last executing test programs:

4.189986353s ago: executing program 3 (id=750):
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0xa0c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f00000000c0)={0x4})
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
io_submit(0x0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])
vmsplice(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000300)='S', 0x1}], 0x1, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000540)={'#! ', './file0'}, 0xb)

3.319693185s ago: executing program 3 (id=753):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$vsock_stream(0x28, 0x1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0xa0c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
io_setup(0x6, &(0x7f0000001380))
syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00')
vmsplice(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000300)='S', 0x1}], 0x1, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000540)={'#! ', './file0'}, 0xb)
dup3(r0, r1, 0x0)
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
recvmmsg(r6, &(0x7f00000005c0)=[{{0x0, 0x0, 0x0}, 0x200}], 0x1, 0x6142, 0x0)

3.208532112s ago: executing program 2 (id=754):
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0xa0c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f00000000c0)={0x4})
io_setup(0x6, &(0x7f0000001380))

2.831078255s ago: executing program 0 (id=757):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x1, 0x20105)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/fs/cgroup', 0x0, 0x0)
getdents(r3, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)
sendmsg$NL80211_CMD_SET_MPATH(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x28, r4, 0x1, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x2040810)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb011a52f436dd2a", 0x2a}], 0x1)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r5, &(0x7f0000000040)={0x1f, @none}, 0x8)
getsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0x7, &(0x7f0000000540), &(0x7f0000000580)=0x4)
ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f0000000140))
r6 = socket$igmp6(0xa, 0x3, 0x2)
r7 = socket$packet(0x11, 0x3, 0x300)
r8 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r9 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r10=>0x0})
r11 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=@bridge_setlink={0x20, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r10}}, 0x20}}, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000002c0)={&(0x7f00000000c0)="8197fedc4299cf4aa118a25de15fccf6e828ddcdec0b1f5594c9571b8e4154528c8a3099fa468ece1208", 0x0, &(0x7f0000000180), &(0x7f0000000200)="b11d09f5f73d7f412387e3dce2627386", 0x2, r8}, 0x38)
write$uinput_user_dev(r8, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0xa, 0x3, 0xffff2d33, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0x41, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x0, 0x5, 0x3c, 0x8f, 0x6, 0x6, 0x3, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x204, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x8000, 0x200010, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x6c9, 0x9, 0xfffffffc, 0x3, 0x0, 0x7, 0x5, 0x20002f, 0xe, 0x312, 0x78, 0xea4, 0xa, 0x4, 0x4, 0x8000, 0x9, 0x400, 0x1, 0x5, 0x1, 0xff, 0xffff8001, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x9, 0x4, 0x9, 0x8, 0x8, 0x6, 0x5, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x5, 0x3, 0x4, 0x1, 0x7, 0x6, 0x9, 0x48c93690, 0x2, 0xff], [0x7, 0x4, 0x0, 0x64e, 0xfffffdfe, 0x3ea, 0x8d2, 0x100009, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x7, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x10000009, 0x3e7, 0x2, 0x5, 0x4, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x5, 0x3e, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x0, 0xa2, 0x7, 0x1, 0x1, 0x4, 0x54fe12d2, 0xbf, 0xb, 0x3, 0x400000, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0x0, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x100001ff, 0x6, 0x0, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xa620, 0x2, 0x200005, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000000, 0x3, 0x8, 0x81, 0x3, 0x3, 0xffff, 0x3, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x4, 0x9, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ioctl$SNDCTL_DSP_CHANNELS(r8, 0xc0045006, &(0x7f0000000040)=0x401)
r12 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000008c0), 0x900, 0x0)
ioctl$CDROM_SELECT_SPEED(r12, 0x5322, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000300)={'rose0\x00', <r13=>0x0})
r14 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r14, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r13], 0x20}}, 0x0)
setsockopt$MRT6_ADD_MIF(r6, 0x29, 0xca, &(0x7f0000000000)={0x1, 0x1, 0x5, r13, 0x2ff4}, 0xc)

2.599156761s ago: executing program 0 (id=758):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r0)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x30, r1, 0x400, 0x70bd28, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_PAN_ID={0x6}]}, 0x30}, 0x1, 0x0, 0x0, 0x4008801}, 0x4810)

2.598740774s ago: executing program 0 (id=759):
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
io_setup(0x6, &(0x7f0000001380))
syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00')

2.129724799s ago: executing program 3 (id=760):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/pm_trace', 0x2, 0x0)
write$FUSE_NOTIFY_STORE(r0, 0x0, 0x28)
openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="130000001000000002000000000000000000000026b62b14f904fc30385d02311a5293ab1c31cc235e7c32365d3e0578e8bf73aea3ca633b405d4cebbcd33eb0918d6a545120d9b85c53d58a4c", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = syz_open_procfs(0x0, &(0x7f0000000440)='fdinfo/4\x00')
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2cf6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000520001002abd7000feffffbf0a00000008000100", @ANYRES32=r3, @ANYBLOB], 0x1c}}, 0x855)
syz_usb_control_io(r2, &(0x7f0000000100)={0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="00082d0000002d09d5e7f00ff3ad34c546ebf47aaf342351cf51568565befa8e276bbef891f2927f27711bf06c757f1fc66f7e"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004cc311ec8500000075000000a70000000800000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
r6 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_ifreq(r6, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'})
r7 = syz_init_net_socket$ax25(0x3, 0x5, 0xcb)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
close$fd_v4l2_buffer(0xffffffffffffffff)
r9 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r9, 0x8914, &(0x7f0000000000))
bind$ax25(r7, &(0x7f0000000540)={{0x3, @bcast, 0x1}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
connect$ax25(r7, &(0x7f00000001c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x5}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
close_range(r4, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r10=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r10, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b400000000000032f0558728296fff513631968c00009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
read$FUSE(r1, &(0x7f0000001f40)={0x2020}, 0x2020)

2.12934176s ago: executing program 2 (id=761):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x15, 0x800000, 0x10008, 0x8})
write$bt_hci(r0, &(0x7f0000000080)=ANY=[], 0x6)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x0, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x121a02, 0x0)
sendfile(r2, r1, &(0x7f0000002700)=0x1, 0x8)
getsockopt$bt_sco_SCO_OPTIONS(r1, 0x11, 0x1, &(0x7f0000000040)=""/22, &(0x7f00000000c0)=0x16)

2.129112029s ago: executing program 2 (id=762):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000540)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000fef000/0x1000)=nil})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="1e000000000000000100000007"], 0x50)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000042c0)='fdinfo/3\x00')
read$FUSE(r3, &(0x7f0000004300)={0x2020}, 0x2020)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendmsg$alg(r7, &(0x7f0000008dc0)={0x0, 0x0, &(0x7f0000008cc0)=[{&(0x7f0000008a40)="7c72bf03f7d9c0fd0826786ffcfb99e55c1272594d5be5c7f1de9562bbf652", 0x1f}, {&(0x7f0000008c80)="9d", 0x7fffefe1}], 0x2}, 0x0)

2.036374743s ago: executing program 0 (id=765):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(0xffffffffffffffff, 0xc05c5340, &(0x7f0000000440))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ff5000/0xb000)=nil, 0xb000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/5, 0x5}, &(0x7f0000001340)=0x40)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_ENCAP(r3, 0x113, 0x1, &(0x7f0000000140)=0x1, 0x4)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x2)
readv(r4, &(0x7f0000000300)=[{&(0x7f0000001300)=""/229, 0xe5}], 0x1)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00"], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff03", 0x2c}], 0x1)

1.719850591s ago: executing program 1 (id=766):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x1, 0x20105)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/fs/cgroup', 0x0, 0x0)
getdents(r3, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)
sendmsg$NL80211_CMD_SET_MPATH(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x28, r4, 0x1, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x2040810)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb011a52f436dd2a", 0x2a}], 0x1)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r5, &(0x7f0000000040)={0x1f, @none}, 0x8)
getsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0x7, &(0x7f0000000540), &(0x7f0000000580)=0x4)
ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f0000000140))
r6 = socket$igmp6(0xa, 0x3, 0x2)
r7 = socket$packet(0x11, 0x3, 0x300)
r8 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r9 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r10=>0x0})
r11 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=@bridge_setlink={0x20, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r10}}, 0x20}}, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000002c0)={&(0x7f00000000c0)="8197fedc4299cf4aa118a25de15fccf6e828ddcdec0b1f5594c9571b8e4154528c8a3099fa468ece1208", 0x0, &(0x7f0000000180), &(0x7f0000000200)="b11d09f5f73d7f412387e3dce2627386", 0x2, r8}, 0x38)
write$uinput_user_dev(r8, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0xa, 0x3, 0xffff2d33, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0x41, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x0, 0x5, 0x3c, 0x8f, 0x6, 0x6, 0x3, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x204, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x8000, 0x200010, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x6c9, 0x9, 0xfffffffc, 0x3, 0x0, 0x7, 0x5, 0x20002f, 0xe, 0x312, 0x78, 0xea4, 0xa, 0x4, 0x4, 0x8000, 0x9, 0x400, 0x1, 0x5, 0x1, 0xff, 0xffff8001, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x9, 0x4, 0x9, 0x8, 0x8, 0x6, 0x5, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x5, 0x3, 0x4, 0x1, 0x7, 0x6, 0x9, 0x48c93690, 0x2, 0xff], [0x7, 0x4, 0x0, 0x64e, 0xfffffdfe, 0x3ea, 0x8d2, 0x100009, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x7, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x10000009, 0x3e7, 0x2, 0x5, 0x4, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x5, 0x3e, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x0, 0xa2, 0x7, 0x1, 0x1, 0x4, 0x54fe12d2, 0xbf, 0xb, 0x3, 0x400000, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0x0, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x100001ff, 0x6, 0x0, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xa620, 0x2, 0x200005, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000000, 0x3, 0x8, 0x81, 0x3, 0x3, 0xffff, 0x3, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x4, 0x9, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ioctl$SNDCTL_DSP_CHANNELS(r8, 0xc0045006, &(0x7f0000000040)=0x401)
r12 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000008c0), 0x900, 0x0)
ioctl$CDROM_SELECT_SPEED(r12, 0x5322, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000300)={'rose0\x00', <r13=>0x0})
r14 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r14, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r13], 0x20}}, 0x0)
setsockopt$MRT6_ADD_MIF(r6, 0x29, 0xca, &(0x7f0000000000)={0x1, 0x1, 0x5, r13, 0x2ff4}, 0xc)

1.599960111s ago: executing program 1 (id=767):
sched_setaffinity(0x0, 0x5, &(0x7f0000000000)=0x2)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xc}, [@ldst={0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.519490827s ago: executing program 1 (id=768):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$vsock_stream(0x28, 0x1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0xa0c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
io_setup(0x6, &(0x7f0000001380))
syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00')
vmsplice(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000300)='S', 0x1}], 0x1, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000540)={'#! ', './file0'}, 0xb)
dup3(r0, r1, 0x0)
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
recvmmsg(r6, &(0x7f00000005c0)=[{{0x0, 0x0, 0x0}, 0x200}], 0x1, 0x6142, 0x0)

1.011892269s ago: executing program 2 (id=769):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r3=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x24, r1, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}]}, 0x24}, 0x4, 0x700000002000000, 0x0, 0x2000000}, 0x0)

1.011493413s ago: executing program 0 (id=770):
r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f0000000100), &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000600)="ef", 0x1, r0)
keyctl$unlink(0x9, r1, r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r2)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x14, r3, 0x607, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8801}, 0x4810)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x4e23, 0x90, @local, 0x6}, 0x1c)

1.005819856s ago: executing program 2 (id=771):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f00000005c0)={0x0, r0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f00000006c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r3 = getpgrp(0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000080)=r3, 0x12)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r7, &(0x7f0000000340)={0x230, 0x7d, 0x40, {{0x500, 0xef, 0x0, 0xb000000, {0x0, 0x2, 0x7}, 0x0, 0x0, 0x0, 0x5, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00+Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x03\xb4\x94\xe1', 0x14, '\xcf\xc2m\xd7\xc5\x00\xf0L\xd8_*p\xf5\xe9\x93\x0e<]\xb4Z', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1h\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\b\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x230)
syz_create_resource$binfmt(0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x9, 0x1, 0xb8}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

949.908223ms ago: executing program 0 (id=772):
syz_usb_connect(0x6, 0x7a, &(0x7f00000000c0)=ANY=[], 0x0)
syz_open_dev$sndpcmc(0x0, 0x2, 0x200080)
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x10000, 0x440)
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f00000002c0)={0x9a090a, 0x937})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r2 = dup(r1)
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x5)
r3 = syz_io_uring_setup(0x66e, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0x4000000}, &(0x7f0000000380)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x4, 0x0})
io_uring_enter(r3, 0x567, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001000010700000000000000000a000000060001001400000008000a00", @ANYRES32], 0x24}}, 0x0)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100}, &(0x7f0000000180)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x149282, 0x10)
syz_io_uring_submit(r7, r8, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r1})
io_uring_enter(r6, 0x2def, 0x4000, 0x0, 0x0, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
r9 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_tables_matches\x00')
r10 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
sendfile(r10, r9, 0x0, 0x6)

583.020013ms ago: executing program 1 (id=773):
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
io_setup(0x6, &(0x7f0000001380))
syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00')

582.52593ms ago: executing program 3 (id=774):
r0 = openat$binderfs(0xffffff9c, &(0x7f00000003c0)='./binderfs/custom1\x00', 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000580)={0x68, 0x0, &(0x7f0000000640)=[@dead_binder_done, @increfs, @release={0x40046306, 0x1}, @increfs_done={0x40106308, 0x2}, @release={0x40046306, 0x3}, @acquire_done, @clear_death={0x400c630f, 0x3}, @dead_binder_done], 0xd2, 0x0, &(0x7f0000000480)="bdcb2062e0b5a238b6524c9b59bde4992ec2dd0cc4243c87493cae021a1a92b5d163e311ef362ce761f8cdea7e516aa83802b0799c08746f5f1ed67f225c0a13bf183eaeea022bfe7395ae44e6fcf05fde06b71e26511909cd9bb5c4270014a39a08642de49e153f7f31d0038e07c61f123182b49c33557b6b0d56cec0417acb1e6e8aa15330b3575f9b61eddc8c072fdd94df19668bd9b807f7e66cedfa4f9bc54d8699aba0cab5b741439c671a2f35154622bb7a7a86bea0a82dc6aadd7447a439533d72a917074c1257c87dfc01948614"}) (async)
r1 = openat$ocfs2_control(0xffffff9c, &(0x7f00000005c0), 0x0, 0x0)
mkdirat(r1, &(0x7f0000000600)='./file0\x00', 0x125) (async)
syz_emit_ethernet(0x38e, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c200000086082b9827c186dd63c39e90035811fffe8000000000000000000000000000bb00000000000000000000000000000000170e010800000000fc020000000000000000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aafe880000000000000000000000000101fe880000000000000000000000000001fe80000000000000000000000000001afe8000000000000000000000000000aa320001286800000084007f41670000003300ff48640000002c160000f3000000ba8c03ea1bd19a51d6cb52be261ea382f9a2274a64d3b563b2904b3d7c263798c466878805b378a118e9a6c5463e0589056dc826c337e66a48eef9603adee506dd6cff42f98e432257d8b7798a6ab8554f9666f00e5d196cebacb59518a44d02c48d751159274c20f3133754953293174816e859dca274d0276019f4d391fdbe8a3503201ef5a98cb768c6eea6410401690905356c0b087101020000071000000003020207000200000000000000000100000100000000002b0b000000000000040109c20400000009042cd29ad494e2d0190ba7afd8e7928349ab9c1c55b93320edaf171cf781eb96cb74e064cab8dfffd44859b9abd504010101030000000401fac91000000000000000000000ffffac1e2101c204000027560000000000000122000000000000c20480000001040106c910fe8000000000000000000000000000bb04f87b336ae99f5e0ff7f9c84f928065c3dce01ea2ae61f700b9e93ab6e4809861151d8c2aeb271a41ab5834a61e985de1c20503b4efa299dbe6df66ea49331e2f7ce87454e2e7e54e75af377d7e86028465d0ad13bac2bd431cb8972e0b53a3089b4f5bb5f9a0ac5264b8888f46d353bbc564877645ed47382930c887171add4180e806641ccc27865ed91d4036d6a8f483e47c47191d573e1480436132453092b8e0e0b7453fd590cf79c184677acc7697c9b3e5229ee831ac5307c663bb9e222594e98636a0fc777c821a5fb3418c5cbad93e195377d32664d6c204b9f8441fdeb616d631157f14452b8b6f7dd0a5ddd166e96143d98987af0000006c0604030040f9fffe80000000000000000000000000004300000000000000000000000000000000fe8000000000000000000000000000bb4e214e22004890780300000000000000bdb05bf4e762849cbe730f8cac13c177abd388407d3631a2d020a17bb92d5cf2470bcc05f7451f62af9d99a66c6c7d67f1436e0abb22030e"], 0x0) (async)
recvmsg$unix(r1, &(0x7f0000000c80)={&(0x7f0000000400)=@abs, 0x6e, &(0x7f0000000bc0), 0x0, &(0x7f0000000cc0)=[@cred={{0x18}}, @cred={{0x18}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe4}, 0x2000)

