last executing test programs:

3.876956391s ago: executing program 1 (id=875):
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000200)='./bus\x00', 0x110)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chroot(&(0x7f0000000000)='./bus\x00')
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
setxattr$security_capability(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180), &(0x7f00000001c0)=@v2={0x2000000, [{0x80, 0xe}, {0x2, 0x7}]}, 0x14, 0x0)
r0 = fsopen(&(0x7f0000000040)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

3.766461446s ago: executing program 1 (id=877):
r0 = syz_open_dev$video(&(0x7f0000000080), 0x8, 0x40200)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000940)={0xa, 0x100, 0x2, {0x5, 0x4, 0x4, 0x10000}})
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r3 = open$dir(&(0x7f0000000180)='./file0\x00', 0x7e, 0x0)
r4 = syz_io_uring_setup(0x100, &(0x7f0000000300)={0x0, 0xfad2, 0x800}, &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
recvmmsg(r2, &(0x7f0000002680)=[{{&(0x7f0000000100)=@tipc=@id, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000380)=""/175, 0xaf}, {&(0x7f0000000540)=""/4096, 0x1000}, {&(0x7f0000000200)=""/54, 0x36}, {&(0x7f0000000480)=""/7, 0x7}, {&(0x7f0000001540)=""/113, 0x71}, {&(0x7f00000015c0)=""/4096, 0x1000}], 0x6, &(0x7f00000025c0)=""/130, 0x82}, 0xfff}], 0x1, 0x123, &(0x7f00000026c0)={0x0, 0x989680})
unlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000))
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x73, @dev={0xac, 0x14, 0x14, 0x4}, 0x4, 0x40020002, 'wrr\x00', 0x1}, 0x62)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f0000000000))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r7 = syz_open_dev$vim2m(&(0x7f0000000500), 0x0, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r7, 0xc0f8565c, &(0x7f0000000000)={0x0, 0x1000, 0x2, {0x2, @sliced={0x0, [0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}})
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
r8 = openat$dlm_plock(0xffffff9c, &(0x7f0000002800), 0x200, 0x0)
connect$l2tp6(r8, &(0x7f0000002840)={0xa, 0x0, 0xffff0000, @dev={0xfe, 0x80, '\x00', 0x11}, 0xa}, 0x20)
io_uring_enter(r4, 0xdb4, 0x0, 0x0, 0x0, 0x0)
vmsplice(r3, &(0x7f0000000440)=[{&(0x7f00000001c0)="fd", 0x1}], 0x1, 0x6)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
ioperm(0x9f, 0x1, 0xb)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
bpf$MAP_CREATE(0xb00000000000000, 0x0, 0x50)
read$FUSE(r1, &(0x7f0000002c00)={0x2020}, 0x2020)
write$binfmt_script(r2, &(0x7f0000020240), 0x10010)
r12 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r12, 0x117, 0x1, &(0x7f0000002700)="dc60ea3534d4443865bd82d7d244166eafd528b47a94eea18fb0a216d5fed48d0b5d1a652e1669633d1505ae7b31d4ad9701ec5ed43838e8ed4d22fef57afb66c7e6a75484a5458d9d6dc4d66e5497ba0cc2eaf132b4a14eef9bbcf33ce18987ca78dbf468705bab4a7d45cf83fca997addd09b1317271599e0e5870c06240dadd6514630ca52cddac994f157536c0d169f0e3c5c83f50ecc541c712ae4b31d6f0bb5d97e96625e98fec6260ebf4b6f7bc98e53c9bc66c0c4ccce244a3aff762af512232c8c254c0ab1b475c8333bf0a40c3ec012d74f916674ac03756c737b2db0fcfa42fb03d9d4e2e26cc", 0xec)

3.551113192s ago: executing program 1 (id=880):
socket$nl_route(0x10, 0x3, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x10}, 0x1c)
syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
syz_emit_ethernet(0x52, &(0x7f0000000940)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x1c, 0x3c, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, {[@hopopts={0x33}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
r1 = syz_io_uring_setup(0x6d8a, &(0x7f0000000300)={0x0, 0x37b2, 0x10100}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r1, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000040)={0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x10, 0x8}, {0x7, 0x5}, {0x6}, {}, 0x0, 0x10, 0x0, 0x0, 0x1, 0x9, 0x200000, 0x8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x2, 0x6})
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r5, &(0x7f0000000100)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1ff, 0x0, 0x2, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x4, 0x0, 0x0, 0x40], [0x0, 0x0, 0x3, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x809, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6], [0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9d6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x20000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xffffffff]}, 0x45c)
ioctl$UI_DEV_CREATE(r5, 0x5501)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xa, 0x0, r6)
gettid()
readv(r5, &(0x7f00000018c0)=[{0x0}, {&(0x7f0000001700)=""/221, 0xdd}], 0x2)

2.860494192s ago: executing program 2 (id=886):
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
r0 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0), 0x4)
socketpair(0x2b, 0x4, 0x2, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
sendmsg$NL80211_CMD_DEL_KEY(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r2, 0x200, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x48001}, 0x10)

2.811066319s ago: executing program 2 (id=888):
r0 = openat$vim2m(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x9, 0x3})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x60, r1, 0x20, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x10000, 0x75}}}}, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x6}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7f}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x33}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x98a}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xb89}]}, 0x60}, 0x1, 0x0, 0x0, 0x48054}, 0x4008881)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_COALESCE(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, r1, 0x800, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x65}, @void, @val={0xc, 0x99, {0x7, 0x1b}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x4)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000380), r0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f00000003c0)=<r5=>0x0, &(0x7f0000000400)=0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0x58, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r3, &(0x7f0000000600)={&(0x7f0000000340), 0xc, &(0x7f00000005c0)={&(0x7f0000000500)={0x84, r4, 0x5595a2c3937f67ec, 0x70bd28, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x40, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x9}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x12}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x7}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private1={0xfc, 0x1, '\x00', 0x4}}]}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x30, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r6}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x80}, 0x20048041)
bind(r3, &(0x7f0000000640)=@llc={0x1a, 0xffd8, 0x3, 0x3, 0x3, 0x6, @multicast}, 0x80)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_open_dev$sndpcmp(&(0x7f00000006c0), 0x0, 0x111240)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r8, 0xc06c4124, &(0x7f0000000700))
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r0, 0xf503, 0x0)
sendmsg$NL80211_CMD_NEW_MPATH(r3, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x44, r1, 0x400, 0x70bd29, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xfffffffc, 0x24}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x44}, 0x1, 0x0, 0x0, 0x84810}, 0x10004890)
r9 = syz_open_dev$sg(&(0x7f00000008c0), 0x2, 0x2000)
ioctl$SG_IO(r9, 0x2285, &(0x7f0000002180)={0x53, 0xfffffffffffffffc, 0xc4, 0x4, @scatter={0x9, 0x0, &(0x7f0000000fc0)=[{&(0x7f0000000900)=""/16, 0x10}, {&(0x7f0000000940)=""/167, 0xa7}, {&(0x7f0000000a00)=""/104, 0x68}, {&(0x7f0000000a80)=""/186, 0xba}, {&(0x7f0000000b40)=""/83, 0x53}, {&(0x7f0000000bc0)=""/203, 0xcb}, {&(0x7f0000000cc0)=""/215, 0xd7}, {&(0x7f0000000dc0)=""/242, 0xf2}, {&(0x7f0000000ec0)=""/217, 0xd9}]}, &(0x7f0000001040)="83281b80715c5512c55ee69ba7d17bf4f909ee0657a205d01cc09b43b4cbb20d15b9f5adbc4543e0e8e132f2a0370d965c7b0f4b8fff5b0f49c1e05da51dc59b3c84ad6a4cf8a3c6b6b442f599b32c37b2868ee1f98e5d89264b05d88d4705ca11665cf858560731a0f4c01baf07eb2498e942eee41de7d29add14c2503ad3b49568872cbec036e751f2e7a130f933ee9a78e717d47501896acae410f67c4f407b36eef7dbc54d9bc581d6d4f0855badd4a812a5a97635f68c71df1013da18f6ef3f1b00", &(0x7f0000001140)=""/4096, 0x8, 0x20012, 0x1, &(0x7f0000002140)})
r10 = syz_open_dev$dri(&(0x7f00000021c0), 0xffffffff, 0x200081)
r11 = openat$fuse(0xffffff9c, &(0x7f0000002200), 0x2, 0x0)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r12, &(0x7f00000023c0)={&(0x7f0000002240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000002380)={&(0x7f0000002280)={0xe0, 0x0, 0x1, 0x3, 0x0, 0x0, {0xa, 0x0, 0xa}, [@CTA_FILTER={0x1c, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x8088c92149bcc383}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x100}, @CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x44}]}, @CTA_SEQ_ADJ_REPLY={0x44, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x6}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xffff}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x3}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0xffffffff}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x5}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0xe}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x40000000}, @CTA_STATUS_MASK={0x8, 0x1a, 0x1, 0x0, 0x9}, @CTA_LABELS={0x20, 0x16, 0x1, 0x0, [0x8, 0x9, 0x8, 0x8, 0x10001, 0x2, 0x5]}, @CTA_SEQ_ADJ_ORIG={0x34, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x100}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x73}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x100}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x200}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x6}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x569}]}, 0xe0}, 0x1, 0x0, 0x0, 0x80000}, 0x24000010)
r13 = socket$unix(0x1, 0x5, 0x0)
r14 = syz_clone(0x0, &(0x7f0000003440)="0fbe85e1e2e6c178cee9e62a4d379eaa89f942989861f7b0b398bae0971fc08c8fa792630d05c51b00451071dfdd3bdd10d00b3ba0a058343d26629c7fe987f22f6e892363ea4e17178123d39bc8ba0a68d84ca3ab853bdaa6db663c92d2ece1ce6c42bc15198b2a035f0c1e3b63d68f2e52d1df5150593595567238f670c1ef450a1b6083790d5e3c3e4b31827fda4b289044aed6118c420cca31e20943b6e87db5d79e4e87c60cd49ff60a547aa5c60c5b8c363765482ff87aa499e438bf7f3cd99e33a84394f15620fd62a12da228043d57bcf8cf1786dca808860bf45e83092fc47d13cb39d7c94550c253bb8cf8", 0xf0, &(0x7f0000003540), &(0x7f0000003580), &(0x7f00000035c0)="812714148c4fc03f8171b1bede768411eb1411bd05c9ae37eaf32a2993f491b99cd203e7fb579a73a51fc0096fa6e7cfd432ecc8121fd3")
r15 = getegid()
r16 = socket$inet_mptcp(0x2, 0x1, 0x106)
r17 = accept4$netrom(0xffffffffffffffff, &(0x7f0000003c00)={{}, [@default, @remote, @bcast, @default, @null, @bcast, @null, @null]}, &(0x7f0000003c80)=0x48, 0x800)
stat(&(0x7f0000004180)='./file0\x00', &(0x7f00000041c0)={0x0, 0x0, 0x0, 0x0, <r18=>0x0})
sendmmsg$unix(r13, &(0x7f000000a940)=[{{0x0, 0x0, &(0x7f0000003400)=[{&(0x7f0000002400)="2e65ed357f49fa1bd18aa2066b29e8e45564e2f04a5e0e1cd725c4598787249e97763d12c4e7c60491ccfa1f4db8bafc9b999925686ee6461c1ef56bdc497f2ed0a9c23384a7a94c4af5f6b73647b9b4e88716017f7eec7b1f9a412206bbe4feb42db4026d59cb23a2dfc0677571900b011ce9fcdbd8ed233ea85b5de0874d3a4d0fb6d462bd94d319d8b44e1c71759eb4360903df6072374f3e17d00b485973e1ffaceb46d2de2d53a505ba12bc58daea8f4cfbe4ca63d5ec8871f10ec8c034c830da4658050ece700e98645d5e52a1089249ea4bfc6a30c1122a8634ed95fff24efd02f544a422939e5bc20f7711ba245eb073ae90e71a1a0c8bc3e956e5be15aeaca5be1c4236ea442270924f24d6d3aedd8cc000e16bb6cfaccf3db6d4adeb567dd5afcfc489365eac6d1633dc80f421bbe8be6666e8caa4be85e3114cdc2da1195567c2d46d437cfe85c1160052578200f0ad2e1cdfdc8b023a0474cba3a2dfc9870944b30b6e5c602c03f086a82eb139a61bb5a5533ed94b4630d2d51c0fca09479792f5b00960c3c47f693a3162440fb013620fe703195ab81237a6cf7e032ff80d61f1afee4bf8cddc7bb5825ed106a9be111fb6bc1b26b62e6db7899e4f82e2fa23ec245eaf8be37cf8dbfc36062a10ae6c5db09b6d382238cb1955bc71fac245aed6a6bf27528ecfb253456c625fe0e947d2fc8c882f4146f9dc46594b9a6730da0639957ea874730a44fda26cc796b2f232cd62b17f72a7718e8bba5fd02778f0694fe6e438910b235a6718e6c9b8538c5e5c97a03a56efc661a9dadfb756e8d91859ff378c8c78e4049cad5afb046e75dae9cc16d3d0a48e292fb845b87f3aa74aee697f916d63ed58210785d014e517608a3033b5e8b3278f1e1e6cc4fe8ee1ba371f39f999feeace70b6a9ef72b57ed912cffecc9f0eff980ada25789357bdae5adcfad19100cceb8f579504ae77f9dc1149306dfe89c07a6ab012d374028935c2967d829c27bf79b8a5874b5dbbe7472bcdba0d6c6bca33280beddb8cce434076894fbc5593ad6ace8cc674da22b7e525e4d6f85ed629263444194ea5b3c87426a2924241fd9ed4c7d6a5477f3293aff2c10770b63c343e0d2e7cb21f9cc1c0a3dcfa15dcd0f912971d034a1c24e2212a61116b6d7fa1234db515e8befcf8aff1faf36249cd018086078a5265e7cff333668bfb75e25da21a4b5affba21b1acc42eee876620c965fcde95d279801b1300bd154ecf24379a4477855a7fe3a9a096e8dda0cc1b8fa8843fd9558264f5c985dbdebeddaa4bc7fc12cffe57348aec1c8ecd848db50f51f08cda1625c2749c8be5de35d605cb6f8e6f211c0df22a054b6ea95c71ef0f68a81ce9b9ee2aa7dc739be1c3b26efcdc8883afcfe3efb198518b907f8cd5a5fb966d1a9eeeefde2a4490e308ce8c3a7de8d2bbbf823b1466d470dda4d4da8bac84064bc30cb7d27f3041c84971afb4277216588741a31eb80ea24debecaf17307514598d618cf9715c10141d4ea7ea4ecf0917c58fcafa89e052b49f3b1fd2e690af15f6d206cff43c792a34a843aa47d9d1a2f28240ed0989b10eff6f80275b458712f1b2ad547f0e75ad612ed7af541f5caebd4a69e96bfae5f6a75af37f9eb22a413dae0c42063837223490927d398263f6303d5c7d4fc9bd676a36c1aee775560ed46dcd0f74b832629e281cde3e0935455a51cd0c63050b774c98c35eec77133f35012553b4367f249110987e2d8715e0e747d0e5defcad947bc29d3d6c923173228562c8c36850572f8d8b6eafd6bbe5aef6ab9e38063f6275089b77cad47dd669367c1726af04dedb2d9554f65c96d9c0c595ec9415adc4657031286dcdfa62b54229ea4985c8afb956b7e3403c63efe65ba4cc70faabcd69b0fb12b9db957ef2e846af206eb74a12756546072baafebbaa9a7af596cebc6c324717711d7f18212416f0e0cb9021c53ca3bf348ac23a328d736ef75b098b893227ea467222a6cae12d8b14cd0b506327fb17cc54c813003aa6bb33012b9a6c02911203410db55c170d50b0b554b8dc4c9464c932cf56c8f51e79d3a2a7bac8bff181db1d9e07beda6ce10c201b5a4671d05ea264fc6ebf19abc6e99c141ff0ada040036d616a634b3d9a6ab9da6b72250d64397f6130ca570f4fe55136d4e5e59cdd5e3cb1d20b706a47291ee574397bd30a0639f599e45c6082639459614fcb3dfefd124550c8ea6d726030f77177d36d0db1f17dc945a5f4c23cd515483c8ffbb279ad5701ddd539ce1101deb49bf6eb79fa8b9654002dfdad83904b5c1fec0111ca0d766d0a727c1aaa375f182d1ce76e8a8775065ac442cefe83187b0e7554d43449e34f9bbf87e4ca086f26d9311c76ba508ae83695dcb66c6782ab8c83fae2a77b6abfe506099bf7ad2b6043b0acd8ecd4e3ff389d0516d962c454285c74f0aa5045c10875499d88494f08e9a06e46a137cc5b5228c4d8dbf217c3b43af06f10cda6391dcb5bb2fe21bf49af822ad9c3666492a8bfc88c63282144a233d4f5d9908d359d9766830717b4d4fc01c4dbe694810b23d87cce4d3595320cfdd9c0811a792b9b09af14b9e2b8eb71e8496b8612f32c9898cf4c6f0dc572341510da9fe2649f4ea86eb72a8c2c45d5c8feaa88359205f8897372d5506354bc376db54d7861008b7d45235d886f278ab541f76d61e73632a05f112f58fbc4895e44553c84e92b4984af8c53c733d2d1c55894109838c9ab3f8cf7df76d5d9d7d543d55250ce7cd17c44fc2524b19520f1c9010d517a25698080ff32c66997938ac81ef66bed05234e8de5e26a848990cc1ca97a6c8a784e7be340f891d4d93b118ab5b8c3dd963d7fb3d8a6e7427aeab051bcc4d9e0a673c4878fb32abb2c4b41952d1ad01bc0aab6107941b8e1fd9137989d27a9e6552bbc103a25afd27c93ee839ff9849c3fe690b989ef698fdba3dd5b7c257d89384447d099b1cd02a99912294cd8e77c5678d5333a064a79379842794a5900122ef65df753096061112b72a55de73a079d7663d09d90bbc49dcf904174ef4311465cebffa8b8b6e9bff2c8b33e0ab2b1af21a013c04127ca7397f66bf646b94e2fd13d47ec61690f6f62cc78d141679a169fe50e9df9bd2a71cfc24e3e61e9a5cfa9ce2ac88d7180d1812202940e84be8597e69a2b3691df97b47af952a66c7248c9661d8c69fae592fee4a050f25ebc2537d560ad4968b8ae0b5787440542ac132b193620402892cefee492f8382e98c6ad7d5f7f3cde8bffdcf8198202fecf545eafcde9db050c095a062842ee6d6aefca755a998375b8bb1c013424d7c5e0ee67aa68957b062c4315944c6c49cbb7a604a0f9cfba7116b22cc3ebecb33d79251541619662278e1c6b6c3753dbe636b0c55de1fe6bbd355e13f04e8cf168452a76f3311ed225eed19aa951c28e686fad500c00b88b71a25ba73c333a51fddf4948f1ec83cd079afe88a8d00bd8aa599cd740f571798eaee53860770106d46d929f1257e4ed5c11e6a83d789cb6c2e9304ceef18750fc980b86c31a6ff6f5baf125f7f7ca84325668f6f9cf35d79097bccd79f370549ccdb7585679b0e92b286765c3cd3f231e4190834f2dda94d4be7d9070155b44f1bdb3bfc8e69f4ab25301462d7c9146a6761e89a41710eef003f3a3eb95af545f8f9dd576afa2af79e5b96aaeb6532b584ff3cca7b7ede8b55c1d6d1b830f7cbe8017f3675010452a722b6a8c2facfa769d62f3c2f106bccffe23db25baa34e43252054030a5ffdc13c626dd69707ad3e39c94c969047118da82cbb307d2087610191aef526764017a0b3f420a5b2868d1a3b6dd0890c22cd54581f7b2cf2cd473e324102f2290cebd84fface93fed2daa0da57debd5e3b0e72e3f570afe79fb2fae177e9b167e0c809461b4c97a93e3abb8bd33a012422a8a5dc9139b739f14ea5ee5e62ef16ef25bf69fa146554da630c2f83d028ba188341c74d7461c6fd4d8f1052d28d8ec339a3674cbb39a2ccc5c23fd5c25cf4230837eae7e159b323253d2a9983f7bd7c6139cd5ac077feaa39f18e8275c7a2016b9f1d8fca5bffbbe3075a4b54ecbc2f94c98837a43bc3370e8d7ffc865f883edef01fa8ca0b6b8a8575795b0d44f4048c235cd3a80f95a95b4d7f267c46f8cd68b006d7c76f1b7c66f956cb81ba670cf17b10d624c5f926b4a51725fb627042f7bda554edef60239d3f46ff59bc3c4a9bf3699a80128f1a5c64a99f7856cd10439c9eacdbcdffbb0738b3caa66aaec78039e8d7268e820d8d84948ac8ac3fcf4f7559531c05221ae09562c70774532202f2edce7ebd85408c4d2e962f6dc8c049c296a9ef85dee28949448ffbd12f8e8516e1daa4584e230e34374ecb6e4451ac69f0563d42899f65d04902ef3153eadefa5de1dfabdde5798d342368b9ce4d141d06464d31cc9a77f04ae4fb26b1cd2ad304e05c0a7f1dfd738ba9792e8190ee125af84cff7fb5f4c24d47e225a93b91e0374d255b521101a3ff1e721d32e40780c647685763f539f822f6d61ff572b2221bb48d1a9b74cb59c6fe826fa21c680fe92b5a3342b7a7cb997e760ba89ab52228318399ead7c0ff3309f05f790c48bfce8f542461d33f7cb8ada9d8548f4ca5097544e27b3df5d085495aed7b3c6fadf419544616e30e1f328ab13fec567003697af8ce8baf351b033351149620765b1169fa708acc7ebe8e30895979b39998bc653dee58b88263a1234c590c3e01690b528a8cf7011df0ac21ff334f0c5af3853cede781c45af0a483041454fb8fbb8b9798189d2c8b67ec96127ea8f40c7d181aaba20b2fa7a6741a0db63e340ff22078412307cdad0ec65d3708f2ba34565e1531efcc457834970fa4d749b2727cc818a7d87f774f2b3c82162f99941ed4db87bf67019de6c77a98be78206111d0b1e6108dd67e7b25a41bea3f9e37e6f0468d671d6a514526c71fdefe49868bd5cbf23cef246f4c3a5a404de564062fa493769feacebc20bfa334f3a2a5bc40537dd0e45f5fe1374c9b0704c1fa6db87f8319df4d6dca8826452ded2182e4141557566a59f128ef7c1a5cf08e5e3214e0f5927c898be630285d07865769bd4f374598323caa5ff1362d478dfb208d77e94032e00c998585b27b75cd3f029e81b446a1421002615abdb8acf7573756ee7d8909541e592979b9fe1b04da3ff1b6a32707a08a849479eb366fec3c45c44bf0ccc5d190471602e45c92cc7b599e2424ac9c58bb8e3216c1368741f7c127add05ea7c484bef805834ea53be57dadb1241b29b88b02798e31ac75be6f454b3516b10ef08faad3f206cf1d4a6bcf8d4940e9938de7d35f13926daa45883adb67c222f04e8f0125134c59cd5e80ca6b87f6ecfcce03df07b442b67a53e81458de5c080bea80d32a3afd4a1e76a6de637da1aade4c2105149621a4bb3995bb37073c46dbf05430b12823850bbc699aa6f2e27049b7dd5cca63e9d507e0dae7b66258ac8a7bad799f30767f883509388f3a6c029579f7efa8a4b83d2cb5ba9573a1eb2e3f6fcec0377d5df009c08e78aeb1ffe6837adeead7e808ea88747e8ed88a730964f6f84307f81a0e83c9f97b462e56425751c9926406ae055bc51b88b492aa619a83d97fe923ba443b9b95f351e23867f7c061b04960f11a6124e4d98a2bc93ec6cbc4bba91f034cb92bfda4553d558ff331f75c58e1b96406253c2603e3a8551b825a2c4b93aaa111818e3bad572fdacac9cd07505050ce6ffdf714e840", 0x1000}], 0x1, &(0x7f0000003600)=[@cred={{0x18, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x1c, 0x1, 0x1, [r8, r8, r11, r9]}}, @cred={{0x18, 0x1, 0x2, {r14, 0xffffffffffffffff, r15}}}, @rights={{0x1c, 0x1, 0x1, [r7, r16, r10, r0]}}], 0x68, 0x20000000}}, {{&(0x7f0000003680)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000003bc0)=[{&(0x7f0000003700)="fff17333eee7819dca3c600237b6c8d79457514fa4d93b3271b7f04688616c2916dd140d429a114d0b346df5892bc88756faaffd5105cd78fd949921e5ad9700ffd126feee001aee2d04d0904b2258faf30f68334433d096888dfdd5cbcdd02a059b75aabb27239fc83185d05a59d916251aaa317eba891446a1b6b2e4fa8d4b1a1b8a2797b44dba67a3cc5b3de3e5f6b5db5a7d9ab473e6fce4", 0x9a}, {&(0x7f00000037c0)="2a84d5100c56a8c76d470809ede8b8c1cb9889763236b5dbf65fa2dc507c7916539f47b045fea2370b9597bbfb1038c81025cedbe75930229ef676e3ef9d7e604f446278cb2c552841f8c81da78880e414e6e9dccc61dcb680fb102cdbc555382fb01d681b7151f3787d468a9710457318fdc3601bf1b9445fc65ed8a84c310e73576830c89577b1405925b964e75ecfacc557772df595311535d907169d45412cd64ec331a18a648d98a064de630563a1c2b18b2ad5850b0d3c7ec4bd3223612a73a85428a4bf", 0xc7}, {&(0x7f00000038c0)="415877d308f02b514a3864d8b3f6eca9a279135916150930eba26727756361c4cdca2e1f6c8a83481511", 0x2a}, {&(0x7f0000003900)="1da109c75f2eaf28e8741a4b3fe5d3d5223498aca67b20e1a5fad2c769026376a62a0e75aa31f2250f", 0x29}, {&(0x7f0000003940)="a1fc0edfbe610154015f59ac3d94666a81870f43f3f95f5024b3bc48baef243a5b2aa799b29350b4555a73ae6a74610267427963401c6c215b1139421db718cee53466d482d6400580d3c2942a6b1c782f88eeaaf56ac2af0c3d061036bd5968938920c70635ab", 0x67}, {&(0x7f00000039c0)}, {&(0x7f0000003a00)="955c71a8b973522649e6109f7bc31962d2c719ea6afe4b440aa36515630c345dfe9e410b7c6938708b58a32103c019f5213cc2a2ff5ec36c8caa06ba25bf69da2a020800a5774899e1ae9bf848bd5c695d5467284c711a4d0739b5d7e709e242de9087e65264787a30d9c16163500419218348e63724de2a389036cc30befb4a406f0e5aa8181709f2cb2039", 0x8c}, {&(0x7f0000003ac0)="ae7625d763dead1e9dc9c9d7a630014d7fe994e9824c2d8c9a487648f5b7123ea6cbdf80860baea6f840b4c7f4f00ff92b9fe6da15b6a7424e267a4d995c613ad9ee49720fbeeb41d08824750f43c9fa0eb5418e001ce942cae1781c55fd4cd9e8c9b2ccbe2e2b26b58b027eab1d76ce215b8c3450edba4266fcac8f7c90f53e59d0f7d53dd50f9c931e1103b827fca72e49bca3e54b47b4cb3f1bcf41dab844630d1b075d7ccd5cb0edd2e33b32483432f3e49cdd94b8a22233ea83ae0656cddd319233d0951d2989f20768ffdfa78d082fb4cc951de2a33082e140cb742c4b0f182c53b887ddc90612d1", 0xeb}], 0x8, &(0x7f0000003cc0)=[@rights={{0x20, 0x1, 0x1, [r3, 0xffffffffffffffff, 0xffffffffffffffff, r17, r12]}}], 0x20, 0x4000}}, {{&(0x7f0000003d00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000004140)=[{&(0x7f0000003d80)="d220c8b93d0735abb6b2747234916bdffdcfa60269d978d31de28a0efba8a4cc357a7cafa98a6d4f333353cd721e2014db2632676530be4596e75ff8876cd6b7b101e9f03f5fb3bad25f17b7384fb900406d15f16a195e4617a2d74c1fc98a0c459ca2036fe3af7f864b8f4c26c3c6739dde2041427ef18b5b7826fd5bbed8cec1ddfa8d10e26339a33bec44e743736f03a6e3c2f90a60cf489f37936826add3e8f7a4d7a88a49ae5a38d021c04d545eb6f34161de5ed5e29d750fd27f2abb966d7179b3682e4a28c6e968ae4701a042cf2b6c5669159e6b66e8abad57e0ab44fd432af4e289", 0xe6}, {&(0x7f0000003e80)="bb89b6223cc1c72077a4c7193cbe4538c728cc556005d838d444b39f6438dd5345ced8ff94bc42070bc319a5ec7e5b8219912190d25b", 0x36}, {&(0x7f0000003ec0)="00a84fe9c20cbda02eb79b96f01a152b318eee50564dd0ba3f02746b5fd4dccf17416190cfa420ab9d073bd59250044a5d4a2b184dfc2ce11d02f809d7dd7550b1deec78cfa0d417bec18feaab03299b99efdc58ac624b4479ba72dc4fc9f148fc961063da7dc0ac65e140c2bb845d3e6defcc69b35b0fe010fbe17b628473bbcedf6a28531d722eea7f473466c9a329d15d1c0c9764b5b7b59d7e713b2641f1258a95", 0xa3}, {&(0x7f0000003f80)="7f7b0ac775a25da6191c78d081465fdd5b977e86d8d0f3a7abcf0b14e471455338fc068d5087638d85c8b85740f2a1223bef42667f284f9206c13c0d7bbf189155ab83e5fc41c7bc2d2cd399d3c52221a08a44369793c8ef669f186f5abceb3fb9be5624c59b19c778a1a247c0a69897440e4aef488af4055b8d40552baf40363d773075cebd6c67e8d1733039cfd6bacae09329d1b2bb6470cd049b5161c303afa054529363e8d4ad1c521ab7644cec825f26ba6933b6e17d", 0xb9}, {&(0x7f0000004040)="7a4aa7e0959f12ecd992f12aef23b062c7cea9706420a4ec4e16796c86472eac4f7f2486ba2697484b9a7ba3f288ac39f9c96e6bbf4a7b0a49d240ab65452d4140cc8c", 0x43}, {&(0x7f00000040c0)="04dc6145e5d80562336808869cad31a67966864d701f8414a989b3e580021848dc66c94b40f64e8e92041e44408df2708f6fb4fd5b4c8429a060e18aa0fc5b0b1003b4d4", 0x44}], 0x6, &(0x7f000000a880)=[@cred={{0x18, 0x1, 0x2, {0xffffffffffffffff, r18}}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @rights={{0x2c, 0x1, 0x1, [r8, r8, r8, r9, r3, r7, r9, 0xffffffffffffffff]}}, @cred={{0x18}}], 0xa4, 0x20048810}}], 0x3, 0x28018045)

