last executing test programs:

23m38.649674124s ago: executing program 0 (id=404):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x5b, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000100)="2e0f081927003c3c3e2636f364dadbf30f1bff19e70f38c94b0f65660f139900000f20d866b98f0bf8790000320f22d8ba4300edb84bf7fc05d8", 0x3a}], 0x1, 0x1, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

23m38.507825479s ago: executing program 0 (id=410):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0305710, &(0x7f0000000000)={0x0, 0x399a, 0x5, 0x1, 0x2})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b04, &(0x7f0000000000)={'wlan0\x00'})
socket$vsock_stream(0x28, 0x1, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0)
ioctl$IOMMU_DESTROY$stdev(r1, 0x3b80, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f00000402c0)={'#! ', './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x1000a)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r3, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x8000, 0xe, 0x0, 0x7, 0x0, 0xfffffffffffffffd, 0x77, 0x0, 0x0, 0xba, 0x3, 0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xf, 0x0, 0x6, 0x5, 0x0, 0x2f439})

23m38.43933192s ago: executing program 0 (id=414):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12014101f2c59620d016b8108ede0102030109022400010000100009040002020083ec0009050602000202000a09058202"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

23m35.400061978s ago: executing program 0 (id=475):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0)
r1 = socket(0xa, 0x3, 0xff)
connect$inet6(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8020)
mkdirat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0)
statx(0xffffffffffffffff, 0x0, 0x0, 0x20, 0x0)
getpgid(0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1)
sendmsg$NL80211_CMD_SET_MPATH(r2, 0x0, 0x4080)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$tmpfs(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f00000001c0), 0x800, 0x0)

23m35.319660788s ago: executing program 0 (id=476):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000004780)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000001c0)=ANY=[@ANYBLOB="fe00020007"], 0xc)

23m35.048795804s ago: executing program 0 (id=477):
keyctl$setperm(0x5, 0x0, 0x2000)

23m35.008268166s ago: executing program 32 (id=477):
keyctl$setperm(0x5, 0x0, 0x2000)

8.497880042s ago: executing program 4 (id=5577):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="300000001000010028bd7000f9dbdf2500000000", @ANYRES32=0x0, @ANYBLOB="158804000300000008000d000100000008001b00000000002d389b604ac6e8c3ae970a5a1a9bc68e7818b4e8e45eb2a9f2102c3b77a5d627fb352132be3dd080a5556441dd"], 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
r1 = socket$inet6(0xa, 0x80002, 0x0)
r2 = landlock_create_ruleset(&(0x7f00000001c0)={0x3050, 0x1, 0x3}, 0x18, 0x0)
landlock_restrict_self(r2, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
landlock_restrict_self(r5, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = getpgrp(0x0)
fcntl$setownex(r4, 0xf, &(0x7f0000000100)={0x2, r6})
sendmsg$unix(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="b5", 0x1}], 0x1}, 0x240408c1)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xe}, {0x3}, {0xfff3}}}, 0x24}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="300000001000010028bd7000f9dbdf2500000000", @ANYRES32=0x0, @ANYBLOB="158804000300000008000d000100000008001b00000000002d389b604ac6e8c3ae970a5a1a9bc68e7818b4e8e45eb2a9f2102c3b77a5d627fb352132be3dd080a5556441dd"], 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) (async)
socket$inet6(0xa, 0x80002, 0x0) (async)
landlock_create_ruleset(&(0x7f00000001c0)={0x3050, 0x1, 0x3}, 0x18, 0x0) (async)
landlock_restrict_self(r2, 0x4) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)) (async)
landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0) (async)
landlock_restrict_self(r5, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
getpgrp(0x0) (async)
fcntl$setownex(r4, 0xf, &(0x7f0000000100)={0x2, r6}) (async)
sendmsg$unix(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="b5", 0x1}], 0x1}, 0x240408c1) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'syz_tun\x00'}) (async)
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xe}, {0x3}, {0xfff3}}}, 0x24}}, 0x0) (async)

7.612348578s ago: executing program 4 (id=5579):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = socket(0x10, 0x803, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xd)
readv(r3, &(0x7f0000000200)=[{&(0x7f0000000080)=""/1, 0x1}], 0x1)
r4 = landlock_create_ruleset(&(0x7f00000002c0)={0x2000, 0x1, 0x3}, 0x18, 0x0)
io_setup(0x142e, 0x0)
landlock_restrict_self(r4, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000340)=<r5=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r5, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r6 = syz_clone(0x200, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
wait4(r6, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r2, 0x0, 0x0)
io_uring_setup(0x3e21, &(0x7f00000000c0)={0x0, 0xfca0, 0x0, 0x2000003, 0x22e})
ioctl$TIOCGSERIAL(r3, 0x541e, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=""/224})
userfaultfd(0x1)

4.766207811s ago: executing program 4 (id=5591):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x3, 0x1c, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x50}, 0x1, 0x0, 0x0, 0x20044000}, 0x8042)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_usb_connect(0x2, 0x3f, 0x0, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), 0xffffffffffffffff)
r4 = openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, 0x0)
openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)
r5 = syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
sendmsg$NFC_CMD_START_POLL(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010023010000340200000600000008000100"], 0x24}}, 0x0)
sendmsg$NFC_CMD_ACTIVATE_TARGET(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="2c0000009029996a7c067c36206297322cc7d84ac80ea20745ae6b0e3f2e65df13e27a8a185ee44c0619c94b2337538953b1d75046836efd455348e438a3985c9cf975c2d3628268dccf068364e332363cc218ae534ad09c487470a8371dbcb28e5a67f17613bdbe7304f530a3c5ae3d2e6ded46c45bcddb10312e14163eb2e46676f58a965cfde3d404b92a568fcd9b1a3570761f03dce7c0b94e623b", @ANYRES16=r5, @ANYBLOB="010023010000340200001c00000008000100", @ANYRES32, @ANYBLOB="0800040000000000"], 0x2c}}, 0x0)
r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f00000000c0)=<r7=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000280)=<r8=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000380)=<r9=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000003c0)=<r10=>0x0)
setsockopt$netlink_NETLINK_PKTINFO(r2, 0x10e, 0x3, &(0x7f0000000000)=0x26c1, 0x4)
sendmsg$NFC_CMD_LLC_GET_PARAMS(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)={0x54, 0x0, 0x122, 0x70bd2b, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_FIRMWARE_NAME={0x4}, @NFC_ATTR_FIRMWARE_NAME={0x9, 0x14, 'syz1\x00'}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000800}, 0x44084)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
sendmsg$IPSET_CMD_LIST(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x7, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004080}, 0x8000)