499.811684ms ago: executing program 3 (id=775):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x1, 0x20105)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/fs/cgroup', 0x0, 0x0)
getdents(r3, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)
sendmsg$NL80211_CMD_SET_MPATH(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x28, r4, 0x1, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x2040810)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb011a52f436dd2a", 0x2a}], 0x1)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r5, &(0x7f0000000040)={0x1f, @none}, 0x8)
getsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0x7, &(0x7f0000000540), &(0x7f0000000580)=0x4)
ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f0000000140))
r6 = socket$igmp6(0xa, 0x3, 0x2)
r7 = socket$packet(0x11, 0x3, 0x300)
r8 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r9 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r10=>0x0})
r11 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=@bridge_setlink={0x20, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r10}}, 0x20}}, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000002c0)={&(0x7f00000000c0)="8197fedc4299cf4aa118a25de15fccf6e828ddcdec0b1f5594c9571b8e4154528c8a3099fa468ece1208", 0x0, &(0x7f0000000180), &(0x7f0000000200)="b11d09f5f73d7f412387e3dce2627386", 0x2, r8}, 0x38)
write$uinput_user_dev(r8, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0xa, 0x3, 0xffff2d33, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0x41, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x0, 0x5, 0x3c, 0x8f, 0x6, 0x6, 0x3, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x204, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x8000, 0x200010, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x6c9, 0x9, 0xfffffffc, 0x3, 0x0, 0x7, 0x5, 0x20002f, 0xe, 0x312, 0x78, 0xea4, 0xa, 0x4, 0x4, 0x8000, 0x9, 0x400, 0x1, 0x5, 0x1, 0xff, 0xffff8001, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x9, 0x4, 0x9, 0x8, 0x8, 0x6, 0x5, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x5, 0x3, 0x4, 0x1, 0x7, 0x6, 0x9, 0x48c93690, 0x2, 0xff], [0x7, 0x4, 0x0, 0x64e, 0xfffffdfe, 0x3ea, 0x8d2, 0x100009, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x7, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x10000009, 0x3e7, 0x2, 0x5, 0x4, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x5, 0x3e, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x0, 0xa2, 0x7, 0x1, 0x1, 0x4, 0x54fe12d2, 0xbf, 0xb, 0x3, 0x400000, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0x0, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x100001ff, 0x6, 0x0, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xa620, 0x2, 0x200005, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000000, 0x3, 0x8, 0x81, 0x3, 0x3, 0xffff, 0x3, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x4, 0x9, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ioctl$SNDCTL_DSP_CHANNELS(r8, 0xc0045006, &(0x7f0000000040)=0x401)
r12 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000008c0), 0x900, 0x0)
ioctl$CDROM_SELECT_SPEED(r12, 0x5322, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000300)={'rose0\x00', <r13=>0x0})
r14 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r14, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r13], 0x20}}, 0x0)
setsockopt$MRT6_ADD_MIF(r6, 0x29, 0xca, &(0x7f0000000000)={0x1, 0x1, 0x5, r13, 0x2ff4}, 0xc)

369.527531ms ago: executing program 3 (id=776):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0xc623ec0a8b5ff29e)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000500)={0x0, 0x200, 0x0, 'queue0\x00', 0xf})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x0, 0x1}})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01)
write$sndseq(r2, &(0x7f0000000080)=[{0x1e, 0x0, 0x0, 0xfd, @time, {}, {}, @result}], 0x1c)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r4 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4)
r5 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x9)
ioctl$GIO_FONTX(r5, 0x4b6b, &(0x7f0000000080)={0x80, 0x1c, &(0x7f00000006c0)})
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
r6 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r6, 0x890b, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x1)

189.875899ms ago: executing program 1 (id=777):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x7, 0x4, 0x20, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f00000006c0)={r0, 0x58, &(0x7f0000000100)}, 0x87)
r1 = socket$inet6(0xa, 0x3, 0x5)
socket(0x840000000002, 0x3, 0x100)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$FS_IOC_FSSETXATTR(r2, 0x8004e500, &(0x7f0000000600)={0x3, 0x800000, 0x5, 0x2})
setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x9e, &(0x7f0000000240)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x68, 0x3a, 0xff, @remote, @mcast2, {[@fragment={0x87, 0x0, 0xf, 0x0, 0x0, 0xc, 0x65}, @fragment={0x3c, 0x0, 0xb, 0x0, 0x0, 0x1, 0x67}, @fragment={0x89, 0x0, 0x4, 0x1, 0x0, 0x8, 0x67}, @fragment={0x87, 0x0, 0x3, 0x0, 0x0, 0x9, 0x66}, @srh={0xc, 0x6, 0x4, 0x3, 0x91, 0x10, 0x0, [@local, @dev={0xfe, 0x80, '\x00', 0x32}, @private2]}], @ndisc_ra={0x86, 0x0, 0x0, 0x1, 0x0, 0x2, 0xfffffffe, 0x4}}}}}}, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000002e40)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "7428dd", 0x28, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_na={0x89, 0x0, 0x0, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [{0x0, 0x2, "122b472e41e24b11f34b608816e5"}]}}}}}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="07000000040000001800000042a00000000000", @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000f40)={r3, 0x0, 0x0}, 0x20)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000008000400699b000008001b"], 0x30}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r5 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x107)
sendmmsg(r1, &(0x7f0000000200)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x0, @dev={0xfe, 0x80, '\x00', 0x40}, 0x3}, 0x80, 0x0}, 0x5b4}], 0x1, 0x0)

60.267672ms ago: executing program 1 (id=778):
r0 = syz_open_dev$dri(&(0x7f0000000280), 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.swap.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000010700)={'#! ', './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0xfffffffffffffef0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x12, r1, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000200)={0x0, 0x0, 0x0})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400), 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/63, 0x3f}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_CREATE_DEVICE(r4, 0xc018aec0, &(0x7f00000000c0)={0x1})
write$cgroup_pressure(r1, &(0x7f0000000000)={'full', 0x20, 0x10, 0x20, 0x9}, 0x2f)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r5, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x4, @loopback}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x20000014, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendmsg$key(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[], 0x30}}, 0x4851)
sendto$inet6(r5, &(0x7f00000003c0)="9a78c8", 0xfffffffffffffdb8, 0x0, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000005000/0xb000)=nil, 0xb000, 0x0, 0x0, 0x0, &(0x7f00000004c0)=""/207, 0xcf, 0x0, 0x0}, &(0x7f0000000040)=0x40)
getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x0, 0x0, &(0x7f0000000080)=0xfffffffffffffca2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)

0s ago: executing program 2 (id=779):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(0xffffffffffffffff, 0xc05c5340, &(0x7f0000000440))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ff5000/0xb000)=nil, 0xb000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/5, 0x5}, &(0x7f0000001340)=0x40)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_ENCAP(r3, 0x113, 0x1, &(0x7f0000000140)=0x1, 0x4)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x2)
readv(r4, &(0x7f0000000300)=[{&(0x7f0000001300)=""/229, 0xe5}], 0x1)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00"], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300", 0x42}], 0x1)

kernel console output (not intermixed with test programs):