2.751628607s ago: executing program 2 (id=890):
socket$nl_route(0x10, 0x3, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x10}, 0x1c)
syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
syz_emit_ethernet(0x52, &(0x7f0000000940)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x1c, 0x3c, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, {[@hopopts={0x33}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
r1 = syz_io_uring_setup(0x6d8a, &(0x7f0000000300)={0x0, 0x37b2, 0x10100}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r1, 0x2def, 0x4000, 0x0, 0x0, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r4, &(0x7f0000000100)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1ff, 0x0, 0x2, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x4, 0x0, 0x0, 0x40], [0x0, 0x0, 0x3, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x809, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6], [0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9d6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x20000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xffffffff]}, 0x45c)
ioctl$UI_DEV_CREATE(r4, 0x5501)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xa, 0x0, r5)
readv(r4, &(0x7f00000018c0)=[{0x0}, {&(0x7f0000001700)=""/221, 0xdd}], 0x2)

2.651311488s ago: executing program 1 (id=892):
pipe2(&(0x7f0000001cc0), 0x800)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x100000, {}, [{0x90, 0x1, [@m_ct={0x44, 0x19, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffe, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x4}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb058}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000001300)={0xc, {"a2e3ad214fc752f91b2547f70e06d038e7ff7fc6e5539b3250078b089b39083872090890e0878f0e1ac6e7049b3367959b669a240d5b67f3988f7e0319520100ffe8d178708c523c921b1b5b31330d095d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d606495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07840900000000000000f5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c000003716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f22b625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a605fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b611fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47afed367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4b, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc2c45512, &(0x7f0000000340)={{0x7, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0xffffffff, 0xffff, 0xfffffffd, 0xfffffffd, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc7, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x400, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0xc41, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r5, 0x8004510b, &(0x7f00000000c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r6, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f00000001c0)=@ethtool_ringparam={0x9, 0x200, 0x300, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}})
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="a4000000", @ANYRES16=r7, @ANYBLOB="010000000000000000000100000038000180060001000a00000008000500000000000c00070000000000000000000800090000000000080006006f766600080008"], 0xa4}, 0x1, 0x0, 0x0, 0x60004804}, 0x804)

2.598747925s ago: executing program 3 (id=893):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000004700)={'team0\x00', <r2=>0x0})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r3, 0x0, 0x482, &(0x7f0000001640)=""/139, &(0x7f0000000100)=0x8)
syz_usbip_server_init(0x3)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r2, {}, {}, {0x8, 0x11}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x810, r1, 0xeef9c000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYRES16=r5, @ANYRESDEC=r5], 0x48)
socket$l2tp6(0xa, 0x2, 0x73)
r7 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r7, &(0x7f00000024c0)={0xa, 0x7, 0xfffffffd, @loopback, 0x8}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x8003}, &(0x7f0000000240)=<r9=>0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r11 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r11, 0xc0184800, &(0x7f0000000100)={0x4, <r12=>r10})
ioctl$DMA_BUF_IOCTL_SYNC(r12, 0xc0086202, &(0x7f0000000040)=0x1)
socket$phonet_pipe(0x23, 0x5, 0x2)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r13, 0x8933, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)

1.850994797s ago: executing program 2 (id=895):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x2}}}, 0x108)
r2 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x108)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0xcc540, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
preadv2(r3, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0xffe00}], 0x1, 0x0, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.720822956s ago: executing program 1 (id=896):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0xa1ff, &(0x7f0000000000)={&(0x7f0000000340)=@newlink={0x44, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, 0x0, 0x1840}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x3}, @IFLA_BR_AGEING_TIME={0x8}]}}}]}, 0x44}}, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r1, @ANYRES8=r2, @ANYBLOB="bf4337bb1b232673ff8fd0e91be8518bc4f6d859084e07a3f0bc604148ed9fa5ca84765ebd56aa58c8844b69effe86f3619f336574799870fb39e2311a81a3fb6929bccb6d4f562ed0aa4c22a6786543a351", @ANYRESOCT=r0, @ANYRESDEC=r3])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
dup2(r5, r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x4)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000008200000300012800b00010065727370616e0000200002800600180400000000040012000500160002000000050017"], 0x50}}, 0x0)
r7 = add_key(&(0x7f0000000000)='big_key\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$read(0xb, r7, &(0x7f00000041c0)=""/4096, 0x1000)
socket$inet_udp(0x2, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_MCE_KILL(0x21, 0x1, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x30313953, 0x0, 0xa, [{}, {0x10}, {}, {0xfffffffe}, {}, {}, {0x0, 0xfffffffd}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)

1.631189126s ago: executing program 2 (id=897):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000140)={0xa, 0x4e20, 0x6, @remote, 0xb}, 0x1c)
setsockopt$SO_BINDTODEVICE_wg(r2, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x9a, &(0x7f0000000200)=ANY=[@ANYBLOB="0180c200000eaaaaaaaaaaaa86dd6001010000641100fe8000000000000000000000000000bbfe80000000000000000000000000f9aa4e200e2200649078020000000100000004001000628e0960f6d6d3f6ee6d6b84b345dccac643e7df3e526ff07833b291322d4a74882ed6741e7632daeaec0c95f2ad1cd68fb3d9fd3efe8e4ea8b5ec7448ddd6a3215990e1b896120966af96b22cf049f0"], 0x0)
r3 = syz_io_uring_setup(0x228, &(0x7f0000000380)={0x0, 0x1ffffa, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
open(&(0x7f00000001c0)='./file0\x00', 0x80ff, 0x88)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
fcntl$setlease(r6, 0x400, 0x1)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x1300, 0x85)
fcntl$setlease(r6, 0x400, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x54)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x641, 0x122)
fdatasync(r7)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000100)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd=r0, 0x9, 0x0, 0x40, 0x4, 0x0, {0x0, r8}})
io_uring_enter(r3, 0x705, 0xa33a, 0x0, 0x0, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
r9 = fanotify_init(0x40, 0x2)
read(r9, 0x0, 0x0)

1.337944561s ago: executing program 3 (id=900):
socket$nl_route(0x10, 0x3, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x10}, 0x1c)
syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x6d8a, &(0x7f0000000300)={0x0, 0x37b2, 0x10100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r2, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r5, 0x4601, &(0x7f0000000040)={0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x10, 0x8}, {0x7, 0x5}, {0x6}, {}, 0x0, 0x10, 0x0, 0x0, 0x1, 0x9, 0x200000, 0x8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x2, 0x6})
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000100)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1ff, 0x0, 0x2, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x4, 0x0, 0x0, 0x40], [0x0, 0x0, 0x3, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x809, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6], [0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9d6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x20000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xffffffff]}, 0x45c)
ioctl$UI_DEV_CREATE(r6, 0x5501)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xa, 0x0, r7)
gettid()
readv(r6, &(0x7f00000018c0)=[{0x0}, {&(0x7f0000001700)=""/221, 0xdd}], 0x2)

940.76618ms ago: executing program 0 (id=902):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x4000010, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
unlink(0x0)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='smbus_result\x00', r3, 0x0, 0x6}, 0x18)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-sse2\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmmsg$alg(r5, &(0x7f0000004140)=[{0x8dffffff, 0x0, &(0x7f0000000600)=[{&(0x7f00000001c0)="14", 0x1}], 0x1}], 0x1, 0x0)
r6 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
ioctl$I2C_SMBUS(r6, 0x720, &(0x7f00000000c0)={0x0, 0x2, 0x5, &(0x7f0000000080)={0x8, "90f541a5e64f61909103f1fbbc2bd3c9f144d76e44c7b2986eb5e52829e7cb8393"}})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r2, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r7, 0x0, 0x0, 0x0, 0x0, [<r8=>0x0]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
r9 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0xfd, 0x7ffc0001}]})
futex_waitv(0x0, 0x0, 0x0, 0x0, 0x1)
ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r9, 0x81785501, &(0x7f0000000540)=""/113)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r8, 0x0, <r10=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000100))
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r10})
mount$9p_virtio(&(0x7f0000000580), &(0x7f0000000480)='./file0\x00', &(0x7f0000000100), 0x1000816, 0x0)

816.67289ms ago: executing program 1 (id=903):
socket$nl_route(0x10, 0x3, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x10}, 0x1c)
syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
syz_emit_ethernet(0x52, &(0x7f0000000940)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x1c, 0x3c, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, {[@hopopts={0x33}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
r1 = syz_io_uring_setup(0x6d8a, &(0x7f0000000300)={0x0, 0x37b2, 0x10100}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r1, 0x2def, 0x4000, 0x0, 0x0, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r4, &(0x7f0000000100)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1ff, 0x0, 0x2, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x4, 0x0, 0x0, 0x40], [0x0, 0x0, 0x3, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x809, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6], [0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9d6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x20000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xffffffff]}, 0x45c)
ioctl$UI_DEV_CREATE(r4, 0x5501)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xa, 0x0, r5)
readv(r4, &(0x7f00000018c0)=[{0x0}, {&(0x7f0000001700)=""/221, 0xdd}], 0x2)

807.591563ms ago: executing program 2 (id=904):
pipe2(&(0x7f0000001cc0), 0x800)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x100000, {}, [{0x90, 0x1, [@m_ct={0x44, 0x19, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffe, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x4}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb058}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000001300)={0xc, {"a2e3ad214fc752f91b2547f70e06d038e7ff7fc6e5539b3250078b089b39083872090890e0878f0e1ac6e7049b3367959b669a240d5b67f3988f7e0319520100ffe8d178708c523c921b1b5b31330d095d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d606495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07840900000000000000f5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c000003716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f22b625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a605fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b611fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47afed367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4b, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
r5 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r5, 0xc2c45512, &(0x7f0000000340)={{0x7, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0xffffffff, 0xffff, 0xfffffffd, 0xfffffffd, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc7, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x400, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0xc41, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r6, 0x8004510b, &(0x7f00000000c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r7, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f00000001c0)=@ethtool_ringparam={0x9, 0x200, 0x300, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}})
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="a4000000", @ANYRES16=r8, @ANYBLOB="010000000000000000000100000038000180060001000a00000008000500000000000c00070000000000000000000800090000000000080006006f766600080008"], 0xa4}, 0x1, 0x0, 0x0, 0x60004804}, 0x804)

691.330799ms ago: executing program 0 (id=905):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000040000000000080000000000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000408000a40000000000900020073797a31000000000900010073797a30000000000800054000000021900000000c0a010300000000000000000700000008000440000000020900010073797a300000000068000380640000800800034000000002580007800b000100746172676574000048000280080002400000000230000300b08c674515113085720f473c2d6e670b2a34b2f16709225a7547b6f14c1aa7a7202afc0811618e3b5a514fb651ff7360e7749fe5bee39009000100534e415400000000140000001000010000000000000000000084000a8ebac1a9a5ddd7904d540471bb2377465fc360251685e7deb8163dcd"], 0x114}}, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f00000000c0)=0x1)
r2 = socket$isdn(0x22, 0x2, 0x25)
r3 = socket$isdn(0x22, 0x2, 0x22)
mkdirat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x30)
mount(0x0, 0x0, &(0x7f0000000280)='hugetlbfs\x00', 0x0, 0x0)
r4 = dup3(r2, r3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x80044942, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x96e}, 0x18)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000a80)={0x8040, 0x4, 0x4}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x58000000, 0x0, 0x0, 0xff8b7ea7f60b06f4, 0x59, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x803ca97a6979e65b, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x20400, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x4, 0x3032, 0xffffffffffffffff, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r7 = dup(r6)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r5, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback, 0x8000000}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "000001fffbffffff", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', "faffffffffffffff"}, 0x28)
sendto$inet6(r5, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)
socket$nl_route(0x10, 0x3, 0x0)

421.360824ms ago: executing program 3 (id=906):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000300)=0x20, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_MPP(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, r3, 0x301, 0x0, 0x0, {{0x11}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0)
write$binfmt_misc(r0, &(0x7f0000000300), 0x6)

421.015096ms ago: executing program 3 (id=907):
syz_emit_ethernet(0x0, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x106, 0xe}}, 0x20)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r1, &(0x7f0000000280)={0x16, 0x98, 0xfa00, {&(0x7f0000000080), 0x3, r2, 0x30, 0x1, @in={0x2, 0x4e21, @broadcast}}}, 0xa0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaa00006b0000000800450000280068000000069078ac1414bbac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB='\b\x00\x00\x00\x00\x00\x00\x00'], 0x0)

