1723687139.489:1162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14580 comm="syz.3.2371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  851.129790][   T29] audit: type=1326 audit(1723687139.489:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14580 comm="syz.3.2371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  851.372292][T12226] Bluetooth: hci3: command 0x0406 tx timeout
[  852.406395][   T29] audit: type=1326 audit(1723687139.489:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14580 comm="syz.3.2371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  852.429006][   T29] audit: type=1326 audit(1723687139.489:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14580 comm="syz.3.2371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  852.463308][   T29] audit: type=1326 audit(1723687139.529:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14580 comm="syz.3.2371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  852.596872][   T29] audit: type=1326 audit(1723687139.529:1167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14580 comm="syz.3.2371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  852.622879][   T29] audit: type=1326 audit(1723687139.529:1168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14580 comm="syz.3.2371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00e83799b9 code=0x7ffc0000
[  852.776799][T11948] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[  852.962822][T11948] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  852.978540][T14607] cgroup: Unknown parameter '/dev/snd/timer'
[  852.984671][T11948] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  853.019586][T11948] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  853.048324][T11948] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  853.061421][T11948] usb 4-1: config 0 descriptor??
[  853.216907][ T5272] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  853.256789][T14616] tipc: Can't bind to reserved service type 0
[  853.419123][ T5272] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26
[  853.435361][T12226] Bluetooth: hci3: command 0x0406 tx timeout
[  853.476411][ T5272] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  853.487502][ T5272] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  853.496496][ T5272] usb 3-1: SerialNumber: syz
[  853.527263][T14618] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2381'.
[  853.533853][T11948] hid-steam 0003:28DE:1142.0025: unknown main item tag 0x0
[  853.555883][T11948] hid-steam 0003:28DE:1142.0025: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[  853.656948][T11948] hid-steam 0003:28DE:1142.0025: Steam wireless receiver connected
[  853.709604][T11948] hid-steam 0003:28DE:1142.0026: unknown main item tag 0x0
[  853.758394][T11948] hid-steam 0003:28DE:1142.0026: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[  853.860153][   T49] usb 4-1: USB disconnect, device number 68
[  853.914630][   T49] hid-steam 0003:28DE:1142.0025: Steam wireless receiver disconnected
[  855.474419][ T5272] cdc_ether 3-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.2-1, CDC Ethernet Device, 42:42:42:42:42:42
[  855.536937][T12226] Bluetooth: hci3: command 0x0406 tx timeout
[  855.736932][T14610] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  855.777038][T14610] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  855.977639][T14629] xt_CONNSECMARK: invalid mode: 0
[  856.365959][   T30] INFO: task syz.2.1963:13027 blocked for more than 143 seconds.
[  856.393261][   T30]       Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  856.410195][T14613] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2379'.
[  856.419525][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  856.424186][   T29] kauditd_printk_skb: 29 callbacks suppressed
[  856.424206][   T29] audit: type=1326 audit(1723687145.109:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14634 comm="syz.1.2385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7ffc0000
[  856.439063][   T30] task:syz.2.1963      state:D stack:24672 pid:13027 tgid:13027 ppid:5218   flags:0x00004004
[  856.481915][   T29] audit: type=1326 audit(1723687145.109:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14634 comm="syz.1.2385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7ffc0000
[  856.485063][   T30] Call Trace:
[  856.504650][   T29] audit: type=1326 audit(1723687145.109:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14634 comm="syz.1.2385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5027799b9 code=0x7ffc0000
[  856.521658][   T30]  <TASK>
[  856.536387][T14642] autofs: Unknown parameter '…'
[  856.562157][   T30]  __schedule+0x17ae/0x4a10
[  856.576830][   T30]  ? __pfx___schedule+0x10/0x10
[  856.581775][   T30]  ? __pfx_lock_release+0x10/0x10
[  856.593296][   T29] audit: type=1326 audit(1723687145.109:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14634 comm="syz.1.2385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7ffc0000
[  856.615342][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  856.622473][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  856.629452][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  856.634617][   T30]  ? schedule+0x90/0x320
[  856.638987][   T29] audit: type=1326 audit(1723687145.149:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14634 comm="syz.1.2385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5027799b9 code=0x7ffc0000
[  856.664976][   T30]  schedule+0x14b/0x320
[  856.670476][   T30]  ? do_exit+0x4ff/0x27f0