omm="syz.0.1" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[   46.533684][   T40] audit: type=1326 audit(1742951531.919:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6019 comm="syz.0.1" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[   46.551819][ T6027] batman_adv: batadv0: Adding interface: ip6gretap1
[   46.553709][ T6027] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.562154][ T6027] batman_adv: batadv0: Interface activated: ip6gretap1
[   46.579200][ T6027] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5
[   46.666069][ T5315] Bluetooth: hci3: command tx timeout
[   46.675016][ T5315] Bluetooth: hci0: command tx timeout
[   46.814895][ T5315] Bluetooth: hci1: command tx timeout
[   46.816826][ T5315] Bluetooth: hci2: command tx timeout
[   47.199865][ T6025] serio: Serial port ptm0
[   47.396296][ T6038] overlayfs: upper fs does not support RENAME_WHITEOUT.
[   47.398904][ T6038] overlayfs: failed to set xattr on upper
[   47.400591][ T6038] overlayfs: ...falling back to redirect_dir=nofollow.
[   47.402835][ T6038] overlayfs: ...falling back to index=off.
[   47.406873][ T6038] overlayfs: ...falling back to uuid=null.
[   47.412009][ T6038] overlayfs: ...falling back to xino=off.
[   47.454955][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   47.459573][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   47.521246][ T6041] batman_adv: batadv0: Adding interface: ip6gretap1
[   47.523072][ T6041] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.530376][ T6041] batman_adv: batadv0: Interface activated: ip6gretap1
[   47.546095][ T6047] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   47.625167][ T6052] loop4: detected capacity change from 0 to 8
[   47.628418][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   47.631018][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   47.647653][    C3] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   47.650236][    C3] Buffer I/O error on dev loop4, logical block 0, async page read
[   47.652537][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   47.655086][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   47.657758][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   47.660289][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   47.663577][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   47.666139][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   47.669779][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   47.672353][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   47.674834][    C3] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   47.677920][    C3] Buffer I/O error on dev loop4, logical block 0, async page read
[   47.680578][    C3] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   47.684070][    C3] Buffer I/O error on dev loop4, logical block 0, async page read
[   47.686964][ T6052] ldm_validate_partition_table(): Disk read failed.
[   47.689041][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   47.691353][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   47.693769][    C3] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   47.696649][    C3] Buffer I/O error on dev loop4, logical block 0, async page read
[   47.701631][ T6052] Dev loop4: unable to read RDB block 0
[   47.703713][ T6052]  loop4: unable to read partition table
[   47.705374][ T6052] loop4: partition table beyond EOD, truncated
[   47.707230][ T6052] loop_reread_partitions: partition scan of loop4 (3Ÿ¾‚³˜) failed (rc=-5)
[   47.855817][ T6058] block nbd3: Device being setup by another task
[   48.364865][ T5954] block nbd3: Receive control failed (result -32)
[   48.497952][ T6049] block nbd3: shutting down sockets
[   48.540026][ T6069] PM: Enabling pm_trace changes system date and time during resume.
[   48.540026][ T6069] PM: Correct system time has to be restored manually after resume.
[   48.634444][ T6072] PM: Enabling pm_trace changes system date and time during resume.
[   48.634444][ T6072] PM: Correct system time has to be restored manually after resume.
[   48.745534][ T5315] Bluetooth: hci3: command tx timeout
[   48.747536][ T5954] Bluetooth: hci0: command tx timeout
[   48.784856][ T6012] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   48.824983][ T5954] Bluetooth: hci2: command tx timeout
[   48.825036][ T5315] Bluetooth: hci1: command tx timeout
[   48.884916][   T24] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   48.936565][ T6012] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   48.939447][ T6012] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   48.942098][ T6012] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[   48.944453][ T6012] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   48.948353][ T6012] usb 8-1: config 0 descriptor??
[   49.037590][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   49.040609][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   49.043562][   T24] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[   49.047137][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   49.052021][   T24] usb 6-1: config 0 descriptor??
[   49.386815][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   49.437354][ T6012] pyra 0003:1E7D:2CF6.0002: unknown global tag 0xd
[   49.440106][ T6012] pyra 0003:1E7D:2CF6.0002: item 0 1 1 13 parsing failed
[   49.446127][ T6012] pyra 0003:1E7D:2CF6.0002: parse failed
[   49.449004][ T6012] pyra 0003:1E7D:2CF6.0002: probe with driver pyra failed with error -22
[   49.462303][   T24] pyra 0003:1E7D:2CF6.0003: unknown global tag 0xd
[   49.464152][   T24] pyra 0003:1E7D:2CF6.0003: item 0 1 1 13 parsing failed
[   49.466450][   T24] pyra 0003:1E7D:2CF6.0003: parse failed
[   49.468040][   T24] pyra 0003:1E7D:2CF6.0003: probe with driver pyra failed with error -22
[   49.702397][ T6072] 8021q: adding VLAN 0 to HW filter on device bond0
[   49.707427][ T6072] bond0: (slave rose0): Enslaving as an active interface with an up link
[   50.100092][   T63] usb 8-1: USB disconnect, device number 2
[   50.462933][ T5948] usb 6-1: USB disconnect, device number 2
[   50.476627][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.479132][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.481436][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.483982][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.486468][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.488812][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.491015][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.493254][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.495580][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.498181][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.500935][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.503182][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.505516][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.507732][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.510001][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.512491][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.514917][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.517444][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.535436][   T76] Bluetooth: hci4: Frame reassembly failed (-84)
[   50.543226][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.545579][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.547785][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.549958][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.552198][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.554390][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.557030][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.559952][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.562221][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.564386][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.566645][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.568913][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.571132][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.573356][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: unknown main item tag 0x0
[   50.579195][ T6013] hid-generic 0004:FFFFFFFF:0000.0004: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   50.682565][ T6111] trusted_key: encrypted_key: hex blob is missing
[   50.824868][ T5954] Bluetooth: hci0: command tx timeout
[   50.825061][ T5962] Bluetooth: hci3: command tx timeout
[   50.914923][ T5962] Bluetooth: hci1: command tx timeout
[   50.914953][ T5954] Bluetooth: hci2: command tx timeout
[   51.190778][ T6119] Zero length message leads to an empty skb
[   51.554995][    T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!!
[   51.624958][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   51.685736][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   51.714856][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   51.992916][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   52.535172][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   52.595078][ T5954] Bluetooth: hci4: command 0x1003 tx timeout
[   52.595210][ T5315] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   52.916039][ T5315] Bluetooth: hci3: command tx timeout
[   52.917735][ T5954] Bluetooth: hci0: command tx timeout
[   52.984854][ T5954] Bluetooth: hci1: command tx timeout
[   52.994807][ T5954] Bluetooth: hci2: command tx timeout
[   53.568979][ T6151] trusted_key: encrypted_key: hex blob is missing
[   53.787260][   T40] kauditd_printk_skb: 110 callbacks suppressed
[   53.787269][   T40] audit: type=1326 audit(1742951539.249:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.31" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   53.796265][   T40] audit: type=1326 audit(1742951539.249:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.31" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   53.803794][   T40] audit: type=1326 audit(1742951539.249:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.31" exe="/syz-executor" sig=0 arch=40000003 syscall=16 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   53.809750][   T40] audit: type=1326 audit(1742951539.249:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.31" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   53.815811][   T40] audit: type=1326 audit(1742951539.249:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.31" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   53.821711][   T40] audit: type=1326 audit(1742951539.249:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.31" exe="/syz-executor" sig=0 arch=40000003 syscall=65 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   53.827584][   T40] audit: type=1326 audit(1742951539.249:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.31" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   53.833417][   T40] audit: type=1326 audit(1742951539.249:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.31" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   53.840321][   T40] audit: type=1326 audit(1742951539.249:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.31" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   53.847374][   T40] audit: type=1326 audit(1742951539.249:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.31" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   54.081235][ T6160] loop4: detected capacity change from 0 to 8
[   54.084265][    C3] blk_print_req_error: 7 callbacks suppressed
[   54.084274][    C3] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   54.088902][    C3] buffer_io_error: 6 callbacks suppressed
[   54.088909][    C3] Buffer I/O error on dev loop4, logical block 0, async page read
[   54.093183][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   54.096412][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   54.099444][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   54.102731][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   54.105891][    C3] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   54.108627][    C3] Buffer I/O error on dev loop4, logical block 0, async page read
[   54.110987][    C3] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   54.113760][    C3] Buffer I/O error on dev loop4, logical block 0, async page read
[   54.116779][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   54.119939][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   54.122813][    C3] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   54.126056][    C3] Buffer I/O error on dev loop4, logical block 0, async page read
[   54.129121][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   54.132345][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   54.135212][ T6160] ldm_validate_partition_table(): Disk read failed.
[   54.135778][    C3] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   54.139924][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   54.143170][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   54.146113][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   54.149354][ T6160] Dev loop4: unable to read RDB block 0
[   54.151525][ T6160]  loop4: unable to read partition table
[   54.153581][ T6160] loop4: partition table beyond EOD, truncated
[   54.157054][ T6160] loop_reread_partitions: partition scan of loop4 (3Ÿ¾‚³˜) failed (rc=-5)
[   55.474922][ T5954] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   56.164137][ T6183] PM: Enabling pm_trace changes system date and time during resume.
[   56.164137][ T6183] PM: Correct system time has to be restored manually after resume.
[   56.404861][   T78] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   56.574440][   T78] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   56.578605][   T78] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   56.582158][   T78] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[   56.588712][   T78] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   56.593296][   T78] usb 5-1: config 0 descriptor??
[   57.002961][   T78] pyra 0003:1E7D:2CF6.0005: unknown global tag 0xd
[   57.004922][   T78] pyra 0003:1E7D:2CF6.0005: item 0 1 1 13 parsing failed
[   57.007002][   T78] pyra 0003:1E7D:2CF6.0005: parse failed
[   57.008586][   T78] pyra 0003:1E7D:2CF6.0005: probe with driver pyra failed with error -22
[   57.218504][ T6183] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[   57.308235][   T78] usb 5-1: USB disconnect, device number 2
[   57.528467][ T6209] loop4: detected capacity change from 0 to 8
[   57.531079][ T6209] ldm_validate_partition_table(): Disk read failed.
[   57.533333][ T6209] Dev loop4: unable to read RDB block 0
[   57.535275][ T6209]  loop4: unable to read partition table
[   57.536969][ T6209] loop4: partition table beyond EOD, truncated
[   57.538772][ T6209] loop_reread_partitions: partition scan of loop4 (3Ÿ¾‚³˜) failed (rc=-5)
[   57.962499][ T6219] batman_adv: batadv0: Adding interface: ip6gretap1
[   57.964517][ T6219] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.971574][ T6219] batman_adv: batadv0: Interface activated: ip6gretap1
[   58.897380][   T40] kauditd_printk_skb: 71 callbacks suppressed
[   58.897389][   T40] audit: type=1326 audit(1742951544.359:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.2.51" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000
[   58.908073][   T40] audit: type=1326 audit(1742951544.369:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.2.51" exe="/syz-executor" sig=0 arch=40000003 syscall=16 compat=1 ip=0xf7f30579 code=0x7ffc0000
[   58.913898][   T40] audit: type=1326 audit(1742951544.369:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.2.51" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000
[   58.919794][   T40] audit: type=1326 audit(1742951544.369:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.2.51" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000
[   58.925760][   T40] audit: type=1326 audit(1742951544.369:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.2.51" exe="/syz-executor" sig=0 arch=40000003 syscall=65 compat=1 ip=0xf7f30579 code=0x7ffc0000
[   58.931598][   T40] audit: type=1326 audit(1742951544.369:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.2.51" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000
[   58.937498][   T40] audit: type=1326 audit(1742951544.369:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.2.51" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f30579 code=0x7ffc0000
[   58.943752][   T40] audit: type=1326 audit(1742951544.369:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.2.51" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000
[   58.949799][   T40] audit: type=1326 audit(1742951544.369:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.2.51" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f30579 code=0x7ffc0000
[   58.956542][   T40] audit: type=1326 audit(1742951544.369:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.2.51" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000
[   59.563048][ T6252] syz.0.55 uses obsolete (PF_INET,SOCK_PACKET)
[   59.576982][ T6252] 9pnet_fd: Insufficient options for proto=fd
[   59.634856][   T29] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   59.874801][   T29] usb 6-1: Using ep0 maxpacket: 32
[   59.878377][   T29] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[   59.882559][   T29] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   59.885397][   T29] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   59.887670][   T29] usb 6-1: Product: syz
[   59.888908][   T29] usb 6-1: Manufacturer: syz
[   59.890255][   T29] usb 6-1: SerialNumber: syz
[   59.892340][   T29] usb 6-1: config 0 descriptor??
[   59.894088][ T6246] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   60.106461][ T5948] usb 6-1: USB disconnect, device number 3
[   60.310284][ T6246] netlink: 'syz.1.53': attribute type 21 has an invalid length.
[   60.312628][ T6246] netlink: 132 bytes leftover after parsing attributes in process `syz.1.53'.
[   60.585740][   T70] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[   61.011607][ T6258] PM: Enabling pm_trace changes system date and time during resume.
[   61.011607][ T6258] PM: Correct system time has to be restored manually after resume.
[   61.149008][ T6266] loop4: detected capacity change from 0 to 8
[   61.150926][    C2] blk_print_req_error: 24 callbacks suppressed
[   61.150935][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   61.155177][    C2] buffer_io_error: 22 callbacks suppressed
[   61.155183][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   61.158956][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   61.161337][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   61.163731][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   61.166254][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   61.168415][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   61.170816][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   61.174019][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   61.176605][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   61.178839][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   61.181335][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   61.184176][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   61.186799][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   61.190647][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   61.193251][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   61.196463][ T6266] ldm_validate_partition_table(): Disk read failed.
[   61.198377][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   61.200867][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   61.203681][    C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   61.206327][    C2] Buffer I/O error on dev loop4, logical block 0, async page read
[   61.210119][ T6266] Dev loop4: unable to read RDB block 0
[   61.211968][ T6266]  loop4: unable to read partition table
[   61.213602][ T6266] loop4: partition table beyond EOD, truncated
[   61.215382][ T6266] loop_reread_partitions: partition scan of loop4 (3Ÿ¾‚³˜) failed (rc=-5)
[   61.412982][ T6273] warning: `syz.2.57' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   62.758865][ T6293] batman_adv: batadv0: Adding interface: ip6gretap1
[   62.761467][ T6293] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.769438][ T6293] batman_adv: batadv0: Interface activated: ip6gretap1
[   63.085667][ T6303] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«=
[   63.181968][ T6296] [U] t))
[   64.042733][ T6315] mmap: syz.3.68 (6315) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   64.377224][ T6318] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input7
[   65.070602][   T40] kauditd_printk_skb: 27 callbacks suppressed
[   65.070631][   T40] audit: type=1326 audit(1742951550.529:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6336 comm="syz.1.74" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[   65.106264][   T40] audit: type=1326 audit(1742951550.529:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6336 comm="syz.1.74" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[   65.112247][   T40] audit: type=1326 audit(1742951550.529:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6336 comm="syz.1.74" exe="/syz-executor" sig=0 arch=40000003 syscall=218 compat=1 ip=0xf73be579 code=0x7ffc0000
[   65.120137][   T40] audit: type=1326 audit(1742951550.529:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6336 comm="syz.1.74" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[   65.126562][   T40] audit: type=1326 audit(1742951550.529:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6336 comm="syz.1.74" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[   65.132980][   T40] audit: type=1326 audit(1742951550.539:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6336 comm="syz.1.74" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf73be579 code=0x7ffc0000
[   65.139556][   T40] audit: type=1326 audit(1742951550.539:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6336 comm="syz.1.74" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[   65.146807][   T40] audit: type=1326 audit(1742951550.539:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6336 comm="syz.1.74" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[   65.152966][   T40] audit: type=1326 audit(1742951550.539:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6336 comm="syz.1.74" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[   65.159601][   T40] audit: type=1326 audit(1742951550.539:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6336 comm="syz.1.74" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[   65.605215][ T6344] netlink: 24 bytes leftover after parsing attributes in process `syz.3.75'.
[   65.608486][ T6344] netlink: 'syz.3.75': attribute type 1 has an invalid length.
[   65.624044][ T6344] netlink: 8 bytes leftover after parsing attributes in process `syz.3.75'.
[   65.627575][ T6344] netlink: 8 bytes leftover after parsing attributes in process `syz.3.75'.
[   66.547646][ T6365] syz.2.81: attempt to access beyond end of device
[   66.547646][ T6365] nbd2: rw=0, sector=2, nr_sectors = 1 limit=0
[   68.110752][   T76] Bluetooth: hci4: Frame reassembly failed (-84)
[   68.226014][ T6411] trusted_key: encrypted_key: keylen parameter is missing
[   68.382270][   T67] Bluetooth: hci5: Frame reassembly failed (-84)
[   68.495808][ T6416] trusted_key: encrypted_key: hex blob is missing
[   68.778123][ T6423] syzkaller0: entered promiscuous mode
[   68.779702][ T6423] syzkaller0: entered allmulticast mode
[   69.375589][ T6426] netlink: 9 bytes leftover after parsing attributes in process `syz.2.98'.
[   69.379229][ T6426] 0·: renamed from hsr0 (while UP)
[   69.384130][ T6426] 0·: entered allmulticast mode
[   69.386341][ T6426] hsr_slave_0: entered allmulticast mode
[   69.388626][ T6426] hsr_slave_1: entered allmulticast mode
[   69.392105][ T6426] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[   70.184861][ T5954] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   70.425095][ T5315] Bluetooth: hci5: Opcode 0x1003 failed: -110
[   70.425129][ T5954] Bluetooth: hci5: command 0x1003 tx timeout
[   70.748538][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[   70.750511][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[   72.745718][   T63] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[   73.734716][ T6472] PM: Enabling pm_trace changes system date and time during resume.
[   73.734716][ T6472] PM: Correct system time has to be restored manually after resume.
[   73.861792][ T6476] block device autoloading is deprecated and will be removed.
[   74.061443][ T6479] 9pnet_fd: Insufficient options for proto=fd
[   74.113333][ T5954] Bluetooth: hci4: sending frame failed (-49)
[   74.115725][ T5315] Bluetooth: hci4: Opcode 0x1003 failed: -49