363.931845ms ago: executing program 0 (id=908):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000280), 0x1, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1a, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, @tracing=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3})
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r7)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r8, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0xfffffffe, 0x8}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x7}, {}, {0xfff1, 0x4}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34, 0x1, [@m_gact={0x30, 0x1d, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x68}}, 0x0)
r9 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r9, 0xc02064b2, &(0x7f0000000340)={0xda2, 0x8166, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000240)={0x200, 0x1fb, 0xc3c})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
r10 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r10, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f00000001c0)={0xff, 0x3, 0xd83f})
dup(r3)
close_range(r1, 0xffffffffffffffff, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="d80000000314000426bd7000fbdbdf250900020073797a3000000000080041007278650014003300766574683100000000000000000000000900020073797a3100000000080041007369770014003300697036677265300000000000000000000900020073797a320000000008004100727865001400330064766d727031000000000000000000000900020073797a300000000008004100736977001400330076657468315f6d6163767461700000000900020073797a320000000008004100727865001400330067656e6576653100000000000000000085feae5a4a81160285860e34238a2f85aad6c992c3ff49a397482966835a2932b958df5c9db2afc18a7c1fd384f5192f2ed52be9a4bd736f46df965dc49a59ab9d731c432c2bc369313a630f260800000000000000116e523aa0a2024bb612856b"], 0xd8}, 0x1, 0x0, 0x0, 0x4000080}, 0x20040000)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r0, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="400000b3b2fb7e0025bd7000fddbdf2508007fa16f4c5e4e47f74f0001000000080001000200000008000000000800150000000000"], 0x40}}, 0x4000010)

231.249593ms ago: executing program 0 (id=909):
syz_open_dev$sndctrl(0x0, 0x10001d, 0x4841c1)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="14", @ANYRES16=0x0, @ANYBLOB="0100000000c1bb2bd18620a876bc800d3e117d332296237f03ea33c25e5950489bce5824444ca636c70cb8809ecd7b146718c3506be5232571f2405c79c84111cec0ca2d93565e17640a8e03"], 0x14}, 0x1, 0x40030000000000, 0x0, 0x8040}, 0x800)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000040)={r0, 0x58, &(0x7f0000000100)}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_DEL_STATION(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="138d46b10da67df8e6c2", @ANYRES32=0x0, @ANYBLOB="0c0043000300000008000000"], 0x28}, 0x1, 0x0, 0x0, 0x801}, 0x0)
unshare(0x72030280)
socket(0xa, 0x801, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
r5 = inotify_init()
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
inotify_add_watch(r5, &(0x7f00000000c0)='./file0\x00', 0x20000002)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x8000000000001b6, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000100)=0x2)
socket$inet_mptcp(0x2, 0x1, 0x106)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)

151.51597ms ago: executing program 3 (id=910):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000080850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f00000021c0)={r2, 0x0, 0x0}, 0x10)

151.20451ms ago: executing program 3 (id=911):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$inet(0x2, 0x1, 0x100)
r2 = add_key$user(&(0x7f0000002100), &(0x7f0000002180)={'syz', 0x1}, &(0x7f00000021c0)='\x00', 0x1, 0xfffffffffffffffe)
r3 = add_key$user(&(0x7f0000002300), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b959acafd2c12863045265bcbc2c9426ac3f614746b436fe86a72dc642dd67d970604a69b4f22cd0076beedc18056ab4bea4c825b69a7a77adcd5488684872b1bb9eb84586549e11b080468668e8fd0e52ce0705a", 0xc0, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r2, r3, r2}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={'streebog256-generic\x00'}})
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x22020400)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
r7 = syz_io_uring_setup(0x891, &(0x7f0000000380)={0x0, 0xb700, 0x4000, 0xffffffff, 0xbfdffff6}, &(0x7f0000000300)=<r8=>0x0, &(0x7f00000000c0)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r7, 0x47f6, 0x0, 0x2, 0x0, 0x0)
r10 = syz_open_dev$video4linux(&(0x7f0000000280), 0x5fff, 0x100)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r10, 0x4020565b, &(0x7f0000002200)={0x3, 0x7d8, 0x1})
r11 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSF2(r11, 0x402c542d, &(0x7f0000000140)={0x1000200, 0x0, 0x80000000, 0xffff, 0x0, "4ae23ae17df2e98cd88f00"})
ioctl$TIOCSTI(r11, 0x5412, &(0x7f0000000000))
ioctl$TIOCSTI(r11, 0x5412, &(0x7f0000000040)=0x3a)
sendto$inet(r6, 0x0, 0x0, 0x200408c4, &(0x7f0000000200)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)
syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340), &(0x7f0000000280))

51.387361ms ago: executing program 0 (id=912):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)=ANY=[@ANYBLOB="b8000000190001030000000000000008fc0100000000000000000000000000003ed30000000000000000000000000000000000000000000002d47df3123257290b09a53084496f7aeb9c58ab00cd156059be9e2e99354941f2180d0f19926f3c005a85f4b23db970a4498a7cbf89944ed3c218c7c8dcb5b417ccd1356620dea4fead3c3cb6fff3c6d2e8aa62efaa083bcb79407984d6b0f092df33d077af7a81983904390553a2f325347a090ab4cc67", @ANYRES32=r0], 0xb8}, 0x1, 0x0, 0x0, 0x10004880}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e746572009c0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000700003806c000080080003400000000260000b80440001800c000100636f756e74657200340002800c0002400000000000001e3c0c00014000000000000000500c00024000000000000100000c000140000000000000000018"], 0x130}, 0x1, 0x0, 0x0, 0x8000}, 0x8880)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
r3 = socket(0x15, 0x5, 0x0)
recvfrom$ax25(r3, 0x0, 0x0, 0x105, &(0x7f0000001c00)={{0x3, @default}, [@bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x20000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r2, 0x0)
futex(0x0, 0x85, 0x0, 0x0, &(0x7f0000000080), 0x11000000)

0s ago: executing program 0 (id=913):
openat$fb0(0xffffffffffffff9c, 0x0, 0x1e7600, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mprotect(&(0x7f00001f9000/0x1000)=nil, 0x1000, 0x9)
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, &(0x7f0000000180)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x80002, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x1a, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0300008004000000040000000a00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x8, &(0x7f0000000100)=@framed={{0x18, 0x3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
syz_usb_connect(0x2, 0x24, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000200), 0x4000000004002, 0x0)
dup(r5)

kernel console output (not intermixed with test programs):