3.789468878s ago: executing program 4 (id=5594):
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r2=>0x0})
r3 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x49920d862a92153b, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x441, 0x15001}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r4}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x48}}, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x49920d862a92153b, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x441, 0x15001}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r4}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x48}}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) (async)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00222200000096010006010003000000002a90a0753883c83e25031bdde840503a0c"], 0x0}, 0x0) (async)
syz_usb_control_io$hid(r5, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00222200000096010006010003000000002a90a0753883c83e25031bdde840503a0c"], 0x0}, 0x0)
r6 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
ioctl$EVIOCGKEYCODE_V2(r6, 0x80284504, &(0x7f0000000240)=""/95)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="18000000071401"], 0x18}}, 0x0)
r7 = syz_usb_connect$uac2(0x2, 0xfe, &(0x7f00000002c0)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x20, 0x763, 0x201a, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xec, 0x3, 0x1, 0x8, 0x20, 0x7, {0x8, 0xb, 0x2, 0x2, 0x1, 0x1, 0x20, 0x8}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x20, 0x0, {{0x9, 0x24, 0x1, 0x7, 0x2, 0x48, 0x5}, [@output_terminal={0xc, 0x24, 0x3, 0x4, 0x405, 0x0, 0x6, 0x5, 0x9, 0x7f}, @source_unit={0x8, 0x24, 0xa, 0x1, 0x4, 0x7, 0x6, 0x2}, @selector_unit={0xd, 0x24, 0xb, 0x2, 0x8, "87dfc0ef8fac654b"}, @multiply_unit={0x7, 0x24, 0xc, 0x9, 0x0, 0x7, 0x1}, @selector_unit={0xb, 0x24, 0xb, 0xb, 0x6, "8aae7566bc0b"}, @output_terminal={0xc, 0x24, 0x3, 0x2, 0x100, 0x9, 0x1, 0x5, 0x2, 0x4}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {[@format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0x8, 0x800, 0x5, 0xc}]}, {{0x9, 0x5, 0x1, 0x9, 0x400, 0x6, 0x4, 0x98, {0x8, 0x25, 0x1, 0x2, 0xc, 0x4}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {[@format_type_ii_discrete={0x11, 0x24, 0x2, 0x2, 0x2, 0xfffa, 0x83, "5cc5e573ce7ec177"}, @format_type_i_discrete={0xa, 0x24, 0x2, 0x1, 0x0, 0x2, 0x5, 0x1, "ecdb"}, @format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x6, 0x1, 0x80, 0x7, "cc169d", "a4"}, @format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0x9da, 0x9, 0x0, 0xab}, @format_type_i_ext={0x9, 0x24, 0x2, 0x1, 0x1f, 0x1, 0x0, 0x7, 0xfd}]}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x9, 0x7, 0x10, {0x8, 0x25, 0x1, 0x0, 0x30, 0x59, 0x3}}}}}}}}]}}, &(0x7f0000000900)={0xa, &(0x7f00000003c0)={0xa, 0x6, 0x250, 0x7, 0x4, 0x9, 0x8, 0xe}, 0x40, &(0x7f00000004c0)={0x5, 0xf, 0x40, 0x5, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x0, 0x1, 0x4}, @ss_container_id={0x14, 0x10, 0x4, 0x80, "2ac6b04a71c59637337beb211b402c6d"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x0, 0x6, 0x6, 0x42d}, @ptm_cap={0x3}, @ssp_cap={0x10, 0x10, 0xa, 0x0, 0x1, 0x28, 0xff0f, 0x80, [0xff000f]}]}, 0x9, [{0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x2c0a}}, {0x4, &(0x7f0000000540)=@lang_id={0x4, 0x3, 0x180c}}, {0xe4, &(0x7f0000000600)=@string={0xe4, 0x3, "b4c83326e7be894b1ac70388cc7e808402cd957b2229624299eb6e4d68262fe902c7e3d1ad1c0bf8e8a122e44141dca73f7fb91089e0552e058c65b1170980e5057da710c0b538266caf864aa89f4f7105645f5667ecafff9be415b075dd8138322ff5027263b95807f8c6f89f66fbf18792161484f0e4cc9cb9ed2984c78899cdbcac133d5c4c37decbaa7423516659cd76070cdb1e3bf0bbda2c41ae10aa705183065c74d4861645985512d4d65bdfa1ec14508b4a11e14fc2647b8d4feb7a8bbc665041eb73d7f73e05b2fa35782d39d547c6d4133e289955c80e38a90c3f3e8c"}}, {0x4, &(0x7f0000000700)=@lang_id={0x4, 0x3, 0x3c01}}, {0x57, &(0x7f0000000740)=@string={0x57, 0x3, "589d0e2176faaa84431f84adc054b702558a38f111618a14eb0919df02ec30bd78d3bfbc4e0a5ea50a084f2ad5a8e0ac76574b3ff73ff2ee99bc67440382e76e9c7c3b8249069e2169e5832a5f9ec58efe02efa654"}}, {0x30, &(0x7f00000007c0)=@string={0x30, 0x3, "18cc37b8da90d2e170e726bfdf0065a8a50bcb23f3824dee7ea144e86bc9d24f690d155a3184ce451b432bfabf6c"}}, {0x78, &(0x7f0000000800)=@string={0x78, 0x3, "1abe2ab02c2de2a81b0741c0ec3bb5fdd3aa136b353ebea1a5031d7b4a8198143101cc5ea1cd3ce07e88904c02fd259b8098c378186a1d5f631976c54904cb0526a50ad8d4c768614b9cc3ea392ff183d5b0baf352ea52b508b49cef845de06dcddbf685f090f813e142bc968eee9ecc44e96b21bc07"}}, {0x4, &(0x7f0000000880)=@lang_id={0x4, 0x3, 0xc07}}, {0x4, &(0x7f00000008c0)=@lang_id={0x4, 0x3, 0x445}}]})
syz_usb_control_io$uac2(r7, &(0x7f0000000ac0)={0xc, &(0x7f0000000980)={0x0, 0x5, 0x89, {0x89, 0x22, "e270f82ec3954a755bc604b410827a465b5a15287e36d153eaf12f9d9498466aec354b89b62abf1cb209333040cfd4007bfc20a40b7b80f69cf874a4a5567a657e295c9c76f304e15c2a04378a0c5ea9fea74494536a14db8712274c662e57e5ebf60b1a6dfe2647b60045f579cc50af459fd2376c4a2d2ec1a33d389fa23703604c946d6ebf4f"}}, &(0x7f0000000a40)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x444}}}, &(0x7f0000000d80)={0x24, &(0x7f0000000dc0)={0x40, 0x8, 0xc6, "77bed5bcfb668c33505b47eb867eaf10d532c21745a0835a7184600c0f5df7640b2831b803b1d2c0e0c0b4438333c269fea8bbe255bdb32df27ba1213b93295217cf1d817fe7d46704664d71150e50690f4bd9bc2017540fb91f392d1d2f9c910400c6986d6365acf6663aa49a035dbdcfd297b43b4e72ef9433cce30c23bcc901d5c9ee4b965d14139da7b2baea4253c40668095a8e336ffe000000000000006e36f55fe7fdfcbbc1c8058d728078dc0280ca7b91f75a1f767f86ca7fef480ccb685c06656a"}, &(0x7f0000000bc0)={0x0, 0xa, 0x1, 0x8}, &(0x7f0000000c00)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000000c40)={0x20, 0x81, 0x3, "c03f0d"}, &(0x7f0000000c80)={0x20, 0x82, 0x1, "a1"}, &(0x7f0000000cc0)={0x20, 0x83, 0x2, "7399"}, &(0x7f0000000d00)={0x20, 0x84, 0x4, "5efb8243"}, &(0x7f0000000d40)={0x20, 0x85, 0x3, "b31d49"}})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r8, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x20040894)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xc000, &(0x7f0000000040)=0x9, 0x4, 0x5) (async)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xc000, &(0x7f0000000040)=0x9, 0x4, 0x5)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4400000010000305000000000000000000cf0000", @ANYRES32=0x0, @ANYBLOB="0308010000000000240012800b0001006272696467650000140002800800040005000000050015"], 0x44}}, 0x4004010)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r1, 0x4004f506, &(0x7f00000000c0)=0x1)

3.396880065s ago: executing program 1 (id=5596):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18025b0000000000000000000000850000007b000000950000000000000095fb55f100d3de0a0000000000000009323f2f93ebe6a28ab89d27265f5897b4694809000000000000000dca4fa6bc93e0da0f000069c47454642e79968efd8013b36ff32a4dafa1e94c899f0d7ee3e40f9e364f223cd966a7d72e9a4aa25dbfe861cd6fbb5af751c697801673cbecaeb23948a71e1bb06e1be544"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000006c0)={r2, r1}, 0x14)
syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
syz_emit_ethernet(0xfdef, &(0x7f00000004c0)=ANY=[], 0x0)

3.321917491s ago: executing program 1 (id=5597):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
syz_emit_ethernet(0x6e, &(0x7f0000000540)=ANY=[], 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141182)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
read$msr(r1, &(0x7f0000000200)=""/161, 0xa1)
r2 = syz_open_dev$dri(&(0x7f0000002580), 0x200, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x44885)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[], 0x50)
syz_usb_connect(0x5, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000024917720042322023f77010203010902120001000010000904"], 0x0)
r4 = syz_open_dev$I2C(&(0x7f0000000040), 0x2, 0x20002)
ioctl$I2C_RDWR(r4, 0x707, &(0x7f0000000100)={&(0x7f0000000300)})
r5 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
fchdir(r6)
mknod(&(0x7f0000000040)='./file0\x00', 0x1000, 0x1)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r3, r3}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1a, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000026c0)={0x0, 0x0, 0x0, 0x0})
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, {0x0, 0xa8ab, 0x0, 0x0, 0x8, 0x1, 0x5, 0x0, 0x3, 0x4, 0x0, 0x10000, 0x406, 0x0, "427f4d0561864078b7f952fc7ebbfea1deee063e520cc38c6a002000"}})

2.574245031s ago: executing program 2 (id=5601):
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000640), 0x800, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x4004040)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r5}]}, 0x20}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@ipv6_newrule={0x1c, 0x18, 0x409, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2}}, 0x1c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x6c, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x4c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x38, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_LINK={0x8, 0x1, r5}]}}}]}, 0x6c}}, 0x0)
openat$vimc0(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r6, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
sendmsg$NFT_BATCH(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c00000016"], 0xfc}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x40d, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_DOWNDELAY={0x8, 0x5, 0x2}]}}}]}, 0x3c}}, 0x0)
ioctl$XFS_IOC_GETBMAPX(r7, 0xc0205838, &(0x7f0000000140)={0x5, 0x1, 0x3, 0x1, 0x6a, 0x8, 0x6})

2.455974683s ago: executing program 3 (id=5602):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x3, 0x1c, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x50}, 0x1, 0x0, 0x0, 0x20044000}, 0x8042)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_usb_connect(0x2, 0x3f, 0x0, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), 0xffffffffffffffff)
r4 = openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, 0x0)
openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)
r5 = syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
sendmsg$NFC_CMD_START_POLL(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010023010000340200000600000008000100"], 0x24}}, 0x0)
sendmsg$NFC_CMD_ACTIVATE_TARGET(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="2c0000009029996a7c067c36206297322cc7d84ac80ea20745ae6b0e3f2e65df13e27a8a185ee44c0619c94b2337538953b1d75046836efd455348e438a3985c9cf975c2d3628268dccf068364e332363cc218ae534ad09c487470a8371dbcb28e5a67f17613bdbe7304f530a3c5ae3d2e6ded46c45bcddb10312e14163eb2e46676f58a965cfde3d404b92a568fcd9b1a3570761f03dce7c0b94e623b", @ANYRES16=r5, @ANYBLOB="010023010000340200001c00000008000100", @ANYRES32, @ANYBLOB="0800040000000000"], 0x2c}}, 0x0)
r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f00000000c0)=<r7=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000280)=<r8=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000380)=<r9=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000003c0)=<r10=>0x0)
setsockopt$netlink_NETLINK_PKTINFO(r2, 0x10e, 0x3, &(0x7f0000000000)=0x26c1, 0x4)
sendmsg$NFC_CMD_LLC_GET_PARAMS(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)={0x54, 0x0, 0x122, 0x70bd2b, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_FIRMWARE_NAME={0x4}, @NFC_ATTR_FIRMWARE_NAME={0x9, 0x14, 'syz1\x00'}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000800}, 0x44084)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
sendmsg$IPSET_CMD_LIST(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x7, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004080}, 0x8000)

2.184224141s ago: executing program 1 (id=5603):
ioctl$COMEDI_DEVINFO(0xffffffffffffffff, 0x80b06401, &(0x7f0000000280))
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes)\x00'}, 0x58)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="5c0000000206050800000000000000000000000005000400000000000900020073797a30000000001400078008001340000000000800064000000000050005000000000005000100060000000d000300686173683a6d6163"], 0x5c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r5, 0x8922, &(0x7f0000000080)={'dummy0\x00'})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)={0x44, 0x9, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x1}, @IPSET_ATTR_ADT={0x14, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0xa, 0x11, @local}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
dup2(r1, r2)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180), 0x0)
r7 = accept4(r0, 0x0, 0x0, 0x80000)
sendmmsg$alg(r7, 0x0, 0x0, 0x40800)
r8 = socket$inet(0x2, 0x2, 0x1)
r9 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$sock_int(r9, 0x1, 0x29, &(0x7f0000000100)=0x3ff, 0x4)
setsockopt$SO_TIMESTAMPING(r9, 0x1, 0x41, &(0x7f0000000040)=0x195d, 0x4)
sendmmsg$inet6(r9, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x800)
recvfrom(r9, 0x0, 0x0, 0x12000, 0x0, 0x0)
sendmsg$inet(r8, &(0x7f00000005c0)={&(0x7f00000003c0)={0x2, 0x0, @empty=0xe0000000}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000080)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb35", 0x6}], 0x2, &(0x7f0000000240)=[@ip_pktinfo={{0x20, 0x0, 0x8, {0x0, @local, @broadcast}}}], 0x20}, 0x20048894)
r10 = openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
pwritev(r10, &(0x7f0000000600)=[{&(0x7f0000000240)='@', 0x1}, {0x0, 0x41}], 0x2, 0x1ae, 0x101)