[   74.144922][   T78] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   74.225842][ T6485] trusted_key: encrypted_key: hex blob is missing
[   74.316701][   T78] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   74.319720][   T78] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   74.322376][   T78] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[   74.325203][   T78] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.328038][   T78] usb 6-1: config 0 descriptor??
[   74.736913][   T78] pyra 0003:1E7D:2CF6.0006: unknown global tag 0xd
[   74.738764][   T78] pyra 0003:1E7D:2CF6.0006: item 0 1 1 13 parsing failed
[   74.741322][   T78] pyra 0003:1E7D:2CF6.0006: parse failed
[   74.743494][   T78] pyra 0003:1E7D:2CF6.0006: probe with driver pyra failed with error -22
[   74.939708][ T6472] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[   74.951310][   T78] usb 6-1: USB disconnect, device number 4
[   75.535588][ T6502] FAULT_INJECTION: forcing a failure.
[   75.535588][ T6502] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   75.539441][ T6502] CPU: 3 UID: 0 PID: 6502 Comm: syz.0.123 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[   75.539455][ T6502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.539461][ T6502] Call Trace:
[   75.539465][ T6502]  <TASK>
[   75.539468][ T6502]  dump_stack_lvl+0x16c/0x1f0
[   75.539485][ T6502]  should_fail_ex+0x512/0x640
[   75.539497][ T6502]  _copy_to_user+0x32/0xd0
[   75.539510][ T6502]  simple_read_from_buffer+0xe0/0x170
[   75.539529][ T6502]  proc_fail_nth_read+0x197/0x270
[   75.539542][ T6502]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   75.539555][ T6502]  ? rw_verify_area+0xcf/0x680
[   75.539565][ T6502]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   75.539578][ T6502]  vfs_read+0x1de/0xc70
[   75.539590][ T6502]  ? fdget_pos+0x2a2/0x370
[   75.539605][ T6502]  ? __pfx___mutex_lock+0x10/0x10
[   75.539617][ T6502]  ? __pfx_vfs_read+0x10/0x10
[   75.539632][ T6502]  ? __fget_files+0x20e/0x3c0
[   75.539648][ T6502]  ksys_read+0x12a/0x240
[   75.539660][ T6502]  ? __pfx_ksys_read+0x10/0x10
[   75.539673][ T6502]  ? rcu_is_watching+0x12/0xc0
[   75.539684][ T6502]  __do_fast_syscall_32+0x73/0x120
[   75.539698][ T6502]  do_fast_syscall_32+0x32/0x80
[   75.539711][ T6502]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   75.539724][ T6502] RIP: 0023:0xf73ae579
[   75.539731][ T6502] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   75.539740][ T6502] RSP: 002b:00000000f5036590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   75.539750][ T6502] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5036620
[   75.539756][ T6502] RDX: 000000000000000f RSI: 00000000f739cff4 RDI: 0000000000000000
[   75.539762][ T6502] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   75.539767][ T6502] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   75.539772][ T6502] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   75.539782][ T6502]  </TASK>
[   75.736559][ T6509] FAULT_INJECTION: forcing a failure.
[   75.736559][ T6509] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.742881][ T6509] CPU: 3 UID: 0 PID: 6509 Comm: syz.1.125 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[   75.742897][ T6509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.742903][ T6509] Call Trace:
[   75.742906][ T6509]  <TASK>
[   75.742910][ T6509]  dump_stack_lvl+0x16c/0x1f0
[   75.742935][ T6509]  should_fail_ex+0x512/0x640
[   75.742950][ T6509]  _copy_from_user+0x2e/0xd0
[   75.742962][ T6509]  kvm_arch_vcpu_ioctl+0x1fb6/0x50d0
[   75.742979][ T6509]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[   75.742992][ T6509]  ? bpf_trace_run2+0x265/0x590
[   75.743006][ T6509]  ? bpf_trace_run2+0x2a5/0x590
[   75.743017][ T6509]  ? __pfx_bpf_trace_run2+0x10/0x10
[   75.743030][ T6509]  ? __lock_acquire+0xaa4/0x1ba0
[   75.743046][ T6509]  ? __bpf_trace_contention_end+0xc9/0x110
[   75.743059][ T6509]  ? __pfx___bpf_trace_contention_end+0x10/0x10
[   75.743076][ T6509]  ? __pfx___might_resched+0x10/0x10
[   75.743088][ T6509]  ? rcu_is_watching+0x12/0xc0
[   75.743098][ T6509]  ? trace_contention_end+0xdd/0x130
[   75.743112][ T6509]  ? __mutex_lock+0x1cb/0xb00
[   75.743134][ T6509]  ? kvm_vcpu_ioctl+0x27e/0x1680
[   75.743151][ T6509]  ? __pfx___mutex_lock+0x10/0x10
[   75.743167][ T6509]  ? kasan_quarantine_put+0x10a/0x240
[   75.743183][ T6509]  ? kvm_vcpu_ioctl+0x1232/0x1680
[   75.743196][ T6509]  kvm_vcpu_ioctl+0x1232/0x1680
[   75.743211][ T6509]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   75.743226][ T6509]  ? tomoyo_path_number_perm+0x18d/0x580
[   75.743240][ T6509]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   75.743252][ T6509]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   75.743268][ T6509]  ? do_vfs_ioctl+0x512/0x1990
[   75.743279][ T6509]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   75.743301][ T6509]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[   75.743316][ T6509]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[   75.743331][ T6509]  ? __fget_files+0x20e/0x3c0
[   75.743346][ T6509]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[   75.743360][ T6509]  __do_compat_sys_ioctl+0x1cb/0x2c0
[   75.743372][ T6509]  __do_fast_syscall_32+0x73/0x120
[   75.743386][ T6509]  do_fast_syscall_32+0x32/0x80
[   75.743399][ T6509]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   75.743411][ T6509] RIP: 0023:0xf73be579
[   75.743420][ T6509] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   75.743429][ T6509] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   75.743439][ T6509] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00000000c048aeca
[   75.743445][ T6509] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000
[   75.743450][ T6509] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   75.743455][ T6509] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   75.743461][ T6509] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   75.743471][ T6509]  </TASK>
[   75.828164][ T6510] netlink: 9 bytes leftover after parsing attributes in process `syz.0.124'.
[   75.831196][ T6510] 0·: renamed from hsr0 (while UP)
[   75.837935][ T6510] 0·: entered allmulticast mode
[   75.839329][ T6510] hsr_slave_0: entered allmulticast mode
[   75.840920][ T6510] hsr_slave_1: entered allmulticast mode
[   75.843246][ T6510] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[   75.918530][  T220] Bluetooth: hci4: Frame reassembly failed (-84)
[   76.039205][ T6523] trusted_key: encrypted_key: hex blob is missing
[   76.194870][ T5962] Bluetooth: hci3: command 0x0405 tx timeout
[   76.700789][ T6533] serio: Serial port ptm1
[   77.954863][ T5954] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   77.956741][ T5962] Bluetooth: hci4: command 0x1003 tx timeout
[   79.752497][ T6577] serio: Serial port ptm0
[   79.933357][ T6589] trusted_key: encrypted_key: hex blob is missing
[   80.987278][   T71] cfg80211: failed to load regulatory.db
[   81.024646][ T6610] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   81.112694][ T6617] netlink: 56 bytes leftover after parsing attributes in process `syz.1.153'.
[   81.864907][ T5954] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   82.291282][ T6637] program syz.0.158 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   82.543696][ T5948] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   82.547732][ T6633] serio: Serial port ptm0
[   82.714797][ T5948] usb 5-1: Using ep0 maxpacket: 16
[   82.720747][ T5948] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[   82.730498][ T5948] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[   82.735548][ T5948] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.739973][ T5948] usb 5-1: Product: syz
[   82.742223][ T5948] usb 5-1: Manufacturer: syz
[   82.744609][ T5948] usb 5-1: SerialNumber: syz
[   82.749023][ T5948] usb 5-1: config 0 descriptor??
[   82.754263][ T5948] hub 5-1:0.0: bad descriptor, ignoring hub
[   82.756386][ T5948] hub 5-1:0.0: probe with driver hub failed with error -5
[   82.765464][ T5948] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input8
[   83.089389][ T6646] netlink: 16 bytes leftover after parsing attributes in process `syz.0.158'.
[   83.092358][ T6646] netlink: 20 bytes leftover after parsing attributes in process `syz.0.158'.
[   83.098994][ T6646] geneve0: entered allmulticast mode
[   83.127596][   T29] usb 5-1: USB disconnect, device number 3
[   83.142714][ T6650] netlink: 52 bytes leftover after parsing attributes in process `syz.1.161'.
[   83.467487][ T6657] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input9
[   83.970605][ T6677] trusted_key: encrypted_key: insufficient parameters specified
[   84.170980][ T6689] serio: Serial port ptm1
[   85.260715][ T6708] netlink: 4 bytes leftover after parsing attributes in process `syz.3.177'.
[   85.263302][ T6708] bridge_slave_1: left allmulticast mode
[   85.264965][ T6708] bridge_slave_1: left promiscuous mode
[   85.266612][ T6708] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.271387][ T6708] bridge_slave_0: left allmulticast mode
[   85.273746][ T6708] bridge_slave_0: left promiscuous mode
[   85.275581][ T6708] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.864878][ T5962] Bluetooth: hci4: command 0x1003 tx timeout
[   85.864936][ T5954] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   86.136564][ T6717] serio: Serial port ptm0
[   86.700883][ T6740] FAULT_INJECTION: forcing a failure.
[   86.700883][ T6740] name failslab, interval 1, probability 0, space 0, times 0
[   86.705177][ T6740] CPU: 3 UID: 0 PID: 6740 Comm: syz.3.186 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[   86.705191][ T6740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.705197][ T6740] Call Trace:
[   86.705200][ T6740]  <TASK>
[   86.705204][ T6740]  dump_stack_lvl+0x16c/0x1f0
[   86.705220][ T6740]  should_fail_ex+0x512/0x640
[   86.705231][ T6740]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[   86.705247][ T6740]  should_failslab+0xc2/0x120
[   86.705262][ T6740]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[   86.705276][ T6740]  ? __d_alloc+0x31/0xaa0
[   86.705286][ T6740]  __d_alloc+0x31/0xaa0
[   86.705295][ T6740]  d_alloc+0x4a/0x1e0
[   86.705304][ T6740]  lookup_one_qstr_excl+0x175/0x260
[   86.705314][ T6740]  ? mnt_want_write+0x161/0x450
[   86.705327][ T6740]  filename_create+0x1e7/0x4a0
[   86.705339][ T6740]  ? __pfx_filename_create+0x10/0x10
[   86.705353][ T6740]  ? __virt_addr_valid+0x5e/0x590
[   86.705367][ T6740]  ? __phys_addr_symbol+0x30/0x80
[   86.705380][ T6740]  do_mkdirat+0xaa/0x3e0
[   86.705393][ T6740]  ? strncpy_from_user+0x20a/0x2d0
[   86.705409][ T6740]  ? __pfx_do_mkdirat+0x10/0x10
[   86.705422][ T6740]  ? getname_flags.part.0+0x1c2/0x540
[   86.705434][ T6740]  __ia32_sys_mkdirat+0x82/0xb0
[   86.705449][ T6740]  __do_fast_syscall_32+0x73/0x120
[   86.705462][ T6740]  do_fast_syscall_32+0x32/0x80
[   86.705475][ T6740]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   86.705488][ T6740] RIP: 0023:0xf73ce579
[   86.705495][ T6740] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   86.705504][ T6740] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000128
[   86.705514][ T6740] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000040
[   86.705520][ T6740] RDX: 000000000000000c RSI: 0000000000000000 RDI: 0000000000000000
[   86.705525][ T6740] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   86.705530][ T6740] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   86.705535][ T6740] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   86.705545][ T6740]  </TASK>
[   87.309889][ T6757] trusted_key: encrypted_key: insufficient parameters specified
[   87.502125][ T6760] serio: Serial port ptm1
[   87.687253][ T6764] batman_adv: batadv0: Adding interface: gretap1
[   87.689234][ T6764] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[   88.352892][ T6782] FAULT_INJECTION: forcing a failure.
[   88.352892][ T6782] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.357453][ T6782] CPU: 2 UID: 0 PID: 6782 Comm: syz.1.200 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[   88.357466][ T6782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.357472][ T6782] Call Trace:
[   88.357475][ T6782]  <TASK>
[   88.357479][ T6782]  dump_stack_lvl+0x16c/0x1f0
[   88.357495][ T6782]  should_fail_ex+0x512/0x640
[   88.357508][ T6782]  _copy_to_user+0x32/0xd0
[   88.357520][ T6782]  simple_read_from_buffer+0xe0/0x170
[   88.357533][ T6782]  proc_fail_nth_read+0x197/0x270
[   88.357546][ T6782]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   88.357559][ T6782]  ? rw_verify_area+0xcf/0x680
[   88.357570][ T6782]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   88.357583][ T6782]  vfs_read+0x1de/0xc70
[   88.357595][ T6782]  ? fdget_pos+0x2a2/0x370
[   88.357610][ T6782]  ? __pfx___mutex_lock+0x10/0x10
[   88.357622][ T6782]  ? __pfx_vfs_read+0x10/0x10
[   88.357637][ T6782]  ? __fget_files+0x20e/0x3c0
[   88.357652][ T6782]  ksys_read+0x12a/0x240
[   88.357665][ T6782]  ? __pfx_ksys_read+0x10/0x10
[   88.357678][ T6782]  ? rcu_is_watching+0x12/0xc0
[   88.357689][ T6782]  __do_fast_syscall_32+0x73/0x120
[   88.357703][ T6782]  do_fast_syscall_32+0x32/0x80
[   88.357716][ T6782]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   88.357728][ T6782] RIP: 0023:0xf73be579
[   88.357736][ T6782] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   88.357745][ T6782] RSP: 002b:00000000f5046590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   88.357754][ T6782] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5046620
[   88.357760][ T6782] RDX: 000000000000000f RSI: 00000000f73acff4 RDI: 0000000000000000
[   88.357765][ T6782] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   88.357770][ T6782] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   88.357776][ T6782] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   88.357785][ T6782]  </TASK>
[   89.224860][ T5954] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   89.904090][ T6815] serio: Serial port ptm0
[   90.726829][ T6833] netlink: 4 bytes leftover after parsing attributes in process `syz.0.213'.
[   90.804225][ T6845] FAULT_INJECTION: forcing a failure.
[   90.804225][ T6845] name failslab, interval 1, probability 0, space 0, times 0
[   90.808034][ T6845] CPU: 1 UID: 0 PID: 6845 Comm: syz.3.214 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[   90.808057][ T6845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.808063][ T6845] Call Trace:
[   90.808066][ T6845]  <TASK>
[   90.808070][ T6845]  dump_stack_lvl+0x16c/0x1f0
[   90.808087][ T6845]  should_fail_ex+0x512/0x640
[   90.808097][ T6845]  ? __kmalloc_cache_noprof+0x57/0x3e0
[   90.808111][ T6845]  should_failslab+0xc2/0x120
[   90.808127][ T6845]  __kmalloc_cache_noprof+0x6a/0x3e0
[   90.808139][ T6845]  ? tcp_sendmsg_fastopen+0x24d/0x750
[   90.808155][ T6845]  ? aa_label_sk_perm+0x19b/0x5a0
[   90.808169][ T6845]  tcp_sendmsg_fastopen+0x24d/0x750
[   90.808184][ T6845]  ? rcu_is_watching+0x12/0xc0
[   90.808195][ T6845]  tcp_sendmsg_locked+0x209b/0x38d0
[   90.808213][ T6845]  ? __lock_acquire+0xaa4/0x1ba0
[   90.808229][ T6845]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[   90.808245][ T6845]  ? do_raw_spin_lock+0x12c/0x2b0
[   90.808260][ T6845]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   90.808277][ T6845]  ? __local_bh_enable_ip+0xa4/0x120
[   90.808290][ T6845]  tcp_sendmsg+0x2e/0x50
[   90.808323][ T6845]  ? __pfx_tcp_sendmsg+0x10/0x10
[   90.808337][ T6845]  inet6_sendmsg+0xb9/0x140
[   90.808347][ T6845]  ____sys_sendmsg+0x716/0xc60
[   90.808358][ T6845]  ? __pfx_____sys_sendmsg+0x10/0x10
[   90.808367][ T6845]  ? get_compat_msghdr+0x11a/0x170
[   90.808381][ T6845]  ___sys_sendmsg+0x134/0x1d0
[   90.808395][ T6845]  ? __pfx____sys_sendmsg+0x10/0x10
[   90.808418][ T6845]  __sys_sendmsg+0x16d/0x220
[   90.808432][ T6845]  ? __pfx___sys_sendmsg+0x10/0x10
[   90.808448][ T6845]  ? rcu_is_watching+0x12/0xc0
[   90.808459][ T6845]  __do_fast_syscall_32+0x73/0x120
[   90.808473][ T6845]  do_fast_syscall_32+0x32/0x80
[   90.808486][ T6845]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   90.808498][ T6845] RIP: 0023:0xf73ce579
[   90.808505][ T6845] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   90.808515][ T6845] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   90.808524][ T6845] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800003c0
[   90.808530][ T6845] RDX: 0000000020000002 RSI: 0000000000000000 RDI: 0000000000000000
[   90.808536][ T6845] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   90.808541][ T6845] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   90.808546][ T6845] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   90.808556][ T6845]  </TASK>
[   90.883873][    C1] vkms_vblank_simulate: vblank timer overrun
[   91.579487][ T6873] netlink: 'syz.1.222': attribute type 33 has an invalid length.
[   91.581748][ T6873] netlink: 152 bytes leftover after parsing attributes in process `syz.1.222'.
[   91.731957][ T6880] serio: Serial port ptm0
[   92.701900][ T6903] netlink: 16 bytes leftover after parsing attributes in process `syz.2.229'.
[   92.725514][ T6906] FAULT_INJECTION: forcing a failure.
[   92.725514][ T6906] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   92.729152][ T6906] CPU: 2 UID: 0 PID: 6906 Comm: syz.2.230 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[   92.729166][ T6906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.729172][ T6906] Call Trace:
[   92.729175][ T6906]  <TASK>
[   92.729179][ T6906]  dump_stack_lvl+0x16c/0x1f0
[   92.729195][ T6906]  should_fail_ex+0x512/0x640
[   92.729207][ T6906]  _copy_to_user+0x32/0xd0
[   92.729219][ T6906]  simple_read_from_buffer+0xe0/0x170
[   92.729234][ T6906]  proc_fail_nth_read+0x197/0x270
[   92.729247][ T6906]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   92.729260][ T6906]  ? rw_verify_area+0xcf/0x680
[   92.729271][ T6906]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   92.729283][ T6906]  vfs_read+0x1de/0xc70
[   92.729296][ T6906]  ? fdget_pos+0x2a2/0x370
[   92.729310][ T6906]  ? __pfx___mutex_lock+0x10/0x10
[   92.729327][ T6906]  ? __pfx_vfs_read+0x10/0x10
[   92.729342][ T6906]  ? __fget_files+0x20e/0x3c0
[   92.729358][ T6906]  ksys_read+0x12a/0x240
[   92.729370][ T6906]  ? __pfx_ksys_read+0x10/0x10
[   92.729383][ T6906]  ? rcu_is_watching+0x12/0xc0
[   92.729395][ T6906]  __do_fast_syscall_32+0x73/0x120
[   92.729409][ T6906]  do_fast_syscall_32+0x32/0x80
[   92.729421][ T6906]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   92.729434][ T6906] RIP: 0023:0xf7f30579
[   92.729441][ T6906] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   92.729450][ T6906] RSP: 002b:00000000f5056590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   92.729459][ T6906] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5056620
[   92.729465][ T6906] RDX: 000000000000000f RSI: 00000000f73bcff4 RDI: 0000000000000000
[   92.729471][ T6906] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   92.729476][ T6906] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   92.729481][ T6906] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   92.729490][ T6906]  </TASK>
[   93.804882][ T6937] xt_CT: No such helper "snmp_trap"
[   94.496488][ T6949] PM: Enabling pm_trace changes system date and time during resume.
[   94.496488][ T6949] PM: Correct system time has to be restored manually after resume.
[   94.754780][ T1488] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   94.932038][ T1488] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.936351][ T1488] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   94.939209][ T1488] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[   94.942149][ T1488] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.950471][ T1488] usb 8-1: config 0 descriptor??
[   95.458192][ T1488] pyra 0003:1E7D:2CF6.0007: unknown global tag 0xd
[   95.460116][ T1488] pyra 0003:1E7D:2CF6.0007: item 0 1 1 13 parsing failed
[   95.463011][ T1488] pyra 0003:1E7D:2CF6.0007: parse failed
[   95.482668][ T1488] pyra 0003:1E7D:2CF6.0007: probe with driver pyra failed with error -22
[   95.602325][ T6949] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[   95.610414][ T1488] usb 8-1: USB disconnect, device number 3
[   95.635433][ T6968] serio: Serial port ptm0
[   96.674783][ T5990] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[   96.711504][ T6999] PM: Enabling pm_trace changes system date and time during resume.
[   96.711504][ T6999] PM: Correct system time has to be restored manually after resume.
[   96.829170][ T5990] usb 5-1: config 0 has no interfaces?
[   96.831182][ T5990] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   96.834052][ T5990] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.837506][ T5990] usb 5-1: config 0 descriptor??
[   96.965127][   T71] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   97.136372][   T71] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   97.139415][   T71] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   97.142104][   T71] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[   97.144643][   T71] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.148932][   T71] usb 7-1: config 0 descriptor??
[   97.557797][   T71] pyra 0003:1E7D:2CF6.0008: unknown global tag 0xd
[   97.559746][   T71] pyra 0003:1E7D:2CF6.0008: item 0 1 1 13 parsing failed
[   97.562108][   T71] pyra 0003:1E7D:2CF6.0008: parse failed
[   97.563685][   T71] pyra 0003:1E7D:2CF6.0008: probe with driver pyra failed with error -22
[   97.790600][ T6999] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[   97.983056][ T1488] usb 7-1: USB disconnect, device number 2
[   98.547908][ T7028] netlink: 43 bytes leftover after parsing attributes in process `syz.1.264'.
[   98.550555][ T7028] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[   99.079852][   T40] kauditd_printk_skb: 67 callbacks suppressed
[   99.079862][   T40] audit: type=1326 audit(1742951584.539:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7031 comm="syz.3.266" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   99.093163][   T40] audit: type=1326 audit(1742951584.539:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7031 comm="syz.3.266" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   99.101343][   T40] audit: type=1326 audit(1742951584.539:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7031 comm="syz.3.266" exe="/syz-executor" sig=0 arch=40000003 syscall=441 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   99.108861][   T40] audit: type=1326 audit(1742951584.539:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7031 comm="syz.3.266" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   99.116439][   T40] audit: type=1326 audit(1742951584.539:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7031 comm="syz.3.266" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   99.123894][   T40] audit: type=1326 audit(1742951584.539:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7031 comm="syz.3.266" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   99.131768][   T40] audit: type=1326 audit(1742951584.539:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7031 comm="syz.3.266" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   99.139292][   T40] audit: type=1326 audit(1742951584.539:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7031 comm="syz.3.266" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   99.146911][   T40] audit: type=1326 audit(1742951584.539:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7031 comm="syz.3.266" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   99.154394][   T40] audit: type=1326 audit(1742951584.539:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7031 comm="syz.3.266" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   99.337928][ T5990] usb 5-1: USB disconnect, device number 4
[   99.600233][ T7042] PM: Enabling pm_trace changes system date and time during resume.
[   99.600233][ T7042] PM: Correct system time has to be restored manually after resume.
[   99.855579][ T1488] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  100.006351][ T1488] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.010128][ T1488] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  100.013314][ T1488] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  100.017012][ T1488] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.020286][ T1488] usb 5-1: config 0 descriptor??
[  100.049684][ T7053] serio: Serial port ptm0
[  100.442123][ T1488] pyra 0003:1E7D:2CF6.0009: unknown global tag 0xd
[  100.444861][ T1488] pyra 0003:1E7D:2CF6.0009: item 0 1 1 13 parsing failed
[  100.450633][ T1488] pyra 0003:1E7D:2CF6.0009: parse failed
[  100.453603][ T1488] pyra 0003:1E7D:2CF6.0009: probe with driver pyra failed with error -22