 different from the interface descriptor's value: 2
[  103.014258][ T5995] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  103.018380][ T5995] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.021731][ T5995] usb 5-1: Product: syz
[  103.023478][ T5995] usb 5-1: Manufacturer: syz
[  103.025946][ T5995] usb 5-1: SerialNumber: syz
[  103.114056][ T6930] netfs: Couldn't get user pages (rc=-14)
[  103.234185][ T5995] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  103.511076][ T6935] delete_channel: no stack
[  103.539025][ T6922] usblp0:failed reading printer status (-71)
[  103.548455][ T5995] usb 5-1: USB disconnect, device number 5
[  103.557256][ T5995] usblp0: removed
[  103.568757][ T6944] syzkaller1: entered promiscuous mode
[  103.570595][ T6944] syzkaller1: entered allmulticast mode
[  103.933392][   T64] IPVS: starting estimator thread 0...
[  104.027796][ T6952] IPVS: using max 40 ests per chain, 96000 per kthread
[  104.785375][ T6971] __nla_validate_parse: 3 callbacks suppressed
[  104.785433][ T6971] netlink: 4 bytes leftover after parsing attributes in process `syz.0.265'.
[  105.029312][ T6972] input: syz0 as /devices/virtual/input/input19
[  105.421927][ T6975] delete_channel: no stack
[  105.664437][ T6983] netlink: 4 bytes leftover after parsing attributes in process `syz.3.268'.
[  105.946991][   T10] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  106.108803][   T10] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  106.112391][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  106.115854][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  106.119598][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  106.124947][   T10] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  106.128174][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.136018][   T10] usb 5-1: config 0 descriptor??
[  106.234775][ T6974] delete_channel: no stack
[  106.752309][ T7012] delete_channel: no stack
[  106.802091][ T7013] ptrace attach of "/syz-executor exec"[5955] was attempted by ""[7013]
[  106.840300][ T7014] netlink: 8 bytes leftover after parsing attributes in process `syz.1.276'.
[  106.888666][ T7014] netlink: 8 bytes leftover after parsing attributes in process `syz.1.276'.
[  106.892362][ T7014] netlink: 12 bytes leftover after parsing attributes in process `syz.1.276'.
[  106.896167][ T7014] netlink: 'syz.1.276': attribute type 5 has an invalid length.
[  107.067991][ T7013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  107.072844][ T7013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  107.629531][ T7011] delete_channel: no stack
[  107.852916][   T10] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  107.878591][   T10] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  108.049304][ T7033] 9pnet_virtio: no channels available for device syz
[  108.185935][ T7035] syz_tun: left allmulticast mode
[  108.188102][ T7035] syz_tun: left promiscuous mode
[  108.190158][ T7035] bridge0: port 3(syz_tun) entered disabled state
[  108.203902][ T7035] bridge_slave_0: left allmulticast mode
[  108.206034][ T7035] bridge_slave_0: left promiscuous mode
[  108.214358][ T7035] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.225803][ T7035] bridge_slave_1: left allmulticast mode
[  108.235541][ T7035] bridge_slave_1: left promiscuous mode
[  108.264792][ T7035] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.284875][ T7035] bond0: (slave bond_slave_0): Releasing backup interface
[  108.302692][ T7035] bond0: (slave bond_slave_1): Releasing backup interface
[  108.365925][ T7035] team0: Port device team_slave_0 removed
[  108.391171][ T7035] team0: Port device team_slave_1 removed
[  108.395975][ T7035] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  108.398975][ T7035] batman_adv: batadv0: Removing interface: batadv_slave_0
[  108.406416][ T7035] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  108.410770][ T7035] batman_adv: batadv0: Removing interface: batadv_slave_1
[  108.913800][   T58] usb 5-1: USB disconnect, device number 6
[  109.117364][ T7048] input: syz0 as /devices/virtual/input/input21
[  109.418087][ T7057] lo speed is unknown, defaulting to 1000
[  109.816007][ T7063] delete_channel: no stack
[  110.290150][ T7062] delete_channel: no stack
[  110.403187][ T7082] netlink: 'syz.3.296': attribute type 13 has an invalid length.
[  110.783217][ T7097] netdevsim netdevsim0 netdevsim0: left allmulticast mode
[  110.799933][ T7097] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[  110.802903][ T7097] bridge0: port 1(netdevsim0) entered disabled state
[  110.847823][ T7099] openvswitch: netlink: Message has 3 unknown bytes.
[  110.851105][ T7099] openvswitch: netlink: Actions may not be safe on all matching packets
[  110.974855][ T7104] overlayfs: missing 'lowerdir'
[  111.054660][ T7106] netlink: 20 bytes leftover after parsing attributes in process `syz.1.301'.
[  111.771586][ T7115] delete_channel: no stack
[  111.967947][ T7121] netlink: 4 bytes leftover after parsing attributes in process `syz.0.303'.
[  112.797874][ T7114] delete_channel: no stack
[  113.957104][ T5961] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  114.118947][ T5961] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  114.125456][ T5961] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  114.131224][ T5961] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  114.137729][ T5961] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  114.147353][ T5961] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  114.151537][ T5961] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.163363][ T5961] usb 7-1: config 0 descriptor??
[  114.873593][ T7157] delete_channel: no stack
[  114.920950][ T7158] ptrace attach of "/syz-executor exec"[5960] was attempted by ""[7158]
[  114.940228][ T5961] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  114.946796][ T5961] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  115.146743][ T7155] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  115.149750][ T7155] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  115.226784][ T7156] delete_channel: no stack
[  115.371816][ T7167] input: syz0 as /devices/virtual/input/input23
[  115.506379][ T7170] netlink: 4 bytes leftover after parsing attributes in process `syz.1.317'.
[  116.413841][ T7177] input: syz0 as /devices/virtual/input/input24
[  116.449944][ T7180] input: syz0 as /devices/virtual/input/input25
[  116.597575][   T10] usb 7-1: reset high-speed USB device number 7 using dummy_hcd
[  116.727024][   T10] usb 7-1: device descriptor read/64, error -32
[  116.977120][   T10] usb 7-1: reset high-speed USB device number 7 using dummy_hcd
[  117.108066][   T10] usb 7-1: device descriptor read/64, error -32
[  117.205477][ T7188] netlink: 4 bytes leftover after parsing attributes in process `syz.3.321'.
[  117.555102][ T7193] input: syz0 as /devices/virtual/input/input26
[  117.587090][   T10] usb 7-1: reset high-speed USB device number 7 using dummy_hcd
[  117.659450][ T7196] FAULT_INJECTION: forcing a failure.
[  117.659450][ T7196] name failslab, interval 1, probability 0, space 0, times 0
[  117.663825][ T7196] CPU: 0 UID: 0 PID: 7196 Comm: syz.2.325 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  117.663841][ T7196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.663848][ T7196] Call Trace:
[  117.663852][ T7196]  <TASK>
[  117.663857][ T7196]  dump_stack_lvl+0x16c/0x1f0
[  117.663884][ T7196]  should_fail_ex+0x512/0x640
[  117.663898][ T7196]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  117.663916][ T7196]  should_failslab+0xc2/0x120
[  117.663928][ T7196]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  117.663944][ T7196]  ? __kernfs_new_node+0xd2/0x8a0
[  117.663963][ T7196]  __kernfs_new_node+0xd2/0x8a0
[  117.663980][ T7196]  ? kernfs_add_one+0x37d/0x840
[  117.663991][ T7196]  ? __pfx___kernfs_new_node+0x10/0x10
[  117.664011][ T7196]  ? find_held_lock+0x2b/0x80
[  117.664026][ T7196]  ? kernfs_root+0xee/0x2a0
[  117.664045][ T7196]  kernfs_new_node+0x13c/0x1e0
[  117.664058][ T7196]  __kernfs_create_file+0x53/0x350
[  117.664074][ T7196]  sysfs_add_file_mode_ns+0x207/0x3c0
[  117.664094][ T7196]  sysfs_create_file_ns+0x13d/0x1d0
[  117.664109][ T7196]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[  117.664124][ T7196]  ? down_read+0x13d/0x480
[  117.664134][ T7196]  ? __pfx___up_read+0x10/0x10
[  117.664146][ T7196]  ? acpi_device_notify+0x351/0x480
[  117.664166][ T7196]  device_create_file+0xf2/0x1e0
[  117.664180][ T7196]  device_add+0x2bf/0x1a70
[  117.664192][ T7196]  ? __pfx_dev_set_name+0x10/0x10
[  117.664204][ T7196]  ? __pfx_device_add+0x10/0x10
[  117.664215][ T7196]  ? lockdep_init_map_type+0x5c/0x280
[  117.664226][ T7196]  ? __init_waitqueue_head+0xca/0x150
[  117.664242][ T7196]  netdev_register_kobject+0x182/0x3a0
[  117.664262][ T7196]  register_netdevice+0x13dc/0x2270
[  117.664282][ T7196]  ? kasan_save_track+0x14/0x30
[  117.664298][ T7196]  ? __pfx_register_netdevice+0x10/0x10
[  117.664315][ T7196]  ? macvlan_hash_add_source+0x4d/0x3a0
[  117.664341][ T7196]  macvlan_common_newlink+0x10e7/0x1a20
[  117.664371][ T7196]  ? __pfx_macvlan_common_newlink+0x10/0x10
[  117.664398][ T7196]  ? rtnl_create_link+0xb2b/0x1200
[  117.664422][ T7196]  ? __pfx_macvlan_newlink+0x10/0x10
[  117.664439][ T7196]  rtnl_newlink+0xc42/0x2000
[  117.664457][ T7196]  ? __pfx_rtnl_newlink+0x10/0x10
[  117.664477][ T7196]  ? kfree_skbmem+0x1a4/0x1f0
[  117.664492][ T7196]  ? rcu_is_watching+0x12/0xc0
[  117.664505][ T7196]  ? trace_cap_capable+0x18d/0x200
[  117.664524][ T7196]  ? find_held_lock+0x2b/0x80
[  117.664536][ T7196]  ? __pfx_rtnl_newlink+0x10/0x10
[  117.664549][ T7196]  ? __pfx_rtnl_newlink+0x10/0x10
[  117.664562][ T7196]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  117.664577][ T7196]  ? __pfx_rtnl_newlink+0x10/0x10
[  117.664591][ T7196]  rtnetlink_rcv_msg+0x95b/0xe90
[  117.664607][ T7196]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  117.664628][ T7196]  netlink_rcv_skb+0x16a/0x440
[  117.664644][ T7196]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  117.664659][ T7196]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  117.664681][ T7196]  ? netlink_deliver_tap+0x1ae/0xd30
[  117.664698][ T7196]  netlink_unicast+0x53a/0x7f0
[  117.664715][ T7196]  ? __pfx_netlink_unicast+0x10/0x10
[  117.664734][ T7196]  netlink_sendmsg+0x8d1/0xdd0
[  117.664752][ T7196]  ? __pfx_netlink_sendmsg+0x10/0x10
[  117.664768][ T7196]  ? __import_iovec+0x1c8/0x660
[  117.664785][ T7196]  ____sys_sendmsg+0xa95/0xc70
[  117.664800][ T7196]  ? __pfx_____sys_sendmsg+0x10/0x10
[  117.664809][ T7196]  ? get_compat_msghdr+0x11a/0x170
[  117.664829][ T7196]  ___sys_sendmsg+0x134/0x1d0
[  117.664843][ T7196]  ? __pfx____sys_sendmsg+0x10/0x10
[  117.664894][ T7196]  __sys_sendmsg+0x16d/0x220
[  117.664912][ T7196]  ? __pfx___sys_sendmsg+0x10/0x10
[  117.664931][ T7196]  ? rcu_is_watching+0x12/0xc0
[  117.664946][ T7196]  __do_fast_syscall_32+0x73/0x120
[  117.664963][ T7196]  do_fast_syscall_32+0x32/0x80
[  117.664978][ T7196]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  117.664992][ T7196] RIP: 0023:0xf70be579
[  117.665001][ T7196] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  117.665011][ T7196] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  117.665021][ T7196] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000280
[  117.665027][ T7196] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  117.665033][ T7196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  117.665038][ T7196] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  117.665044][ T7196] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  117.665056][ T7196]  </TASK>
[  117.824411][   T10] usb 7-1: device not accepting address 7, error -71
[  118.045668][ T7206] Driver unsupported XDP return value 0 on prog  (id 69) dev N/A, expect packet loss!
[  118.102631][ T7206] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.330'.
[  118.106779][ T7206] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  118.509261][ T7216] input: syz0 as /devices/virtual/input/input27
[  118.542096][ T7220] FAULT_INJECTION: forcing a failure.
[  118.542096][ T7220] name failslab, interval 1, probability 0, space 0, times 0
[  118.552723][ T7220] CPU: 0 UID: 0 PID: 7220 Comm: syz.1.333 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  118.552753][ T7220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  118.552765][ T7220] Call Trace:
[  118.552771][ T7220]  <TASK>
[  118.552778][ T7220]  dump_stack_lvl+0x16c/0x1f0
[  118.552810][ T7220]  should_fail_ex+0x512/0x640
[  118.552832][ T7220]  ? __kmalloc_noprof+0xbf/0x510
[  118.552862][ T7220]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  118.552908][ T7220]  should_failslab+0xc2/0x120
[  118.552928][ T7220]  __kmalloc_noprof+0xd2/0x510
[  118.552953][ T7220]  ? kasan_quarantine_put+0x10a/0x240
[  118.552984][ T7220]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  118.553009][ T7220]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  118.553030][ T7220]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  118.553049][ T7220]  ? trace_cap_capable+0x18d/0x200
[  118.553073][ T7220]  ? bpf_lsm_capable+0x9/0x10
[  118.553098][ T7220]  ? security_capable+0x7e/0x260
[  118.553118][ T7220]  ? ns_capable+0xd7/0x110
[  118.553144][ T7220]  genl_rcv_msg+0x55c/0x800
[  118.553166][ T7220]  ? __pfx_genl_rcv_msg+0x10/0x10
[  118.553184][ T7220]  ? __pfx___dev_queue_xmit+0x10/0x10
[  118.553202][ T7220]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  118.553229][ T7220]  ? __pfx_nl80211_remain_on_channel+0x10/0x10
[  118.553245][ T7220]  ? __pfx_nl80211_post_doit+0x10/0x10
[  118.553273][ T7220]  ? __lock_acquire+0xaa4/0x1ba0
[  118.553306][ T7220]  netlink_rcv_skb+0x16a/0x440
[  118.553333][ T7220]  ? __pfx_genl_rcv_msg+0x10/0x10
[  118.553352][ T7220]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  118.553390][ T7220]  ? __pfx_down_read+0x10/0x10
[  118.553431][ T7220]  genl_rcv+0x28/0x40
[  118.553457][ T7220]  netlink_unicast+0x53a/0x7f0
[  118.553487][ T7220]  ? __pfx_netlink_unicast+0x10/0x10
[  118.553527][ T7220]  netlink_sendmsg+0x8d1/0xdd0
[  118.553558][ T7220]  ? __pfx_netlink_sendmsg+0x10/0x10
[  118.553586][ T7220]  ? __import_iovec+0x1c8/0x660
[  118.553616][ T7220]  ____sys_sendmsg+0xa95/0xc70
[  118.553638][ T7220]  ? __pfx_____sys_sendmsg+0x10/0x10
[  118.553655][ T7220]  ? get_compat_msghdr+0x11a/0x170
[  118.553690][ T7220]  ___sys_sendmsg+0x134/0x1d0
[  118.553716][ T7220]  ? __pfx____sys_sendmsg+0x10/0x10
[  118.553772][ T7220]  __sys_sendmsg+0x16d/0x220
[  118.553796][ T7220]  ? __pfx___sys_sendmsg+0x10/0x10
[  118.553828][ T7220]  ? rcu_is_watching+0x12/0xc0
[  118.553853][ T7220]  ? rcu_is_watching+0x12/0xc0
[  118.553879][ T7220]  __do_fast_syscall_32+0x73/0x120
[  118.553908][ T7220]  do_fast_syscall_32+0x32/0x80
[  118.553935][ T7220]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  118.553956][ T7220] RIP: 0023:0xf7f07579
[  118.553972][ T7220] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  118.553989][ T7220] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  118.554006][ T7220] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000080
[  118.554019][ T7220] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  118.554028][ T7220] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  118.554037][ T7220] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  118.554049][ T7220] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  118.554072][ T7220]  </TASK>
[  118.676152][ T6010] usb 7-1: USB disconnect, device number 7
[  119.060396][ T7236] delete_channel: no stack
[  119.403455][ T5964] Bluetooth: hci0: link tx timeout
[  119.405897][ T5964] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  119.878921][ T7255] overlay: Bad value for 'workdir'
[  119.882071][ T7255] FAULT_INJECTION: forcing a failure.
[  119.882071][ T7255] name failslab, interval 1, probability 0, space 0, times 0
[  119.886214][ T7255] CPU: 2 UID: 0 PID: 7255 Comm: syz.2.345 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  119.886229][ T7255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  119.886236][ T7255] Call Trace:
[  119.886240][ T7255]  <TASK>
[  119.886245][ T7255]  dump_stack_lvl+0x16c/0x1f0
[  119.886266][ T7255]  should_fail_ex+0x512/0x640
[  119.886279][ T7255]  ? __kmalloc_noprof+0xbf/0x510
[  119.886296][ T7255]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  119.886308][ T7255]  should_failslab+0xc2/0x120
[  119.886318][ T7255]  __kmalloc_noprof+0xd2/0x510
[  119.886334][ T7255]  ? kasan_quarantine_put+0x10a/0x240
[  119.886351][ T7255]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  119.886366][ T7255]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  119.886377][ T7255]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  119.886387][ T7255]  ? trace_cap_capable+0x18d/0x200
[  119.886401][ T7255]  ? bpf_lsm_capable+0x9/0x10
[  119.886415][ T7255]  ? security_capable+0x7e/0x260
[  119.886426][ T7255]  ? ns_capable+0xd7/0x110
[  119.886440][ T7255]  genl_rcv_msg+0x55c/0x800
[  119.886452][ T7255]  ? __pfx_genl_rcv_msg+0x10/0x10
[  119.886462][ T7255]  ? __pfx___dev_queue_xmit+0x10/0x10
[  119.886474][ T7255]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  119.886489][ T7255]  ? __pfx_nl80211_remain_on_channel+0x10/0x10
[  119.886500][ T7255]  ? __pfx_nl80211_post_doit+0x10/0x10
[  119.886516][ T7255]  ? __lock_acquire+0xaa4/0x1ba0
[  119.886536][ T7255]  netlink_rcv_skb+0x16a/0x440
[  119.886552][ T7255]  ? __pfx_genl_rcv_msg+0x10/0x10
[  119.886562][ T7255]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  119.886584][ T7255]  ? __pfx_down_read+0x10/0x10
[  119.886594][ T7255]  ? netlink_deliver_tap+0x1ae/0xd30
[  119.886611][ T7255]  genl_rcv+0x28/0x40
[  119.886627][ T7255]  netlink_unicast+0x53a/0x7f0
[  119.886644][ T7255]  ? __pfx_netlink_unicast+0x10/0x10
[  119.886663][ T7255]  netlink_sendmsg+0x8d1/0xdd0
[  119.886680][ T7255]  ? __pfx_netlink_sendmsg+0x10/0x10
[  119.886697][ T7255]  ? __import_iovec+0x1c8/0x660
[  119.886713][ T7255]  ____sys_sendmsg+0xa95/0xc70
[  119.886725][ T7255]  ? __pfx_____sys_sendmsg+0x10/0x10
[  119.886734][ T7255]  ? get_compat_msghdr+0x11a/0x170
[  119.886753][ T7255]  ___sys_sendmsg+0x134/0x1d0
[  119.886768][ T7255]  ? __pfx____sys_sendmsg+0x10/0x10
[  119.886797][ T7255]  __sys_sendmsg+0x16d/0x220
[  119.886811][ T7255]  ? __pfx___sys_sendmsg+0x10/0x10
[  119.886828][ T7255]  ? rcu_is_watching+0x12/0xc0
[  119.886855][ T7255]  ? rcu_is_watching+0x12/0xc0
[  119.886871][ T7255]  __do_fast_syscall_32+0x73/0x120
[  119.886890][ T7255]  do_fast_syscall_32+0x32/0x80
[  119.886905][ T7255]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  119.886920][ T7255] RIP: 0023:0xf70be579
[  119.886928][ T7255] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  119.886938][ T7255] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  119.886948][ T7255] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000080
[  119.886954][ T7255] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  119.886960][ T7255] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  119.886965][ T7255] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  119.886971][ T7255] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  119.886983][ T7255]  </TASK>
[  119.900323][ T7235] delete_channel: no stack
[  119.939859][ T7258] capability: warning: `syz.2.346' uses deprecated v2 capabilities in a way that may be insecure
[  120.720759][ T7283] fuse: Unknown parameter 'ÿÿ00000000000000000007'
[  120.981251][ T7286] netlink: 16 bytes leftover after parsing attributes in process `syz.0.355'.
[  121.004202][ T7286] team0: Mode "loadbal!nce" not found
[  121.034880][ T7289] delete_channel: no stack
[  121.258169][ T7288] delete_channel: no stack
[  121.348488][ T7295] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[  121.438511][ T5964] Bluetooth: hci0: command 0x0c1a tx timeout
[  121.462149][ T7244] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  121.493691][   T40] audit: type=1400 audit(2000000000.689:9): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=7299 comm="syz.3.359"
[  122.147462][   T58] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  122.235822][ T7320] netlink: 88 bytes leftover after parsing attributes in process `syz.3.364'.
[  122.410694][   T58] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  122.462456][   T58] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  122.465545][   T58] usb 7-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  122.468540][   T58] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.472685][   T58] usb 7-1: config 0 descriptor??
[  122.681411][ T7306] netlink: 12 bytes leftover after parsing attributes in process `syz.2.363'.
[  122.752671][   T40] audit: type=1400 audit(2000000001.949:10): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=7305 comm="syz.2.363"
[  122.775332][ T7330] input: syz0 as /devices/virtual/input/input28
[  122.785065][ T7332] FAULT_INJECTION: forcing a failure.
[  122.785065][ T7332] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.838037][ T7332] CPU: 1 UID: 0 PID: 7332 Comm: syz.0.365 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  122.838065][ T7332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  122.838082][ T7332] Call Trace:
[  122.838087][ T7332]  <TASK>
[  122.838091][ T7332]  dump_stack_lvl+0x16c/0x1f0
[  122.838112][ T7332]  should_fail_ex+0x512/0x640
[  122.838127][ T7332]  _copy_from_iter+0x2a4/0x15b0
[  122.838142][ T7332]  ? __build_skb_around+0x278/0x3b0
[  122.838158][ T7332]  ? __pfx__copy_from_iter+0x10/0x10
[  122.838170][ T7332]  ? alloc_pages_noprof+0x23c/0x390
[  122.838181][ T7332]  ? skb_page_frag_refill+0x11d/0x5a0
[  122.838206][ T7332]  ? sk_page_frag_refill+0x6c/0x300
[  122.838218][ T7332]  kcm_sendmsg+0x14ad/0x2c60
[  122.838244][ T7332]  ? __pfx_kcm_sendmsg+0x10/0x10
[  122.838265][ T7332]  sock_write_iter+0x4fc/0x5b0
[  122.838275][ T7332]  ? __pfx_sock_write_iter+0x10/0x10
[  122.838290][ T7332]  ? bpf_lsm_file_permission+0x9/0x10
[  122.838303][ T7332]  ? security_file_permission+0x71/0x210
[  122.838318][ T7332]  ? rw_verify_area+0xcf/0x680
[  122.838333][ T7332]  vfs_write+0x5ba/0x1180
[  122.838348][ T7332]  ? __pfx_sock_write_iter+0x10/0x10
[  122.838364][ T7332]  ? __pfx_vfs_write+0x10/0x10
[  122.838379][ T7332]  ? find_held_lock+0x2b/0x80
[  122.838404][ T7332]  ksys_write+0x205/0x240
[  122.838419][ T7332]  ? __pfx_ksys_write+0x10/0x10
[  122.838434][ T7332]  ? rcu_is_watching+0x12/0xc0
[  122.838449][ T7332]  __do_fast_syscall_32+0x73/0x120
[  122.838467][ T7332]  do_fast_syscall_32+0x32/0x80
[  122.838483][ T7332]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  122.838496][ T7332] RIP: 0023:0xf70ce579
[  122.838505][ T7332] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  122.838515][ T7332] RSP: 002b:00000000f507c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  122.838526][ T7332] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  122.838532][ T7332] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000000
[  122.838538][ T7332] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  122.838543][ T7332] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  122.838549][ T7332] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  122.838561][ T7332]  </TASK>
[  122.920678][    C1] vkms_vblank_simulate: vblank timer overrun
[  123.180085][   T58] usbhid 7-1:0.0: can't add hid device: -71
[  123.186998][   T58] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  123.190912][   T58] usb 7-1: USB disconnect, device number 8
[  123.673020][ T7345] xt_CT: No such helper "snmp"
[  123.752690][ T7352] 9pnet_fd: Insufficient options for proto=fd
[  125.032784][ T7370] input: syz0 as /devices/virtual/input/input29
[  125.189291][ T7369] netlink: 88 bytes leftover after parsing attributes in process `syz.2.377'.
[  126.097192][ T7375] netlink: 88 bytes leftover after parsing attributes in process `syz.3.379'.
[  126.121711][ T7387] delete_channel: no stack
[  126.726613][ T7386] delete_channel: no stack
[  127.116175][ T7413] FAULT_INJECTION: forcing a failure.
[  127.116175][ T7413] name failslab, interval 1, probability 0, space 0, times 0
[  127.121361][ T7413] CPU: 0 UID: 0 PID: 7413 Comm: syz.3.389 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  127.121385][ T7413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  127.121393][ T7413] Call Trace:
[  127.121399][ T7413]  <TASK>
[  127.121404][ T7413]  dump_stack_lvl+0x16c/0x1f0
[  127.121429][ T7413]  should_fail_ex+0x512/0x640
[  127.121448][ T7413]  should_failslab+0xc2/0x120
[  127.121460][ T7413]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  127.121480][ T7413]  ? skb_clone+0x190/0x3f0
[  127.121500][ T7413]  skb_clone+0x190/0x3f0
[  127.121517][ T7413]  netlink_deliver_tap+0xabd/0xd30
[  127.121538][ T7413]  netlink_unicast+0x5df/0x7f0
[  127.121558][ T7413]  ? __pfx_netlink_unicast+0x10/0x10
[  127.121581][ T7413]  netlink_sendmsg+0x8d1/0xdd0
[  127.121601][ T7413]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.121617][ T7413]  ? __import_iovec+0x1c8/0x660
[  127.121634][ T7413]  ____sys_sendmsg+0xa95/0xc70
[  127.121645][ T7413]  ? __pfx_____sys_sendmsg+0x10/0x10
[  127.121654][ T7413]  ? get_compat_msghdr+0x11a/0x170
[  127.121674][ T7413]  ___sys_sendmsg+0x134/0x1d0
[  127.121688][ T7413]  ? __pfx____sys_sendmsg+0x10/0x10
[  127.121717][ T7413]  __sys_sendmsg+0x16d/0x220
[  127.121731][ T7413]  ? __pfx___sys_sendmsg+0x10/0x10
[  127.121748][ T7413]  ? rcu_is_watching+0x12/0xc0
[  127.121763][ T7413]  ? rcu_is_watching+0x12/0xc0
[  127.121842][ T7413]  __do_fast_syscall_32+0x73/0x120
[  127.121862][ T7413]  do_fast_syscall_32+0x32/0x80
[  127.121883][ T7413]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  127.121896][ T7413] RIP: 0023:0xf7f71579
[  127.121905][ T7413] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  127.121915][ T7413] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  127.121926][ T7413] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  127.121932][ T7413] RDX: 000000000000c0c4 RSI: 0000000000000000 RDI: 0000000000000000
[  127.121938][ T7413] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  127.121943][ T7413] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  127.121949][ T7413] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  127.121961][ T7413]  </TASK>
[  127.849208][ T7440] netlink: 40 bytes leftover after parsing attributes in process `syz.2.394'.
[  128.300063][ T7447] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  128.401084][ T7436] Falling back ldisc for ttyprintk.
[  128.438367][ T7423] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  128.442454][ T7423] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  128.446303][ T7423] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  128.454622][ T7423] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  128.520314][ T6010] lo speed is unknown, defaulting to 1000
[  128.522760][ T6010] s: Port: 1 Link DOWN
[  128.595323][ T7451] netlink: 12 bytes leftover after parsing attributes in process `syz.2.396'.
[  128.667387][ T7457] program syz.0.397 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  128.757058][ T7446] infiniband syz1: set active
[  128.759076][ T7446] infiniband syz1: added syz_tun
[  128.791235][ T7446] RDS/IB: syz1: added
[  128.794811][ T7446] smc: adding ib device syz1 with port count 1
[  128.797595][ T7446] smc:    ib device syz1 port 1 has pnetid 
[  129.017110][ T7467] netlink: 4 bytes leftover after parsing attributes in process `syz.3.401'.
[  129.062769][ T7480] netlink: 16 bytes leftover after parsing attributes in process `syz.2.403'.
[  129.069993][ T5964] Bluetooth: hci3: Malformed LE Event: 0x0d
[  129.513945][ T7490] input: syz0 as /devices/virtual/input/input31
[  129.698248][ T7496] netlink: 'syz.2.408': attribute type 10 has an invalid length.
[  129.701079][ T7496] netlink: 40 bytes leftover after parsing attributes in process `syz.2.408'.
[  129.742046][ T7496] team0: Port device geneve0 added
[  129.937350][ T7516] tipc: Can't bind to reserved service type 0
[  129.985031][ T7518] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  129.990269][ T7518] netlink: 'syz.3.414': attribute type 39 has an invalid length.
[  130.450879][ T7532] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  130.589515][ T7537] delete_channel: no stack
[  130.729136][ T7532] /dev/sr0: Can't open blockdev
[  130.994515][ T7541] team0: Port device geneve0 removed
[  131.241420][ T7544] delete_channel: no stack
[  131.284121][ T7530] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  131.289113][ T7530] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  131.292988][ T7530] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  131.305157][ T7530] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  131.313298][ T7530] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  131.315519][ T7530] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  131.322095][ T7530] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  131.328182][ T7530] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  131.330578][ T7530] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  131.335641][ T7530] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  131.421358][ T7536] delete_channel: no stack
[  131.546959][ T7547] netlink: 4 bytes leftover after parsing attributes in process `syz.1.423'.
[  131.755456][ T7543] delete_channel: no stack
[  132.067069][   T57] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  132.160038][ T7564] delete_channel: no stack
[  132.237713][   T57] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  132.245875][   T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  132.249941][   T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  132.254273][   T57] usb 5-1: config 0 interface 0 has no altsetting 0
[  132.270679][   T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  132.274625][   T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  132.284083][   T57] usb 5-1: config 0 interface 0 has no altsetting 0
[  132.291457][   T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  132.295562][   T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  132.307224][   T57] usb 5-1: config 0 interface 0 has no altsetting 0
[  132.314051][   T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  132.323128][   T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  132.333396][   T57] usb 5-1: config 0 interface 0 has no altsetting 0
[  132.339655][   T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  132.348708][   T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  132.372040][   T57] usb 5-1: config 0 interface 0 has no altsetting 0