2.055810671s ago: executing program 2 (id=5604):
r0 = memfd_create(&(0x7f00000001c0)='\x02A\xbb\xf1\t\x00\x00\x00\x00\x00\x00\x00\x96\x0e\x00\x00\x00\x00\x00\x00', 0x8)
r1 = socket(0x2d, 0x2, 0x0)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x2d, 0x0, 0x20, 0x400000}, 0xc, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0xc0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$XFS_IOC_PATH_TO_HANDLE(0xffffffffffffffff, 0xc01c5869, &(0x7f0000000240)={<r3=>0xffffffffffffffff, 0x0, 0x2200, 0x0, 0x0, 0x0, &(0x7f0000000200)=0xfffff81d})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r4 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f0000000200)=0x237a, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000240)="0100", 0x2}], 0x1}, 0x240448c1)
r7 = socket$rxrpc(0x21, 0x2, 0xa)
sendto$rxrpc(r7, 0x0, 0x0, 0x44800, 0x0, 0x0)
r8 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r8, &(0x7f0000001280)=@in6={0x21, 0x400, 0x2, 0x1c, {0xa, 0x0, 0x8, @empty, 0x1}}, 0x24)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x8000)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000e40)=@newqdisc={0x40, 0x24, 0x3fe3aa0262d8c583, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r11, {0x0, 0xf}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8}}]}, 0x40}, 0x1, 0x0, 0x0, 0xc083}, 0x2000400c)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)
recvmsg(r5, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001)
sendmsg$inet(r6, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000500)="04", 0x1}], 0x1}, 0x1)
recvmsg$unix(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000140)=""/1, 0x1}, {&(0x7f0000000600)=""/244, 0x44}, {&(0x7f0000000280)=""/191, 0xbf}, {&(0x7f0000000540)=""/76, 0x4c}], 0x4}, 0x160)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000d40)={'wlan0\x00', <r12=>0x0})
syz_genetlink_get_family_id$nl80211(&(0x7f0000001100), r2)
r13 = openat$sequencer2(0xffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$sequencer(r13, &(0x7f0000000040)=[@l={0x92, 0x3, 0xb0, 0x1b, 0xa, 0x3, 0x1}, @raw={0xc, 0x2, "df3d96291e1c"}], 0x10)
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r3)
sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000001140)={0x1c, r14, 0x8, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r12}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4004000)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x100000a, 0x24011, r0, 0x0)

1.986246056s ago: executing program 1 (id=5605):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x0, 0x0)
open(&(0x7f0000000140)='./file1\x00', 0x60142, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000000200)={0x2020, 0x0, <r3=>0x0}, 0x2020)
r4 = open(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
write$FUSE_INIT(r2, &(0x7f0000002300)={0x50, 0x0, r3, {0x7, 0x9, 0x0, 0x1030002, 0x0, 0x0, 0x2}}, 0x50)
read$FUSE(r2, &(0x7f00000065c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r2, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r5}, 0x10)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x20080, 0x0)
dup3(r6, r2, 0x0)
close(0x3)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
r8 = epoll_create(0x3)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r1, &(0x7f0000000040)={0x80000010})
r9 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r10, {0x0, 0xfff3}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x6, 0x7}}]}}]}, 0x48}}, 0x4c840)
sendmsg$nl_route_sched(r9, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r11, 0x8946, &(0x7f00000001c0)={'syz_tun\x00', &(0x7f0000002fc0)=@ethtool_wolinfo={0x3, 0x8, 0xfffffffd, "8f1151239582"}})
syz_usb_connect(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="65c06ec614732cbe28d3e6b0925d5a7f9eb37b78843cbdb23f7f7aca0300000073e8e3953b1b7547116eae37ba8f5a23e58661e86541ed44c2ff85d82890bfdc0c804a15eb53f47587f7289d690402cb278e2dc0881e2e0d48214e4faa8311ac6852ea08006b023b62944807a82d898ae79d385ff842031ef0837ad8ddf372357dc1a355d733869e11d1288dc0aecd0bd1bda5264d21b7f5b7e518817aa310e4baa4e051a519d662df6f94d529dceb6238352357a6d5be1ede181481f7bab81c8ddfeb828181b0b80284eb24d18a2a6a0796"], 0x0)
r12 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000740)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="01000000000000000000010000000800010000000000080002000100000008000880040007802c0004800500030006001000040003"], 0x58}}, 0x0)
r13 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001a80), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000100)={0x28, r13, 0x1, 0x1000000, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}]}]}]}, 0x28}}, 0x20004000)
sendmsg$ETHTOOL_MSG_RINGS_GET(r11, &(0x7f0000002580)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000002540)={&(0x7f0000002480)={0xa4, r13, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x1}, 0x2800)

1.78408724s ago: executing program 2 (id=5606):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="01002bbd7000fedbdf25070000000a0004007770616e3000000008000100010000000800050000000000080003"], 0x40}}, 0x8084)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="180100002000010000000000fcdbdf2506"], 0x118}], 0x1, 0x0, 0x0, 0x20008001}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r4=>0x0})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000100)={0x0, 0x3d, &(0x7f0000000080)={&(0x7f0000000140)={0x1c, 0x1, 0x4, 0x301, 0x0, 0x0, {0x3}, [@NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40c5}, 0x4)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x3c}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=@newtfilter={0x30, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0xf, 0xfff0}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x24040084)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = dup(r6)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000040)={'syzkaller1\x00'})
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="2e1221b23bb601c477d3df163e75963d86ddf06712e90057118db0049d90491c3248040000dbb8", 0x27}, {&(0x7f0000002480)="b63f4c5d6875b765c3810f2211704a357d14e8", 0x6a}], 0x2)

1.664990404s ago: executing program 2 (id=5607):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x63b7, 0x0)
r0 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\x96\xa7f\x9ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\x15n\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z\t\x00\x00\x00\x00\x00\x00\x00\x9b\x01\xf9t\xbb\x1er\x04\xdb\xd3\xcd\xfd\xbdnC\xec#]\xbf\xa2\xa2H\x86\x86[8\x05\xfe\xdc\x11\x04\xa1u\x81', 0x0)
flistxattr(r0, 0x0, 0x0)

1.664267201s ago: executing program 3 (id=5608):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x14, &(0x7f0000000240)={<r1=>0xffffffffffffffff}, 0x111, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e22, 0xa, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, r1}}, 0x30)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, 0x0, 0x0)

1.520953872s ago: executing program 3 (id=5609):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x14, &(0x7f0000000240)={<r1=>0xffffffffffffffff}, 0x111, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e22, 0xa, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, r1}}, 0x30) (fail_nth: 1)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, 0x0, 0x0)

1.452432896s ago: executing program 3 (id=5610):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000001c0)={0x1000200001ee0000, 0x3})
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0x98f905})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4003, &(0x7f0000000c00)=0xc, 0x6, 0x3)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$kcm(0x2, 0xa, 0x2)
r6 = openat$tun(0xffffff9c, &(0x7f00000000c0), 0x400, 0x0)
r7 = syz_open_dev$dvb_demux(&(0x7f0000001e00), 0x0, 0x2000)
ioctl$DVB_DEMUX_DMX_SET_FILTER(r7, 0x403c6f2b, &(0x7f0000001e40)={0x6, {"2ac78e02ff04856af9fb71f0d3fe13be", "3dfab043e15fad27a639f105b5e9f977", "47eb0b1889b90f105d66b3e5a7c94742"}, 0x4, 0x4})
r8 = syz_open_dev$dvb_demux(&(0x7f0000001e00), 0x0, 0x2000)
ioctl$DVB_DEMUX_DMX_SET_FILTER(r8, 0x403c6f2b, &(0x7f0000001e40)={0x6, {"2ac78e02ff04856af9fb71f0d3fe13be", "3dfab043e15fad27a639f105b5e9f977", "47eb0b7c4fb9191024da8887f94ba4fb"}, 0x4, 0x5})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'bridge0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}})
write$tun(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1c00000e01000b00000014"], 0x36)
ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000000080)=<r9=>0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000340)={{{@in=@multicast2, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in=@loopback}, 0x0, @in6=@mcast2}}, &(0x7f0000000440)=0xe4)
ioctl$DRM_IOCTL_GET_CLIENT(r3, 0xc0186405, &(0x7f0000000480)={0x8000, 0x9, {r9}, {r10}, 0x5, 0x80})

1.145166223s ago: executing program 1 (id=5611):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)}, 0x0)
ioctl$TIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f00000001c0))
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x3af4701e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r2, 0x0)
stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
quotactl_fd$Q_QUOTAON(r2, 0xffffffff80000200, r3, &(0x7f0000000180)='./file0\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_GET_REQUEST_TABLE(r4, 0x2284, &(0x7f0000000040))
ioctl$FS_IOC_RESVSP(r1, 0x4030582b, &(0x7f0000000c00)={0x0, 0x1, 0x4, 0x40000000000000, 0x0, 0xf0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SPLIT(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x44, r6, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x10000003}}, {0x8, 0x9, 0x1}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40080b1}, 0x8000)
r7 = epoll_create(0x4)
r8 = socket(0x28, 0x801, 0x0)
connect$vsock_stream(r8, &(0x7f0000000880)={0x28, 0x0, 0x0, @local}, 0x10)
shutdown(r8, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r8, &(0x7f0000000280)={0x30000010})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
fsetxattr$security_capability(r9, &(0x7f0000000880), &(0x7f00000008c0)=@v1={0x1000000, [{0x7f}]}, 0x18, 0x0)
r10 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000bc0)={0x4c, 0x12, 0x301, 0x0, 0x80000000, {0x0, 0x6, 0x0, 0x1e, {0x4e23, 0xfffd, [0x2, 0x2, 0x4, 0xfffffffe], [0x10, 0xfffffffd, 0x10000], 0x0, [0x0, 0x7fff]}, 0x7}}, 0x4c}, 0x1, 0x0, 0x0, 0x20044190}, 0x40000)