[  100.640728][ T7042] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  100.717669][ T1488] usb 5-1: USB disconnect, device number 5
[  100.912487][ T7071] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input11
[  101.383128][ T5990] hid-generic FFF9:0000:0203.000A: unknown main item tag 0x0
[  101.386270][ T5990] hid-generic FFF9:0000:0203.000A: unknown main item tag 0x0
[  101.389235][ T5990] hid-generic FFF9:0000:0203.000A: unknown main item tag 0x0
[  101.392176][ T5990] hid-generic FFF9:0000:0203.000A: unknown main item tag 0x0
[  101.395234][ T5990] hid-generic FFF9:0000:0203.000A: unknown main item tag 0x0
[  101.398188][ T5990] hid-generic FFF9:0000:0203.000A: unknown main item tag 0x0
[  101.401032][ T5990] hid-generic FFF9:0000:0203.000A: unknown main item tag 0x0
[  101.403907][ T5990] hid-generic FFF9:0000:0203.000A: unknown main item tag 0x0
[  101.406866][ T5990] hid-generic FFF9:0000:0203.000A: unknown main item tag 0x0
[  101.409123][ T5990] hid-generic FFF9:0000:0203.000A: unknown main item tag 0x0
[  101.411419][ T5990] hid-generic FFF9:0000:0203.000A: unknown main item tag 0x0
[  101.414484][ T5990] hid-generic FFF9:0000:0203.000A: unknown main item tag 0x0
[  101.417268][ T5990] hid-generic FFF9:0000:0203.000A: unknown main item tag 0x0
[  101.419344][ T5990] hid-generic FFF9:0000:0203.000A: unknown main item tag 0x0
[  101.421459][ T5990] hid-generic FFF9:0000:0203.000A: unknown main item tag 0x0
[  101.431684][ T5990] hid-generic FFF9:0000:0203.000A: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  101.536368][ T7091] serio: Serial port ptm0
[  102.556588][ T1170] Bluetooth: hci4: Frame reassembly failed (-84)
[  102.762361][ T7113] trusted_key: encrypted_key: insufficient parameters specified
[  103.364311][ T7142] serio: Serial port ptm1
[  103.726640][ T7149] trusted_key: encrypted_key: insufficient parameters specified
[  104.584787][ T5954] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  104.584914][ T5315] Bluetooth: hci4: command 0x1003 tx timeout
[  105.624828][ T5962] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  106.277301][ T7184] serio: Serial port ptm0
[  106.327187][ T7187] PM: Enabling pm_trace changes system date and time during resume.
[  106.327187][ T7187] PM: Correct system time has to be restored manually after resume.
[  106.574817][ T6013] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  106.728077][ T6013] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  106.731211][ T6013] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  106.737627][ T6013] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  106.740238][ T6013] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.744375][ T6013] usb 7-1: config 0 descriptor??
[  107.156195][ T7187] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  107.165777][ T6013] usbhid 7-1:0.0: can't add hid device: -71
[  107.167945][ T6013] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  107.171420][ T6013] usb 7-1: USB disconnect, device number 3
[  107.178903][ T7196] lo speed is unknown, defaulting to 1000
[  107.181603][ T7196] lo speed is unknown, defaulting to 1000
[  107.187763][ T7196] lo speed is unknown, defaulting to 1000
[  107.191819][ T7196] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  107.197923][ T7196] infiniband syn2: RDMA CMA: cma_listen_on_dev, error -98
[  107.205916][ T7196] lo speed is unknown, defaulting to 1000
[  107.207881][ T7196] lo speed is unknown, defaulting to 1000
[  107.211424][ T7196] lo speed is unknown, defaulting to 1000
[  107.213684][ T7196] lo speed is unknown, defaulting to 1000
[  107.833122][ T7213] netlink: 16 bytes leftover after parsing attributes in process `syz.2.319'.
[  108.003936][ T7222] trusted_key: encrypted_key: insufficient parameters specified
[  108.325073][ T7225] serio: Serial port ptm1
[  108.847520][ T7237] PM: Enabling pm_trace changes system date and time during resume.
[  108.847520][ T7237] PM: Correct system time has to be restored manually after resume.
[  108.984861][ T7239] netlink: 'syz.1.327': attribute type 1 has an invalid length.
[  108.987165][ T7239] netlink: 244 bytes leftover after parsing attributes in process `syz.1.327'.
[  108.989702][ T7239] NCSI netlink: No device for ifindex 0
[  109.085072][ T5948] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  109.110334][ T7246] ubi31: attaching mtd0
[  109.113555][ T7246] ubi31: scanning is finished
[  109.115115][ T7246] ubi31: empty MTD device detected
[  109.214430][ T7246] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  109.217552][ T7246] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  109.219641][ T7246] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  109.221623][ T7246] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  109.223683][ T7246] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  109.225716][ T7246] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  109.227943][ T7246] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1190737995
[  109.230798][ T7246] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  109.236119][ T7248] ubi31: background thread "ubi_bgt31d" started, PID 7248
[  109.236279][ T5948] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  109.248713][ T5948] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  109.252362][ T5948] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  109.256200][ T5948] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.260641][ T5948] usb 8-1: config 0 descriptor??
[  109.673691][ T7237] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  109.686406][ T5948] usbhid 8-1:0.0: can't add hid device: -71
[  109.688154][ T5948] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  109.691030][ T5948] usb 8-1: USB disconnect, device number 4
[  109.789369][ T7250] netlink: 16 bytes leftover after parsing attributes in process `syz.1.330'.
[  109.815512][ T7252] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  109.944859][ T5954] Bluetooth: hci4: command 0x1003 tx timeout
[  109.949247][ T5962] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  110.651576][ T7269] serio: Serial port ptm0
[  110.837015][ T7283] fuse: Bad value for 'user_id'
[  110.838783][ T7283] fuse: Bad value for 'user_id'
[  110.909441][ T7287] netlink: 16 bytes leftover after parsing attributes in process `syz.0.340'.
[  110.970333][ T7290] netlink: 24 bytes leftover after parsing attributes in process `syz.0.341'.
[  111.638112][ T7304] trusted_key: encrypted_key: insufficient parameters specified
[  112.040440][ T7316] netlink: 16 bytes leftover after parsing attributes in process `syz.3.349'.
[  112.069403][   T40] kauditd_printk_skb: 17 callbacks suppressed
[  112.069417][   T40] audit: type=1800 audit(1742951597.529:344): pid=7318 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.350" name="bus" dev="tmpfs" ino=2 res=0 errno=0
[  112.418221][ T7323] serio: Serial port ptm1
[  112.620918][ T7325] FAULT_INJECTION: forcing a failure.
[  112.620918][ T7325] name failslab, interval 1, probability 0, space 0, times 0
[  112.625310][ T7325] CPU: 3 UID: 0 PID: 7325 Comm: syz.2.352 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  112.625325][ T7325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  112.625331][ T7325] Call Trace:
[  112.625334][ T7325]  <TASK>
[  112.625338][ T7325]  dump_stack_lvl+0x16c/0x1f0
[  112.625354][ T7325]  should_fail_ex+0x512/0x640
[  112.625365][ T7325]  ? fs_reclaim_acquire+0xae/0x150
[  112.625377][ T7325]  should_failslab+0xc2/0x120
[  112.625402][ T7325]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  112.625418][ T7325]  ? ima_inode_get+0x120/0x580
[  112.625429][ T7325]  ima_inode_get+0x120/0x580
[  112.625438][ T7325]  process_measurement+0x708/0x2360
[  112.625451][ T7325]  ? __pfx_process_measurement+0x10/0x10
[  112.625459][ T7325]  ? __lock_acquire+0x5ca/0x1ba0
[  112.625483][ T7325]  ? get_pid_task+0x106/0x250
[  112.625498][ T7325]  ? proc_fail_nth_write+0x9f/0x250
[  112.625511][ T7325]  ? find_held_lock+0x2b/0x80
[  112.625522][ T7325]  ima_file_mmap+0x1b1/0x1d0
[  112.625530][ T7325]  ? __pfx_ima_file_mmap+0x10/0x10
[  112.625541][ T7325]  security_mmap_file+0x88c/0x990
[  112.625556][ T7325]  vm_mmap_pgoff+0xec/0x450
[  112.625569][ T7325]  ? find_held_lock+0x2b/0x80
[  112.625579][ T7325]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  112.625593][ T7325]  ? __fget_files+0x20e/0x3c0
[  112.625608][ T7325]  ksys_mmap_pgoff+0x32c/0x5c0
[  112.625620][ T7325]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[  112.625632][ T7325]  __do_fast_syscall_32+0x73/0x120
[  112.625646][ T7325]  do_fast_syscall_32+0x32/0x80
[  112.625659][ T7325]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  112.625672][ T7325] RIP: 0023:0xf7f30579
[  112.625679][ T7325] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  112.625688][ T7325] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[  112.625698][ T7325] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000600402
[  112.625704][ T7325] RDX: 00000000007ffffe RSI: 0000000004002011 RDI: 0000000000000007
[  112.625709][ T7325] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  112.625715][ T7325] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  112.625720][ T7325] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  112.625730][ T7325]  </TASK>
[  112.778798][ T7333] PM: Enabling pm_trace changes system date and time during resume.
[  112.778798][ T7333] PM: Correct system time has to be restored manually after resume.
[  112.786357][ T7333] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  113.390001][ T7345] netlink: 84 bytes leftover after parsing attributes in process `syz.2.359'.
[  113.427016][ T7347] lo speed is unknown, defaulting to 1000
[  113.497376][ T7350] lo speed is unknown, defaulting to 1000
[  113.544959][ T5954] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  113.744657][ T7365] PM: Enabling pm_trace changes system date and time during resume.
[  113.744657][ T7365] PM: Correct system time has to be restored manually after resume.
[  113.752043][ T7365] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  114.421272][ T7388] FAULT_INJECTION: forcing a failure.
[  114.421272][ T7388] name failslab, interval 1, probability 0, space 0, times 0
[  114.428393][ T7388] CPU: 3 UID: 0 PID: 7388 Comm: syz.0.374 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  114.428417][ T7388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.428426][ T7388] Call Trace:
[  114.428431][ T7388]  <TASK>
[  114.428437][ T7388]  dump_stack_lvl+0x16c/0x1f0
[  114.428462][ T7388]  should_fail_ex+0x512/0x640
[  114.428477][ T7388]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  114.428500][ T7388]  should_failslab+0xc2/0x120
[  114.428524][ T7388]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  114.428543][ T7388]  ? stack_depot_save_flags+0x29/0x9c0
[  114.428559][ T7388]  ? alloc_empty_file+0x55/0x1e0
[  114.428576][ T7388]  alloc_empty_file+0x55/0x1e0
[  114.428591][ T7388]  path_openat+0xe0/0x2d40
[  114.428609][ T7388]  ? getname_flags+0x93/0xf0
[  114.428625][ T7388]  ? do_sys_openat2+0xb8/0x1d0
[  114.428639][ T7388]  ? __ia32_compat_sys_open+0x146/0x1e0
[  114.428653][ T7388]  ? __do_fast_syscall_32+0x73/0x120
[  114.428671][ T7388]  ? do_fast_syscall_32+0x32/0x80
[  114.428688][ T7388]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  114.428710][ T7388]  ? __pfx_path_openat+0x10/0x10
[  114.428733][ T7388]  do_filp_open+0x20b/0x470
[  114.428752][ T7388]  ? __pfx_do_filp_open+0x10/0x10
[  114.428780][ T7388]  ? _raw_spin_unlock+0x28/0x50
[  114.428795][ T7388]  ? alloc_fd+0x420/0x760
[  114.428817][ T7388]  do_sys_openat2+0x11b/0x1d0
[  114.428830][ T7388]  ? __pfx_do_sys_openat2+0x10/0x10
[  114.428845][ T7388]  ? __fget_files+0x20e/0x3c0
[  114.428873][ T7388]  __ia32_compat_sys_open+0x146/0x1e0
[  114.428888][ T7388]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  114.428906][ T7388]  ? rcu_is_watching+0x12/0xc0
[  114.428922][ T7388]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  114.428942][ T7388]  __do_fast_syscall_32+0x73/0x120
[  114.428961][ T7388]  do_fast_syscall_32+0x32/0x80
[  114.428979][ T7388]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  114.428995][ T7388] RIP: 0023:0xf73ae579
[  114.429007][ T7388] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  114.429020][ T7388] RSP: 002b:00000000f503655c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  114.429035][ T7388] RAX: ffffffffffffffda RBX: 00000000800000c0 RCX: 000000000000003f
[  114.429045][ T7388] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  114.429053][ T7388] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  114.429060][ T7388] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  114.429068][ T7388] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  114.429083][ T7388]  </TASK>
[  115.139163][ T5962] Bluetooth: hci4: sending frame failed (-49)
[  115.141451][ T5954] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  115.248657][ T7397] trusted_key: encrypted_key: insufficient parameters specified
[  115.353700][ T7407] PM: Enabling pm_trace changes system date and time during resume.
[  115.353700][ T7407] PM: Correct system time has to be restored manually after resume.
[  115.361505][ T7407] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  115.855067][ T7426] FAULT_INJECTION: forcing a failure.
[  115.855067][ T7426] name failslab, interval 1, probability 0, space 0, times 0
[  115.858759][ T7426] CPU: 2 UID: 0 PID: 7426 Comm: syz.2.387 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  115.858773][ T7426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  115.858779][ T7426] Call Trace:
[  115.858782][ T7426]  <TASK>
[  115.858786][ T7426]  dump_stack_lvl+0x16c/0x1f0
[  115.858803][ T7426]  should_fail_ex+0x512/0x640
[  115.858813][ T7426]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  115.858827][ T7426]  should_failslab+0xc2/0x120
[  115.858844][ T7426]  __kmalloc_cache_noprof+0x6a/0x3e0
[  115.858862][ T7426]  ? bpf_get_raw_tracepoint+0x9c/0x2d0
[  115.858883][ T7426]  ? bpf_raw_tp_link_attach+0x18a/0x600
[  115.858914][ T7426]  bpf_raw_tp_link_attach+0x18a/0x600
[  115.858934][ T7426]  ? __pfx_bpf_raw_tp_link_attach+0x10/0x10
[  115.858948][ T7426]  ? find_held_lock+0x2b/0x80
[  115.858958][ T7426]  ? __fget_files+0x204/0x3c0
[  115.858975][ T7426]  ? fput+0x70/0xf0
[  115.858984][ T7426]  ? __bpf_prog_get+0xa0/0x290
[  115.858995][ T7426]  __sys_bpf+0x3ae/0x4c80
[  115.859010][ T7426]  ? __pfx___sys_bpf+0x10/0x10
[  115.859024][ T7426]  ? ksys_write+0x190/0x240
[  115.859038][ T7426]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  115.859056][ T7426]  ? fput+0x70/0xf0
[  115.859063][ T7426]  ? ksys_write+0x1b9/0x240
[  115.859076][ T7426]  ? __pfx_ksys_write+0x10/0x10
[  115.859090][ T7426]  __ia32_sys_bpf+0x76/0xe0
[  115.859105][ T7426]  __do_fast_syscall_32+0x73/0x120
[  115.859119][ T7426]  do_fast_syscall_32+0x32/0x80
[  115.859131][ T7426]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  115.859145][ T7426] RIP: 0023:0xf7f30579
[  115.859153][ T7426] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  115.859162][ T7426] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  115.859172][ T7426] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000080000140
[  115.859179][ T7426] RDX: 0000000000000018 RSI: 0000000000000000 RDI: 0000000000000000
[  115.859187][ T7426] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  115.859195][ T7426] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  115.859204][ T7426] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  115.859220][ T7426]  </TASK>
[  117.255467][ T5990] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  117.426616][ T5990] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  117.429582][ T5990] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  117.432272][ T5990] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  117.435899][ T5990] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  117.438401][ T5990] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.441290][ T5990] usb 8-1: config 0 descriptor??
[  117.848708][ T5990] plantronics 0003:047F:FFFF.000B: unknown main item tag 0xd
[  117.851950][ T5990] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  117.866665][ T5990] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  118.125973][ T1454] usb 8-1: USB disconnect, device number 5
[  118.262185][ T7470] netlink: 8 bytes leftover after parsing attributes in process `syz.1.400'.
[  118.865409][ T7483] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input13
[  119.787039][ T7507] block nbd0: NBD_DISCONNECT
[  119.790036][ T7507] netlink: 4 bytes leftover after parsing attributes in process `syz.0.413'.
[  119.794573][ T7507] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  119.895700][ T7507] delete_channel: no stack
[  119.897628][ T7507] delete_channel: no stack
[  122.056777][ T7552] netlink: 8 bytes leftover after parsing attributes in process `syz.0.426'.
[  122.081773][ T7554] netlink: 'syz.0.427': attribute type 1 has an invalid length.
[  122.091002][ T7554] 8021q: adding VLAN 0 to HW filter on device bond1
[  122.097869][ T7554] bond1: (slave gretap2): making interface the new active one
[  122.100441][ T7554] bond1: (slave gretap2): Enslaving as an active interface with an up link
[  122.506359][ T7568] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  123.592777][ T7594] serio: Serial port ptm0
[  124.754100][ T7617] netlink: 20 bytes leftover after parsing attributes in process `syz.1.445'.
[  124.756857][ T7617] netlink: 8 bytes leftover after parsing attributes in process `syz.1.445'.
[  124.759446][ T7617] netlink: 8 bytes leftover after parsing attributes in process `syz.1.445'.
[  124.990703][ T7621] /dev/nullb0: Can't lookup blockdev
[  125.424353][ T7637] trusted_key: encrypted_key: master key parameter '' is invalid
[  125.703187][ T7643] PM: Enabling pm_trace changes system date and time during resume.
[  125.703187][ T7643] PM: Correct system time has to be restored manually after resume.
[  125.954870][   T71] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  126.106998][   T71] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  126.110209][   T71] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  126.113119][   T71] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  126.116406][   T71] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.120397][   T71] usb 6-1: config 0 descriptor??
[  126.324168][ T7647] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  126.526604][   T71] pyra 0003:1E7D:2CF6.000C: unknown global tag 0xd
[  126.528510][   T71] pyra 0003:1E7D:2CF6.000C: item 0 1 1 13 parsing failed
[  126.530597][   T71] pyra 0003:1E7D:2CF6.000C: parse failed
[  126.532368][   T71] pyra 0003:1E7D:2CF6.000C: probe with driver pyra failed with error -22
[  126.730572][ T7643] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  126.754747][   T71] usb 6-1: USB disconnect, device number 5
[  127.234103][ T7661] lo speed is unknown, defaulting to 1000
[  127.292750][ T7665] lo speed is unknown, defaulting to 1000
[  127.304929][ T5962] Bluetooth: hci4: command 0x1003 tx timeout
[  127.306790][ T5954] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  127.691708][ T7679] serio: Serial port ptm0
[  127.999697][ T7686] ax25_connect(): syz.0.467 uses autobind, please contact jreuter@yaina.de
[  128.133347][ T7692] PM: Enabling pm_trace changes system date and time during resume.
[  128.133347][ T7692] PM: Correct system time has to be restored manually after resume.
[  128.380219][ T7700] lo speed is unknown, defaulting to 1000
[  128.384819][ T1454] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  128.450678][ T7705] netlink: 20 bytes leftover after parsing attributes in process `syz.1.474'.
[  128.453213][ T7705] netlink: 8 bytes leftover after parsing attributes in process `syz.1.474'.
[  128.456322][ T7705] netlink: 8 bytes leftover after parsing attributes in process `syz.1.474'.
[  128.635913][ T1454] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  128.638921][ T1454] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  128.641643][ T1454] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  128.644280][ T1454] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.647438][ T1454] usb 5-1: config 0 descriptor??
[  129.075178][ T1454] pyra 0003:1E7D:2CF6.000D: unknown global tag 0xd
[  129.077058][ T1454] pyra 0003:1E7D:2CF6.000D: item 0 1 1 13 parsing failed
[  129.079217][ T1454] pyra 0003:1E7D:2CF6.000D: parse failed
[  129.080867][ T1454] pyra 0003:1E7D:2CF6.000D: probe with driver pyra failed with error -22
[  129.285459][ T7692] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  129.301696][   T71] usb 5-1: USB disconnect, device number 6
[  129.835738][ T7729] netlink: 8 bytes leftover after parsing attributes in process `syz.0.481'.
[  129.949776][ T7733] lo speed is unknown, defaulting to 1000
[  130.495054][ T7752] PM: Enabling pm_trace changes system date and time during resume.
[  130.495054][ T7752] PM: Correct system time has to be restored manually after resume.
[  130.692632][ T7761] netlink: 16 bytes leftover after parsing attributes in process `syz.2.491'.
[  130.744916][   T10] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  130.832563][ T7768] lo speed is unknown, defaulting to 1000
[  130.926306][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  130.929292][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  130.931953][   T10] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  130.934484][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.937952][   T10] usb 5-1: config 0 descriptor??
[  131.112810][ T7777] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  131.343251][   T10] pyra 0003:1E7D:2CF6.000E: unknown global tag 0xd
[  131.345177][   T10] pyra 0003:1E7D:2CF6.000E: item 0 1 1 13 parsing failed
[  131.347155][   T10] pyra 0003:1E7D:2CF6.000E: parse failed
[  131.348700][   T10] pyra 0003:1E7D:2CF6.000E: probe with driver pyra failed with error -22
[  131.383785][ T7789] netlink: 16 bytes leftover after parsing attributes in process `syz.3.501'.
[  131.411003][ T7791] 9pnet_fd: p9_fd_create_tcp (7791): problem connecting socket to 127.0.0.1
[  131.439692][ T7793] lo speed is unknown, defaulting to 1000
[  131.545833][ T7752] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  131.559044][   T10] usb 5-1: USB disconnect, device number 7
[  131.585241][ T7802] netlink: 'syz.3.506': attribute type 12 has an invalid length.
[  131.724115][ T7806] netlink: 'syz.1.507': attribute type 12 has an invalid length.
[  132.185821][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[  132.187791][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[  132.584956][ T7817] netlink: 16 bytes leftover after parsing attributes in process `syz.1.511'.
[  132.612352][ T7819] netlink: 'syz.1.512': attribute type 12 has an invalid length.
[  132.674857][   T71] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  132.804844][   T71] usb 8-1: device descriptor read/64, error -71
[  132.920373][ T7822] lo speed is unknown, defaulting to 1000
[  132.986145][ T7829] PM: Enabling pm_trace changes system date and time during resume.
[  132.986145][ T7829] PM: Correct system time has to be restored manually after resume.
[  133.044831][   T71] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  133.184817][   T71] usb 8-1: device descriptor read/64, error -71
[  133.224773][   T10] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  133.304934][   T71] usb usb8-port1: attempt power cycle
[  133.376010][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.380153][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  133.383872][   T10] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  133.387371][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.391504][   T10] usb 5-1: config 0 descriptor??
[  133.644835][   T71] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  133.665867][   T71] usb 8-1: device descriptor read/8, error -71
[  133.729869][ T7840] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  133.814982][   T10] pyra 0003:1E7D:2CF6.000F: unknown global tag 0xd
[  133.816840][   T10] pyra 0003:1E7D:2CF6.000F: item 0 1 1 13 parsing failed
[  133.818915][   T10] pyra 0003:1E7D:2CF6.000F: parse failed
[  133.820408][   T10] pyra 0003:1E7D:2CF6.000F: probe with driver pyra failed with error -22
[  133.846368][ T7840] /dev/sr0: Can't open blockdev
[  133.904777][   T71] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  133.935293][   T71] usb 8-1: device descriptor read/8, error -71
[  133.945965][ T7841] /dev/sr0: Can't open blockdev
[  134.007651][ T7829] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  134.015957][   T10] usb 5-1: USB disconnect, device number 8
[  134.054971][   T71] usb usb8-port1: unable to enumerate USB device
[  134.112352][ T7846] netlink: 40 bytes leftover after parsing attributes in process `syz.2.520'.