[  856.675721][   T30]  do_exit+0x57c/0x27f0
[  856.680104][   T30]  ? __pfx_do_exit+0x10/0x10
[  856.684719][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  856.690513][   T29] audit: type=1326 audit(1723687145.149:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14634 comm="syz.1.2385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7ffc0000
[  856.697019][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  856.712762][   T29] audit: type=1326 audit(1723687145.149:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14634 comm="syz.1.2385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fb5027799b9 code=0x7ffc0000
[  856.745817][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  856.752595][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  856.756790][   T29] audit: type=1326 audit(1723687145.149:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14634 comm="syz.1.2385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7ffc0000
[  856.765425][   T30]  do_group_exit+0x207/0x2c0
[  856.781256][   T29] audit: type=1326 audit(1723687145.149:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14634 comm="syz.1.2385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7fb5027799b9 code=0x7ffc0000
[  856.806131][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  856.808671][   T29] audit: type=1326 audit(1723687145.149:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14634 comm="syz.1.2385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5027799b9 code=0x7ffc0000
[  856.812627][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  856.812677][   T30]  get_signal+0x1695/0x1730
[  856.850617][   T30]  ? __pfx_get_signal+0x10/0x10
[  856.855526][   T30]  arch_do_signal_or_restart+0x96/0x860
[  856.863324][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  856.883308][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  856.891295][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  856.909738][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  856.915388][   T30]  do_syscall_64+0x100/0x230
[  856.923390][   T30]  ? clear_bhb_loop+0x35/0x90
[  856.928551][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  856.934505][   T30] RIP: 0033:0x7f6ba93799b9
[  856.944480][   T30] RSP: 002b:00007fffc5b05dc8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  856.953117][   T30] RAX: fffffffffffffdfc RBX: 00000000000adbcb RCX: 00007f6ba93799b9
[  856.961654][   T30] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6ba951613c
[  856.969773][   T30] RBP: 00007f6ba951613c R08: 00007f6ba9515f80 R09: 00007fffc5b060af
[  856.977857][   T30] R10: 00007fffc5b05ec0 R11: 0000000000000246 R12: 0000000000000032
[  856.991829][   T30] R13: 00007fffc5b05ec0 R14: 00007fffc5b05ee0 R15: 00000000000adb99
[  857.000930][   T30]  </TASK>
[  857.004073][   T30] INFO: task syz.2.1963:13028 blocked for more than 144 seconds.
[  857.017210][   T30]       Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  857.024888][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  857.033645][   T30] task:syz.2.1963      state:D stack:24272 pid:13028 tgid:13027 ppid:5218   flags:0x00004004
[  857.043999][   T30] Call Trace:
[  857.047676][   T30]  <TASK>
[  857.050641][   T30]  __schedule+0x17ae/0x4a10
[  857.055197][   T30]  ? __pfx___schedule+0x10/0x10
[  857.060204][   T30]  ? __pfx_lock_release+0x10/0x10
[  857.065477][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  857.071580][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  857.078342][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  857.084140][   T30]  ? schedule+0x90/0x320
[  857.088509][   T30]  schedule+0x14b/0x320
[  857.092701][   T30]  ? do_exit+0x4ff/0x27f0
[  857.097115][   T30]  do_exit+0x57c/0x27f0
[  857.101344][   T30]  ? __pfx_do_exit+0x10/0x10
[  857.105983][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  857.112895][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  857.122363][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  857.129893][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  857.135135][   T30]  do_group_exit+0x207/0x2c0
[  857.140190][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  857.145442][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  857.151007][   T30]  get_signal+0x1695/0x1730
[  857.155568][   T30]  ? __pfx_get_signal+0x10/0x10
[  857.160522][   T30]  ? __fget_files+0x29/0x470
[  857.165143][   T30]  arch_do_signal_or_restart+0x96/0x860
[  857.171105][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  857.177369][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  857.183410][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  857.189945][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  857.195542][   T30]  do_syscall_64+0x100/0x230
[  857.200495][   T30]  ? clear_bhb_loop+0x35/0x90
[  857.205305][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  857.211329][   T30] RIP: 0033:0x7f6ba93799b9
[  857.216213][   T30] RSP: 002b:00007f6baa1e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  857.225601][   T30] RAX: 000000000000a000 RBX: 00007f6ba9515f80 RCX: 00007f6ba93799b9
[  857.238924][   T30] RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000004
[  857.247327][   T30] RBP: 00007f6ba93e78d8 R08: 0000000000000000 R09: 0000000000000000
[  857.255344][   T30] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000000
[  857.263692][   T30] R13: 0000000000000000 R14: 00007f6ba9515f80 R15: 00007fffc5b05c68
[  857.271878][   T30]  </TASK>
[  857.290899][   T30] INFO: task syz.2.1963:13037 blocked for more than 144 seconds.