1.091087738s ago: executing program 2 (id=5612):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = socket(0x10, 0x803, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xd)
readv(r3, &(0x7f0000000200)=[{&(0x7f0000000080)=""/1, 0x1}], 0x1)
r4 = landlock_create_ruleset(&(0x7f00000002c0)={0x2000, 0x1, 0x3}, 0x18, 0x0)
io_setup(0x142e, 0x0)
landlock_restrict_self(r4, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000340)=<r5=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r5, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r6 = syz_clone(0x200, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
wait4(r6, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r2, 0x0, 0x0)
io_uring_setup(0x3e21, &(0x7f00000000c0)={0x0, 0xfca0, 0x0, 0x2000003, 0x22e})
ioctl$TIOCGSERIAL(r3, 0x541e, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=""/224})

1.026050692s ago: executing program 3 (id=5613):
socket$nl_rdma(0x10, 0x3, 0x14)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000680), 0xffffffffffffffff)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r4)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@newlink={0x38, 0x10, 0x437, 0x800000, 0x0, {0x0, 0x0, 0x0, r5, 0x504c3}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2000c014}, 0x0)
sendmsg$inet(r3, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e22, @multicast1}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000180)}], 0x1, &(0x7f0000000500)=[@ip_pktinfo={{0x18, 0x0, 0x8, {r5, @local, @remote}}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x1}}], 0x28}, 0x40400a0)
getsockopt$sock_int(r2, 0x1, 0x2a, 0x0, 0x0)
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@volatile={0x2, 0x0, 0x0, 0x9, 0x4}]}, {0x0, [0x0, 0x0, 0x2e]}}, 0x0, 0x29, 0x0, 0x1, 0x6}, 0x28)

853.099366ms ago: executing program 1 (id=5614):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x1f, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x80}, [@call={0x85, 0x0, 0x0, 0x93}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffff}, 0x94)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1f, 0x11, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000630500000000000081000000850000006d000000b7080000000000007baaf8ff00000000b5080000020000047b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b30000009500000000000000e7238569c4c1f68f56b9c2ddf51258e4c09f4cebfccd79a12323703e45d76f9ee8da875701ca883f91ee395b1d9361a3bc9367fa939eebd7945b699e003e0e0b344f00df4fbd983495d78e82ed3337e829a50f563ffb4d73f209dd7c00a1d6a12ab1fdeae0839e7b52b3b5948f414c540b0829b6a92d34a01b2d8179e2d32440b8cb5be4144768976863a98de80ce6ced157ad950916add1333df11aee1195ec399c0d39da0c16e3d65e277b569d9ce7ba0ee723dd392e8ecd66840c472f32"], &(0x7f0000000ac0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x18, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600ebfb}, 0x94)
socket(0x2, 0x2, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61123000000000006113340000000000bf20000000000000150002000ee600f03d030100000000008701000000000000bc26000000000000bf67000000000000560300000ee600f0670200001f000000160300000ee600f0bf050000000000000f610000000000006507f4ff02000400070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586e3f640f9f7e9a73b761ad4f0952a70046270d2b6436fdeecd791614ed46de741eb8cf91c046ef9beca574b350021c7ec6ef130f53748068ca432dae4e248b22b9ad8b2811f67916a1764578cba4b069037bfb3362d5691ac397f7e207145d970f0d97867552629b146645c785fb77dbeca38e49a9d5221f1f45f0a25890d04d91a15a05ae7e7ed6252c3d6c1973fb858de1da70d67317e7872b0603ce47ed2c1520e71b527bb42aa2e20e1e85df73736ed0a782ab7e7278dd54358cfdf6313d40f926332623625b49626481054787ab2dff85a9bebd6b317f26c691a65aa97bb3d1506a3a565e9c7ea5ad4611d2d77ee8a5c1b23814a26b6a20061fbb65bdd03770fa849f2a29ba69f90625f42592a70ba890f7a92878ae73574c3a233ee5954119931a1905210715fa77a8795f2fbec3797cb90f59fe8a4abec25f40c87bf25b750bbaa"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x4}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r5, &(0x7f0000000040)=0x1c8, 0x12)
dup(0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r6 = getpid()
r7 = syz_pidfd_open(r6, 0x0)
setns(r7, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x3)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc)
time(&(0x7f0000000040))

777.184904ms ago: executing program 4 (id=5615):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="01002bbd7000fedbdf25070000000a0004007770616e3000000008000100010000000800050000000000080003"], 0x40}}, 0x8084)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="180100002000010000000000fcdbdf2506"], 0x118}], 0x1, 0x0, 0x0, 0x20008001}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r4=>0x0})
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, 0x1, 0x4, 0x401, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x3d, &(0x7f0000000080)={&(0x7f0000000140)={0x1c, 0x1, 0x4, 0x301, 0x0, 0x0, {0x3}, [@NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40c5}, 0x4)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x3c}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=@newtfilter={0x30, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0xf, 0xfff0}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x24040084)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'syzkaller1\x00'})
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="2e1221b23bb601c477d3df163e75963d86ddf06712e90057118db0049d90491c3248040000dbb8", 0x27}, {&(0x7f0000002480)="b63f4c5d6875b765c3810f2211704a357d14e8", 0x6a}], 0x2)

569.885047ms ago: executing program 4 (id=5616):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = socket(0x10, 0x803, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xd)
readv(r3, &(0x7f0000000200)=[{&(0x7f0000000080)=""/1, 0x1}], 0x1)
r4 = landlock_create_ruleset(&(0x7f00000002c0)={0x2000, 0x1, 0x3}, 0x18, 0x0)
io_setup(0x142e, 0x0)
landlock_restrict_self(r4, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000340)=<r5=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r5, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r6 = syz_clone(0x200, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
wait4(r6, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r2, 0x0, 0x0)
io_uring_setup(0x3e21, &(0x7f00000000c0)={0x0, 0xfca0, 0x0, 0x2000003, 0x22e})

228.815855ms ago: executing program 2 (id=5617):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x20008881, 0x0, 0x0)
ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000040), 0xffffffff80000001, 0x1680a2)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x800, 0x2c)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000080)={r4, 0x0, {0x0, 0x0, 0x0, 0x4, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf900000080149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d665f985881a350000ddffffff00", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "715237601a8ca5b07dce141802c4dacf162e43ac6126c370ec00000000a04100", [0xffffffff7ffffce8, 0xa]}})
ioctl$LOOP_CHANGE_FD(r3, 0x4c06, r4)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8953, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x44c0c0, 0x0)
prlimit64(0xffffffffffffffff, 0xe, &(0x7f0000000140)={0x10000, 0x28b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000340)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x3, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000240), 0x7ffffffd, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socket$inet_smc(0x2b, 0x1, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi4\x00', 0x80, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
getsockopt$bt_BT_POWER(r6, 0x12, 0x4, 0x0, &(0x7f0000000040)=0xfffffffffffffd81)
r7 = io_uring_setup(0x115a, &(0x7f0000000440)={0x0, 0x3d0, 0x8000, 0x6, 0x117})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r7, 0xb, &(0x7f0000000000), 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r7, 0x18, &(0x7f0000000080)={0x80000001, r7, 0xd, {0xfffffffffffffffc, 0x5}, 0x4}, 0x1)
setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f0000000380)="170000000200010000ffbe8c5ee17688a20033000301fcff000002a257fc5ad90200bb6a880000d6c8db000000df018002000000fc0607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf93150334769e106e7db76849d3c98bf79ac2dfc060115003901000000000000ea000000000000000062068f5ee50ce5d4af9477170d283f02ff030000ba000840024f0298e9e90539062a80e605007f71174aa961f3c63e5a1b47b63a6323ded223", 0xb8)

0s ago: executing program 3 (id=5618):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000030000000200000003"], 0x50)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000140)={'sit0\x00', &(0x7f0000000fc0)={'sit0\x00', 0x0, 0x10, 0x10, 0x6, 0x89, {{0x33, 0x4, 0x2, 0x2d, 0xcc, 0x67, 0x0, 0x5, 0x0, 0x0, @local, @empty, {[@cipso={0x86, 0x19, 0x2, [{0x0, 0x3, 'q'}, {0x7, 0x10, "f78fab81b47fec4a7e0f5d682893"}]}, @rr={0x7, 0x23, 0x61, [@local, @empty, @rand_addr=0x64010101, @local, @broadcast, @broadcast, @multicast2, @private=0xa010102]}, @cipso={0x86, 0x41, 0xffffffffffffffff, [{0x7, 0x8, "09efa438b2b5"}, {0x1, 0x6, "b2567048"}, {0x1, 0x4, "1a73"}, {0x7, 0xe, "1549e63b6ad0791a71b6f237"}, {0x0, 0xe, "00533e66c3f0a05d11a1a7a3"}, {0x6, 0xd, "91df00ac04219df9a406c4"}]}, @rr={0x7, 0xb, 0x69, [@initdev={0xac, 0x1e, 0x1, 0x0}, @empty]}, @end, @generic={0x89, 0x10, "1b6ada7e95ee2b9b313caff905d9"}, @rr={0x7, 0xf, 0x53, [@multicast1, @local, @private=0xa010102]}, @cipso={0x86, 0xb, 0xffffffffffffffff, [{0x3, 0x5, "e1e5be"}]}, @timestamp_prespec={0x44, 0x4, 0xb8, 0x3, 0x3}]}}}}})
bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0xc, 0x15, &(0x7f0000000e40)=ANY=[@ANYRESDEC=r0, @ANYBLOB, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000025000000850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000090000017b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x61800, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x42804}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
socket$vsock_stream(0x28, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000001180)=ANY=[@ANYBLOB="3c00000010000304fcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0100626f6e64002300000c00028008000700"/34], 0x3c}, 0x1, 0xba01}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x1000000, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/19, @ANYRES32=r6, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r1)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d3000000000000008001400070010000800130008000300080012"], 0x44}}, 0x0)

kernel console output (not intermixed with test programs):