[  134.379445][ T7853] lo speed is unknown, defaulting to 1000
[  134.849634][ T7879] lo speed is unknown, defaulting to 1000
[  134.946114][ T7883] PM: Enabling pm_trace changes system date and time during resume.
[  134.946114][ T7883] PM: Correct system time has to be restored manually after resume.
[  135.194746][ T5989] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  135.348374][ T7890] FAULT_INJECTION: forcing a failure.
[  135.348374][ T7890] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.353158][ T7890] CPU: 0 UID: 0 PID: 7890 Comm: syz.2.537 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  135.353179][ T7890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  135.353188][ T7890] Call Trace:
[  135.353194][ T7890]  <TASK>
[  135.353200][ T7890]  dump_stack_lvl+0x16c/0x1f0
[  135.353223][ T7890]  should_fail_ex+0x512/0x640
[  135.353241][ T7890]  _copy_from_user+0x2e/0xd0
[  135.353258][ T7890]  get_compat_msghdr+0xa7/0x170
[  135.353275][ T7890]  ? __pfx_get_compat_msghdr+0x10/0x10
[  135.353295][ T7890]  ___sys_sendmsg+0x1ae/0x1d0
[  135.353321][ T7890]  ? __pfx____sys_sendmsg+0x10/0x10
[  135.353355][ T7890]  __sys_sendmsg+0x16d/0x220
[  135.353373][ T7890]  ? __pfx___sys_sendmsg+0x10/0x10
[  135.353395][ T7890]  ? rcu_is_watching+0x12/0xc0
[  135.353410][ T7890]  ? rcu_is_watching+0x12/0xc0
[  135.353426][ T7890]  __do_fast_syscall_32+0x73/0x120
[  135.353445][ T7890]  do_fast_syscall_32+0x32/0x80
[  135.353463][ T7890]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  135.353481][ T7890] RIP: 0023:0xf7f30579
[  135.353492][ T7890] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  135.353505][ T7890] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  135.353519][ T7890] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  135.353529][ T7890] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  135.353537][ T7890] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  135.353545][ T7890] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  135.353554][ T7890] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  135.353568][ T7890]  </TASK>
[  135.415348][ T5989] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  135.418405][ T5989] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  135.421349][ T5989] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  135.424005][ T5989] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.427453][ T5989] usb 6-1: config 0 descriptor??
[  135.444086][ T7892] netlink: 4 bytes leftover after parsing attributes in process `syz.2.538'.
[  135.447399][ T7892] netlink: 12 bytes leftover after parsing attributes in process `syz.2.538'.
[  135.563826][ T7900] lo speed is unknown, defaulting to 1000
[  135.833074][ T5989] pyra 0003:1E7D:2CF6.0010: unknown global tag 0xd
[  135.835511][ T5989] pyra 0003:1E7D:2CF6.0010: item 0 1 1 13 parsing failed
[  135.838435][ T5989] pyra 0003:1E7D:2CF6.0010: parse failed
[  135.840142][ T5989] pyra 0003:1E7D:2CF6.0010: probe with driver pyra failed with error -22
[  135.866534][ T7916] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input14
[  136.035150][ T7883] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  136.045982][ T5989] usb 6-1: USB disconnect, device number 6
[  136.576128][ T7928] netlink: 'syz.2.549': attribute type 30 has an invalid length.
[  136.770229][ T7932] 9pnet_fd: Insufficient options for proto=fd
[  136.904764][   T63] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  137.067153][   T63] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  137.073238][   T63] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  137.076505][   T63] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.079134][   T63] usb 7-1: Product: syz
[  137.080314][   T63] usb 7-1: Manufacturer: syz
[  137.081600][   T63] usb 7-1: SerialNumber: syz
[  137.290857][   T63] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  137.385226][ T7940] lo speed is unknown, defaulting to 1000
[  137.500707][   T63] usb 7-1: USB disconnect, device number 4
[  137.510490][   T63] usblp0: removed
[  137.517174][ T7950] PM: Enabling pm_trace changes system date and time during resume.
[  137.517174][ T7950] PM: Correct system time has to be restored manually after resume.
[  137.754806][ T6013] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  137.794845][   T29] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  137.906432][ T6013] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.909646][ T6013] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.912415][ T6013] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  137.915040][ T6013] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.918741][ T6013] usb 6-1: config 0 descriptor??
[  137.954750][   T29] usb 5-1: Using ep0 maxpacket: 8
[  137.957333][   T29] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  137.960259][   T29] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  137.962793][   T29] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  137.965933][   T29] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  137.968990][   T29] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  137.971490][   T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.975665][   T29] hub 5-1:1.0: bad descriptor, ignoring hub
[  137.977383][   T29] hub 5-1:1.0: probe with driver hub failed with error -5
[  137.979583][   T29] cdc_wdm 5-1:1.0: skipping garbage
[  137.981081][   T29] cdc_wdm 5-1:1.0: skipping garbage
[  137.983966][   T29] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  137.985753][   T29] cdc_wdm 5-1:1.0: Unknown control protocol
[  138.142445][ T7960] trusted_key: encrypted_key: hex blob is missing
[  138.284908][ T5989] usb 5-1: USB disconnect, device number 9
[  138.324191][ T6013] pyra 0003:1E7D:2CF6.0011: unknown global tag 0xd
[  138.326407][ T6013] pyra 0003:1E7D:2CF6.0011: item 0 1 1 13 parsing failed
[  138.328961][ T6013] pyra 0003:1E7D:2CF6.0011: parse failed
[  138.330539][ T6013] pyra 0003:1E7D:2CF6.0011: probe with driver pyra failed with error -22
[  138.526156][ T7950] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  138.533515][   T63] usb 6-1: USB disconnect, device number 7
[  138.614793][ T5989] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  138.764811][ T5989] usb 5-1: Using ep0 maxpacket: 8
[  138.768304][ T5989] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  138.772207][ T5989] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  138.775568][ T5989] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  138.778932][ T5989] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  138.782444][ T5989] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  138.785357][ T5989] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.789836][ T5989] hub 5-1:1.0: bad descriptor, ignoring hub
[  138.791765][ T5989] hub 5-1:1.0: probe with driver hub failed with error -5
[  138.794258][ T5989] cdc_wdm 5-1:1.0: skipping garbage
[  138.795920][ T5989] cdc_wdm 5-1:1.0: skipping garbage
[  138.797858][ T5989] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  138.799746][ T5989] cdc_wdm 5-1:1.0: Unknown control protocol
[  138.904859][ T5315] Bluetooth: hci3: command 0x0405 tx timeout
[  139.105579][ T5989] usb 5-1: USB disconnect, device number 10
[  139.624168][ T7973] lo speed is unknown, defaulting to 1000
[  140.104797][ T5962] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  140.105207][ T5315] Bluetooth: hci4: command 0x1003 tx timeout
[  140.904093][ T5315] Bluetooth: hci4: sending frame failed (-49)
[  140.911063][ T5962] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  140.949651][ T8002] program syz.3.571 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  141.009725][ T8004] trusted_key: encrypted_key: hex blob is missing
[  141.024818][ T5948] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  141.176063][ T5948] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.179032][ T5948] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.181947][ T5948] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  141.184385][ T5948] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.187352][ T5948] usb 7-1: config 0 descriptor??
[  141.204819][   T71] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  141.354824][   T71] usb 8-1: Using ep0 maxpacket: 16
[  141.357499][   T71] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  141.361714][   T71] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  141.364266][   T71] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.366523][   T71] usb 8-1: Product: syz
[  141.367811][   T71] usb 8-1: Manufacturer: syz
[  141.369150][   T71] usb 8-1: SerialNumber: syz
[  141.371440][   T71] usb 8-1: config 0 descriptor??
[  141.373667][   T71] hub 8-1:0.0: bad descriptor, ignoring hub
[  141.375344][   T71] hub 8-1:0.0: probe with driver hub failed with error -5
[  141.378254][   T71] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input15
[  141.439365][ T8006] lo speed is unknown, defaulting to 1000
[  141.595366][ T5948] pyra 0003:1E7D:2CF6.0012: unknown global tag 0xd
[  141.597202][ T5948] pyra 0003:1E7D:2CF6.0012: item 0 1 1 13 parsing failed
[  141.599276][ T5948] pyra 0003:1E7D:2CF6.0012: parse failed
[  141.600931][ T5948] pyra 0003:1E7D:2CF6.0012: probe with driver pyra failed with error -22
[  141.641422][ T8012] lo speed is unknown, defaulting to 1000
[  141.730574][ T8012] netlink: 16 bytes leftover after parsing attributes in process `syz.3.571'.
[  141.734249][ T8012] netlink: 20 bytes leftover after parsing attributes in process `syz.3.571'.
[  141.755594][ T8012] geneve0: entered allmulticast mode
[  141.796946][ T7996] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  141.804965][   T29] usb 8-1: USB disconnect, device number 10
[  141.806495][   T63] usb 7-1: USB disconnect, device number 5
[  142.655884][ T5989] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  142.757259][ T8032] serio: Serial port ptm0
[  142.845189][ T5989] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  142.848169][ T5989] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  142.850812][ T5989] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  142.885320][ T5989] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.888372][ T5989] usb 7-1: config 0 descriptor??
[  143.190009][ T8037] netlink: 16 bytes leftover after parsing attributes in process `syz.1.579'.
[  143.305664][ T5989] pyra 0003:1E7D:2CF6.0013: unknown global tag 0xd
[  143.308060][ T5989] pyra 0003:1E7D:2CF6.0013: item 0 1 1 13 parsing failed
[  143.310194][ T5989] pyra 0003:1E7D:2CF6.0013: parse failed
[  143.311789][ T5989] pyra 0003:1E7D:2CF6.0013: probe with driver pyra failed with error -22
[  143.351881][ T8042] lo speed is unknown, defaulting to 1000
[  143.505179][ T8025] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  143.518443][   T63] usb 7-1: USB disconnect, device number 6
[  143.842769][ T8057] netlink: 4 bytes leftover after parsing attributes in process `syz.0.587'.
[  144.040031][ T8059] netlink: 'syz.2.588': attribute type 9 has an invalid length.
[  144.042180][ T8059] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.588'.
[  144.138797][ T8063] netlink: 16 bytes leftover after parsing attributes in process `syz.1.589'.
[  144.236021][ T8068] netlink: 4 bytes leftover after parsing attributes in process `syz.2.591'.
[  144.293538][ T8070] lo speed is unknown, defaulting to 1000
[  144.744811][   T71] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  144.895980][   T71] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.899573][   T71] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.902373][   T71] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  144.904915][   T71] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.908107][   T71] usb 6-1: config 0 descriptor??
[  145.314402][   T71] pyra 0003:1E7D:2CF6.0014: unknown global tag 0xd
[  145.316307][ T8088] netlink: 16 bytes leftover after parsing attributes in process `syz.3.599'.
[  145.318923][   T71] pyra 0003:1E7D:2CF6.0014: item 0 1 1 13 parsing failed
[  145.321103][   T71] pyra 0003:1E7D:2CF6.0014: parse failed
[  145.322672][   T71] pyra 0003:1E7D:2CF6.0014: probe with driver pyra failed with error -22
[  145.348098][ T5962] Bluetooth: hci3: unexpected event for opcode 0x2040
[  145.460269][ T8097] netlink: 'syz.3.601': attribute type 1 has an invalid length.
[  145.471653][ T8097] 8021q: adding VLAN 0 to HW filter on device bond2
[  145.515993][ T8081] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  145.526329][   T71] usb 6-1: USB disconnect, device number 8
[  146.094573][ T8108] lo speed is unknown, defaulting to 1000
[  146.223307][ T8117] FAULT_INJECTION: forcing a failure.
[  146.223307][ T8117] name failslab, interval 1, probability 0, space 0, times 0
[  146.226990][ T8117] CPU: 0 UID: 0 PID: 8117 Comm: syz.1.606 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  146.227004][ T8117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.227011][ T8117] Call Trace:
[  146.227014][ T8117]  <TASK>
[  146.227018][ T8117]  dump_stack_lvl+0x16c/0x1f0
[  146.227035][ T8117]  should_fail_ex+0x512/0x640
[  146.227048][ T8117]  should_failslab+0xc2/0x120
[  146.227063][ T8117]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  146.227078][ T8117]  ? skb_clone+0x190/0x3f0
[  146.227093][ T8117]  skb_clone+0x190/0x3f0
[  146.227106][ T8117]  netlink_deliver_tap+0xabd/0xd30
[  146.227121][ T8117]  netlink_unicast+0x5df/0x7f0
[  146.227134][ T8117]  ? __pfx_netlink_unicast+0x10/0x10
[  146.227147][ T8117]  ? __phys_addr+0xc6/0x150
[  146.227160][ T8117]  ? __phys_addr_symbol+0x30/0x80
[  146.227172][ T8117]  ? __check_object_size+0x4c7/0x710
[  146.227188][ T8117]  netlink_sendmsg+0x8da/0xd70
[  146.227202][ T8117]  ? __pfx_netlink_sendmsg+0x10/0x10
[  146.227218][ T8117]  sock_sendmsg+0x3c9/0x470
[  146.227228][ T8117]  ? __pfx_sock_sendmsg+0x10/0x10
[  146.227242][ T8117]  splice_to_socket+0xaf6/0x1110
[  146.227260][ T8117]  ? __pfx_splice_to_socket+0x10/0x10
[  146.227276][ T8117]  ? ethnl_cable_test_alloc+0x1e/0x4d0
[  146.227293][ T8117]  ? apparmor_file_permission+0x251/0x400
[  146.227306][ T8117]  ? bpf_lsm_file_permission+0x9/0x10
[  146.227320][ T8117]  ? security_file_permission+0x71/0x210
[  146.227335][ T8117]  ? rw_verify_area+0xcf/0x680
[  146.227346][ T8117]  ? __pfx_splice_to_socket+0x10/0x10
[  146.227360][ T8117]  do_splice+0x1475/0x1fc0
[  146.227373][ T8117]  ? __lock_acquire+0x5ca/0x1ba0
[  146.227390][ T8117]  ? __pfx_do_splice+0x10/0x10
[  146.227402][ T8117]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  146.227415][ T8117]  ? find_held_lock+0x2b/0x80
[  146.227425][ T8117]  __do_splice+0x32a/0x360
[  146.227439][ T8117]  ? __pfx___do_splice+0x10/0x10
[  146.227452][ T8117]  ? __fput_deferred+0x350/0x370
[  146.227463][ T8117]  __ia32_sys_splice+0x189/0x250
[  146.227477][ T8117]  __do_fast_syscall_32+0x73/0x120
[  146.227491][ T8117]  do_fast_syscall_32+0x32/0x80
[  146.227504][ T8117]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  146.227516][ T8117] RIP: 0023:0xf73be579
[  146.227524][ T8117] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  146.227533][ T8117] RSP: 002b:00000000f502555c EFLAGS: 00000296 ORIG_RAX: 0000000000000139
[  146.227543][ T8117] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  146.227553][ T8117] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000007fff
[  146.227559][ T8117] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  146.227564][ T8117] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  146.227570][ T8117] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  146.227579][ T8117]  </TASK>
[  146.358216][   T40] audit: type=1800 audit(1742951631.819:345): pid=8120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.608" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  146.424619][ T8123] FAULT_INJECTION: forcing a failure.
[  146.424619][ T8123] name failslab, interval 1, probability 0, space 0, times 0
[  146.428924][ T8123] CPU: 3 UID: 0 PID: 8123 Comm: syz.3.609 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  146.428939][ T8123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.428945][ T8123] Call Trace:
[  146.428949][ T8123]  <TASK>
[  146.428952][ T8123]  dump_stack_lvl+0x16c/0x1f0
[  146.428969][ T8123]  should_fail_ex+0x512/0x640
[  146.428980][ T8123]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  146.428995][ T8123]  should_failslab+0xc2/0x120
[  146.429010][ T8123]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  146.429024][ T8123]  ? __pfx___might_resched+0x10/0x10
[  146.429037][ T8123]  ? alloc_vmap_area+0x613/0x2970
[  146.429048][ T8123]  alloc_vmap_area+0x613/0x2970
[  146.429062][ T8123]  ? __pfx_alloc_vmap_area+0x10/0x10
[  146.429075][ T8123]  __get_vm_area_node+0x1a7/0x300
[  146.429087][ T8123]  __vmalloc_node_range_noprof+0x277/0x1540
[  146.429100][ T8123]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  146.429112][ T8123]  ? find_held_lock+0x2b/0x80
[  146.429123][ T8123]  ? bpf_ksym_find+0x124/0x1c0
[  146.429132][ T8123]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  146.429145][ T8123]  ? __lock_acquire+0x5ca/0x1ba0
[  146.429158][ T8123]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  146.429171][ T8123]  ? __pfx_aa_get_newest_label+0x10/0x10
[  146.429183][ T8123]  ? rcu_is_watching+0x12/0xc0
[  146.429194][ T8123]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  146.429205][ T8123]  __vmalloc_noprof+0x6d/0x90
[  146.429217][ T8123]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  146.429229][ T8123]  bpf_prog_alloc_no_stats+0x54/0x630
[  146.429240][ T8123]  ? security_capable+0x7e/0x260
[  146.429251][ T8123]  bpf_prog_alloc+0x3b/0x230
[  146.429261][ T8123]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  146.429277][ T8123]  bpf_prog_load+0x19ff/0x2480
[  146.429292][ T8123]  ? __pfx_bpf_prog_load+0x10/0x10
[  146.429313][ T8123]  __sys_bpf+0x4890/0x4c80
[  146.429327][ T8123]  ? __pfx___sys_bpf+0x10/0x10
[  146.429341][ T8123]  ? ksys_write+0x190/0x240
[  146.429356][ T8123]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  146.429373][ T8123]  ? fput+0x70/0xf0
[  146.429382][ T8123]  ? ksys_write+0x1b9/0x240
[  146.429394][ T8123]  ? __pfx_ksys_write+0x10/0x10
[  146.429408][ T8123]  __ia32_sys_bpf+0x76/0xe0
[  146.429423][ T8123]  __do_fast_syscall_32+0x73/0x120
[  146.429437][ T8123]  do_fast_syscall_32+0x32/0x80
[  146.429450][ T8123]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  146.429462][ T8123] RIP: 0023:0xf73ce579
[  146.429469][ T8123] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  146.429479][ T8123] RSP: 002b:00000000f503555c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  146.429488][ T8123] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800017c0
[  146.429495][ T8123] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  146.429500][ T8123] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  146.429506][ T8123] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  146.429511][ T8123] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  146.429520][ T8123]  </TASK>
[  146.429645][ T8123] syz.3.609: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  146.519576][ T8123] CPU: 3 UID: 0 PID: 8123 Comm: syz.3.609 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  146.519590][ T8123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.519596][ T8123] Call Trace:
[  146.519599][ T8123]  <TASK>
[  146.519603][ T8123]  dump_stack_lvl+0x16c/0x1f0
[  146.519620][ T8123]  warn_alloc+0x248/0x3a0
[  146.519635][ T8123]  ? __pfx_warn_alloc+0x10/0x10
[  146.519649][ T8123]  ? kfree+0x2b6/0x4d0
[  146.519663][ T8123]  ? __get_vm_area_node+0x1e5/0x300
[  146.519676][ T8123]  __vmalloc_node_range_noprof+0xd31/0x1540
[  146.519688][ T8123]  ? find_held_lock+0x2b/0x80
[  146.519699][ T8123]  ? bpf_ksym_find+0x124/0x1c0
[  146.519709][ T8123]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  146.519722][ T8123]  ? __lock_acquire+0x5ca/0x1ba0
[  146.519735][ T8123]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  146.519748][ T8123]  ? __pfx_aa_get_newest_label+0x10/0x10
[  146.519760][ T8123]  ? rcu_is_watching+0x12/0xc0
[  146.519771][ T8123]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  146.519783][ T8123]  __vmalloc_noprof+0x6d/0x90
[  146.519809][ T8123]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  146.519821][ T8123]  bpf_prog_alloc_no_stats+0x54/0x630
[  146.519832][ T8123]  ? security_capable+0x7e/0x260
[  146.519847][ T8123]  bpf_prog_alloc+0x3b/0x230
[  146.519857][ T8123]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  146.519872][ T8123]  bpf_prog_load+0x19ff/0x2480
[  146.519888][ T8123]  ? __pfx_bpf_prog_load+0x10/0x10
[  146.519909][ T8123]  __sys_bpf+0x4890/0x4c80
[  146.519923][ T8123]  ? __pfx___sys_bpf+0x10/0x10
[  146.519937][ T8123]  ? ksys_write+0x190/0x240
[  146.519952][ T8123]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  146.519969][ T8123]  ? fput+0x70/0xf0
[  146.519977][ T8123]  ? ksys_write+0x1b9/0x240
[  146.519990][ T8123]  ? __pfx_ksys_write+0x10/0x10
[  146.520004][ T8123]  __ia32_sys_bpf+0x76/0xe0
[  146.520018][ T8123]  __do_fast_syscall_32+0x73/0x120
[  146.520033][ T8123]  do_fast_syscall_32+0x32/0x80
[  146.520046][ T8123]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  146.520058][ T8123] RIP: 0023:0xf73ce579
[  146.520066][ T8123] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  146.520075][ T8123] RSP: 002b:00000000f503555c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  146.520085][ T8123] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800017c0
[  146.520091][ T8123] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  146.520096][ T8123] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  146.520101][ T8123] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  146.520107][ T8123] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  146.520116][ T8123]  </TASK>
[  146.520120][ T8123] Mem-Info:
[  146.521581][ T8124] netlink: 4 bytes leftover after parsing attributes in process `syz.2.608'.
[  146.523261][ T8123] active_anon:6671 inactive_anon:6 isolated_anon:0
[  146.523261][ T8123]  active_file:2209 inactive_file:35387 isolated_file:0
[  146.523261][ T8123]  unevictable:1768 dirty:339 writeback:0
[  146.523261][ T8123]  slab_reclaimable:10370 slab_unreclaimable:61784
[  146.523261][ T8123]  mapped:25968 shmem:5072 pagetables:705
[  146.523261][ T8123]  sec_pagetables:301 bounce:0
[  146.523261][ T8123]  kernel_misc_reclaimable:0
[  146.523261][ T8123]  free:54607 free_pcp:6603 free_cma:0
[  146.523299][ T8123] Node 0 active_anon:4340kB inactive_anon:24kB active_file:624kB inactive_file:456kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:5120kB dirty:140kB writeback:0kB shmem:7552kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9836kB pagetables:1172kB sec_pagetables:1136kB all_unreclaimable? no
[  146.534879][ T8124] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  146.536526][ T8123] Node 1 active_anon:22344kB inactive_anon:0kB active_file:8212kB inactive_file:141092kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:98752kB dirty:1216kB writeback:0kB shmem:12736kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2476kB pagetables:1648kB sec_pagetables:68kB all_unreclaimable? no
[  146.538903][ T8124] batman_adv: batadv0: Removing interface: batadv_slave_0
[  146.539380][ T8123] Node 0 DMA free:2024kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:932kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:852kB local_pcp:60kB free_cma:0kB
[  146.632516][ T8124] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  146.639215][ T8123] lowmem_reserve[]:
[  146.641809][ T8124] batman_adv: batadv0: Removing interface: batadv_slave_1
[  146.641907][ T8123]  0 294 294 294 294
[  146.645203][ T8124] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  146.646153][ T8123] Node 0 
[  146.648205][ T8124] batman_adv: batadv0: Removing interface: ip6gretap1
[  146.650944][ T8123] DMA32 free:17920kB boost:0kB min:13564kB low:16952kB high:20340kB reserved_highatomic:4096KB active_anon:3432kB inactive_anon:24kB active_file:624kB inactive_file:452kB unevictable:3536kB writepending:140kB present:1032196kB managed:301448kB mlocked:0kB bounce:0kB free_pcp:1928kB local_pcp:416kB free_cma:0kB
[  146.658766][ T8123] lowmem_reserve[]: 0 0 0 0 0
[  146.660171][ T8123] Node 1 DMA32 free:198140kB boost:0kB min:47148kB low:58932kB high:70716kB reserved_highatomic:0KB active_anon:22344kB inactive_anon:0kB active_file:8212kB inactive_file:141092kB unevictable:3536kB writepending:1232kB present:1048432kB managed:948292kB mlocked:0kB bounce:0kB free_pcp:23612kB local_pcp:744kB free_cma:0kB
[  146.668451][ T8123] lowmem_reserve[]: 0 0 0 0 0
[  146.669907][ T8123] Node 0 DMA: 29*4kB (UM) 4*8kB (UM) 3*16kB (UM) 11*32kB (UM) 5*64kB (M) 5*128kB (UM) 2*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2020kB