[  132.385475][   T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  132.390111][   T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  132.394991][   T57] usb 5-1: config 0 interface 0 has no altsetting 0
[  132.399252][   T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  132.403072][   T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  132.407805][   T57] usb 5-1: config 0 interface 0 has no altsetting 0
[  132.412355][   T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  132.416714][   T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  132.421221][   T57] usb 5-1: config 0 interface 0 has no altsetting 0
[  132.425377][   T57] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  132.429739][   T57] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  132.433650][   T57] usb 5-1: Product: syz
[  132.435387][   T57] usb 5-1: Manufacturer: syz
[  132.437786][   T57] usb 5-1: SerialNumber: syz
[  132.441691][   T57] usb 5-1: config 0 descriptor??
[  132.454608][   T57] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  132.595430][ T7563] delete_channel: no stack
[  132.630130][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  132.632449][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  132.649764][ T7568] loop0: detected capacity change from 0 to 16384
[  132.661906][ T7562] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  132.665939][ T7562] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  132.673144][ T5990] usb 5-1: USB disconnect, device number 7
[  132.684242][ T5990] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  132.709827][ T7568] I/O error, dev loop0, sector 584 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  132.815679][ T7573] dvmrp0: entered allmulticast mode
[  132.906686][ T5964] Bluetooth: hci3: unexpected event for opcode 0x0804
[  132.911435][ T7577] netlink: 12 bytes leftover after parsing attributes in process `syz.2.436'.
[  133.236301][ T7585] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  133.255978][ T7587] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  133.263964][ T7587] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  133.273097][ T7587] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  133.306618][ T7589] netlink: 10 bytes leftover after parsing attributes in process `syz.0.442'.
[  133.357115][ T5964] Bluetooth: hci2: command 0x0c1a tx timeout
[  133.357566][ T5958] Bluetooth: hci1: command 0x0c1a tx timeout
[  133.427145][ T7530] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  133.533011][ T7595] input: syz0 as /devices/virtual/input/input32
[  133.554316][ T7600] netlink: 32 bytes leftover after parsing attributes in process `syz.3.446'.
[  133.579485][ T5990] usb 7-1: new full-speed USB device number 9 using dummy_hcd
[  133.657516][ T7608] netlink: 'syz.3.449': attribute type 1 has an invalid length.
[  133.661381][ T7608] netlink: 224 bytes leftover after parsing attributes in process `syz.3.449'.
[  133.740624][ T5990] usb 7-1: config index 0 descriptor too short (expected 156, got 27)
[  133.746109][ T5990] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  133.755934][ T5990] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  133.759804][ T5990] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  133.764657][ T5990] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  133.771595][ T5990] usb 7-1: config 0 interface 0 has no altsetting 0
[  133.779358][ T5990] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  133.783188][ T5990] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  133.786147][ T5990] usb 7-1: Product: syz
[  133.788855][ T5990] usb 7-1: Manufacturer: syz
[  133.791975][ T5990] usb 7-1: SerialNumber: syz
[  133.799102][ T5990] usb 7-1: config 0 descriptor??
[  133.804016][ T7590] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  133.808236][ T5990] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  133.812285][ T5990] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  134.279022][ T7613] netlink: 88 bytes leftover after parsing attributes in process `syz.3.449'.
[  134.376225][   T10] usb 7-1: USB disconnect, device number 9
[  134.387868][   T10] ldusb 7-1:0.0: LD USB Device #0 now disconnected
[  134.497933][ T7618] lo speed is unknown, defaulting to 1000
[  134.519825][ T7622] kernel profiling enabled (shift: 63)
[  134.522527][ T7622] profiling shift: 63 too large
[  134.850023][ T7639] FAULT_INJECTION: forcing a failure.
[  134.850023][ T7639] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.856261][ T7639] CPU: 3 UID: 0 PID: 7639 Comm: syz.3.457 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  134.856289][ T7639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  134.856299][ T7639] Call Trace:
[  134.856307][ T7639]  <TASK>
[  134.856315][ T7639]  dump_stack_lvl+0x16c/0x1f0
[  134.856342][ T7639]  should_fail_ex+0x512/0x640
[  134.856364][ T7639]  _copy_from_user+0x2e/0xd0
[  134.856383][ T7639]  get_compat_msghdr+0xa7/0x170
[  134.856403][ T7639]  ? __pfx_get_compat_msghdr+0x10/0x10
[  134.856424][ T7639]  ? __pfx__kstrtoull+0x10/0x10
[  134.856450][ T7639]  ___sys_sendmsg+0x1ae/0x1d0
[  134.856471][ T7639]  ? __pfx____sys_sendmsg+0x10/0x10
[  134.856501][ T7639]  ? find_held_lock+0x2b/0x80
[  134.856531][ T7639]  ? __pfx___might_resched+0x10/0x10
[  134.856556][ T7639]  __sys_sendmmsg+0x2f9/0x420
[  134.856579][ T7639]  ? __pfx___sys_sendmmsg+0x10/0x10
[  134.856604][ T7639]  ? bpf_trace_run2+0x265/0x590
[  134.856627][ T7639]  ? __might_fault+0x13b/0x190
[  134.856649][ T7639]  ? find_held_lock+0x2b/0x80
[  134.856670][ T7639]  ? syscall_trace_enter+0x1cb/0x260
[  134.856692][ T7639]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  134.856713][ T7639]  __do_fast_syscall_32+0x73/0x120
[  134.856770][ T7639]  do_fast_syscall_32+0x32/0x80
[  134.856791][ T7639]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  134.856809][ T7639] RIP: 0023:0xf7f71579
[  134.856822][ T7639] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  134.856838][ T7639] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  134.856870][ T7639] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000480
[  134.856881][ T7639] RDX: 00000000000002e9 RSI: 00000000000000f4 RDI: 0000000000000000
[  134.856890][ T7639] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  134.856898][ T7639] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  134.856908][ T7639] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  134.856929][ T7639]  </TASK>
[  134.944979][    C3] vkms_vblank_simulate: vblank timer overrun
[  135.066721][ T7643] netlink: 'syz.2.458': attribute type 1 has an invalid length.
[  135.077115][   T57] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  135.088964][ T7643] 8021q: adding VLAN 0 to HW filter on device bond1
[  135.126277][ T7643] 8021q: adding VLAN 0 to HW filter on device bond1
[  135.129262][ T7643] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  135.133837][ T7643] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  135.148662][ T7648] FAULT_INJECTION: forcing a failure.
[  135.148662][ T7648] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.152881][ T7648] CPU: 3 UID: 0 PID: 7648 Comm: syz.3.461 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  135.152896][ T7648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  135.152903][ T7648] Call Trace:
[  135.152908][ T7648]  <TASK>
[  135.152913][ T7648]  dump_stack_lvl+0x16c/0x1f0
[  135.152934][ T7648]  should_fail_ex+0x512/0x640
[  135.152949][ T7648]  _copy_from_user+0x2e/0xd0
[  135.152963][ T7648]  get_compat_msghdr+0xa7/0x170
[  135.152978][ T7648]  ? __pfx_get_compat_msghdr+0x10/0x10
[  135.152992][ T7648]  ? __lock_acquire+0x5ca/0x1ba0
[  135.153012][ T7648]  ___sys_recvmsg+0x191/0x1a0
[  135.153027][ T7648]  ? __pfx____sys_recvmsg+0x10/0x10
[  135.153047][ T7648]  ? get_pid_task+0xe0/0x250
[  135.153061][ T7648]  do_recvmmsg+0x568/0x740
[  135.153077][ T7648]  ? __pfx_do_recvmmsg+0x10/0x10
[  135.153099][ T7648]  ? __fget_files+0x20e/0x3c0
[  135.153116][ T7648]  __sys_recvmmsg+0x21c/0x280
[  135.153130][ T7648]  ? __pfx___sys_recvmmsg+0x10/0x10
[  135.153145][ T7648]  ? __pfx_ksys_write+0x10/0x10
[  135.153162][ T7648]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  135.153177][ T7648]  ? lockdep_hardirqs_on+0x7c/0x110
[  135.153191][ T7648]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  135.153207][ T7648]  __do_fast_syscall_32+0x73/0x120
[  135.153224][ T7648]  do_fast_syscall_32+0x32/0x80
[  135.153239][ T7648]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  135.153252][ T7648] RIP: 0023:0xf7f71579
[  135.153262][ T7648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  135.153272][ T7648] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  135.153283][ T7648] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000008000b080
[  135.153289][ T7648] RDX: 0000000000000006 RSI: 0000000000000030 RDI: 0000000000000000
[  135.153295][ T7648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  135.153300][ T7648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  135.153306][ T7648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  135.153318][ T7648]  </TASK>
[  135.232324][    C3] vkms_vblank_simulate: vblank timer overrun
[  135.260703][   T57] usb 5-1: config 7 has an invalid interface number: 11 but max is 2
[  135.264421][   T57] usb 5-1: config 7 has an invalid descriptor of length 1, skipping remainder of the config
[  135.269178][   T57] usb 5-1: config 7 has 1 interface, different from the descriptor's value: 3
[  135.272886][   T57] usb 5-1: config 7 has no interface number 0
[  135.275547][   T57] usb 5-1: config 7 interface 11 altsetting 127 has 0 endpoint descriptors, different from the interface descriptor's value: 7
[  135.281904][   T57] usb 5-1: config 7 interface 11 has no altsetting 0
[  135.287071][   T57] usb 5-1: New USB device found, idVendor=0403, idProduct=9e90, bcdDevice=72.73
[  135.291382][   T57] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.294899][   T57] usb 5-1: Product: syz
[  135.296755][   T57] usb 5-1: Manufacturer: syz
[  135.298960][   T57] usb 5-1: SerialNumber: syz
[  135.427026][ T5958] Bluetooth: hci2: command 0x0c1a tx timeout
[  135.427096][ T5964] Bluetooth: hci1: command 0x0c1a tx timeout
[  135.730754][ T7656] netlink: 'syz.1.464': attribute type 1 has an invalid length.
[  135.733466][ T7656] netlink: 224 bytes leftover after parsing attributes in process `syz.1.464'.
[  135.877601][   T57] ftdi_sio 5-1:7.11: FTDI USB Serial Device converter detected
[  135.881424][   T57] ftdi_sio ttyUSB0: unknown device type: 0x7273
[  135.890433][   T57] usb 5-1: USB disconnect, device number 8
[  135.900124][   T57] ftdi_sio 5-1:7.11: device disconnected
[  135.974045][ T7647] dccp_close: ABORT with 28 bytes unread
[  136.171413][ T7665] netlink: 88 bytes leftover after parsing attributes in process `syz.1.464'.
[  136.596420][ T7671] erspan1: entered promiscuous mode
[  136.607048][ T7671] erspan1: entered allmulticast mode
[  136.749430][ T7678] FAULT_INJECTION: forcing a failure.
[  136.749430][ T7678] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  136.755176][ T7678] CPU: 3 UID: 0 PID: 7678 Comm: syz.3.468 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  136.755207][ T7678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  136.755218][ T7678] Call Trace:
[  136.755243][ T7678]  <TASK>
[  136.755254][ T7678]  dump_stack_lvl+0x16c/0x1f0
[  136.755293][ T7678]  should_fail_ex+0x512/0x640
[  136.755321][ T7678]  _copy_to_user+0x32/0xd0
[  136.755350][ T7678]  copy_to_sockptr_offset.constprop.0+0x12f/0x150
[  136.755376][ T7678]  ? __pfx_copy_to_sockptr_offset.constprop.0+0x10/0x10
[  136.755403][ T7678]  ? bpf_vlog_finalize+0x1ba/0x360
[  136.755428][ T7678]  bpf_check+0x22d8/0xb460
[  136.755478][ T7678]  ? __pfx_bpf_check+0x10/0x10
[  136.755507][ T7678]  ? pcpu_alloc_noprof+0x949/0x1470
[  136.755567][ T7678]  ? __lock_acquire+0xaa4/0x1ba0
[  136.755616][ T7678]  ? find_held_lock+0x2b/0x80
[  136.755650][ T7678]  ? __asan_memset+0x23/0x50
[  136.755675][ T7678]  ? bpf_obj_name_cpy+0x14a/0x1a0
[  136.755703][ T7678]  bpf_prog_load+0xe41/0x2490
[  136.755734][ T7678]  ? __pfx_bpf_prog_load+0x10/0x10
[  136.755780][ T7678]  ? bpf_lsm_bpf+0x9/0x10
[  136.755812][ T7678]  __sys_bpf+0x433c/0x4d80
[  136.755839][ T7678]  ? __pfx___sys_bpf+0x10/0x10
[  136.755864][ T7678]  ? ksys_write+0x190/0x240
[  136.755894][ T7678]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  136.755939][ T7678]  ? fput+0x70/0xf0
[  136.755960][ T7678]  ? ksys_write+0x1b9/0x240
[  136.755988][ T7678]  ? __pfx_ksys_write+0x10/0x10
[  136.756018][ T7678]  __ia32_sys_bpf+0x76/0xe0
[  136.756044][ T7678]  __do_fast_syscall_32+0x73/0x120
[  136.756078][ T7678]  do_fast_syscall_32+0x32/0x80
[  136.756117][ T7678]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  136.756142][ T7678] RIP: 0023:0xf7f71579
[  136.756161][ T7678] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  136.756181][ T7678] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  136.756204][ T7678] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000040
[  136.756220][ T7678] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  136.756233][ T7678] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  136.756246][ T7678] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  136.756259][ T7678] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  136.756282][ T7678]  </TASK>
[  136.862854][    C3] vkms_vblank_simulate: vblank timer overrun
[  137.309342][ T7692] fuse: Bad value for 'group_id'
[  137.312258][ T7692] fuse: Bad value for 'group_id'
[  137.321025][ T7692] netlink: 24 bytes leftover after parsing attributes in process `syz.3.470'.
[  137.324540][ T7692] netlink: 40 bytes leftover after parsing attributes in process `syz.3.470'.
[  137.329108][ T7692] netlink: 12 bytes leftover after parsing attributes in process `syz.3.470'.
[  137.508151][ T5964] Bluetooth: hci1: command 0x0c1a tx timeout
[  137.517348][ T5964] Bluetooth: hci2: command 0x0c1a tx timeout
[  137.927328][ T7715] netlink: 88 bytes leftover after parsing attributes in process `syz.2.478'.
[  137.995436][ T7720] netlink: 44 bytes leftover after parsing attributes in process `syz.3.482'.
[  138.038262][ T7724] openvswitch: netlink: Actions may not be safe on all matching packets
[  138.270489][ T7731] netlink: 32 bytes leftover after parsing attributes in process `syz.1.486'.
[  138.320505][ T7733] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  138.373300][ T7735] netlink: 12 bytes leftover after parsing attributes in process `syz.1.488'.
[  138.961271][ T7756] cgroup2: Unknown parameter 'blkio'
[  139.046934][ T7760] netlink: 8 bytes leftover after parsing attributes in process `syz.2.496'.
[  139.052214][ T7760] netlink: 8 bytes leftover after parsing attributes in process `syz.2.496'.
[  139.056139][ T7760] netlink: 8 bytes leftover after parsing attributes in process `syz.2.496'.
[  139.060626][ T7760] netlink: 8 bytes leftover after parsing attributes in process `syz.2.496'.
[  139.064641][ T7760] netlink: 8 bytes leftover after parsing attributes in process `syz.2.496'.
[  139.074636][ T7760] netlink: 8 bytes leftover after parsing attributes in process `syz.2.496'.
[  141.445762][ T7798] input: syz0 as /devices/virtual/input/input34
[  141.603255][ T7801] FAULT_INJECTION: forcing a failure.
[  141.603255][ T7801] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  141.611137][ T7801] CPU: 0 UID: 0 PID: 7801 Comm: syz.3.506 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  141.611174][ T7801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  141.611184][ T7801] Call Trace:
[  141.611190][ T7801]  <TASK>
[  141.611197][ T7801]  dump_stack_lvl+0x16c/0x1f0
[  141.611225][ T7801]  should_fail_ex+0x512/0x640
[  141.611247][ T7801]  should_fail_alloc_page+0xe7/0x130
[  141.611265][ T7801]  prepare_alloc_pages+0x3c2/0x610
[  141.611289][ T7801]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  141.611326][ T7801]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  141.611363][ T7801]  ? __lock_acquire+0xaa4/0x1ba0
[  141.611393][ T7801]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  141.611410][ T7801]  ? policy_nodemask+0xea/0x4e0
[  141.611435][ T7801]  alloc_pages_mpol+0x1fb/0x550
[  141.611453][ T7801]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  141.611472][ T7801]  ? __lock_acquire+0x5ca/0x1ba0
[  141.611499][ T7801]  folio_alloc_mpol_noprof+0x36/0x2f0
[  141.611519][ T7801]  vma_alloc_folio_noprof+0xed/0x1e0
[  141.611538][ T7801]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  141.611565][ T7801]  do_pte_missing+0x223d/0x3fb0
[  141.611597][ T7801]  __handle_mm_fault+0x103d/0x2a40
[  141.611627][ T7801]  ? __pfx___handle_mm_fault+0x10/0x10
[  141.611666][ T7801]  ? find_vma+0xbf/0x140
[  141.611683][ T7801]  ? __pfx_find_vma+0x10/0x10
[  141.611703][ T7801]  handle_mm_fault+0x3fe/0xad0
[  141.611729][ T7801]  do_user_addr_fault+0x7a6/0x1370
[  141.611754][ T7801]  ? rcu_is_watching+0x12/0xc0
[  141.611777][ T7801]  exc_page_fault+0x5c/0xc0
[  141.611802][ T7801]  asm_exc_page_fault+0x26/0x30
[  141.611819][ T7801] RIP: 0010:_copy_to_iter+0x507/0x15a0
[  141.611840][ T7801] Code: 1f 58 ef fc 48 8b 4c 24 18 48 8b 44 24 28 89 ee 4c 8d 3c 01 4c 89 ff e8 27 dc 53 fd 0f 01 cb 48 89 e9 48 8b 7c 24 20 4c 89 fe <f3> a4 0f 1f 00 0f 01 ca 48 89 e8 48 29 eb 48 29 c8 48 01 44 24 28
[  141.611855][ T7801] RSP: 0018:ffffc900065ff488 EFLAGS: 00050246
[  141.611872][ T7801] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000b80
[  141.611882][ T7801] RDX: 0000000000000000 RSI: ffff888013aa6480 RDI: 0000000080002000
[  141.611892][ T7801] RBP: 0000000000001000 R08: 0000000000000000 R09: ffffed1002754dff
[  141.611902][ T7801] R10: ffff888013aa6fff R11: 0000000000000000 R12: ffffc900065ffb90
[  141.611913][ T7801] R13: 0000000000001000 R14: ffffc900065ffb98 R15: ffff888013aa6000
[  141.611938][ T7801]  ? _copy_to_iter+0x4f9/0x15a0
[  141.611964][ T7801]  ? __pfx__copy_to_iter+0x10/0x10
[  141.611995][ T7801]  ? __pfx___might_resched+0x10/0x10
[  141.612020][ T7801]  ? rcu_is_watching+0x12/0xc0
[  141.612042][ T7801]  ? __lock_acquire+0xaa4/0x1ba0
[  141.612070][ T7801]  simple_copy_to_iter+0x46/0x90
[  141.612087][ T7801]  __skb_datagram_iter+0x5a9/0x8c0
[  141.612101][ T7801]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  141.612123][ T7801]  skb_copy_datagram_iter+0x40/0x50
[  141.612142][ T7801]  unix_stream_read_actor+0x7b/0xc0
[  141.612169][ T7801]  unix_stream_read_generic+0xe15/0x28b0
[  141.612202][ T7801]  ? __pfx_unix_stream_read_generic+0x10/0x10
[  141.612220][ T7801]  ? __pfx___schedule+0x10/0x10
[  141.612247][ T7801]  ? __pfx_autoremove_wake_function+0x10/0x10
[  141.612276][ T7801]  ? rcu_is_watching+0x12/0xc0
[  141.612293][ T7801]  ? irqentry_exit+0x3b/0x90
[  141.612316][ T7801]  unix_stream_recvmsg+0x190/0x1c0
[  141.612332][ T7801]  ? __pfx_unix_stream_recvmsg+0x10/0x10
[  141.612349][ T7801]  ? __pfx_unix_stream_read_actor+0x10/0x10
[  141.612373][ T7801]  ? __sanitizer_cov_trace_pc+0x66/0x70
[  141.612395][ T7801]  sock_recvmsg+0x1f6/0x250
[  141.612424][ T7801]  ____sys_recvmsg+0x218/0x6b0
[  141.612454][ T7801]  ? __pfx_____sys_recvmsg+0x10/0x10
[  141.612476][ T7801]  ? import_iovec+0x109/0x140
[  141.612507][ T7801]  ? __lock_acquire+0x5ca/0x1ba0
[  141.612537][ T7801]  ___sys_recvmsg+0x114/0x1a0
[  141.612559][ T7801]  ? __pfx____sys_recvmsg+0x10/0x10
[  141.612603][ T7801]  do_recvmmsg+0x568/0x740
[  141.612629][ T7801]  ? __pfx_do_recvmmsg+0x10/0x10
[  141.612711][ T7801]  ? __fget_files+0x20e/0x3c0
[  141.612741][ T7801]  __sys_recvmmsg+0x21c/0x280
[  141.612763][ T7801]  ? __pfx___sys_recvmmsg+0x10/0x10
[  141.612786][ T7801]  ? __pfx_ksys_write+0x10/0x10
[  141.612813][ T7801]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  141.612837][ T7801]  ? lockdep_hardirqs_on+0x7c/0x110
[  141.612859][ T7801]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  141.612883][ T7801]  __do_fast_syscall_32+0x73/0x120
[  141.612911][ T7801]  do_fast_syscall_32+0x32/0x80
[  141.612934][ T7801]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  141.612954][ T7801] RIP: 0023:0xf7f71579
[  141.612971][ T7801] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  141.612993][ T7801] RSP: 002b:00000000f507555c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  141.613010][ T7801] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000800034c0
[  141.613020][ T7801] RDX: 000000000000013c RSI: 0000000000000700 RDI: 0000000000000000
[  141.613030][ T7801] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  141.613040][ T7801] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  141.613050][ T7801] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  141.613074][ T7801]  </TASK>
[  142.791389][ T7817] xt_CT: You must specify a L4 protocol and not use inversions on it
[  143.980789][ T7834] input: syz0 as /devices/virtual/input/input35
[  144.107080][ T7839] delete_channel: no stack
[  144.582491][ T7838] delete_channel: no stack
[  144.617721][ T7850] veth1_macvtap: left promiscuous mode
[  144.619787][ T7850] macsec0: entered promiscuous mode
[  145.197129][ T5990] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  145.347169][ T5990] usb 7-1: Using ep0 maxpacket: 8
[  145.350871][ T5990] usb 7-1: unable to get BOS descriptor or descriptor too short
[  145.354335][ T5990] usb 7-1: config 192 has an invalid interface number: 17 but max is 0
[  145.357542][ T5990] usb 7-1: config 192 has no interface number 0
[  145.359767][ T5990] usb 7-1: config 192 interface 17 has no altsetting 0
[  145.364042][ T5990] usb 7-1: New USB device found, idVendor=0bfd, idProduct=000f, bcdDevice=89.07
[  145.367716][ T5990] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.370254][ T5990] usb 7-1: Product: syz
[  145.371710][ T5990] usb 7-1: Manufacturer: syz
[  145.373450][ T5990] usb 7-1: SerialNumber: syz
[  145.584291][ T5990] kvaser_usb 7-1:192.17: error -ENODEV: Cannot get usb endpoint(s)
[  145.589706][ T5990] usb 7-1: USB disconnect, device number 10
[  146.227056][ T7887] input: syz0 as /devices/virtual/input/input36
[  146.940876][ T7903] delete_channel: no stack
[  147.161101][ T7902] delete_channel: no stack
[  147.268542][ T7910] __nla_validate_parse: 9 callbacks suppressed
[  147.268572][ T7910] netlink: 16 bytes leftover after parsing attributes in process `syz.3.535'.
[  147.349186][ T5990] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  154.573581][ T7942] netlink: 16 bytes leftover after parsing attributes in process `syz.1.538'.
[  154.598718][ T7943] netlink: 4 bytes leftover after parsing attributes in process `syz.0.537'.
[  154.657046][   T57] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  154.806979][   T57] usb 8-1: Using ep0 maxpacket: 8
[  154.810766][   T57] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  154.813855][   T57] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  154.817004][   T57] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  154.820270][   T57] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  154.823359][   T57] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  154.827556][   T57] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  154.830482][   T57] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.917080][ T6010] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  155.047015][   T57] usb 8-1: usb_control_msg returned -32
[  155.050619][   T57] usbtmc 8-1:16.0: can't read capabilities
[  155.080522][ T6010] usb 7-1: config 3 has an invalid interface number: 166 but max is 1
[  155.083210][ T6010] usb 7-1: config 3 has an invalid interface number: 60 but max is 1
[  155.085759][ T6010] usb 7-1: config 3 has an invalid interface number: 63 but max is 1
[  155.089270][ T6010] usb 7-1: config 3 has 4 interfaces, different from the descriptor's value: 2
[  155.092084][ T6010] usb 7-1: config 3 has no interface number 0
[  155.094038][ T6010] usb 7-1: config 3 has no interface number 2
[  155.095912][ T6010] usb 7-1: config 3 has no interface number 3
[  155.098793][ T6010] usb 7-1: config 3 interface 166 altsetting 152 endpoint 0xF has invalid maxpacket 1023, setting to 64
[  155.102118][ T6010] usb 7-1: config 3 interface 166 altsetting 152 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  155.106285][ T6010] usb 7-1: too many endpoints for config 3 interface 60 altsetting 85: 181, using maximum allowed: 30
[  155.110964][ T6010] usb 7-1: config 3 interface 60 altsetting 85 endpoint 0xC has an invalid bInterval 0, changing to 7
[  155.114527][ T6010] usb 7-1: config 3 interface 60 altsetting 85 has 4 endpoint descriptors, different from the interface descriptor's value: 181
[  155.119763][ T6010] usb 7-1: too many endpoints for config 3 interface 63 altsetting 169: 141, using maximum allowed: 30
[  155.123093][ T6010] usb 7-1: config 3 interface 63 altsetting 169 has a duplicate endpoint with address 0x5, skipping
[  155.126494][ T6010] usb 7-1: config 3 interface 63 altsetting 169 has a duplicate endpoint with address 0x7, skipping
[  155.130325][ T6010] usb 7-1: config 3 interface 63 altsetting 169 has a duplicate endpoint with address 0xF, skipping
[  155.133673][ T6010] usb 7-1: config 3 interface 63 altsetting 169 has a duplicate endpoint with address 0xF, skipping
[  155.137093][ T6010] usb 7-1: config 3 interface 63 altsetting 169 has 6 endpoint descriptors, different from the interface descriptor's value: 141
[  155.141229][ T6010] usb 7-1: config 3 interface 1 altsetting 9 has a duplicate endpoint with address 0x5, skipping
[  155.144686][ T6010] usb 7-1: config 3 interface 1 altsetting 9 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  155.148202][ T6010] usb 7-1: config 3 interface 166 has no altsetting 0
[  155.150354][ T6010] usb 7-1: config 3 interface 60 has no altsetting 0
[  155.152412][ T6010] usb 7-1: config 3 interface 63 has no altsetting 0
[  155.154479][ T6010] usb 7-1: config 3 interface 1 has no altsetting 0
[  155.158320][ T6010] usb 7-1: New USB device found, idVendor=1e2d, idProduct=00f3, bcdDevice=70.1e
[  155.161083][ T6010] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.163691][ T6010] usb 7-1: Product: syz
[  155.165212][ T6010] usb 7-1: Manufacturer: syz
[  155.166761][ T6010] usb 7-1: SerialNumber: syz
[  155.381243][ T7937] tmpfs: Bad value for 'mpol'
[  155.584599][ T7947] netlink: 4 bytes leftover after parsing attributes in process `syz.1.541'.
[  155.626090][ T7950] delete_channel: no stack
[  156.179873][ T7949] delete_channel: no stack
[  156.338387][ T7960] input: syz0 as /devices/virtual/input/input37
[  157.034531][ T7966] netlink: 28 bytes leftover after parsing attributes in process `syz.1.546'.
[  157.037832][ T7966] netlink: 'syz.1.546': attribute type 7 has an invalid length.
[  157.040234][ T7966] netlink: 'syz.1.546': attribute type 8 has an invalid length.
[  157.042709][ T7966] netlink: 4 bytes leftover after parsing attributes in process `syz.1.546'.
[  157.049469][ T7966] bond0: entered promiscuous mode
[  157.051153][ T7966] bond_slave_0: entered promiscuous mode
[  157.053048][ T7966] bond_slave_1: entered promiscuous mode
[  157.056143][ T7966] ip6gretap0: entered promiscuous mode
[  157.060595][ T7966] gretap0: entered promiscuous mode
[  157.069172][   T40] audit: type=1326 audit(2000000032.659:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7965 comm="syz.1.546" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07579 code=0x7ffc0000
[  157.075820][   T40] audit: type=1326 audit(2000000032.659:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7965 comm="syz.1.546" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07579 code=0x7ffc0000
[  157.083431][   T40] audit: type=1326 audit(2000000032.659:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7965 comm="syz.1.546" exe="/syz-executor" sig=0 arch=40000003 syscall=170 compat=1 ip=0xf7f07579 code=0x7ffc0000
[  157.090324][   T40] audit: type=1326 audit(2000000032.659:14): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7965 comm="syz.1.546" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07579 code=0x7ffc0000
[  157.097068][   T40] audit: type=1326 audit(2000000032.659:15): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=7965 comm="syz.1.546" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07579 code=0x7ffc0000
[  157.295953][ T7970] macsec0: entered promiscuous mode
[  157.298001][ T7970] macsec0: entered allmulticast mode
[  157.299649][ T7970] veth1_macvtap: entered allmulticast mode
[  157.417131][   T58] usb 8-1: USB disconnect, device number 12
[  157.537942][ T6010] option 7-1:3.166: GSM modem (1-port) converter detected
[  157.558286][ T6010] usb 7-1: USB disconnect, device number 11
[  157.563288][ T6010] option 7-1:3.166: device disconnected
[  158.309475][ T7984] netlink: 88 bytes leftover after parsing attributes in process `syz.2.550'.
[  158.584309][ T8003] netlink: 4 bytes leftover after parsing attributes in process `syz.1.554'.
[  158.653146][ T8004] input: syz0 as /devices/virtual/input/input38
[  159.078054][   T40] audit: type=1326 audit(2000000034.669:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8010 comm="syz.0.559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  159.085057][   T40] audit: type=1326 audit(2000000034.669:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8010 comm="syz.0.559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  159.093330][   T40] audit: type=1326 audit(2000000034.669:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8010 comm="syz.0.559" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  159.101203][   T40] audit: type=1326 audit(2000000034.669:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8010 comm="syz.0.559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  159.117100][   T40] audit: type=1326 audit(2000000034.669:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8010 comm="syz.0.559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  159.401544][ T8007] netlink: 88 bytes leftover after parsing attributes in process `syz.2.557'.
[  159.450695][ T8027] loop6: detected capacity change from 0 to 524287999
[  159.455835][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  159.459136][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  159.462314][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  159.464067][ T8024] netlink: 88 bytes leftover after parsing attributes in process `syz.0.561'.
[  159.465514][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  159.465729][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  159.474688][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  159.478327][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  159.481695][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  159.484334][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  159.487149][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  159.490106][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  159.492827][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  159.496786][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  159.499998][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  159.503671][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  159.506511][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  159.509099][ T8027] ldm_validate_partition_table(): Disk read failed.