: 0000000000000006 RCX: 00000000f548d5d0
[ 1465.559459][T25493] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1465.559465][T25493] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1465.559472][T25493] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1465.559478][T25493] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1465.559492][T25493]  </TASK>
[ 1465.751658][T25501] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5250'.
[ 1465.755200][T25495] bond1: Unable to set down delay as MII monitoring is disabled
[ 1465.764868][T25495] bond1 (unregistering): Released all slaves
[ 1465.770356][T25499] FAULT_INJECTION: forcing a failure.
[ 1465.770356][T25499] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1465.911644][T25499] CPU: 0 UID: 0 PID: 25499 Comm: syz.4.5249 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1465.911703][T25499] Tainted: [L]=SOFTLOCKUP
[ 1465.911710][T25499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1465.911721][T25499] Call Trace:
[ 1465.911728][T25499]  <TASK>
[ 1465.911759][T25499]  dump_stack_lvl+0x100/0x190
[ 1465.911787][T25499]  should_fail_ex.cold+0x5/0xa
[ 1465.911810][T25499]  _copy_from_user+0x2e/0xd0
[ 1465.911832][T25499]  io_register_zcrx+0x16d/0x1870
[ 1465.911852][T25499]  ? lock_acquire+0x1b1/0x370
[ 1465.911872][T25499]  ? __pfx_io_register_zcrx+0x10/0x10
[ 1465.911891][T25499]  ? rcu_is_watching+0x12/0xc0
[ 1465.911913][T25499]  ? trace_contention_end+0x122/0x170
[ 1465.911934][T25499]  ? __mutex_lock+0x26d/0x1b10
[ 1465.911965][T25499]  ? __fget_files+0x215/0x3d0
[ 1465.912000][T25499]  __do_sys_io_uring_register+0x11b8/0x1bd0
[ 1465.912050][T25499]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1465.912068][T25499]  ? __pfx___do_sys_io_uring_register+0x10/0x10
[ 1465.912096][T25499]  ? __fget_files+0x21f/0x3d0
[ 1465.912127][T25499]  ? fput+0x79/0x100
[ 1465.912152][T25499]  ? ksys_write+0x1ac/0x250
[ 1465.912173][T25499]  ? rcu_is_watching+0x12/0xc0
[ 1465.912223][T25499]  __do_fast_syscall_32+0xe7/0x950
[ 1465.912242][T25499]  ? lockdep_hardirqs_on+0x78/0x100
[ 1465.912270][T25499]  do_fast_syscall_32+0x32/0x70
[ 1465.912289][T25499]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1465.912312][T25499] RIP: 0023:0xf705ef7c
[ 1465.912326][T25499] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1465.912343][T25499] RSP: 002b:00000000f542c50c EFLAGS: 00000292 ORIG_RAX: 00000000000001ab
[ 1465.912361][T25499] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000020
[ 1465.912372][T25499] RDX: 0000000080000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1465.912382][T25499] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1465.912392][T25499] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1465.912403][T25499] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1465.912427][T25499]  </TASK>
[ 1466.707508][T25507] smbdirect: ib_dev[syz2]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[ 1466.714142][T25507] smbdirect: ib_dev[syz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[ 1466.720026][T25507] smbdirect: ib_dev[syz2]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[ 1466.755200][T25507] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[ 1468.407925][T25526] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5255'.
[ 1468.564940][T25526] bond1: Unable to set down delay as MII monitoring is disabled
[ 1468.695869][T25526] bond1 (unregistering): Released all slaves
[ 1468.871561][T25532] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5257'.
[ 1469.024144][T25532] bond1: Unable to set down delay as MII monitoring is disabled
[ 1469.050778][T25532] bond1 (unregistering): Released all slaves
[ 1469.182067][T25536] syzkaller0: entered promiscuous mode
[ 1469.183908][T25536] syzkaller0: entered allmulticast mode
[ 1469.372008][T25540] FAULT_INJECTION: forcing a failure.
[ 1469.372008][T25540] name failslab, interval 1, probability 0, space 0, times 0
[ 1469.388425][T25540] CPU: 3 UID: 0 PID: 25540 Comm: syz.4.5259 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1469.388457][T25540] Tainted: [L]=SOFTLOCKUP
[ 1469.388463][T25540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1469.388474][T25540] Call Trace:
[ 1469.388481][T25540]  <TASK>
[ 1469.388489][T25540]  dump_stack_lvl+0x100/0x190
[ 1469.388516][T25540]  should_fail_ex.cold+0x5/0xa
[ 1469.388540][T25540]  should_failslab+0xc2/0x120
[ 1469.388562][T25540]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1469.388590][T25540]  ? __alloc_skb+0x140/0x710
[ 1469.388655][T25540]  ? __alloc_skb+0x5b7/0x710
[ 1469.388677][T25540]  __alloc_skb+0x140/0x710
[ 1469.388696][T25540]  ? __alloc_skb+0x5b7/0x710
[ 1469.388713][T25540]  ? __pfx___alloc_skb+0x10/0x10
[ 1469.388738][T25540]  netlink_alloc_large_skb+0x69/0x150
[ 1469.388767][T25540]  netlink_sendmsg+0x680/0xda0
[ 1469.388796][T25540]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1469.388824][T25540]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1469.388877][T25540]  ____sys_sendmsg+0x9e1/0xb70
[ 1469.388934][T25540]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1469.388961][T25540]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1469.388995][T25540]  ___sys_sendmsg+0x190/0x1e0
[ 1469.389040][T25540]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1469.389082][T25540]  ? find_held_lock+0x2b/0x80
[ 1469.389119][T25540]  __sys_sendmsg+0x170/0x220
[ 1469.389141][T25540]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1469.389159][T25540]  ? __fget_files+0x21f/0x3d0
[ 1469.389186][T25540]  ? ksys_write+0x1ac/0x250
[ 1469.389208][T25540]  ? rcu_is_watching+0x12/0xc0
[ 1469.389232][T25540]  __do_fast_syscall_32+0xe7/0x950
[ 1469.389251][T25540]  ? lockdep_hardirqs_on+0x78/0x100
[ 1469.389278][T25540]  do_fast_syscall_32+0x32/0x70
[ 1469.389297][T25540]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1469.389319][T25540] RIP: 0023:0xf705ef7c
[ 1469.389334][T25540] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1469.389351][T25540] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1469.389369][T25540] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001500
[ 1469.389381][T25540] RDX: 0000000020284aa4 RSI: 0000000000000000 RDI: 0000000000000000
[ 1469.389392][T25540] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1469.389401][T25540] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1469.389412][T25540] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1469.389432][T25540]  </TASK>
[ 1470.597113][T25557] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5266'.
[ 1470.754656][T25561] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5267'.
[ 1470.829601][T25561] bond1: Unable to set down delay as MII monitoring is disabled
[ 1470.833506][T25561] bond1 (unregistering): Released all slaves
[ 1471.242152][T25568] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5268'.
[ 1471.878517][T25569] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5268'.
[ 1472.123694][T25572] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1472.129007][T25572] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1472.334663][T25574] Set syz1 is full, maxelem 65536 reached
[ 1473.578380][T25598] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5276'.
[ 1473.623565][T25598] bond1: Unable to set down delay as MII monitoring is disabled
[ 1473.630399][T25598] bond1 (unregistering): Released all slaves
[ 1473.753945][T25602] FAT-fs (nullb0): bogus number of reserved sectors
[ 1473.756232][T25602] FAT-fs (nullb0): Can't find a valid FAT filesystem
[ 1473.761866][T25602] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5277'.
[ 1473.784282][T25604] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5279'.
[ 1473.790316][T25604] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5279'.
[ 1473.846159][T25613] afs: Bad value for 'flock'
[ 1473.853820][T25613] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5281'.
[ 1473.857726][T25613] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5281'.
[ 1473.859629][T25609] FAULT_INJECTION: forcing a failure.
[ 1473.859629][T25609] name failslab, interval 1, probability 0, space 0, times 0
[ 1473.868720][T25609] CPU: 0 UID: 0 PID: 25609 Comm: syz.4.5280 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1473.868748][T25609] Tainted: [L]=SOFTLOCKUP
[ 1473.868754][T25609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1473.868763][T25609] Call Trace:
[ 1473.868791][T25609]  <TASK>
[ 1473.868798][T25609]  dump_stack_lvl+0x100/0x190
[ 1473.868986][T25609]  should_fail_ex.cold+0x5/0xa
[ 1473.869020][T25609]  should_failslab+0xc2/0x120
[ 1473.869065][T25609]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1473.869090][T25609]  ? __alloc_skb+0x140/0x710
[ 1473.869171][T25609]  ? __alloc_skb+0x5b7/0x710
[ 1473.869191][T25609]  __alloc_skb+0x140/0x710
[ 1473.869206][T25609]  ? __alloc_skb+0x5b7/0x710
[ 1473.869221][T25609]  ? __pfx___alloc_skb+0x10/0x10
[ 1473.869238][T25609]  ? __pfx___might_resched+0x10/0x10
[ 1473.869281][T25609]  netlink_alloc_large_skb+0x69/0x150
[ 1473.869307][T25609]  netlink_sendmsg+0x680/0xda0
[ 1473.869335][T25609]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1473.869360][T25609]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1473.869486][T25609]  ____sys_sendmsg+0x9e1/0xb70
[ 1473.869542][T25609]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1473.869565][T25609]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1473.869594][T25609]  ___sys_sendmsg+0x190/0x1e0
[ 1473.869617][T25609]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1473.869650][T25609]  ? find_held_lock+0x2b/0x80
[ 1473.869684][T25609]  __sys_sendmsg+0x170/0x220
[ 1473.869703][T25609]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1473.869720][T25609]  ? __fget_files+0x21f/0x3d0
[ 1473.869743][T25609]  ? ksys_write+0x1ac/0x250
[ 1473.869762][T25609]  ? rcu_is_watching+0x12/0xc0
[ 1473.869783][T25609]  __do_fast_syscall_32+0xe7/0x950
[ 1473.869978][T25609]  ? lockdep_hardirqs_on+0x78/0x100
[ 1473.870002][T25609]  do_fast_syscall_32+0x32/0x70
[ 1473.870018][T25609]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1473.870038][T25609] RIP: 0023:0xf705ef7c
[ 1473.870057][T25609] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1473.870072][T25609] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1473.870085][T25609] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800012c0