[  146.673916][ T8123] Node 0 DMA32: 149*4kB (UMEH) 168*8kB (UMEH) 57*16kB (UMEH) 64*32kB (UMEH) 50*64kB (UMEH) 12*128kB (UME) 13*256kB (UM) 4*512kB (M) 3*1024kB (UM) 0*2048kB 0*4096kB = 18084kB
[  146.678766][ T8123] Node 1 DMA32: 1*4kB (U) 95*8kB (UE) 41*16kB (UME) 278*32kB (UME) 146*64kB (UME) 70*128kB (UME) 29*256kB (UME) 20*512kB (UM) 10*1024kB (UM) 3*2048kB (UME) 33*4096kB (UM) = 197836kB
[  146.683982][ T8123] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  146.686600][ T8123] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  146.689137][ T8123] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  146.691723][ T8123] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  146.694249][ T8123] 42725 total pagecache pages
[  146.695588][ T8123] 57 pages in swap cache
[  146.696786][ T8123] Free swap  = 122524kB
[  146.697909][ T8123] Total swap = 124996kB
[  146.699023][ T8123] 524155 pages RAM
[  146.700036][ T8123] 0 pages HighMem/MovableOnly
[  146.701325][ T8123] 207880 pages reserved
[  146.702564][ T8123] 0 pages cma reserved
[  147.133733][ T8137] lo speed is unknown, defaulting to 1000
[  147.207958][ T8141] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  147.210466][ T8141] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  147.212844][ T8141] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  147.215866][ T8141] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  147.218319][ T8141] vxlan0: entered promiscuous mode
[  147.219790][ T8141] vxlan0: entered allmulticast mode
[  147.305037][ T5989] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  147.400354][ T8148] netlink: 'syz.3.616': attribute type 9 has an invalid length.
[  147.404224][ T8148] bridge0: the hash_elasticity option has been deprecated and is always 16
[  147.474992][ T5989] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.478375][ T5989] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.481262][ T5989] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  147.484046][ T5989] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.495537][ T5989] usb 6-1: config 0 descriptor??
[  147.912938][ T5989] pyra 0003:1E7D:2CF6.0015: unknown global tag 0xd
[  147.915555][ T5989] pyra 0003:1E7D:2CF6.0015: item 0 1 1 13 parsing failed
[  147.917892][ T5989] pyra 0003:1E7D:2CF6.0015: parse failed
[  147.919517][ T5989] pyra 0003:1E7D:2CF6.0015: probe with driver pyra failed with error -22
[  148.074292][ T8156] (unnamed net_device) (uninitialized): (slave erspan0): Device is not bonding slave
[  148.078492][ T8156] (unnamed net_device) (uninitialized): option active_slave: invalid value (erspan0)
[  148.114123][ T8134] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  148.119137][ T5948] usb 6-1: USB disconnect, device number 9
[  148.269046][   T40] audit: type=1326 audit(1742951633.729:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8158 comm="syz.3.621" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73ce579 code=0x0
[  149.931046][ T8192] netlink: 16 bytes leftover after parsing attributes in process `syz.0.631'.
[  149.993746][ T8195] netlink: 12 bytes leftover after parsing attributes in process `syz.0.632'.
[  150.039982][ T8197] input: syz0 as /devices/virtual/input/input16
[  150.073723][ T8200] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  150.737456][ T8214] FAULT_INJECTION: forcing a failure.
[  150.737456][ T8214] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  150.741293][ T8214] CPU: 2 UID: 0 PID: 8214 Comm: syz.3.639 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  150.741307][ T8214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.741314][ T8214] Call Trace:
[  150.741317][ T8214]  <TASK>
[  150.741321][ T8214]  dump_stack_lvl+0x16c/0x1f0
[  150.741338][ T8214]  should_fail_ex+0x512/0x640
[  150.741350][ T8214]  _copy_to_iter+0x477/0x15a0
[  150.741363][ T8214]  ? find_held_lock+0x2b/0x80
[  150.741374][ T8214]  ? __pfx__copy_to_iter+0x10/0x10
[  150.741387][ T8214]  ? __virt_addr_valid+0x5e/0x590
[  150.741401][ T8214]  ? __phys_addr_symbol+0x30/0x80
[  150.741414][ T8214]  ? __check_object_size+0x4e0/0x710
[  150.741431][ T8214]  seq_read_iter+0xd02/0x12b0
[  150.741447][ T8214]  seq_read+0x39e/0x4e0
[  150.741458][ T8214]  ? __pfx_seq_read+0x10/0x10
[  150.741472][ T8214]  ? get_pid_task+0xfc/0x250
[  150.741489][ T8214]  ? __pfx_seq_read+0x10/0x10
[  150.741501][ T8214]  proc_reg_read+0x23d/0x330
[  150.741515][ T8214]  ? __pfx_proc_reg_read+0x10/0x10
[  150.741524][ T8214]  vfs_read+0x1de/0xc70
[  150.741539][ T8214]  ? __pfx_vfs_read+0x10/0x10
[  150.741550][ T8214]  ? find_held_lock+0x2b/0x80
[  150.741560][ T8214]  ? __fget_files+0x204/0x3c0
[  150.741576][ T8214]  ? __fget_files+0x20e/0x3c0
[  150.741588][ T8214]  ? __fget_files+0x200/0x3c0
[  150.741603][ T8214]  ksys_pread64+0x16e/0x1a0
[  150.741616][ T8214]  ? __pfx_ksys_pread64+0x10/0x10
[  150.741629][ T8214]  ? rcu_is_watching+0x12/0xc0
[  150.741640][ T8214]  ? rcu_is_watching+0x12/0xc0
[  150.741650][ T8214]  __do_fast_syscall_32+0x73/0x120
[  150.741664][ T8214]  do_fast_syscall_32+0x32/0x80
[  150.741677][ T8214]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  150.741690][ T8214] RIP: 0023:0xf73ce579
[  150.741697][ T8214] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  150.741707][ T8214] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 00000000000000b4
[  150.741716][ T8214] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000100
[  150.741722][ T8214] RDX: 00000000000000b1 RSI: 0000000000000040 RDI: 0000000000000000
[  150.741728][ T8214] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  150.741734][ T8214] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  150.741739][ T8214] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  150.741749][ T8214]  </TASK>
[  150.985734][ T8228] ax25_connect(): syz.3.644 uses autobind, please contact jreuter@yaina.de
[  151.694425][ T8231] serio: Serial port ptm0
[  152.035146][ T8262] =======================================================
[  152.035146][ T8262] WARNING: The mand mount option has been deprecated and
[  152.035146][ T8262]          and is ignored by this kernel. Remove the mand
[  152.035146][ T8262]          option from the mount to silence this warning.
[  152.035146][ T8262] =======================================================
[  152.044626][ T8262] fuse: Unknown parameter 'FÂÜd'
[  152.183800][ T8273] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input17
[  152.470378][ T8280] serio: Serial port ptm0
[  154.139533][ T8335] serio: Serial port ptm0
[  154.205476][ T8341] netlink: 8 bytes leftover after parsing attributes in process `syz.0.677'.
[  154.935003][ T5962] Bluetooth: unknown link type 108
[  154.936517][ T5962] Bluetooth: hci2: connection err: -111
[  155.643337][ T8387] lo speed is unknown, defaulting to 1000
[  155.762799][ T8390] lo speed is unknown, defaulting to 1000
[  156.559111][ T8421] lo speed is unknown, defaulting to 1000
[  156.647097][ T8429] FAULT_INJECTION: forcing a failure.
[  156.647097][ T8429] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.651110][ T8430] capability: warning: `syz.2.706' uses 32-bit capabilities (legacy support in use)
[  156.651131][ T8429] CPU: 0 UID: 0 PID: 8429 Comm: syz.1.707 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  156.651147][ T8429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.651153][ T8429] Call Trace:
[  156.651157][ T8429]  <TASK>
[  156.651161][ T8429]  dump_stack_lvl+0x16c/0x1f0
[  156.651178][ T8429]  should_fail_ex+0x512/0x640
[  156.651191][ T8429]  _copy_to_user+0x32/0xd0
[  156.651204][ T8429]  simple_read_from_buffer+0xe0/0x170
[  156.651218][ T8429]  proc_fail_nth_read+0x197/0x270
[  156.651231][ T8429]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  156.651244][ T8429]  ? rw_verify_area+0xcf/0x680
[  156.651256][ T8429]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  156.651269][ T8429]  vfs_read+0x1de/0xc70
[  156.651281][ T8429]  ? fdget_pos+0x2a2/0x370
[  156.651296][ T8429]  ? __pfx___mutex_lock+0x10/0x10
[  156.651309][ T8429]  ? __pfx_vfs_read+0x10/0x10
[  156.651324][ T8429]  ? __fget_files+0x20e/0x3c0
[  156.651339][ T8429]  ksys_read+0x12a/0x240
[  156.651352][ T8429]  ? __pfx_ksys_read+0x10/0x10
[  156.651365][ T8429]  ? rcu_is_watching+0x12/0xc0
[  156.651377][ T8429]  __do_fast_syscall_32+0x73/0x120
[  156.651391][ T8429]  do_fast_syscall_32+0x32/0x80
[  156.651404][ T8429]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  156.651417][ T8429] RIP: 0023:0xf73be579
[  156.651424][ T8429] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  156.651434][ T8429] RSP: 002b:00000000f5046590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  156.651443][ T8429] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5046620
[  156.651449][ T8429] RDX: 000000000000000f RSI: 00000000f73acff4 RDI: 0000000000000000
[  156.651455][ T8429] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  156.651460][ T8429] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  156.651466][ T8429] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  156.651475][ T8429]  </TASK>
[  156.842554][ T8447] lo speed is unknown, defaulting to 1000
[  156.886983][ T8451] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[  157.448977][ T8466] serio: Serial port ptm0
[  157.891885][ T8477] netlink: 16 bytes leftover after parsing attributes in process `syz.2.722'.
[  157.936698][ T8483] lo speed is unknown, defaulting to 1000
[  158.078339][ T5315] Bluetooth: hci4: sending frame failed (-49)
[  158.083103][ T5962] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  158.208353][ T8504] trusted_key: encrypted_key: keylen parameter is missing
[  159.086641][ T8524] lo speed is unknown, defaulting to 1000
[  159.494866][ T1454] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  159.624843][ T1454] usb 7-1: device descriptor read/64, error -71
[  159.866276][ T1454] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  159.995585][ T1454] usb 7-1: device descriptor read/64, error -71
[  160.107144][ T1454] usb usb7-port1: attempt power cycle
[  160.245267][   T10] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  160.404998][   T10] usb 8-1: Using ep0 maxpacket: 8
[  160.413789][   T10] usb 8-1: config 0 has an invalid interface number: 182 but max is 0
[  160.416579][   T10] usb 8-1: config 0 has no interface number 0
[  160.430191][   T10] usb 8-1: New USB device found, idVendor=0499, idProduct=101a, bcdDevice= 5.c8
[  160.433303][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.435649][   T10] usb 8-1: Product: syz
[  160.437081][   T10] usb 8-1: Manufacturer: syz
[  160.438562][   T10] usb 8-1: SerialNumber: syz
[  160.444083][   T10] usb 8-1: config 0 descriptor??
[  160.454771][ T1454] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  160.465314][   T10] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  160.475438][ T1454] usb 7-1: device descriptor read/8, error -71
[  160.559772][   T10] snd-usb-audio 8-1:0.182: probe with driver snd-usb-audio failed with error -2
[  160.700746][ T8552] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  160.715205][ T1454] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  160.735310][ T1454] usb 7-1: device descriptor read/8, error -71
[  160.766610][ T5948] usb 8-1: USB disconnect, device number 11
[  160.845821][ T1454] usb usb7-port1: unable to enumerate USB device
[  160.964564][ T8561] lo speed is unknown, defaulting to 1000
[  161.284749][ T5948] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  161.445877][ T5948] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.448721][ T5948] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.451409][ T5948] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  161.453753][ T5948] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.457007][ T5948] usb 5-1: config 0 descriptor??
[  161.880361][ T5948] pyra 0003:1E7D:2CF6.0016: unknown global tag 0xd
[  161.882176][ T5948] pyra 0003:1E7D:2CF6.0016: item 0 1 1 13 parsing failed
[  161.884326][ T5948] pyra 0003:1E7D:2CF6.0016: parse failed
[  161.885994][ T5948] pyra 0003:1E7D:2CF6.0016: probe with driver pyra failed with error -22
[  162.093362][ T8566] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  162.118796][   T10] usb 5-1: USB disconnect, device number 11
[  162.407422][ T8592] lo speed is unknown, defaulting to 1000
[  163.353157][ T8613] Bluetooth: MGMT ver 1.23
[  163.442336][   T40] audit: type=1326 audit(1742951648.899:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8616 comm="syz.1.763" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  163.452762][   T40] audit: type=1326 audit(1742951648.899:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8616 comm="syz.1.763" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  163.459693][   T40] audit: type=1326 audit(1742951648.899:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8616 comm="syz.1.763" exe="/syz-executor" sig=0 arch=40000003 syscall=445 compat=1 ip=0xf73be579 code=0x7ffc0000
[  163.465769][   T40] audit: type=1326 audit(1742951648.899:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8616 comm="syz.1.763" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  163.471450][   T40] audit: type=1326 audit(1742951648.899:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8616 comm="syz.1.763" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  163.536173][ T8622] hsr0: entered promiscuous mode
[  163.538019][ T8622] netlink: 4 bytes leftover after parsing attributes in process `syz.1.764'.
[  163.552626][ T8622] hsr_slave_0: left promiscuous mode
[  163.554589][ T8622] hsr_slave_1: left promiscuous mode
[  163.563893][ T8622] hsr0 (unregistering): left promiscuous mode
[  163.595285][ T1454] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  163.754716][ T1454] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  163.758818][ T1454] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.762514][ T1454] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  163.765849][ T8626] serio: Serial port ptm0
[  163.771404][ T1454] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.776371][ T1454] usb 8-1: config 0 descriptor??
[  164.181992][ T1454] pyra 0003:1E7D:2CF6.0017: unknown global tag 0xd
[  164.183787][ T1454] pyra 0003:1E7D:2CF6.0017: item 0 1 1 13 parsing failed
[  164.185871][ T1454] pyra 0003:1E7D:2CF6.0017: parse failed
[  164.187456][ T1454] pyra 0003:1E7D:2CF6.0017: probe with driver pyra failed with error -22
[  164.386645][ T8611] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  164.399974][ T5948] usb 8-1: USB disconnect, device number 12
[  165.350961][ T1454] lo speed is unknown, defaulting to 1000
[  165.638369][   T44] ==================================================================
[  165.640511][   T44] BUG: KASAN: slab-use-after-free in isolate_migratepages_block+0x3eb3/0x56f0
[  165.642830][   T44] Read of size 8 at addr ffff8880236711d8 by task kcompactd0/44
[  165.645970][   T44] 
[  165.647042][   T44] CPU: 3 UID: 0 PID: 44 Comm: kcompactd0 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  165.647056][   T44] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  165.647063][   T44] Call Trace:
[  165.647066][   T44]  <TASK>
[  165.647070][   T44]  dump_stack_lvl+0x116/0x1f0
[  165.647085][   T44]  print_report+0xc3/0x670
[  165.647101][   T44]  ? __virt_addr_valid+0x5e/0x590
[  165.647114][   T44]  ? __phys_addr+0xc6/0x150
[  165.647127][   T44]  ? isolate_migratepages_block+0x3eb3/0x56f0
[  165.647141][   T44]  kasan_report+0xe0/0x110
[  165.647156][   T44]  ? isolate_migratepages_block+0x3eb3/0x56f0
[  165.647508][   T44]  kasan_check_range+0xef/0x1a0
[  165.647519][   T44]  isolate_migratepages_block+0x3eb3/0x56f0
[  165.647535][   T44]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  165.647551][   T44]  compact_zone+0x1a5e/0x4220
[  165.647566][   T44]  ? __lock_acquire+0xaa4/0x1ba0
[  165.647581][   T44]  ? __pfx_compact_zone+0x10/0x10
[  165.647596][   T44]  compact_node+0x1a4/0x2d0
[  165.647624][   T44]  ? __pfx_compact_node+0x10/0x10
[  165.647638][   T44]  ? __pfx___might_resched+0x10/0x10
[  165.647653][   T44]  ? __pfx_extfrag_for_order+0x10/0x10
[  165.647664][   T44]  ? rcu_is_watching+0x12/0xc0
[  165.647679][   T44]  kcompactd+0x762/0xea0
[  165.647693][   T44]  ? __pfx_kcompactd+0x10/0x10
[  165.647706][   T44]  ? find_held_lock+0x2b/0x80
[  165.647716][   T44]  ? __pfx_autoremove_wake_function+0x10/0x10
[  165.647729][   T44]  ? lockdep_hardirqs_on+0x7c/0x110
[  165.647741][   T44]  ? __kthread_parkme+0x148/0x220
[  165.647754][   T44]  ? __pfx_kcompactd+0x10/0x10
[  165.647767][   T44]  kthread+0x3a4/0x760
[  165.647782][   T44]  ? __pfx_kthread+0x10/0x10
[  165.647796][   T44]  ? __pfx_kthread+0x10/0x10
[  165.647810][   T44]  ? __pfx_kthread+0x10/0x10
[  165.647824][   T44]  ? __pfx_kthread+0x10/0x10
[  165.647839][   T44]  ? rcu_is_watching+0x12/0xc0
[  165.647848][   T44]  ? __pfx_kthread+0x10/0x10
[  165.647862][   T44]  ret_from_fork+0x45/0x80
[  165.647871][   T44]  ? __pfx_kthread+0x10/0x10
[  165.647886][   T44]  ret_from_fork_asm+0x1a/0x30
[  165.647902][   T44]  </TASK>
[  165.647905][   T44] 
[  165.703352][   T44] Allocated by task 8620:
[  165.704537][   T44]  kasan_save_stack+0x33/0x60
[  165.705845][   T44]  kasan_save_track+0x14/0x30
[  165.707149][   T44]  __kasan_slab_alloc+0x89/0x90
[  165.708483][   T44]  kmem_cache_alloc_lru_noprof+0x1d0/0x3b0
[  165.710076][   T44]  shmem_alloc_inode+0x25/0x50
[  165.711401][   T44]  alloc_inode+0x61/0x240
[  165.712708][   T44]  new_inode+0x22/0x1c0
[  165.713853][   T44]  shmem_get_inode+0x19a/0xfb0
[  165.715172][   T44]  shmem_symlink+0xf7/0x780
[  165.716529][   T44]  vfs_symlink+0x400/0x680
[  165.717764][   T44]  do_symlinkat+0x261/0x310
[  165.718980][   T44]  __ia32_sys_symlinkat+0x93/0xc0
[  165.720367][   T44]  __do_fast_syscall_32+0x73/0x120
[  165.721767][   T44]  do_fast_syscall_32+0x32/0x80
[  165.723096][   T44]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  165.724846][   T44] 
[  165.725512][   T44] Freed by task 33:
[  165.726537][   T44]  kasan_save_stack+0x33/0x60
[  165.727873][   T44]  kasan_save_track+0x14/0x30
[  165.729157][   T44]  kasan_save_free_info+0x3b/0x60
[  165.730510][   T44]  __kasan_slab_free+0x51/0x70
[  165.731875][   T44]  kmem_cache_free+0x2d4/0x4d0
[  165.733226][   T44]  i_callback+0x43/0x70
[  165.734406][   T44]  rcu_core+0x799/0x14e0
[  165.735628][   T44]  handle_softirqs+0x216/0x8e0
[  165.737005][   T44]  run_ksoftirqd+0x3a/0x60
[  165.738268][   T44]  smpboot_thread_fn+0x678/0xa70
[  165.739673][   T44]  kthread+0x3a4/0x760
[  165.740833][   T44]  ret_from_fork+0x45/0x80
[  165.742073][   T44]  ret_from_fork_asm+0x1a/0x30
[  165.743352][   T44] 
[  165.744017][   T44] Last potentially related work creation:
[  165.745555][   T44]  kasan_save_stack+0x33/0x60
[  165.746825][   T44]  kasan_record_aux_stack+0xb8/0xd0
[  165.748227][   T44]  __call_rcu_common.constprop.0+0x9a/0x9f0
[  165.749822][   T44]  destroy_inode+0x12c/0x1b0
[  165.751066][   T44]  evict+0x5b4/0x920
[  165.752141][   T44]  iput+0x521/0x880
[  165.753153][   T44]  do_unlinkat+0x518/0x6a0
[  165.754346][   T44]  __ia32_sys_unlink+0xc4/0x110
[  165.755661][   T44]  __do_fast_syscall_32+0x73/0x120
[  165.757070][   T44]  do_fast_syscall_32+0x32/0x80
[  165.758381][   T44]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  165.760073][   T44] 
[  165.760740][   T44] The buggy address belongs to the object at ffff888023670d10
[  165.760740][   T44]  which belongs to the cache shmem_inode_cache of size 1544
[  165.764580][   T44] The buggy address is located 1224 bytes inside of
[  165.764580][   T44]  freed 1544-byte region [ffff888023670d10, ffff888023671318)
[  165.768317][   T44] 
[  165.769032][   T44] The buggy address belongs to the physical page:
[  165.770725][   T44] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x23670
[  165.773037][   T44] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  165.775257][   T44] memcg:ffff888025cbef01
[  165.776419][   T44] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  165.778511][   T44] page_type: f5(slab)
[  165.779601][   T44] raw: 00fff00000000040 ffff888040491cc0 ffffea00010d9000 dead000000000003
[  165.781865][   T44] raw: 0000000000000000 0000000000130013 00000000f5000000 ffff888025cbef01
[  165.784161][   T44] head: 00fff00000000040 ffff888040491cc0 ffffea00010d9000 dead000000000003
[  165.786411][   T44] head: 0000000000000000 0000000000130013 00000000f5000000 ffff888025cbef01
[  165.788715][   T44] head: 00fff00000000003 ffffea00008d9c01 ffffffffffffffff 0000000000000000
[  165.791061][   T44] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  165.793439][   T44] page dumped because: kasan: bad access detected
[  165.795210][   T44] page_owner tracks the page as allocated
[  165.796807][   T44] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 36, tgid 36 (kdevtmpfs), ts 6534445964, free_ts 0
[  165.802021][   T44]  post_alloc_hook+0x181/0x1b0
[  165.803351][   T44]  get_page_from_freelist+0x10c4/0x34c0
[  165.804838][   T44]  __alloc_frozen_pages_noprof+0x223/0x24d0
[  165.806432][   T44]  alloc_pages_mpol+0x1fb/0x540
[  165.807771][   T44]  new_slab+0x23c/0x330
[  165.808924][   T44]  ___slab_alloc+0xd9c/0x1940
[  165.810205][   T44]  __slab_alloc.constprop.0+0x56/0xb0
[  165.811644][   T44]  kmem_cache_alloc_lru_noprof+0xf4/0x3b0
[  165.813221][   T44]  shmem_alloc_inode+0x25/0x50
[  165.814506][   T44]  alloc_inode+0x61/0x240
[  165.815692][   T44]  new_inode+0x22/0x1c0
[  165.816861][   T44]  shmem_get_inode+0x19a/0xfb0
[  165.818180][   T44]  shmem_mknod+0x1a8/0x450
[  165.819380][   T44]  vfs_mknod+0x5d7/0x8e0
[  165.820514][   T44]  devtmpfs_work_loop+0x1c8/0x8e0
[  165.821869][   T44]  devtmpfsd+0x4c/0x50
[  165.822966][   T44] page_owner free stack trace missing
[  165.824443][   T44] 
[  165.825144][   T44] Memory state around the buggy address:
[  165.826615][   T44]  ffff888023671080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  165.828757][   T44]  ffff888023671100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  165.830858][   T44] >ffff888023671180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  165.833011][   T44]                                                     ^
[  165.834816][   T44]  ffff888023671200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  165.836969][   T44]  ffff888023671280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  165.839069][   T44] ==================================================================
[  165.841191][   T44] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  165.843096][   T44] CPU: 3 UID: 0 PID: 44 Comm: kcompactd0 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[  165.846095][   T44] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  165.849061][   T44] Call Trace:
[  165.850012][   T44]  <TASK>
[  165.850858][   T44]  dump_stack_lvl+0x3d/0x1f0
[  165.852175][   T44]  panic+0x71c/0x800
[  165.853289][   T44]  ? __pfx_panic+0x10/0x10
[  165.854575][   T44]  ? __pfx__printk+0x10/0x10
[  165.855833][   T44]  ? end_report+0x4c/0x170
[  165.857080][   T44]  ? check_panic_on_warn+0x1f/0xb0
[  165.858461][   T44]  ? isolate_migratepages_block+0x3eb3/0x56f0
[  165.860087][   T44]  check_panic_on_warn+0xab/0xb0
[  165.861412][   T44]  end_report+0x107/0x170
[  165.862593][   T44]  kasan_report+0xee/0x110
[  165.863820][   T44]  ? isolate_migratepages_block+0x3eb3/0x56f0
[  165.865447][   T44]  kasan_check_range+0xef/0x1a0
[  165.866741][   T44]  isolate_migratepages_block+0x3eb3/0x56f0
[  165.868352][   T44]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  165.870106][   T44]  compact_zone+0x1a5e/0x4220
[  165.871378][   T44]  ? __lock_acquire+0xaa4/0x1ba0
[  165.872698][   T44]  ? __pfx_compact_zone+0x10/0x10
[  165.874053][   T44]  compact_node+0x1a4/0x2d0
[  165.875276][   T44]  ? __pfx_compact_node+0x10/0x10
[  165.876653][   T44]  ? __pfx___might_resched+0x10/0x10
[  165.878108][   T44]  ? __pfx_extfrag_for_order+0x10/0x10
[  165.879557][   T44]  ? rcu_is_watching+0x12/0xc0
[  165.880866][   T44]  kcompactd+0x762/0xea0
[  165.882030][   T44]  ? __pfx_kcompactd+0x10/0x10
[  165.883296][   T44]  ? find_held_lock+0x2b/0x80
[  165.884581][   T44]  ? __pfx_autoremove_wake_function+0x10/0x10
[  165.886244][   T44]  ? lockdep_hardirqs_on+0x7c/0x110
[  165.887726][   T44]  ? __kthread_parkme+0x148/0x220
[  165.889076][   T44]  ? __pfx_kcompactd+0x10/0x10
[  165.890377][   T44]  kthread+0x3a4/0x760
[  165.891494][   T44]  ? __pfx_kthread+0x10/0x10
[  165.892776][   T44]  ? __pfx_kthread+0x10/0x10
[  165.894024][   T44]  ? __pfx_kthread+0x10/0x10
[  165.895256][   T44]  ? __pfx_kthread+0x10/0x10
[  165.896540][   T44]  ? rcu_is_watching+0x12/0xc0
[  165.897842][   T44]  ? __pfx_kthread+0x10/0x10
[  165.899091][   T44]  ret_from_fork+0x45/0x80
[  165.900278][   T44]  ? __pfx_kthread+0x10/0x10
[  165.901578][   T44]  ret_from_fork_asm+0x1a/0x30
[  165.902887][   T44]  </TASK>
[  165.904331][   T44] Kernel Offset: disabled
[  165.905547][   T44] Rebooting in 86400 seconds..