[  159.511970][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  159.515022][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  159.520301][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  159.523174][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  159.686183][ T8027] Dev loop6: unable to read RDB block 0
[  159.688942][ T8027]  loop6: unable to read partition table
[  159.693783][ T8027] loop_reread_partitions: partition scan of loop6 (ÿŸ¾‚³˜±Ä6�tPΪŔ±³×AÝÁ¬8ï*V^ñè3c) failed (rc=-5)
[  159.709161][ T8031] can: request_module (can-proto-3) failed.
[  159.978113][ T1116] sr 2:0:0:0: [sr0] tag#12 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  159.981526][ T1116] sr 2:0:0:0: [sr0] tag#12 Sense Key : Illegal Request [current] 
[  159.984365][ T1116] sr 2:0:0:0: [sr0] tag#12 Add. Sense: Invalid command operation code
[  159.987695][ T1116] sr 2:0:0:0: [sr0] tag#12 CDB: Write(10) 2a 00 00 00 00 00 00 00 02 00
[  160.002759][ T8036] netlink: 'syz.2.564': attribute type 4 has an invalid length.
[  160.547750][ T8056] input: syz0 as /devices/virtual/input/input39
[  161.236198][ T8060] can0: slcan on ttyS3.
[  161.295235][ T8066] netlink: 48 bytes leftover after parsing attributes in process `syz.2.572'.
[  161.390021][ T8060] can0 (unregistered): slcan off ttyS3.
[  161.577288][ T8082] FAULT_INJECTION: forcing a failure.
[  161.577288][ T8082] name failslab, interval 1, probability 0, space 0, times 0
[  161.583345][ T8082] CPU: 3 UID: 0 PID: 8082 Comm: syz.3.576 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  161.583368][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.583379][ T8082] Call Trace:
[  161.583385][ T8082]  <TASK>
[  161.583391][ T8082]  dump_stack_lvl+0x16c/0x1f0
[  161.583421][ T8082]  should_fail_ex+0x512/0x640
[  161.583440][ T8082]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  161.583469][ T8082]  should_failslab+0xc2/0x120
[  161.583485][ T8082]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  161.583509][ T8082]  ? __kernfs_new_node+0xd2/0x8a0
[  161.583539][ T8082]  __kernfs_new_node+0xd2/0x8a0
[  161.583565][ T8082]  ? __pfx_idr_alloc_u32+0x10/0x10
[  161.583587][ T8082]  ? __pfx___kernfs_new_node+0x10/0x10
[  161.583619][ T8082]  ? find_held_lock+0x2b/0x80
[  161.583642][ T8082]  ? kernfs_root+0xee/0x2a0
[  161.583672][ T8082]  kernfs_new_node+0x13c/0x1e0
[  161.583695][ T8082]  __kernfs_create_file+0x53/0x350
[  161.583720][ T8082]  sysfs_add_file_mode_ns+0x207/0x3c0
[  161.583751][ T8082]  internal_create_group+0x578/0xf30
[  161.583783][ T8082]  ? __pfx_internal_create_group+0x10/0x10
[  161.583813][ T8082]  ? kernfs_create_link+0x1bd/0x240
[  161.583838][ T8082]  internal_create_groups+0x9d/0x150
[  161.583866][ T8082]  device_add+0x6d1/0x1a70
[  161.583887][ T8082]  ? __pfx_device_add+0x10/0x10
[  161.583904][ T8082]  ? lockdep_init_map_type+0x5c/0x280
[  161.583922][ T8082]  ? __init_waitqueue_head+0xca/0x150
[  161.583948][ T8082]  netdev_register_kobject+0x182/0x3a0
[  161.583977][ T8082]  register_netdevice+0x13dc/0x2270
[  161.584006][ T8082]  ? __pfx_register_netdevice+0x10/0x10
[  161.584030][ T8082]  ? dev_addr_mod+0x316/0x540
[  161.584052][ T8082]  ipip6_tunnel_create+0x11d/0x1d0
[  161.584077][ T8082]  ipip6_tunnel_locate+0x5ea/0x8b0
[  161.584098][ T8082]  ? __pfx_ipip6_tunnel_locate+0x10/0x10
[  161.584112][ T8082]  ? bpf_lsm_capable+0x9/0x10
[  161.584136][ T8082]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  161.584158][ T8082]  ? __pfx_ipip6_tunnel_ctl+0x10/0x10
[  161.584172][ T8082]  ipip6_tunnel_ctl+0x44b/0x780
[  161.584190][ T8082]  addrconf_set_dstaddr+0x258/0x2f0
[  161.584212][ T8082]  ? __pfx_addrconf_set_dstaddr+0x10/0x10
[  161.584253][ T8082]  inet6_ioctl+0x1fd/0x2b0
[  161.584273][ T8082]  ? __pfx_inet6_ioctl+0x10/0x10
[  161.584293][ T8082]  ? tomoyo_path_number_perm+0x295/0x580
[  161.584318][ T8082]  ? tomoyo_path_number_perm+0x18d/0x580
[  161.584342][ T8082]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  161.584364][ T8082]  sock_do_ioctl+0x115/0x280
[  161.584389][ T8082]  ? do_vfs_ioctl+0x512/0x1990
[  161.584409][ T8082]  ? __pfx_sock_do_ioctl+0x10/0x10
[  161.584430][ T8082]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  161.584461][ T8082]  compat_sock_ioctl+0x301/0x7c0
[  161.584502][ T8082]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  161.584514][ T8082]  ? hook_file_ioctl_common+0x145/0x410
[  161.584529][ T8082]  ? __fget_files+0x20e/0x3c0
[  161.584548][ T8082]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  161.584559][ T8082]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  161.584573][ T8082]  __do_fast_syscall_32+0x73/0x120
[  161.584591][ T8082]  do_fast_syscall_32+0x32/0x80
[  161.584607][ T8082]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  161.584620][ T8082] RIP: 0023:0xf7f71579
[  161.584630][ T8082] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  161.584641][ T8082] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  161.584652][ T8082] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000008918
[  161.584658][ T8082] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  161.584664][ T8082] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  161.584670][ T8082] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  161.584675][ T8082] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  161.584688][ T8082]  </TASK>
[  161.593914][ T8079] netlink: 88 bytes leftover after parsing attributes in process `syz.0.574'.
[  161.739853][ T8090] vxcan1: tx drop: invalid da for name 0x0000000000002001
[  161.865205][ T8107] netlink: 8 bytes leftover after parsing attributes in process `syz.3.584'.
[  161.996118][ T8113] input: syz0 as /devices/virtual/input/input40
[  162.884316][ T8132] random: crng reseeded on system resumption
[  162.951033][ T8134] netlink: 12 bytes leftover after parsing attributes in process `syz.3.591'.
[  162.953722][ T8134] netlink: 'syz.3.591': attribute type 19 has an invalid length.
[  163.119404][ T8136] Can't find a SQUASHFS superblock on nullb0
[  163.797867][ T8145] netlink: 88 bytes leftover after parsing attributes in process `syz.2.594'.
[  163.898403][ T8155] netlink: 16 bytes leftover after parsing attributes in process `syz.0.597'.
[  163.902088][ T8155] netlink: 16 bytes leftover after parsing attributes in process `syz.0.597'.
[  163.908586][ T8155] netlink: 12 bytes leftover after parsing attributes in process `syz.0.597'.
[  164.054299][   T40] kauditd_printk_skb: 19 callbacks suppressed
[  164.054311][   T40] audit: type=1326 audit(2000000039.639:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8140 comm="syz.3.593" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7fc00000
[  164.077949][   T40] audit: type=1326 audit(2000000039.639:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8140 comm="syz.3.593" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f71579 code=0x7fc00000
[  164.329897][ T8165] input: syz0 as /devices/virtual/input/input41
[  164.699265][ T8156] netlink: 88 bytes leftover after parsing attributes in process `syz.1.595'.
[  164.749671][ T8169] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  164.755309][ T8169] cramfs: wrong magic
[  164.994071][ T8174] netlink: 8 bytes leftover after parsing attributes in process `syz.3.603'.
[  165.003014][ T8176] fuse: Unknown parameter '00000000000000000000'
[  165.057881][ T8180] FAULT_INJECTION: forcing a failure.
[  165.057881][ T8180] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.062263][ T8180] CPU: 3 UID: 0 PID: 8180 Comm: syz.3.606 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  165.062278][ T8180] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  165.062285][ T8180] Call Trace:
[  165.062289][ T8180]  <TASK>
[  165.062293][ T8180]  dump_stack_lvl+0x16c/0x1f0
[  165.062313][ T8180]  should_fail_ex+0x512/0x640
[  165.062328][ T8180]  _copy_from_user+0x2e/0xd0
[  165.062342][ T8180]  cmsghdr_from_user_compat_to_kern+0x355/0x7d0
[  165.062361][ T8180]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[  165.062376][ T8180]  ? __might_fault+0xe3/0x190
[  165.062392][ T8180]  ? __might_fault+0x13b/0x190
[  165.062409][ T8180]  ____sys_sendmsg+0x488/0xc70
[  165.062420][ T8180]  ? __pfx_____sys_sendmsg+0x10/0x10
[  165.062429][ T8180]  ? get_compat_msghdr+0x11a/0x170
[  165.062444][ T8180]  ? __pfx__kstrtoull+0x10/0x10
[  165.062463][ T8180]  ___sys_sendmsg+0x134/0x1d0
[  165.062477][ T8180]  ? __pfx____sys_sendmsg+0x10/0x10
[  165.062497][ T8180]  ? find_held_lock+0x2b/0x80
[  165.062519][ T8180]  __sys_sendmmsg+0x2f9/0x420
[  165.062534][ T8180]  ? __pfx___sys_sendmmsg+0x10/0x10
[  165.062552][ T8180]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  165.062574][ T8180]  ? fput+0x70/0xf0
[  165.062584][ T8180]  ? ksys_write+0x1b9/0x240
[  165.062599][ T8180]  ? __pfx_ksys_write+0x10/0x10
[  165.062615][ T8180]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  165.062629][ T8180]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  165.062645][ T8180]  __do_fast_syscall_32+0x73/0x120
[  165.062662][ T8180]  do_fast_syscall_32+0x32/0x80
[  165.062678][ T8180]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  165.062691][ T8180] RIP: 0023:0xf7f71579
[  165.062700][ T8180] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  165.062711][ T8180] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  165.062721][ T8180] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080002b80
[  165.062727][ T8180] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  165.062733][ T8180] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  165.062738][ T8180] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  165.062744][ T8180] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  165.062756][ T8180]  </TASK>
[  165.737989][ T8197] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  165.854983][ T8195] batadv_slave_1: entered promiscuous mode
[  166.164799][ T8211] autofs: Unknown parameter '0xffffffffffffffff'
[  166.938350][ T8225] input: syz0 as /devices/virtual/input/input43
[  166.944146][ T8226] __nla_validate_parse: 4 callbacks suppressed
[  166.944163][ T8226] netlink: 16 bytes leftover after parsing attributes in process `syz.1.618'.
[  167.238931][ T8234] netlink: 4 bytes leftover after parsing attributes in process `syz.2.620'.
[  167.776984][ T8241] loop6: detected capacity change from 0 to 524287999
[  167.779704][    C3] blk_print_req_error: 8 callbacks suppressed
[  167.779714][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  167.785027][    C3] buffer_io_error: 8 callbacks suppressed
[  167.785036][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  167.790093][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  167.793778][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  167.796674][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  167.799745][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  167.802634][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  167.805748][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  167.808816][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  167.811719][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  167.817401][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  167.820967][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  167.825037][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  167.828834][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  167.832486][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  167.832697][ T8243] FAULT_INJECTION: forcing a failure.
[  167.832697][ T8243] name failslab, interval 1, probability 0, space 0, times 0
[  167.835474][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  167.842951][ T8241] ldm_validate_partition_table(): Disk read failed.
[  167.845436][ T8243] CPU: 3 UID: 0 PID: 8243 Comm: syz.1.623 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  167.845436][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  167.845453][ T8243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.845461][ T8243] Call Trace:
[  167.845465][ T8243]  <TASK>
[  167.845470][ T8243]  dump_stack_lvl+0x16c/0x1f0
[  167.845492][ T8243]  should_fail_ex+0x512/0x640
[  167.845506][ T8243]  ? fs_reclaim_acquire+0xae/0x150
[  167.845521][ T8243]  ? tomoyo_encode2+0x100/0x3e0
[  167.845536][ T8243]  should_failslab+0xc2/0x120
[  167.845548][ T8243]  __kmalloc_noprof+0xd2/0x510
[  167.845565][ T8243]  ? d_absolute_path+0x136/0x1a0
[  167.845580][ T8243]  tomoyo_encode2+0x100/0x3e0
[  167.845597][ T8243]  tomoyo_encode+0x29/0x50
[  167.845611][ T8243]  tomoyo_realpath_from_path+0x18f/0x6e0
[  167.845631][ T8243]  tomoyo_path_number_perm+0x245/0x580
[  167.845643][ T8243]  ? tomoyo_path_number_perm+0x237/0x580
[  167.845658][ T8243]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  167.845672][ T8243]  ? find_held_lock+0x2b/0x80
[  167.845699][ T8243]  ? find_held_lock+0x2b/0x80
[  167.845712][ T8243]  ? hook_file_ioctl_common+0x145/0x410
[  167.845728][ T8243]  ? __fget_files+0x20e/0x3c0
[  167.845747][ T8243]  security_file_ioctl_compat+0x9b/0x240
[  167.845763][ T8243]  __do_compat_sys_ioctl+0x4e/0x2c0
[  167.845779][ T8243]  __do_fast_syscall_32+0x73/0x120
[  167.845798][ T8243]  do_fast_syscall_32+0x32/0x80
[  167.845815][ T8243]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  167.845829][ T8243] RIP: 0023:0xf7f07579
[  167.845843][ T8243] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  167.845854][ T8243] RSP: 002b:00000000f500555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  167.845866][ T8243] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000004c03
[  167.845873][ T8243] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  167.845879][ T8243] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  167.845886][ T8243] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  167.845892][ T8243] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  167.845906][ T8243]  </TASK>
[  167.845917][ T8243] ERROR: Out of memory at tomoyo_realpath_from_path.
[  167.850668][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  167.857178][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  167.943222][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  167.948183][ T8241] Dev loop6: unable to read RDB block 0
[  167.952258][ T8241]  loop6: unable to read partition table
[  167.954885][ T8241] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  168.034790][ T8247] netlink: 40 bytes leftover after parsing attributes in process `syz.3.624'.
[  168.037977][ T8248] loop6: detected capacity change from 0 to 524287999
[  168.042464][ T8248] ldm_validate_partition_table(): Disk read failed.
[  168.045823][ T8248] Dev loop6: unable to read RDB block 0
[  168.052923][ T8248]  loop6: unable to read partition table
[  168.054881][ T8248] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  168.097821][ T8244] netlink: 88 bytes leftover after parsing attributes in process `syz.0.622'.
[  168.211701][   T40] audit: type=1326 audit(2000000043.799:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8255 comm="syz.1.628" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f07598 code=0x7ffc0000
[  168.227727][   T40] audit: type=1326 audit(2000000043.799:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8255 comm="syz.1.628" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f07598 code=0x7ffc0000
[  168.234889][   T40] audit: type=1326 audit(2000000043.799:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8255 comm="syz.1.628" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07579 code=0x7ffc0000
[  168.247859][   T40] audit: type=1326 audit(2000000043.799:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8255 comm="syz.1.628" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07579 code=0x7ffc0000
[  168.256529][   T40] audit: type=1326 audit(2000000043.809:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8255 comm="syz.1.628" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f07598 code=0x7ffc0000
[  168.263664][   T40] audit: type=1326 audit(2000000043.809:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8255 comm="syz.1.628" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07579 code=0x7ffc0000
[  168.271297][   T40] audit: type=1326 audit(2000000043.809:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8255 comm="syz.1.628" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f07598 code=0x7ffc0000
[  168.278638][   T40] audit: type=1326 audit(2000000043.809:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8255 comm="syz.1.628" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f07598 code=0x7ffc0000
[  168.424238][ T8260] usb 2-1: USB disconnect, device number 2
[  168.608543][ T8257] netlink: 88 bytes leftover after parsing attributes in process `syz.2.627'.
[  168.847346][ T8268] input: syz0 as /devices/virtual/input/input44
[  169.002693][ T8270] netlink: 28 bytes leftover after parsing attributes in process `syz.3.631'.
[  169.130271][ T8275] tmpfs: Bad value for 'mpol'
[  169.703292][ T8280] netlink: 24 bytes leftover after parsing attributes in process `syz.0.634'.
[  170.054640][ T8282] "syz.0.634" (8282) uses obsolete ecb(arc4) skcipher
[  170.153623][ T8294] netlink: 'syz.3.635': attribute type 10 has an invalid length.
[  170.846433][ T8301] netlink: 88 bytes leftover after parsing attributes in process `syz.2.637'.
[  170.897486][ T8304] tmpfs: Bad value for 'mpol'
[  171.191176][ T8314] FAULT_INJECTION: forcing a failure.
[  171.191176][ T8314] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  171.217243][ T8314] CPU: 0 UID: 0 PID: 8314 Comm: syz.1.641 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  171.217268][ T8314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  171.217278][ T8314] Call Trace:
[  171.217283][ T8314]  <TASK>
[  171.217290][ T8314]  dump_stack_lvl+0x16c/0x1f0
[  171.217328][ T8314]  should_fail_ex+0x512/0x640
[  171.217350][ T8314]  _copy_from_user+0x2e/0xd0
[  171.217369][ T8314]  memdup_user+0x6b/0xe0
[  171.217382][ T8314]  strndup_user+0x78/0xe0
[  171.217398][ T8314]  __ia32_sys_mount+0x137/0x310
[  171.217415][ T8314]  ? __pfx___ia32_sys_mount+0x10/0x10
[  171.217432][ T8314]  ? rcu_is_watching+0x12/0xc0
[  171.217454][ T8314]  __do_fast_syscall_32+0x73/0x120
[  171.217475][ T8314]  do_fast_syscall_32+0x32/0x80
[  171.217498][ T8314]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  171.217517][ T8314] RIP: 0023:0xf7f07579
[  171.217529][ T8314] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  171.217597][ T8314] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  171.217619][ T8314] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000540
[  171.217629][ T8314] RDX: 0000000080000580 RSI: 0000000000000000 RDI: 0000000080000040
[  171.217639][ T8314] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  171.217649][ T8314] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  171.217659][ T8314] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  171.217684][ T8314]  </TASK>
[  171.595233][ T8320] input: syz0 as /devices/virtual/input/input45
[  171.659403][ T8321] netlink: 88 bytes leftover after parsing attributes in process `syz.1.642'.
[  171.741508][ T8325] netlink: 'syz.2.644': attribute type 23 has an invalid length.
[  172.098613][ T8332] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  172.476512][ T8345] delete_channel: no stack
[  172.800647][ T8344] delete_channel: no stack
[  173.111832][ T8356] vxcan1: tx drop: invalid da for name 0x0000000000002001
[  173.371278][ T8367] input: syz0 as /devices/virtual/input/input46
[  173.553207][ T8368] netlink: 88 bytes leftover after parsing attributes in process `syz.2.658'.
[  173.708403][ T8371] loop6: detected capacity change from 0 to 524287999
[  173.712318][    C0] blk_print_req_error: 24 callbacks suppressed
[  173.712328][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  173.718534][    C0] buffer_io_error: 24 callbacks suppressed
[  173.718542][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  173.728055][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  173.731593][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  173.734991][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  173.738662][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  173.742282][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  173.745887][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  173.750739][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  173.754347][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  173.757804][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  173.761554][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  173.766032][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  173.769697][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  173.773369][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  173.776974][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  173.780089][ T8371] ldm_validate_partition_table(): Disk read failed.
[  173.783274][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  173.786823][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  173.790451][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  173.794068][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  173.799088][ T8371] Dev loop6: unable to read RDB block 0
[  173.802204][ T8371]  loop6: unable to read partition table
[  173.804606][ T8371] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  173.830411][ T5364] ldm_validate_partition_table(): Disk read failed.
[  173.833611][ T5364] Dev loop6: unable to read RDB block 0
[  173.837905][ T5364]  loop6: unable to read partition table
[  173.852858][ T8374] delete_channel: no stack
[  174.062197][ T8373] delete_channel: no stack
[  174.097773][ T8381] netlink: 16 bytes leftover after parsing attributes in process `syz.1.663'.
[  175.207536][ T8409] delete_channel: no stack
[  175.454835][ T8408] delete_channel: no stack
[  175.804820][ T8424] netlink: 88 bytes leftover after parsing attributes in process `syz.0.674'.
[  175.984509][ T8431] input: syz0 as /devices/virtual/input/input47
[  176.530290][ T8432] netlink: 88 bytes leftover after parsing attributes in process `syz.3.677'.
[  176.582057][ T8441] FAULT_INJECTION: forcing a failure.
[  176.582057][ T8441] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  176.587554][ T8441] CPU: 1 UID: 0 PID: 8441 Comm: syz.0.679 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  176.587578][ T8441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  176.587590][ T8441] Call Trace:
[  176.587599][ T8441]  <TASK>
[  176.587607][ T8441]  dump_stack_lvl+0x16c/0x1f0
[  176.587637][ T8441]  should_fail_ex+0x512/0x640
[  176.587662][ T8441]  _copy_to_user+0x32/0xd0
[  176.587693][ T8441]  simple_read_from_buffer+0xcb/0x170
[  176.587719][ T8441]  proc_fail_nth_read+0x197/0x270
[  176.587743][ T8441]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  176.587768][ T8441]  ? rw_verify_area+0xcf/0x680
[  176.587788][ T8441]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  176.587811][ T8441]  vfs_read+0x1de/0xc70
[  176.587850][ T8441]  ? __pfx___mutex_lock+0x10/0x10
[  176.587876][ T8441]  ? __pfx_vfs_read+0x10/0x10
[  176.587905][ T8441]  ? __fget_files+0x20e/0x3c0
[  176.587936][ T8441]  ksys_read+0x12a/0x240
[  176.587957][ T8441]  ? __pfx_ksys_read+0x10/0x10
[  176.587978][ T8441]  ? rcu_is_watching+0x12/0xc0
[  176.588001][ T8441]  ? rcu_is_watching+0x12/0xc0
[  176.588025][ T8441]  __do_fast_syscall_32+0x73/0x120
[  176.588052][ T8441]  do_fast_syscall_32+0x32/0x80
[  176.588076][ T8441]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  176.588097][ T8441] RIP: 0023:0xf70ce579
[  176.588111][ T8441] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  176.588128][ T8441] RSP: 002b:00000000f50be590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  176.588145][ T8441] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50be620
[  176.588156][ T8441] RDX: 000000000000000f RSI: 00000000f7432ff4 RDI: 0000000000000000
[  176.588165][ T8441] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  176.588174][ T8441] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  176.588184][ T8441] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  176.588207][ T8441]  </TASK>
[  176.762762][ T8444] netlink: 4 bytes leftover after parsing attributes in process `syz.0.680'.
[  176.775039][ T8448] delete_channel: no stack
[  177.662234][ T8447] delete_channel: no stack
[  177.995157][ T8462] bridge0: port 1(vlan2) entered blocking state
[  177.997360][ T8462] bridge0: port 1(vlan2) entered disabled state
[  177.999581][ T8462] vlan2: entered allmulticast mode
[  178.001307][ T8462] bridge0: entered allmulticast mode
[  178.005248][ T8462] vlan2: left allmulticast mode
[  178.007021][ T8462] bridge0: left allmulticast mode
[  178.287890][ T8465] netlink: 88 bytes leftover after parsing attributes in process `syz.3.686'.
[  178.467198][ T8474] input: syz0 as /devices/virtual/input/input48
[  178.567758][   T40] kauditd_printk_skb: 257 callbacks suppressed
[  178.567959][   T40] audit: type=1326 audit(2000000054.159:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8476 comm="syz.0.690" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x0
[  178.634805][ T8475] netlink: 88 bytes leftover after parsing attributes in process `syz.2.687'.
[  178.907050][ T6010] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  179.058486][ T6010] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  179.061239][ T6010] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  179.064492][ T6010] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  179.067527][ T6010] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  179.070903][ T6010] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  179.075683][ T6010] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  179.078766][ T6010] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  179.081318][ T6010] usb 5-1: Product: syz
[  179.082694][ T6010] usb 5-1: Manufacturer: syz
[  179.088873][ T6010] cdc_wdm 5-1:1.0: skipping garbage
[  179.090551][ T6010] cdc_wdm 5-1:1.0: skipping garbage
[  179.093879][ T6010] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  179.095995][ T6010] cdc_wdm 5-1:1.0: Unknown control protocol
[  179.259086][ T8490] delete_channel: no stack
[  179.291988][ T7110] usb 5-1: USB disconnect, device number 9
[  179.309014][ T8491] input: syz0 as /devices/virtual/input/input49
[  179.542752][ T8489] delete_channel: no stack
[  179.700219][ T8497] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  180.124590][ T8510] ntfs3(sr0): try to read out of volume at offset 0x0
[  180.135821][ T8513] ntfs3(sr0): try to read out of volume at offset 0x0
[  180.245993][ T8518] input: syz0 as /devices/virtual/input/input50
[  180.486101][ T8520] netlink: 88 bytes leftover after parsing attributes in process `syz.1.700'.
[  181.094488][ T8530] xt_ecn: cannot match TCP bits for non-tcp packets
[  181.198688][ T8542] FAULT_INJECTION: forcing a failure.
[  181.198688][ T8542] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  181.202742][ T8540] input: syz0 as /devices/virtual/input/input51
[  181.205259][ T8542] CPU: 0 UID: 0 PID: 8542 Comm: syz.2.709 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  181.205284][ T8542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  181.205293][ T8542] Call Trace:
[  181.205299][ T8542]  <TASK>
[  181.205305][ T8542]  dump_stack_lvl+0x16c/0x1f0
[  181.205333][ T8542]  should_fail_ex+0x512/0x640
[  181.205352][ T8542]  _copy_from_user+0x2e/0xd0
[  181.205372][ T8542]  get_compat_msghdr+0xa7/0x170
[  181.205394][ T8542]  ? __pfx_get_compat_msghdr+0x10/0x10
[  181.205421][ T8542]  ___sys_sendmsg+0x1ae/0x1d0
[  181.205441][ T8542]  ? __pfx____sys_sendmsg+0x10/0x10
[  181.205488][ T8542]  __sys_sendmsg+0x16d/0x220
[  181.205521][ T8542]  ? __pfx___sys_sendmsg+0x10/0x10
[  181.205554][ T8542]  ? rcu_is_watching+0x12/0xc0
[  181.205577][ T8542]  __do_fast_syscall_32+0x73/0x120
[  181.205600][ T8542]  do_fast_syscall_32+0x32/0x80
[  181.205620][ T8542]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  181.205639][ T8542] RIP: 0023:0xf70be579
[  181.205651][ T8542] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  181.205665][ T8542] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  181.205687][ T8542] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000200
[  181.205694][ T8542] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  181.205704][ T8542] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  181.205713][ T8542] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  181.205723][ T8542] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  181.205744][ T8542]  </TASK>
[  181.298677][ T8544] netlink: 88 bytes leftover after parsing attributes in process `syz.2.710'.
[  181.305080][ T8544] delete_channel: no stack
[  181.424122][ T8547] netlink: 88 bytes leftover after parsing attributes in process `syz.3.711'.
[  181.429845][ T8547] delete_channel: no stack
[  181.515151][ T8543] delete_channel: no stack
[  181.728054][ T8546] delete_channel: no stack
[  181.736571][ T8552] input: syz0 as /devices/virtual/input/input52
[  181.826829][ T8559] netlink: 4 bytes leftover after parsing attributes in process `syz.3.714'.
[  182.076573][ T8563] netlink: 88 bytes leftover after parsing attributes in process `syz.0.713'.
[  182.557737][ T8576] netlink: 12 bytes leftover after parsing attributes in process `syz.0.719'.
[  182.602747][ T8579] netlink: 88 bytes leftover after parsing attributes in process `syz.0.720'.
[  182.612158][ T8579] delete_channel: no stack
[  182.724388][ T8583] lo speed is unknown, defaulting to 1000
[  183.457782][ T8578] delete_channel: no stack
[  183.531471][ T8592] input: syz0 as /devices/virtual/input/input53
[  183.649501][ T8601] netlink: 'syz.3.727': attribute type 1 has an invalid length.
[  183.652133][ T8601] netlink: 224 bytes leftover after parsing attributes in process `syz.3.727'.
[  183.791579][ T8597] input: syz0 as /devices/virtual/input/input54
[  184.026510][ T8609] netlink: 88 bytes leftover after parsing attributes in process `syz.3.727'.
[  184.558714][ T5964] Bluetooth: hci2: unexpected event for opcode 0x0000
[  184.577092][ T5964] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  184.617902][ T8624] sd 0:0:0:0: PR command failed: 1026
[  184.619717][ T8624] sd 0:0:0:0: Sense Key : Illegal Request [current] 