[ 1473.870095][T25609] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000
[ 1473.870104][T25609] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1473.870113][T25609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1473.870121][T25609] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1473.870142][T25609]  </TASK>
[ 1474.060967][T25618] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5282'.
[ 1474.069170][T25618] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5282'.
[ 1474.078498][T25618] netlink: 'syz.4.5282': attribute type 13 has an invalid length.
[ 1474.100468][T25618] netlink: 'syz.4.5282': attribute type 14 has an invalid length.
[ 1474.116199][T25616] FAULT_INJECTION: forcing a failure.
[ 1474.116199][T25616] name failslab, interval 1, probability 0, space 0, times 0
[ 1474.121886][T25616] CPU: 0 UID: 0 PID: 25616 Comm: syz.2.5278 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1474.121918][T25616] Tainted: [L]=SOFTLOCKUP
[ 1474.121925][T25616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1474.121936][T25616] Call Trace:
[ 1474.121943][T25616]  <TASK>
[ 1474.121951][T25616]  dump_stack_lvl+0x100/0x190
[ 1474.121978][T25616]  should_fail_ex.cold+0x5/0xa
[ 1474.122002][T25616]  ? tomoyo_encode2+0xfb/0x3c0
[ 1474.122026][T25616]  should_failslab+0xc2/0x120
[ 1474.122048][T25616]  __kmalloc_noprof+0xe0/0x850
[ 1474.122071][T25616]  tomoyo_encode2+0xfb/0x3c0
[ 1474.122098][T25616]  tomoyo_encode+0x29/0x50
[ 1474.122120][T25616]  tomoyo_realpath_from_path+0x18c/0x690
[ 1474.122149][T25616]  tomoyo_path_number_perm+0x23c/0x580
[ 1474.122169][T25616]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1474.122190][T25616]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1474.122213][T25616]  ? get_pid_task+0x106/0x250
[ 1474.122261][T25616]  ? find_held_lock+0x2b/0x80
[ 1474.122285][T25616]  ? __fget_files+0x215/0x3d0
[ 1474.122305][T25616]  ? hook_file_ioctl_common+0x149/0x410
[ 1474.122326][T25616]  ? __fget_files+0x215/0x3d0
[ 1474.122351][T25616]  ? __fget_files+0x21f/0x3d0
[ 1474.122377][T25616]  security_file_ioctl_compat+0xd3/0x230
[ 1474.122426][T25616]  __ia32_compat_sys_ioctl+0xc2/0x360
[ 1474.122448][T25616]  __do_fast_syscall_32+0xe7/0x950
[ 1474.122467][T25616]  ? lockdep_hardirqs_on+0x78/0x100
[ 1474.122498][T25616]  do_fast_syscall_32+0x32/0x70
[ 1474.122517][T25616]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1474.122565][T25616] RIP: 0023:0xf702ef7c
[ 1474.122580][T25616] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1474.122598][T25616] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[ 1474.122616][T25616] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[ 1474.122628][T25616] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1474.122639][T25616] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1474.122650][T25616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1474.122662][T25616] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1474.122685][T25616]  </TASK>
[ 1474.122835][T25616] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1474.340715][T10353] Bluetooth: hci2: command 0x041b tx timeout
[ 1474.348644][T10353] Bluetooth: hci4: command 0x040f tx timeout
[ 1474.658258][T25640] bond1: Unable to set down delay as MII monitoring is disabled
[ 1474.752431][T25640] bond1 (unregistering): Released all slaves
[ 1474.983749][T25651] FAULT_INJECTION: forcing a failure.
[ 1474.983749][T25651] name failslab, interval 1, probability 0, space 0, times 0
[ 1474.991932][T25651] CPU: 3 UID: 0 PID: 25651 Comm: syz.2.5292 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1474.991952][T25651] Tainted: [L]=SOFTLOCKUP
[ 1474.991956][T25651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1474.991963][T25651] Call Trace:
[ 1474.991987][T25651]  <TASK>
[ 1474.991992][T25651]  dump_stack_lvl+0x100/0x190
[ 1474.992160][T25651]  should_fail_ex.cold+0x5/0xa
[ 1474.992205][T25651]  ? tomoyo_encode2+0xfb/0x3c0
[ 1474.992292][T25651]  should_failslab+0xc2/0x120
[ 1474.992335][T25651]  __kmalloc_noprof+0xe0/0x850
[ 1474.992360][T25651]  tomoyo_encode2+0xfb/0x3c0
[ 1474.992387][T25651]  tomoyo_encode+0x29/0x50
[ 1474.992408][T25651]  tomoyo_realpath_from_path+0x18c/0x690
[ 1474.992440][T25651]  tomoyo_path_number_perm+0x23c/0x580
[ 1474.992462][T25651]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1474.992483][T25651]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1474.992505][T25651]  ? get_pid_task+0x106/0x250
[ 1474.992597][T25651]  ? find_held_lock+0x2b/0x80
[ 1474.992621][T25651]  ? __fget_files+0x215/0x3d0
[ 1474.992643][T25651]  ? hook_file_ioctl_common+0x149/0x410
[ 1474.992665][T25651]  ? __fget_files+0x215/0x3d0
[ 1474.992686][T25651]  ? __fget_files+0x21f/0x3d0
[ 1474.992711][T25651]  security_file_ioctl_compat+0xd3/0x230
[ 1474.992751][T25651]  __ia32_compat_sys_ioctl+0xc2/0x360
[ 1474.992773][T25651]  __do_fast_syscall_32+0xe7/0x950
[ 1474.993048][T25651]  ? lockdep_hardirqs_on+0x78/0x100
[ 1474.993079][T25651]  do_fast_syscall_32+0x32/0x70
[ 1474.993098][T25651]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1474.993123][T25651] RIP: 0023:0xf702ef7c
[ 1474.993137][T25651] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1474.993156][T25651] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[ 1474.993173][T25651] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000ae80
[ 1474.993185][T25651] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1474.993196][T25651] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1474.993205][T25651] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1474.993217][T25651] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1474.993239][T25651]  </TASK>
[ 1474.993289][T25651] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1475.261129][T25649] syz.4.5290: page allocation failure: order:0, mode:0x340cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_THISNODE), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1475.265631][T25649] CPU: 3 UID: 0 PID: 25649 Comm: syz.4.5290 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1475.265651][T25649] Tainted: [L]=SOFTLOCKUP
[ 1475.265655][T25649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1475.265662][T25649] Call Trace:
[ 1475.265668][T25649]  <TASK>
[ 1475.265673][T25649]  dump_stack_lvl+0x100/0x190
[ 1475.265690][T25649]  warn_alloc.cold+0x95/0x1c1
[ 1475.265703][T25649]  ? __pfx_warn_alloc+0x10/0x10
[ 1475.265721][T25649]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[ 1475.265736][T25649]  ? _mutex_trylock_nest_lock+0x170/0x310
[ 1475.265753][T25649]  __alloc_frozen_pages_noprof+0xf25/0x2bc0
[ 1475.265778][T25649]  ? lock_acquire+0x1b1/0x370
[ 1475.265789][T25649]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1475.265808][T25649]  ? find_held_lock+0x2b/0x80
[ 1475.265822][T25649]  ? __free_frozen_pages+0x594/0x1040
[ 1475.265838][T25649]  ? __free_frozen_pages+0x594/0x1040
[ 1475.265858][T25649]  ? __pfx_alloc_migration_target+0x10/0x10
[ 1475.265879][T25649]  __folio_alloc_noprof+0x13/0x260
[ 1475.265898][T25649]  alloc_migration_target+0x1d7/0x6d0
[ 1475.265913][T25649]  migrate_pages_batch+0x5dc/0x45c0
[ 1475.265937][T25649]  ? __pfx_alloc_migration_target+0x10/0x10
[ 1475.265954][T25649]  ? migrate_pages_sync+0x12c/0x880
[ 1475.265969][T25649]  ? migrate_pages_sync+0x588/0x880
[ 1475.265984][T25649]  ? __pfx_migrate_pages_batch+0x10/0x10
[ 1475.266002][T25649]  ? __pfx_migrate_pages_sync+0x10/0x10
[ 1475.266020][T25649]  ? __lock_acquire+0x4a5/0x2630
[ 1475.266030][T25649]  ? css_rstat_updated+0x1ce/0x5a0
[ 1475.266050][T25649]  migrate_pages+0x1975/0x2880
[ 1475.266067][T25649]  ? __pfx_alloc_migration_target+0x10/0x10
[ 1475.266085][T25649]  ? __pfx_migrate_pages+0x10/0x10
[ 1475.266102][T25649]  ? __lock_acquire+0x4a5/0x2630
[ 1475.266114][T25649]  ? mtree_load+0x32d/0xa90
[ 1475.266128][T25649]  move_pages_and_store_status+0xf1/0x230
[ 1475.266145][T25649]  ? __pfx_move_pages_and_store_status+0x10/0x10
[ 1475.266167][T25649]  kernel_move_pages+0xc47/0x13f0
[ 1475.266187][T25649]  ? __pfx_kernel_move_pages+0x10/0x10
[ 1475.266201][T25649]  ? ktime_get_ts64+0x318/0x420
[ 1475.266218][T25649]  ? ktime_get_ts64+0x257/0x420
[ 1475.266238][T25649]  ? xfd_validate_state+0x129/0x190
[ 1475.266255][T25649]  __ia32_sys_move_pages+0xdd/0x1b0
[ 1475.266270][T25649]  ? __do_fast_syscall_32+0x98/0x950
[ 1475.266284][T25649]  ? lockdep_hardirqs_on+0x78/0x100
[ 1475.266302][T25649]  __do_fast_syscall_32+0xe7/0x950
[ 1475.266315][T25649]  do_fast_syscall_32+0x32/0x70
[ 1475.266327][T25649]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1475.266341][T25649] RIP: 0023:0xf705ef7c
[ 1475.266351][T25649] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1475.266362][T25649] RSP: 002b:00000000f542c50c EFLAGS: 00000292 ORIG_RAX: 000000000000013d
[ 1475.266372][T25649] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000002064
[ 1475.266379][T25649] RDX: 0000000080000040 RSI: 0000000080001180 RDI: 0000000080000000
[ 1475.266386][T25649] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1475.266393][T25649] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1475.266399][T25649] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1475.266412][T25649]  </TASK>
[ 1475.266417][T25649] Mem-Info:
[ 1475.375330][T25649] active_anon:1910 inactive_anon:582 isolated_anon:12
[ 1475.375330][T25649]  active_file:8218 inactive_file:9504 isolated_file:0
[ 1475.375330][T25649]  unevictable:1768 dirty:7 writeback:0
[ 1475.375330][T25649]  slab_reclaimable:7097 slab_unreclaimable:65908
[ 1475.375330][T25649]  mapped:23685 shmem:1795 pagetables:1347
[ 1475.375330][T25649]  sec_pagetables:318 bounce:0
[ 1475.375330][T25649]  kernel_misc_reclaimable:0
[ 1475.375330][T25649]  free:76293 free_pcp:547 free_cma:0
[ 1475.390673][T25649] Node 0 active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:128kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:28kB dirty:4kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7584kB pagetables:1200kB sec_pagetables:1112kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[ 1475.402153][T25649] Node 1 active_anon:7636kB inactive_anon:2328kB active_file:32936kB inactive_file:37888kB unevictable:3536kB isolated(anon):48kB isolated(file):0kB mapped:94712kB dirty:24kB writeback:0kB shmem:3640kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6216kB pagetables:4188kB sec_pagetables:160kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[ 1475.412966][T25649] Node 0 DMA free:3904kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:144kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1475.424293][T25649] lowmem_reserve[]: 0 285 285 285 285