[  857.302851][   T30]       Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  857.314243][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  857.325095][   T30] task:syz.2.1963      state:D stack:27424 pid:13037 tgid:13027 ppid:5218   flags:0x00004004
[  857.340197][   T30] Call Trace:
[  857.343524][   T30]  <TASK>
[  857.346463][   T30]  __schedule+0x17ae/0x4a10
[  857.354106][   T30]  ? __pfx___schedule+0x10/0x10
[  857.359287][   T30]  ? __pfx_lock_release+0x10/0x10
[  857.364364][   T30]  ? schedule+0x90/0x320
[  857.368806][   T30]  schedule+0x14b/0x320
[  857.373018][   T30]  schedule_timeout+0xb0/0x310
[  857.377893][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  857.383311][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  857.389453][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  857.395188][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  857.400499][   T30]  __wait_for_common+0x3ea/0x6d0
[  857.405500][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  857.411179][   T30]  ? __pfx___wait_for_common+0x10/0x10
[  857.416763][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  857.421912][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  857.427489][   T30]  wait_for_completion_state+0x1c/0x40
[  857.433004][   T30]  do_coredump+0x984/0x2a30
[  857.438015][   T30]  ? __pfx_lock_release+0x10/0x10
[  857.443105][   T30]  ? __kasan_slab_free+0x37/0x60
[  857.448397][   T30]  ? arch_do_signal_or_restart+0x96/0x860
[  857.454191][   T30]  ? __pfx_do_coredump+0x10/0x10
[  857.459727][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  857.464974][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  857.470506][   T30]  get_signal+0x13ee/0x1730
[  857.475060][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  857.481058][   T30]  ? __pfx_get_signal+0x10/0x10
[  857.486049][   T30]  arch_do_signal_or_restart+0x96/0x860
[  857.491866][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  857.498948][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  857.505251][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  857.511401][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  857.517311][   T30]  do_syscall_64+0x100/0x230
[  857.522064][   T30]  ? clear_bhb_loop+0x35/0x90
[  857.527220][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  857.533218][   T30] RIP: 0033:0x7f6ba93799b9
[  857.537997][   T30] RSP: 002b:00007f6baa1a30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  857.546483][   T30] RAX: ffffffffffffffda RBX: 00007f6ba9516138 RCX: 00007f6ba93799b9
[  857.554614][   T30] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6ba951613c
[  857.562686][   T30] RBP: 00007f6ba9516130 R08: 7fffffffffffffff R09: 0000000000000000
[  857.570982][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6ba951613c
[  857.579078][   T30] R13: 0000000000000000 R14: 00007fffc5b05b80 R15: 00007fffc5b05c68
[  857.587677][T12226] Bluetooth: hci3: command 0x0406 tx timeout
[  857.602702][   T30]  </TASK>
[  857.605807][   T30] 
[  857.605807][   T30] Showing all locks held in the system:
[  857.623217][   T30] 1 lock held by khungtaskd/30:
[  857.633376][   T30]  #0: ffffffff8e7382e0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  857.646347][   T30] 2 locks held by getty/4980:
[  857.661650][   T30]  #0: ffff88802a8ea0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  857.685303][   T30]  #1: ffffc90002efe2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00
[  857.705768][   T30] 2 locks held by syz.2.1963/13032:
[  857.712208][   T30]  #0: ffffffff8fad55b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  857.729122][   T30]  #1: ffffffff8ea054a8 (nfsd_mutex){+.+.}-{3:3}, at: nfsd_nl_listener_set_doit+0x12d/0x1a90