[  184.621879][ T8624] sd 0:0:0:0: Add. Sense: Invalid command operation code
[  184.630706][ T8627] netlink: 'syz.0.733': attribute type 39 has an invalid length.
[  184.752535][ T8636] netlink: 20 bytes leftover after parsing attributes in process `syz.0.735'.
[  184.815425][ T8640] netlink: 'syz.0.736': attribute type 2 has an invalid length.
[  184.827319][ T8640] netlink: 'syz.0.736': attribute type 1 has an invalid length.
[  184.932772][ T8645] FAULT_INJECTION: forcing a failure.
[  184.932772][ T8645] name failslab, interval 1, probability 0, space 0, times 0
[  184.940922][ T8645] CPU: 1 UID: 0 PID: 8645 Comm: syz.0.736 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  184.940940][ T8645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  184.940958][ T8645] Call Trace:
[  184.940962][ T8645]  <TASK>
[  184.940967][ T8645]  dump_stack_lvl+0x16c/0x1f0
[  184.940988][ T8645]  should_fail_ex+0x512/0x640
[  184.941001][ T8645]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  184.941021][ T8645]  should_failslab+0xc2/0x120
[  184.941031][ T8645]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  184.941049][ T8645]  ? vfs_parse_fs_string+0xc3/0x150
[  184.941068][ T8645]  kmemdup_nul+0x49/0xf0
[  184.941079][ T8645]  vfs_parse_fs_string+0xc3/0x150
[  184.941095][ T8645]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  184.941115][ T8645]  ? ovl_next_opt+0x143/0x1c0
[  184.941131][ T8645]  ? __pfx_ovl_next_opt+0x10/0x10
[  184.941145][ T8645]  vfs_parse_monolithic_sep+0x16f/0x1f0
[  184.941162][ T8645]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  184.941180][ T8645]  ? alloc_fs_context+0x59b/0x9c0
[  184.941198][ T8645]  path_mount+0x148d/0x1f30
[  184.941209][ T8645]  ? kmem_cache_free+0x2d4/0x4d0
[  184.941225][ T8645]  ? __pfx_path_mount+0x10/0x10
[  184.941236][ T8645]  ? putname+0x154/0x1a0
[  184.941248][ T8645]  __ia32_sys_mount+0x28b/0x310
[  184.941259][ T8645]  ? __pfx___ia32_sys_mount+0x10/0x10
[  184.941270][ T8645]  ? rcu_is_watching+0x12/0xc0
[  184.941286][ T8645]  __do_fast_syscall_32+0x73/0x120
[  184.941303][ T8645]  do_fast_syscall_32+0x32/0x80
[  184.941319][ T8645]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  184.941333][ T8645] RIP: 0023:0xf70ce579
[  184.941341][ T8645] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  184.941352][ T8645] RSP: 002b:00000000f509d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  184.941362][ T8645] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800000c0
[  184.941368][ T8645] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000080000380
[  184.941375][ T8645] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  184.941380][ T8645] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  184.941386][ T8645] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  184.941399][ T8645]  </TASK>
[  184.972033][   T40] audit: type=1804 audit(2000000060.559:308): pid=8645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.736" name="/newroot/167/file0/bus/file1" dev="hugetlbfs" ino=20373 res=1 errno=0
[  185.365654][ T8654] netlink: 'syz.0.740': attribute type 1 has an invalid length.
[  185.369186][ T8654] netlink: 224 bytes leftover after parsing attributes in process `syz.0.740'.
[  185.671702][ T8660] netlink: 88 bytes leftover after parsing attributes in process `syz.0.740'.
[  186.545761][ T8684] netlink: 48 bytes leftover after parsing attributes in process `syz.0.749'.
[  186.610790][ T8685] kernel profiling enabled (shift: 7)
[  186.710734][ T8687] netlink: 88 bytes leftover after parsing attributes in process `syz.1.748'.
[  186.788534][ T5958] Bluetooth: hci3: command 0x0c1a tx timeout
[  187.753201][ T8698] xt_CT: You must specify a L4 protocol and not use inversions on it
[  188.629781][ T5964] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  188.632653][ T5964] Bluetooth: hci2: Injecting HCI hardware error event
[  188.635928][ T5964] Bluetooth: hci2: hardware error 0x00
[  188.830284][ T8722] delete_channel: no stack
[  188.867136][ T5958] Bluetooth: hci3: command 0x0c1a tx timeout
[  188.876522][ T8724] tls_set_device_offload_rx: netdev not found
[  189.785301][ T8721] delete_channel: no stack
[  189.843731][ T8739] fuse: Invalid rootmode
[  189.845573][ T8739] netlink: 16 bytes leftover after parsing attributes in process `syz.3.763'.
[  189.907873][ T8737] delete_channel: no stack
[  189.938008][ T8738] Process accounting resumed
[  189.983595][ T8745] autofs: Bad value for 'fd'
[  190.043227][ T8752] netlink: 'syz.2.769': attribute type 1 has an invalid length.
[  190.062665][ T8752] netlink: 224 bytes leftover after parsing attributes in process `syz.2.769'.
[  190.333079][ T8736] delete_channel: no stack
[  190.367745][ T8752] netlink: 88 bytes leftover after parsing attributes in process `syz.2.769'.
[  190.374155][ T8764] netlink: 68 bytes leftover after parsing attributes in process `syz.1.771'.
[  190.469251][ T8768] overlayfs: missing 'lowerdir'
[  190.612120][ T8768] cdrom: dropping to single frame dma
[  190.707042][ T5964] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  190.949293][ T5964] Bluetooth: hci3: command 0x0c1a tx timeout
[  190.975749][ T8777] fuse: Unknown parameter '000000000000000000040x0000000000000004'
[  191.274332][ T8790] netlink: 68 bytes leftover after parsing attributes in process `syz.3.780'.
[  191.337873][ T8794] netlink: 'syz.3.782': attribute type 1 has an invalid length.
[  191.340391][ T8794] netlink: 224 bytes leftover after parsing attributes in process `syz.3.782'.
[  191.646833][ T8803] netlink: 88 bytes leftover after parsing attributes in process `syz.3.782'.
[  192.274513][ T8823] netlink: 68 bytes leftover after parsing attributes in process `syz.3.790'.
[  192.541783][ T8830] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  192.600466][ T8833] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  192.792717][ T8845] netlink: 'syz.1.798': attribute type 1 has an invalid length.
[  192.795341][ T8845] netlink: 224 bytes leftover after parsing attributes in process `syz.1.798'.
[  193.026993][ T5964] Bluetooth: hci3: command 0x0c1a tx timeout
[  193.083199][ T8847] netlink: 88 bytes leftover after parsing attributes in process `syz.1.798'.
[  193.278915][ T8852] delete_channel: no stack
[  193.392953][ T8856] netlink: 'syz.0.801': attribute type 2 has an invalid length.
[  193.395428][ T8856] netlink: 'syz.0.801': attribute type 1 has an invalid length.
[  193.509022][ T8851] delete_channel: no stack
[  193.604307][ T8857] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  193.606689][ T8857] overlayfs: failed to set xattr on upper
[  193.608745][ T8857] overlayfs: ...falling back to redirect_dir=nofollow.
[  193.610935][ T8857] overlayfs: ...falling back to index=off.
[  193.612809][ T8857] overlayfs: ...falling back to uuid=null.
[  193.614751][ T8857] overlayfs: maximum fs stacking depth exceeded
[  194.069772][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  194.203725][ T8881] delete_channel: no stack
[  194.529118][ T8880] delete_channel: no stack
[  194.592126][ T8888] netlink: 'syz.3.812': attribute type 1 has an invalid length.
[  195.120603][ T8889] __nla_validate_parse: 4 callbacks suppressed
[  195.120617][ T8889] netlink: 88 bytes leftover after parsing attributes in process `syz.3.812'.
[  195.266615][ T8898] netlink: 8 bytes leftover after parsing attributes in process `syz.2.813'.
[  195.293905][ T8898] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  195.297931][ T8898] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.390232][ T8898] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  195.393516][ T8898] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.465837][ T8898] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  195.469360][ T8898] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.533192][ T8910] delete_channel: no stack
[  195.541330][ T8898] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  195.544599][ T8898] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.663450][ T8898] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  195.666280][ T8898] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  195.693409][ T8898] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  195.696202][ T8898] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  195.705432][ T8898] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  195.709529][ T8898] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  195.719467][ T8898] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  195.722236][ T8898] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.355511][ T8918] netlink: 24 bytes leftover after parsing attributes in process `syz.0.820'.
[  196.361260][ T8918] netlink: 24 bytes leftover after parsing attributes in process `syz.0.820'.
[  196.404843][ T8920] netlink: 6 bytes leftover after parsing attributes in process `syz.0.822'.
[  196.408286][ T8920] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  196.444193][ T8923] FAULT_INJECTION: forcing a failure.
[  196.444193][ T8923] name failslab, interval 1, probability 0, space 0, times 0
[  196.448401][ T8923] CPU: 0 UID: 0 PID: 8923 Comm: syz.0.823 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  196.448419][ T8923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  196.448426][ T8923] Call Trace:
[  196.448430][ T8923]  <TASK>
[  196.448435][ T8923]  dump_stack_lvl+0x16c/0x1f0
[  196.448455][ T8923]  should_fail_ex+0x512/0x640
[  196.448467][ T8923]  ? fs_reclaim_acquire+0xae/0x150
[  196.448482][ T8923]  ? tomoyo_encode2+0x100/0x3e0
[  196.448501][ T8923]  should_failslab+0xc2/0x120
[  196.448512][ T8923]  __kmalloc_noprof+0xd2/0x510
[  196.448528][ T8923]  ? d_absolute_path+0x136/0x1a0
[  196.448542][ T8923]  tomoyo_encode2+0x100/0x3e0
[  196.448558][ T8923]  tomoyo_encode+0x29/0x50
[  196.448572][ T8923]  tomoyo_realpath_from_path+0x18f/0x6e0
[  196.448590][ T8923]  tomoyo_path_number_perm+0x245/0x580
[  196.448602][ T8923]  ? tomoyo_path_number_perm+0x237/0x580
[  196.448616][ T8923]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  196.448629][ T8923]  ? find_held_lock+0x2b/0x80
[  196.448655][ T8923]  ? find_held_lock+0x2b/0x80
[  196.448668][ T8923]  ? hook_file_ioctl_common+0x145/0x410
[  196.448683][ T8923]  ? __fget_files+0x20e/0x3c0
[  196.448701][ T8923]  security_file_ioctl_compat+0x9b/0x240
[  196.448717][ T8923]  __do_compat_sys_ioctl+0x4e/0x2c0
[  196.448731][ T8923]  __do_fast_syscall_32+0x73/0x120
[  196.448749][ T8923]  do_fast_syscall_32+0x32/0x80
[  196.448765][ T8923]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  196.448779][ T8923] RIP: 0023:0xf70ce579
[  196.448788][ T8923] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  196.448799][ T8923] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  196.448809][ T8923] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000005312
[  196.448816][ T8923] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  196.448822][ T8923] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  196.448827][ T8923] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  196.448834][ T8923] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  196.448847][ T8923]  </TASK>
[  196.448862][ T8923] ERROR: Out of memory at tomoyo_realpath_from_path.
[  196.459519][ T8909] delete_channel: no stack
[  196.565623][ T8926] netlink: 88 bytes leftover after parsing attributes in process `syz.2.821'.
[  196.566468][ T8929] kAFS: unable to lookup cell 'mS²jQ€·”œ­=È A4Z1Ë¡8'
[  197.220372][ T8944] netlink: 12 bytes leftover after parsing attributes in process `syz.1.829'.
[  197.265987][   T40] audit: type=1800 audit(2000000072.849:309): pid=8944 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.829" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  197.476750][ T8948] netlink: 24 bytes leftover after parsing attributes in process `syz.2.830'.
[  197.480103][ T8948] netlink: 24 bytes leftover after parsing attributes in process `syz.2.830'.
[  197.544085][ T8952] netlink: 8 bytes leftover after parsing attributes in process `syz.0.832'.
[  198.484794][ T8972] netlink: 'syz.0.839': attribute type 3 has an invalid length.
[  198.489910][ T8972] netlink: 'syz.0.839': attribute type 2 has an invalid length.
[  199.008420][ T8982] input: syz0 as /devices/virtual/input/input55
[  199.680988][ T9000] sp0: Synchronizing with TNC
[  199.912411][ T9007] sp0: Synchronizing with TNC
[  199.947068][ T9011] FAULT_INJECTION: forcing a failure.
[  199.947068][ T9011] name failslab, interval 1, probability 0, space 0, times 0
[  199.951234][ T9011] CPU: 2 UID: 0 PID: 9011 Comm: syz.3.849 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  199.951249][ T9011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  199.951256][ T9011] Call Trace:
[  199.951260][ T9011]  <TASK>
[  199.951264][ T9011]  dump_stack_lvl+0x16c/0x1f0
[  199.951285][ T9011]  should_fail_ex+0x512/0x640
[  199.951298][ T9011]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  199.951315][ T9011]  should_failslab+0xc2/0x120
[  199.951326][ T9011]  __kmalloc_cache_noprof+0x6a/0x3e0
[  199.951339][ T9011]  ? rcu_is_watching+0x12/0xc0
[  199.951354][ T9011]  ? call_usermodehelper_setup+0xaf/0x360
[  199.951369][ T9011]  ? __pfx_free_modprobe_argv+0x10/0x10
[  199.951381][ T9011]  call_usermodehelper_setup+0xaf/0x360
[  199.951397][ T9011]  __request_module+0x3bd/0x690
[  199.951408][ T9011]  ? __pfx___request_module+0x10/0x10
[  199.951418][ T9011]  ? aa_get_newest_label+0x375/0x680
[  199.951430][ T9011]  ? __pfx_aa_get_newest_label+0x10/0x10
[  199.951444][ T9011]  ? apparmor_capable+0x114/0x1d0
[  199.951455][ T9011]  ? dev_load+0x1c0/0x240
[  199.951469][ T9011]  dev_load+0x221/0x240
[  199.951481][ T9011]  dev_ioctl+0x19c/0x10e0
[  199.951494][ T9011]  sock_ioctl+0x5b3/0x6b0
[  199.951505][ T9011]  ? __pfx_sock_ioctl+0x10/0x10
[  199.951518][ T9011]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  199.951531][ T9011]  ? unix_ioctl+0xf0/0x5e0
[  199.951547][ T9011]  ? __pfx_unix_ioctl+0x10/0x10
[  199.951565][ T9011]  compat_sock_ioctl+0x5ff/0x7c0
[  199.951577][ T9011]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  199.951586][ T9011]  ? hook_file_ioctl_common+0x145/0x410
[  199.951601][ T9011]  ? __fget_files+0x20e/0x3c0
[  199.951619][ T9011]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  199.951629][ T9011]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  199.951644][ T9011]  __do_fast_syscall_32+0x73/0x120
[  199.951662][ T9011]  do_fast_syscall_32+0x32/0x80
[  199.951677][ T9011]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  199.951691][ T9011] RIP: 0023:0xf7f71579
[  199.951699][ T9011] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  199.951710][ T9011] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  199.951720][ T9011] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000089f0
[  199.951727][ T9011] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  199.951733][ T9011] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  199.951738][ T9011] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  199.951744][ T9011] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  199.951756][ T9011]  </TASK>
[  200.040322][ T7110] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  200.187550][ T7110] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  200.191148][ T7110] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.194134][ T7110] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.197895][ T7110] usb 7-1: config 0 interface 0 has no altsetting 0
[  200.200742][ T7110] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.203536][ T7110] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.207108][ T7110] usb 7-1: config 0 interface 0 has no altsetting 0
[  200.210055][ T7110] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.213274][ T7110] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.216669][ T7110] usb 7-1: config 0 interface 0 has no altsetting 0
[  200.220111][ T7110] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.223058][ T7110] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.226479][ T7110] usb 7-1: config 0 interface 0 has no altsetting 0
[  200.229555][ T7110] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.232713][ T7110] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.236070][ T7110] usb 7-1: config 0 interface 0 has no altsetting 0
[  200.239198][ T7110] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.242102][ T7110] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.245652][ T7110] usb 7-1: config 0 interface 0 has no altsetting 0
[  200.248882][ T7110] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.252138][ T7110] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.255885][ T7110] usb 7-1: config 0 interface 0 has no altsetting 0
[  200.259243][ T7110] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.262220][ T7110] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.265704][ T7110] usb 7-1: config 0 interface 0 has no altsetting 0
[  200.270045][ T7110] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  200.273238][ T7110] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  200.275821][ T7110] usb 7-1: Product: syz
[  200.277370][ T7110] usb 7-1: Manufacturer: syz
[  200.278864][ T7110] usb 7-1: SerialNumber: syz
[  200.281648][ T7110] usb 7-1: config 0 descriptor??
[  200.287097][ T7110] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0
[  200.547504][ T9018] __nla_validate_parse: 6 callbacks suppressed
[  200.547517][ T9018] netlink: 88 bytes leftover after parsing attributes in process `syz.1.850'.
[  200.896956][ T6020] usb 5-1: new low-speed USB device number 10 using dummy_hcd
[  201.021934][ T9029] netlink: 'syz.1.854': attribute type 4 has an invalid length.
[  201.036733][ T9029] netlink: 'syz.1.854': attribute type 4 has an invalid length.
[  201.048253][ T6020] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  201.051723][ T6020] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  201.054563][ T6020] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  201.058314][ T6020] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  201.061456][ T6020] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.069722][ T9027] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  201.073399][ T6020] hub 5-1:1.0: bad descriptor, ignoring hub
[  201.075337][ T6020] hub 5-1:1.0: probe with driver hub failed with error -5
[  201.078139][ T6020] cdc_wdm 5-1:1.0: skipping garbage
[  201.079903][ T6020] cdc_wdm 5-1:1.0: skipping garbage
[  201.084632][ T6020] cdc_wdm 5-1:1.0: cdc-wdm1: USB WDM device
[  201.086536][ T6020] cdc_wdm 5-1:1.0: Unknown control protocol
[  201.125205][ T9031] delete_channel: no stack
[  201.186405][ T9035] input: syz0 as /devices/virtual/input/input56
[  201.342116][ T9030] delete_channel: no stack
[  201.372010][   T40] audit: type=1326 audit(2000000076.959:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.1.858" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f07579 code=0x0
[  202.238656][ T9046] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  202.247973][ T9046] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  202.557228][    C3] usb 7-1: yurex_control_callback - control failed: -2
[  202.559678][    C3] usb 7-1: yurex_control_callback - control failed: -32
[  202.572307][ T7110] usb 7-1: USB disconnect, device number 12
[  202.578530][ T7110] yurex 7-1:0.0: USB YUREX #0 now disconnected
[  202.677151][ T5991] usb 5-1: USB disconnect, device number 10
[  203.176953][ T9061] 9pnet_fd: Insufficient options for proto=fd
[  203.249605][ T9067] input: syz0 as /devices/virtual/input/input57
[  203.371327][ T9055] netlink: 88 bytes leftover after parsing attributes in process `syz.3.862'.
[  204.954549][ T9105] netlink: 16 bytes leftover after parsing attributes in process `syz.3.878'.
[  205.106007][ T9112] fuse: Bad value for 'fd'
[  205.157672][ T9114] input: syz0 as /devices/virtual/input/input58
[  205.212647][ T9115] netlink: 88 bytes leftover after parsing attributes in process `syz.2.876'.
[  205.910098][ T9138] input: syz0 as /devices/virtual/input/input59
[  205.957684][ T9142] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  205.960880][ T9142] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  205.963618][ T9142] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  205.966339][ T9142] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.972885][ T9142] geneve3: entered promiscuous mode
[  205.974673][ T9142] geneve3: entered allmulticast mode
[  205.985485][ T9142] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  205.990131][ T9142] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  205.993624][ T9142] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  205.999048][ T9142] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  206.070510][ T9146] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  206.072818][ T9146] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  206.085210][ T9146] vhci_hcd vhci_hcd.0: Device attached
[  206.095588][ T9146] netlink: 4 bytes leftover after parsing attributes in process `syz.3.893'.
[  206.288373][ T9155] netlink: 88 bytes leftover after parsing attributes in process `syz.1.892'.
[  206.316963][ T7110] usb 43-1: new high-speed USB device number 2 using vhci_hcd
[  206.812100][ T9147] vhci_hcd: connection reset by peer
[  206.824455][ T9191] vhci_hcd: stop threads
[  206.827682][ T9191] vhci_hcd: release socket
[  206.830728][ T9191] vhci_hcd: disconnect device
[  207.071833][ T9230] fuse: Bad value for 'fd'
[  207.167747][ T9231] overlay: ./file0 is not a directory
[  207.426838][ T9241] input: syz0 as /devices/virtual/input/input60
[  207.778699][   T40] audit: type=1326 audit(2000000083.369:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9244 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  207.787186][   T40] audit: type=1326 audit(2000000083.369:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9244 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=449 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  207.796395][   T40] audit: type=1326 audit(2000000083.369:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9244 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  207.804911][   T40] audit: type=1326 audit(2000000083.369:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9244 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  207.812788][   T40] audit: type=1326 audit(2000000083.369:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9244 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  207.820808][   T40] audit: type=1326 audit(2000000083.369:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9244 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  207.833778][   T40] audit: type=1326 audit(2000000083.369:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9244 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  207.841759][   T40] audit: type=1326 audit(2000000083.369:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9244 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  207.849474][   T40] audit: type=1326 audit(2000000083.369:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9244 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  207.856587][   T40] audit: type=1326 audit(2000000083.369:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9244 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  207.899250][ T9248] input: syz0 as /devices/virtual/input/input61
[  208.059138][ T9253] delete_channel: no stack
[  208.112948][ T9251] netlink: 88 bytes leftover after parsing attributes in process `syz.2.904'.
[  208.301508][ T9252] delete_channel: no stack
[  208.352273][ T9262] netlink: 12 bytes leftover after parsing attributes in process `syz.0.908'.
[  208.619364][ T9271] netlink: 4 bytes leftover after parsing attributes in process `syz.0.912'.
[  208.623670][ T9271] netlink: 20 bytes leftover after parsing attributes in process `syz.0.912'.
[  208.627646][ T9271] netlink: 20 bytes leftover after parsing attributes in process `syz.0.912'.
[  208.703319][ T9269] 
[  208.704428][ T9269] ======================================================
[  208.707202][ T9269] WARNING: possible circular locking dependency detected
[  208.709953][ T9269] 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 Not tainted
[  208.714053][ T9269] ------------------------------------------------------
[  208.718107][ T9269] syz.3.911/9269 is trying to acquire lock:
[  208.720880][ T9269] ffff888054228aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_switch_to_fallback+0x2d/0x9f0
[  208.725448][ T9269] 
[  208.725448][ T9269] but task is already holding lock:
[  208.728560][ T9269] ffff888054228258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x47/0x520
[  208.732168][ T9269] 
[  208.732168][ T9269] which lock already depends on the new lock.
[  208.732168][ T9269] 
[  208.736438][ T9269] 
[  208.736438][ T9269] the existing dependency chain (in reverse order) is:
[  208.740425][ T9269] 
[  208.740425][ T9269] -> #2 (sk_lock-AF_INET){+.+.}-{0:0}:
[  208.744249][ T9269]        lock_sock_nested+0x41/0xf0
[  208.746497][ T9269]        sockopt_lock_sock+0x54/0x70
[  208.748735][ T9269]        do_ip_setsockopt+0xfe/0x3240
[  208.750786][ T9269]        ip_setsockopt+0x59/0xf0
[  208.752520][ T9269]        udp_setsockopt+0x7d/0xd0
[  208.754277][ T9269]        do_sock_setsockopt+0x221/0x470
[  208.756076][ T9269]        __sys_setsockopt+0x1a0/0x230
[  208.758008][ T9269]        __ia32_sys_setsockopt+0xbc/0x160
[  208.760359][ T9269]        __do_fast_syscall_32+0x73/0x120
[  208.762387][ T9269]        do_fast_syscall_32+0x32/0x80
[  208.764207][ T9269]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  208.766567][ T9269] 
[  208.766567][ T9269] -> #1 (rtnl_mutex){+.+.}-{4:4}:
[  208.769882][ T9269]        __mutex_lock+0x199/0xb90
[  208.772111][ T9269]        start_sync_thread+0x120/0x28b0
[  208.774440][ T9269]        do_ip_vs_set_ctl+0x451/0x11d0
[  208.776733][ T9269]        nf_setsockopt+0x8a/0xf0
[  208.778828][ T9269]        ip_setsockopt+0xcb/0xf0
[  208.780905][ T9269]        tcp_setsockopt+0xa4/0x100
[  208.782805][ T9269]        smc_setsockopt+0x1b3/0xa00
[  208.784600][ T9269]        do_sock_setsockopt+0x221/0x470
[  208.786939][ T9269]        __sys_setsockopt+0x1a0/0x230
[  208.788973][ T9269]        __ia32_sys_setsockopt+0xbc/0x160
[  208.791371][ T9269]        __do_fast_syscall_32+0x73/0x120
[  208.793706][ T9269]        do_fast_syscall_32+0x32/0x80
[  208.795695][ T9269]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  208.798355][ T9269] 
[  208.798355][ T9269] -> #0 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[  208.801817][ T9269]        __lock_acquire+0x1173/0x1ba0
[  208.804219][ T9269]        lock_acquire+0x179/0x350
[  208.806369][ T9269]        __mutex_lock+0x199/0xb90
[  208.808569][ T9269]        smc_switch_to_fallback+0x2d/0x9f0
[  208.811033][ T9269]        smc_sendmsg+0x13d/0x520
[  208.813144][ T9269]        __sys_sendto+0x495/0x510
[  208.815281][ T9269]        __ia32_sys_sendto+0xdd/0x1b0
[  208.817541][ T9269]        __do_fast_syscall_32+0x73/0x120
[  208.819973][ T9269]        do_fast_syscall_32+0x32/0x80
[  208.822424][ T9269]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  208.825359][ T9269] 
[  208.825359][ T9269] other info that might help us debug this:
[  208.825359][ T9269] 
[  208.829544][ T9269] Chain exists of:
[  208.829544][ T9269]   &smc->clcsock_release_lock --> rtnl_mutex --> sk_lock-AF_INET
[  208.829544][ T9269] 
[  208.835009][ T9269]  Possible unsafe locking scenario:
[  208.835009][ T9269] 
[  208.838075][ T9269]        CPU0                    CPU1
[  208.840290][ T9269]        ----                    ----
[  208.842500][ T9269]   lock(sk_lock-AF_INET);
[  208.844376][ T9269]                                lock(rtnl_mutex);
[  208.847040][ T9269]                                lock(sk_lock-AF_INET);
[  208.850051][ T9269]   lock(&smc->clcsock_release_lock);
[  208.852561][ T9269] 
[  208.852561][ T9269]  *** DEADLOCK ***
[  208.852561][ T9269] 
[  208.856214][ T9269] 1 lock held by syz.3.911/9269:
[  208.858503][ T9269]  #0: ffff888054228258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x47/0x520
[  208.862255][ T9269] 
[  208.862255][ T9269] stack backtrace:
[  208.865012][ T9269] CPU: 1 UID: 0 PID: 9269 Comm: syz.3.911 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) 
[  208.865040][ T9269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  208.865055][ T9269] Call Trace:
[  208.865063][ T9269]  <TASK>
[  208.865078][ T9269]  dump_stack_lvl+0x116/0x1f0
[  208.865117][ T9269]  print_circular_bug+0x275/0x350
[  208.865145][ T9269]  check_noncircular+0x14c/0x170
[  208.865175][ T9269]  __lock_acquire+0x1173/0x1ba0
[  208.865206][ T9269]  lock_acquire+0x179/0x350
[  208.865219][ T9269]  ? smc_switch_to_fallback+0x2d/0x9f0
[  208.865240][ T9269]  ? __pfx___might_resched+0x10/0x10
[  208.865266][ T9269]  __mutex_lock+0x199/0xb90
[  208.865287][ T9269]  ? smc_switch_to_fallback+0x2d/0x9f0
[  208.865316][ T9269]  ? __lock_acquire+0xaa4/0x1ba0
[  208.865339][ T9269]  ? smc_switch_to_fallback+0x2d/0x9f0
[  208.865357][ T9269]  ? __pfx___mutex_lock+0x10/0x10
[  208.865385][ T9269]  ? do_raw_spin_lock+0x12c/0x2b0
[  208.865402][ T9269]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  208.865422][ T9269]  ? smc_switch_to_fallback+0x2d/0x9f0
[  208.865437][ T9269]  ? __local_bh_enable_ip+0xa4/0x120
[  208.865465][ T9269]  smc_switch_to_fallback+0x2d/0x9f0
[  208.865485][ T9269]  smc_sendmsg+0x13d/0x520
[  208.865502][ T9269]  __sys_sendto+0x495/0x510
[  208.865523][ T9269]  ? __pfx___sys_sendto+0x10/0x10
[  208.865547][ T9269]  ? __sys_bind+0x176/0x260
[  208.865568][ T9269]  ? xfd_validate_state+0x5d/0x180
[  208.865587][ T9269]  ? rcu_is_watching+0x12/0xc0
[  208.865607][ T9269]  __ia32_sys_sendto+0xdd/0x1b0
[  208.865625][ T9269]  ? lockdep_hardirqs_on+0x7c/0x110
[  208.865645][ T9269]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  208.865670][ T9269]  __do_fast_syscall_32+0x73/0x120
[  208.865695][ T9269]  do_fast_syscall_32+0x32/0x80
[  208.865717][ T9269]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  208.865737][ T9269] RIP: 0023:0xf7f71579
[  208.865750][ T9269] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  208.865766][ T9269] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  208.865782][ T9269] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  208.865793][ T9269] RDX: 0000000000000000 RSI: 00000000200007fd RDI: 0000000080e68000
[  208.865803][ T9269] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000
[  208.865812][ T9269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  208.865822][ T9269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  208.865836][ T9269]  </TASK>
[  208.968016][    C1] vkms_vblank_simulate: vblank timer overrun
[  211.416929][ T7110] vhci_hcd: vhci_device speed not set