VM DIAGNOSIS:
01:14:11  Registers:
info registers vcpu 0

CPU#0
RAX=00000000007ebd01 RBX=0000000000000000 RCX=ffffffff81902321 RDX=0000000000000000
RSI=ffffffff8d9a7ab0 RDI=ffffffff8bd357a0 RBP=fffffbfff1bd2ee8 RSP=ffffffff8de07e20
R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff90629217 R11=0000000000000000
R12=0000000000000000 R13=ffffffff8de97740 R14=ffffffff90629210 R15=0000000000000000
RIP=ffffffff8b5b9a59 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097c5a000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73f4f9c CR3=00000000120ec000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=ffff88802b439ec0 RCX=0000000000000100 RDX=0000000000000001
RSI=0000000000000003 RDI=ffffffff8dab1ce0 RBP=dffffc0000000000 RSP=ffffc9000dd576d0
R8 =ffffed10056a75c1 R9 =ffff88802b53ae14 R10=ffff88802b439ec3 R11=0000000000000000
R12=0000000000007f00 R13=0000000000000000 R14=ffff88802b53ae00 R15=ffffed10056873d8
RIP=ffffffff8b5e2d18 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097d5a000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080022000 CR3=00000000120ec000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000002 RBX=ffff88804f5ac900 RCX=0000000000000006 RDX=0000000000000000
RSI=ffffffff8d9a7ab0 RDI=ffffffff8bd357a0 RBP=0000000000000286 RSP=ffffc90003aef7d8
R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff90629217 R11=0000000000000000
R12=0000000000000002 R13=ffff88804f5ac768 R14=ffff88804f5ac940 R15=ffff88804f5ac2e8
RIP=ffffffff8b5e15b1 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097e5a000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f28a7324ba0 CR3=0000000023b4c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f741cff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff8b58ffc6 RDX=ffff88801e8fa440
RSI=0000000000000034 RDI=0000000000000001 RBP=ffffffff8ccf8580 RSP=ffffc900006b70b8
R8 =0000000000000001 R9 =0000000000000034 R10=0000000000000042 R11=0000000000011d8b
R12=0000000000000042 R13=0000000000000001 R14=000000000000001f R15=ffffffff820000a3
RIP=ffffffff81baef42 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097f5a000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73ac9f0 CR3=000000000df82000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000