[  857.746207][   T30] 1 lock held by syz.2.2379/14610:
[  857.754308][   T30]  #0: ffffffff8e73d580 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x4c/0x530
[  857.769136][   T30] 3 locks held by syz.4.2383/14631:
[  857.779167][   T30]  #0: ffffffff8fa632d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0
[  857.801216][   T30]  #1: ffffffff8fa6fe48 (rtnl_mutex){+.+.}-{3:3}, at: setup_net+0x83d/0xca0
[  857.821110][   T30]  #2: ffffffff8e73d6b8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  857.846836][   T30] 1 lock held by dhcpcd-run-hook/14648:
[  857.856053][   T30]  #0: ffff8880b923e9d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140
[  857.875040][   T30] 
[  857.886339][   T30] =============================================
[  857.886339][   T30] 
[  857.909517][   T30] NMI backtrace for cpu 1
[  857.914056][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  857.924572][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  857.934631][   T30] Call Trace:
[  857.938002][   T30]  <TASK>
[  857.940930][   T30]  dump_stack_lvl+0x241/0x360
[  857.945620][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  857.951169][   T30]  ? __pfx__printk+0x10/0x10
[  857.955833][   T30]  ? vprintk_emit+0x631/0x770
[  857.960522][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[  857.965574][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  857.970533][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  857.975999][   T30]  ? _printk+0xd5/0x120
[  857.980163][   T30]  ? __pfx__printk+0x10/0x10
[  857.984757][   T30]  ? __wake_up_klogd+0xcc/0x110
[  857.989610][   T30]  ? __pfx__printk+0x10/0x10
[  857.994206][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  857.999233][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  858.005229][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  858.011242][   T30]  watchdog+0xfee/0x1030
[  858.015495][   T30]  ? watchdog+0x1ea/0x1030
[  858.019953][   T30]  ? __pfx_watchdog+0x10/0x10
[  858.024633][   T30]  kthread+0x2f0/0x390
[  858.028709][   T30]  ? __pfx_watchdog+0x10/0x10
[  858.033412][   T30]  ? __pfx_kthread+0x10/0x10
[  858.038033][   T30]  ret_from_fork+0x4b/0x80
[  858.042466][   T30]  ? __pfx_kthread+0x10/0x10
[  858.047073][   T30]  ret_from_fork_asm+0x1a/0x30
[  858.051855][   T30]  </TASK>
[  858.055939][   T30] Sending NMI from CPU 1 to CPUs 0:
[  858.061469][    C0] NMI backtrace for cpu 0
[  858.061484][    C0] CPU: 0 UID: 0 PID: 35 Comm: kworker/u8:2 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  858.061506][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  858.061518][    C0] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
[  858.061554][    C0] RIP: 0010:kick_pool+0x14b/0x620
[  858.061581][    C0] Code: 31 ff e8 48 a3 36 00 83 e5 01 0f 85 9f 00 00 00 49 83 c6 50 4c 89 f0 48 c1 e8 03 49 bc 00 00 00 00 00 fc ff df 42 80 3c 20 00 <74> 08 4c 89 f7 e8 5b bf 9a 00 49 8b 06 48 89 04 24 49 81 c7 d8 03
[  858.061597][    C0] RSP: 0018:ffffc90000ab7b68 EFLAGS: 00000046
[  858.061611][    C0] RAX: 1ffff11005a9f40a RBX: ffff8880154a0060 RCX: ffff88801bac3c00
[  858.061626][    C0] RDX: ffff88801bac3c00 RSI: 0000000000000000 RDI: 0000000000000000
[  858.061638][    C0] RBP: 0000000000000000 R08: ffffffff815cd7e8 R09: 1ffff110055c202f
[  858.061651][    C0] R10: dffffc0000000000 R11: ffffed10055c2030 R12: dffffc0000000000
[  858.061665][    C0] R13: 1ffff11002a9400c R14: ffff88802d4fa050 R15: ffff8880154a0000
[  858.061679][    C0] FS:  0000000000000000(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000