VM DIAGNOSIS:
02:40:58  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000086 RBX=ffff88806bf92000 RCX=ffffffff82280ce8 RDX=0000000000000000
RSI=0000000000000001 RDI=ffff88806bf92000 RBP=0000000000000000 RSP=ffffc900071ff120
R8 =0000000000000000 R9 =fffffbfff210d002 R10=ffffffff90868017 R11=000000000000001e
R12=0000000000000001 R13=ffff88804c99cb80 R14=0000000000402800 R15=0000000000000000
RIP=ffffffff82274430 RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977b9000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5075da4 CR3=000000006bd2e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff854bc9a5 RDI=ffffffff9ae12b40 RBP=ffffffff9ae12b00 RSP=ffffc900070ef478
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e35312e36
R12=0000000000000000 R13=0000000000000005 R14=ffffffff9ae12b00 R15=ffffffff854bc940
RIP=ffffffff854bc9cf RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880978b9000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080e68000 CR3=0000000070632000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000025ac9c RBX=0000000000000002 RCX=ffffffff8b702439 RDX=ffffed10056865be
RSI=ffffffff8bf45080 RDI=ffffffff8191a751 RBP=ffffed1003b55910 RSP=ffffc9000047fdf8
R8 =0000000000000000 R9 =ffffed10056865bd R10=ffff88802b432deb R11=0000000000000001
R12=0000000000000002 R13=ffff88801daac880 R14=ffffffff90868010 R15=0000000000000000
RIP=ffffffff8b700ccf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055abd6f5d000 CR3=000000004f79a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7482ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000002b228c RBX=0000000000000003 RCX=ffffffff8b702439 RDX=ffffed10056a65be
RSI=ffffffff8bf45080 RDI=ffffffff8191a751 RBP=ffffed1003b58000 RSP=ffffc9000048fdf8
R8 =0000000000000000 R9 =ffffed10056a65bd R10=ffff88802b532deb R11=0000000000000001
R12=0000000000000003 R13=ffff88801dac0000 R14=ffffffff90868010 R15=0000000000000000
RIP=ffffffff8b700ccf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097ab9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c255f6e CR3=0000000050254000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000