[ 1475.426385][T25649] Node 0 DMA32 free:40420kB boost:29448kB min:42536kB low:45808kB high:49080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:12kB inactive_file:0kB unevictable:3536kB writepending:4kB zspages:388kB present:1032196kB managed:292508kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1475.439206][T25649] lowmem_reserve[]: 0 0 0 0 0
[ 1475.441585][T25649] Node 1 DMA32 free:260848kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:7636kB inactive_anon:2328kB active_file:32936kB inactive_file:37888kB unevictable:3536kB writepending:24kB zspages:5012kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:2164kB local_pcp:440kB free_cma:0kB
[ 1475.454775][T25649] lowmem_reserve[]: 0 0 0 0 0
[ 1475.459251][T25649] Node 0 DMA: 104*4kB (U) 50*8kB (U) 35*16kB (U) 29*32kB (U) 7*64kB (U) 3*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 3904kB
[ 1475.467837][T25649] Node 0 DMA32: 1220*4kB (UME) 527*8kB (UME) 216*16kB (UME) 355*32kB (UME) 68*64kB (UME) 19*128kB (UME) 6*256kB (UME) 6*512kB (ME) 1*1024kB (M) 2*2048kB (M) 0*4096kB = 40424kB
[ 1475.482486][T25649] Node 1 DMA32: 4543*4kB (UME) 4961*8kB (UME) 4103*16kB (UME) 355*32kB (UME) 113*64kB (UME) 167*128kB (UM) 87*256kB (UME) 24*512kB (UME) 11*1024kB (UME) 15*2048kB (UM) 5*4096kB (M) = 260500kB
[ 1475.490488][T25649] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1475.494336][T25649] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1475.498702][T25649] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1475.507942][T25649] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1475.511625][T25649] 20345 total pagecache pages
[ 1475.513536][T25649] 813 pages in swap cache
[ 1475.515214][T25649] Free swap  = 101404kB
[ 1475.516856][T25649] Total swap = 124996kB
[ 1475.525849][T25649] 524155 pages RAM
[ 1475.527361][T25649] 0 pages HighMem/MovableOnly
[ 1475.532748][T25649] 210135 pages reserved
[ 1475.534563][T25649] 0 pages cma reserved
[ 1476.457729][T25681] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[ 1476.460543][T25681] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1476.469367][T25681] vhci_hcd vhci_hcd.0: Device attached
[ 1476.720723][ T5817] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[ 1477.739626][T25682] vhci_hcd: connection reset by peer
[ 1477.746839][T10625] vhci_hcd vhci_hcd.3: stop threads
[ 1477.749780][T10625] vhci_hcd vhci_hcd.3: release socket
[ 1477.759481][T10625] vhci_hcd vhci_hcd.3: disconnect device
[ 1478.119942][T25695] __nla_validate_parse: 8 callbacks suppressed
[ 1478.119980][T25695] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5302'.
[ 1478.139977][ T9217] usb 6-1: new high-speed USB device number 61 using dummy_hcd
[ 1478.164970][T25695] bond1: Unable to set down delay as MII monitoring is disabled
[ 1478.174307][T25695] bond1 (unregistering): Released all slaves
[ 1478.323860][ T9217] usb 6-1: Using ep0 maxpacket: 32
[ 1478.333626][ T9217] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1478.361222][ T9217] usb 6-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f
[ 1478.365555][ T9217] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1478.370775][ T9217] usb 6-1: Product: syz
[ 1478.372769][ T9217] usb 6-1: Manufacturer: syz
[ 1478.374836][ T9217] usb 6-1: SerialNumber: syz
[ 1478.401241][ T9217] usb 6-1: config 0 descriptor??
[ 1479.357628][T25704] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1479.361808][T25704] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1479.854948][   T34] usb 6-1: USB disconnect, device number 61
[ 1480.086078][T25719] netlink: 'syz.3.5309': attribute type 30 has an invalid length.
[ 1481.277982][T25735] netlink: 'syz.1.5313': attribute type 4 has an invalid length.
[ 1481.281614][T25735] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5313'.
[ 1481.530080][T10353] Bluetooth: hci2: command 0x041b tx timeout
[ 1481.530133][T18751] Bluetooth: hci4: command 0x040f tx timeout
[ 1481.609885][   T40] audit: type=1326 audit(1779901954.511:1681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25736 comm="syz.4.5314" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705ef7c code=0x0
[ 1481.659015][T25747] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5317'.
[ 1481.791922][T25750] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5319'.
[ 1481.916347][T25752] netlink: 'syz.1.5319': attribute type 1 has an invalid length.
[ 1482.320972][ T5817] vhci_hcd vhci_hcd.3: vhci_device speed not set
[ 1482.392813][T25767] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5323'.
[ 1482.518562][T25772] netlink: 'syz.4.5323': attribute type 1 has an invalid length.
[ 1483.068724][T25760] Set syz1 is full, maxelem 65536 reached
[ 1483.284423][T25794] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5328'.
[ 1483.375617][T25794] bond1: Unable to set down delay as MII monitoring is disabled
[ 1483.383881][T25794] bond1 (unregistering): Released all slaves
[ 1483.384725][T25802] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5331'.
[ 1483.468624][T25803] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5331'.
[ 1483.866743][T25806] FAULT_INJECTION: forcing a failure.
[ 1483.866743][T25806] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1483.871489][T25806] CPU: 3 UID: 0 PID: 25806 Comm: syz.2.5332 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1483.871508][T25806] Tainted: [L]=SOFTLOCKUP
[ 1483.871512][T25806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1483.871519][T25806] Call Trace:
[ 1483.871546][T25806]  <TASK>
[ 1483.871551][T25806]  dump_stack_lvl+0x100/0x190
[ 1483.871690][T25806]  should_fail_ex.cold+0x5/0xa
[ 1483.871722][T25806]  strncpy_from_user+0x3b/0x2d0
[ 1483.871792][T25806]  do_getname+0x78/0x390
[ 1483.871829][T25806]  __ia32_compat_sys_execveat+0xc4/0x130
[ 1483.871846][T25806]  __do_fast_syscall_32+0xe7/0x950
[ 1483.872033][T25806]  ? lockdep_hardirqs_on+0x78/0x100
[ 1483.872052][T25806]  do_fast_syscall_32+0x32/0x70
[ 1483.872080][T25806]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1483.872095][T25806] RIP: 0023:0xf702ef7c
[ 1483.872105][T25806] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1483.872117][T25806] RSP: 002b:00000000f53fc50c EFLAGS: 00000292 ORIG_RAX: 0000000000000166
[ 1483.872129][T25806] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080001400
[ 1483.872136][T25806] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1483.872142][T25806] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1483.872149][T25806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1483.872156][T25806] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1483.872169][T25806]  </TASK>
[ 1484.352963][ T9217] usb 6-1: new high-speed USB device number 62 using dummy_hcd
[ 1484.368844][T25823] tmpfs: Unknown parameter 'usc‡uota_block_hardlimit'
[ 1484.519695][ T9217] usb 6-1: Using ep0 maxpacket: 32
[ 1484.525694][ T9217] usb 6-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f
[ 1484.529663][ T9217] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1484.531808][T25819] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1484.533384][ T9217] usb 6-1: Product: syz
[ 1484.535398][T25819] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1484.537683][ T9217] usb 6-1: Manufacturer: syz
[ 1484.542597][ T9217] usb 6-1: SerialNumber: syz
[ 1484.553316][ T9217] usb 6-1: config 0 descriptor??
[ 1484.569430][ T9217] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state.
[ 1484.586685][ T9217] dvb-usb: bulk message failed: -22 (4/0)
[ 1484.592443][ T9217] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1484.603794][ T9217] dvb-usb: bulk message failed: -22 (5/0)
[ 1484.608785][ T9217] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1484.639852][ T9217] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1484.646165][ T9217] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0)
[ 1484.650155][ T9217] usb 6-1: media controller created
[ 1484.662666][ T9217] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1484.663180][T25840] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.5342'.
[ 1484.674020][ T9217] usb 6-1: selecting invalid altsetting 3
[ 1484.677863][ T9217] ttusb2: set interface to alts=3 failed
[ 1484.700558][ T9217] DVB: Unable to find symbol tda10086_attach()
[ 1484.700576][ T9217] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0'
[ 1484.701280][ T9217] dvb-usb: bulk message failed: -22 (4/0)
[ 1484.709457][ T9217] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1484.709552][ T9217] dvb-usb: bulk message failed: -22 (5/0)
[ 1484.709563][ T9217] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1484.709608][ T9217] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected.
[ 1484.787191][T25810] ttusb2: more than 2 i2c messages at a time is not handled yet. TODO.
[ 1484.789915][T25810] dvb-usb: bulk message failed: -22 (7/0)
[ 1484.793065][T25810] ttusb2: there might have been an error during control message transfer. (rlen = 3, was 0)
[ 1484.796281][T25810] ttusb2: i2c transfer failed.
[ 1484.800727][ T9217] usb 6-1: USB disconnect, device number 62
[ 1484.861951][ T9217] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected.
[ 1484.936901][T25848] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1485.188100][T25856] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5346'.
[ 1485.262420][T25858] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5346'.
[ 1486.731083][T10353] Bluetooth: hci4: command 0x040f tx timeout
[ 1486.735645][T18751] Bluetooth: hci2: command 0x041b tx timeout
[ 1487.146766][T25871] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1487.148350][T25874] netlink: 'syz.3.5351': attribute type 4 has an invalid length.
[ 1487.154326][T25871] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1487.155609][T25874] netlink: 224 bytes leftover after parsing attributes in process `syz.3.5351'.