[  858.061694][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  858.061707][    C0] CR2: 00007ff2638ee018 CR3: 000000000e534000 CR4: 00000000003506f0
[  858.061723][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  858.061734][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  858.061746][    C0] Call Trace:
[  858.061753][    C0]  <NMI>
[  858.061760][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  858.061781][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  858.061808][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  858.061829][    C0]  ? nmi_handle+0x2a/0x5a0
[  858.061856][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  858.061879][    C0]  ? nmi_handle+0x14f/0x5a0
[  858.061896][    C0]  ? nmi_handle+0x2a/0x5a0
[  858.061913][    C0]  ? kick_pool+0x14b/0x620
[  858.061937][    C0]  ? default_do_nmi+0x63/0x160
[  858.061959][    C0]  ? exc_nmi+0x123/0x1f0
[  858.061980][    C0]  ? end_repeat_nmi+0xf/0x53
[  858.062003][    C0]  ? kick_pool+0x128/0x620
[  858.062028][    C0]  ? kick_pool+0x14b/0x620
[  858.062052][    C0]  ? kick_pool+0x14b/0x620
[  858.062077][    C0]  ? kick_pool+0x14b/0x620
[  858.062101][    C0]  </NMI>
[  858.062106][    C0]  <TASK>
[  858.062113][    C0]  ? sized_strscpy+0x8d/0x220
[  858.062142][    C0]  process_scheduled_works+0x745/0x1830
[  858.062190][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  858.062220][    C0]  ? assign_work+0x364/0x3d0
[  858.062245][    C0]  worker_thread+0x86d/0xd40
[  858.062274][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  858.062301][    C0]  ? __kthread_parkme+0x169/0x1d0
[  858.062328][    C0]  ? __pfx_worker_thread+0x10/0x10
[  858.062352][    C0]  kthread+0x2f0/0x390
[  858.062378][    C0]  ? __pfx_worker_thread+0x10/0x10
[  858.062402][    C0]  ? __pfx_kthread+0x10/0x10
[  858.062428][    C0]  ret_from_fork+0x4b/0x80
[  858.062453][    C0]  ? __pfx_kthread+0x10/0x10
[  858.062479][    C0]  ret_from_fork_asm+0x1a/0x30
[  858.062514][    C0]  </TASK>
[  858.094093][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  858.094116][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  858.094145][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  858.094160][   T30] Call Trace:
[  858.094170][   T30]  <TASK>
[  858.094181][   T30]  dump_stack_lvl+0x241/0x360
[  858.094227][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  858.094264][   T30]  ? __pfx__printk+0x10/0x10
[  858.094295][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  858.094338][   T30]  ? vscnprintf+0x5d/0x90
[  858.094368][   T30]  panic+0x349/0x860
[  858.094404][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  858.094435][   T30]  ? __pfx_panic+0x10/0x10
[  858.094466][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  858.094495][   T30]  ? __irq_work_queue_local+0x137/0x410
[  858.094528][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  858.094554][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  858.094582][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  858.094615][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  858.094648][   T30]  watchdog+0x102d/0x1030
[  858.094685][   T30]  ? watchdog+0x1ea/0x1030
[  858.094725][   T30]  ? __pfx_watchdog+0x10/0x10
[  858.094758][   T30]  kthread+0x2f0/0x390
[  858.094794][   T30]  ? __pfx_watchdog+0x10/0x10
[  858.094826][   T30]  ? __pfx_kthread+0x10/0x10
[  858.094861][   T30]  ret_from_fork+0x4b/0x80
[  858.094895][   T30]  ? __pfx_kthread+0x10/0x10
[  858.094936][   T30]  ret_from_fork_asm+0x1a/0x30
[  858.094987][   T30]  </TASK>
[  858.100248][   T30] Kernel Offset: disabled
[  858.519240][   T30] Rebooting in 86400 seconds..