[ 1487.259878][T25877] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.5353'.
[ 1487.389468][T25883] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5354'.
[ 1487.392846][T25881] FAULT_INJECTION: forcing a failure.
[ 1487.392846][T25881] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1487.468817][T25881] CPU: 2 UID: 0 PID: 25881 Comm: syz.3.5352 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1487.468851][T25881] Tainted: [L]=SOFTLOCKUP
[ 1487.468856][T25881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1487.468864][T25881] Call Trace:
[ 1487.468892][T25881]  <TASK>
[ 1487.468898][T25881]  dump_stack_lvl+0x100/0x190
[ 1487.469041][T25881]  should_fail_ex.cold+0x5/0xa
[ 1487.469074][T25881]  _copy_to_iter+0x1f3/0x1720
[ 1487.469149][T25881]  ? __pfx_wakeup_count_show+0x10/0x10
[ 1487.469187][T25881]  ? __pfx__copy_to_iter+0x10/0x10
[ 1487.469199][T25881]  ? kernfs_seq_stop+0xcd/0x120
[ 1487.469268][T25881]  ? kernfs_put_active+0x93/0xe0
[ 1487.469285][T25881]  seq_read_iter+0xdab/0x1270
[ 1487.469321][T25881]  kernfs_fop_read_iter+0x46c/0x610
[ 1487.469339][T25881]  ? rw_verify_area+0xce/0x6d0
[ 1487.469352][T25881]  ? __pfx_kernfs_fop_read_iter+0x10/0x10
[ 1487.469369][T25881]  vfs_read+0x825/0xb30
[ 1487.469384][T25881]  ? __pfx_vfs_read+0x10/0x10
[ 1487.469396][T25881]  ? find_held_lock+0x2b/0x80
[ 1487.469420][T25881]  ksys_read+0x12a/0x250
[ 1487.469433][T25881]  ? __pfx_ksys_read+0x10/0x10
[ 1487.469445][T25881]  ? ksys_write+0x1ac/0x250
[ 1487.469459][T25881]  ? rcu_is_watching+0x12/0xc0
[ 1487.469475][T25881]  __do_fast_syscall_32+0xe7/0x950
[ 1487.469651][T25881]  ? lockdep_hardirqs_on+0x78/0x100
[ 1487.469670][T25881]  do_fast_syscall_32+0x32/0x70
[ 1487.469681][T25881]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1487.469696][T25881] RIP: 0023:0xf7f04f7c
[ 1487.469707][T25881] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1487.469718][T25881] RSP: 002b:00000000f53c650c EFLAGS: 00000292 ORIG_RAX: 0000000000000003
[ 1487.469729][T25881] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000340
[ 1487.469736][T25881] RDX: 00000000000000aa RSI: 0000000000000000 RDI: 0000000000000000
[ 1487.469743][T25881] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1487.469749][T25881] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1487.469756][T25881] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1487.469782][T25881]  </TASK>
[ 1487.543532][    C2] hpet: Lost 3 RTC interrupts
[ 1487.643072][T25888] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5357'.
[ 1487.768367][T25891] cgroup: release_agent respecified
[ 1487.794298][T25889] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5357'.
[ 1487.943713][T25897] netlink: 'syz.1.5360': attribute type 4 has an invalid length.
[ 1487.946115][T25897] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5360'.
[ 1487.960604][T25899] FAULT_INJECTION: forcing a failure.
[ 1487.960604][T25899] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1487.972047][T25899] CPU: 3 UID: 0 PID: 25899 Comm: syz.4.5361 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1487.972068][T25899] Tainted: [L]=SOFTLOCKUP
[ 1487.972073][T25899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1487.972081][T25899] Call Trace:
[ 1487.972085][T25899]  <TASK>
[ 1487.972091][T25899]  dump_stack_lvl+0x100/0x190
[ 1487.972109][T25899]  should_fail_ex.cold+0x5/0xa
[ 1487.972125][T25899]  _copy_from_user+0x2e/0xd0
[ 1487.972139][T25899]  get_compat_msghdr+0xb3/0x4b0
[ 1487.972198][T25899]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1487.972224][T25899]  ___sys_sendmsg+0x1b6/0x1e0
[ 1487.972262][T25899]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1487.972287][T25899]  ? find_held_lock+0x2b/0x80
[ 1487.972312][T25899]  __sys_sendmsg+0x170/0x220
[ 1487.972328][T25899]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1487.972341][T25899]  ? __fget_files+0x21f/0x3d0
[ 1487.972359][T25899]  ? ksys_write+0x1ac/0x250
[ 1487.972374][T25899]  ? rcu_is_watching+0x12/0xc0
[ 1487.972391][T25899]  __do_fast_syscall_32+0xe7/0x950
[ 1487.972403][T25899]  ? lockdep_hardirqs_on+0x78/0x100
[ 1487.972422][T25899]  do_fast_syscall_32+0x32/0x70
[ 1487.972434][T25899]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1487.972449][T25899] RIP: 0023:0xf705ef7c
[ 1487.972459][T25899] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1487.972471][T25899] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1487.972483][T25899] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[ 1487.972491][T25899] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1487.972498][T25899] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1487.972505][T25899] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1487.972512][T25899] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1487.972526][T25899]  </TASK>
[ 1488.116036][T25901] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1488.118903][T25901] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1488.132822][T25905] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1488.283737][T25909] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5365'.
[ 1488.941406][T25909] bond1: Unable to set down delay as MII monitoring is disabled
[ 1488.954818][T25909] bond1 (unregistering): Released all slaves
[ 1489.251135][T25915] FAULT_INJECTION: forcing a failure.
[ 1489.251135][T25915] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1489.257998][T25915] CPU: 1 UID: 0 PID: 25915 Comm: syz.2.5367 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1489.258025][T25915] Tainted: [L]=SOFTLOCKUP
[ 1489.258030][T25915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1489.258039][T25915] Call Trace:
[ 1489.258072][T25915]  <TASK>
[ 1489.258078][T25915]  dump_stack_lvl+0x100/0x190
[ 1489.258271][T25915]  should_fail_ex.cold+0x5/0xa
[ 1489.258302][T25915]  _copy_to_user+0x32/0xd0
[ 1489.258380][T25915]  simple_read_from_buffer+0xcb/0x170
[ 1489.258410][T25915]  proc_fail_nth_read+0x1af/0x230
[ 1489.258449][T25915]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1489.258473][T25915]  ? rw_verify_area+0xce/0x6d0
[ 1489.258488][T25915]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1489.258510][T25915]  vfs_read+0x1e4/0xb30
[ 1489.258529][T25915]  ? __pfx_vfs_read+0x10/0x10
[ 1489.258544][T25915]  ? find_held_lock+0x2b/0x80
[ 1489.258591][T25915]  ? __fget_files+0x215/0x3d0
[ 1489.258612][T25915]  ? __fget_files+0x21f/0x3d0
[ 1489.258635][T25915]  ksys_read+0x12a/0x250
[ 1489.258651][T25915]  ? __pfx_ksys_read+0x10/0x10
[ 1489.258667][T25915]  ? rcu_is_watching+0x12/0xc0
[ 1489.258686][T25915]  ? rcu_is_watching+0x12/0xc0
[ 1489.258706][T25915]  do_int80_emulation+0x141/0x700
[ 1489.258946][T25915]  asm_int80_emulation+0x1a/0x20
[ 1489.258961][T25915] RIP: 0023:0xf71661ab
[ 1489.258974][T25915] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1489.258988][T25915] RSP: 002b:00000000f541d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1489.259003][T25915] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f541d5d0
[ 1489.259013][T25915] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1489.259021][T25915] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1489.259029][T25915] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1489.259037][T25915] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1489.259058][T25915]  </TASK>
[ 1489.401127][T25932] netlink: 'syz.2.5370': attribute type 4 has an invalid length.
[ 1489.593774][T25942] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1489.598860][T25942] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1489.988577][T25955] bond1: Unable to set down delay as MII monitoring is disabled
[ 1489.994518][T25955] bond1 (unregistering): Released all slaves
[ 1490.213416][T25959] FAULT_INJECTION: forcing a failure.
[ 1490.213416][T25959] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1490.219587][T25959] CPU: 1 UID: 0 PID: 25959 Comm: syz.4.5378 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1490.219608][T25959] Tainted: [L]=SOFTLOCKUP
[ 1490.219613][T25959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1490.219620][T25959] Call Trace:
[ 1490.219624][T25959]  <TASK>
[ 1490.219630][T25959]  dump_stack_lvl+0x100/0x190
[ 1490.219650][T25959]  should_fail_ex.cold+0x5/0xa
[ 1490.219672][T25959]  _copy_from_iter+0x1f4/0x1690
[ 1490.219700][T25959]  ? __pfx__copy_from_iter+0x10/0x10
[ 1490.219720][T25959]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1490.219747][T25959]  copy_page_from_iter+0x238/0x300
[ 1490.219767][T25959]  tun_build_skb.constprop.0+0x2ea/0x18f0
[ 1490.219875][T25959]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[ 1490.219905][T25959]  ? unwind_get_return_address+0x59/0xa0
[ 1490.219929][T25959]  ? arch_stack_walk+0xa6/0xf0
[ 1490.219955][T25959]  ? __lock_acquire+0x4a5/0x2630
[ 1490.219988][T25959]  tun_get_user+0x16d6/0x3c20
[ 1490.220025][T25959]  ? __pfx_tun_get_user+0x10/0x10
[ 1490.220055][T25959]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1490.220122][T25959]  ? find_held_lock+0x2b/0x80
[ 1490.220146][T25959]  ? tun_get+0x191/0x370
[ 1490.220170][T25959]  ? tun_get+0x191/0x370
[ 1490.220203][T25959]  tun_chr_write_iter+0xdc/0x200
[ 1490.220223][T25959]  vfs_write+0x6ac/0x1070
[ 1490.220246][T25959]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1490.220282][T25959]  ? __pfx_vfs_write+0x10/0x10
[ 1490.220301][T25959]  ? find_held_lock+0x2b/0x80
[ 1490.220339][T25959]  ksys_write+0x12a/0x250
[ 1490.220362][T25959]  ? __pfx_ksys_write+0x10/0x10
[ 1490.220386][T25959]  ? rcu_is_watching+0x12/0xc0
[ 1490.220410][T25959]  do_int80_emulation+0x141/0x700
[ 1490.220434][T25959]  asm_int80_emulation+0x1a/0x20
[ 1490.220452][T25959] RIP: 0023:0xf71961ab
[ 1490.220466][T25959] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1490.220482][T25959] RSP: 002b:00000000f544d44c EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[ 1490.220500][T25959] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 00000000800011c0
[ 1490.220511][T25959] RDX: 000000000000003e RSI: 0000000000000000 RDI: 0000000000000000
[ 1490.220522][T25959] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1490.220531][T25959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1490.220543][T25959] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1490.220569][T25959]  </TASK>
[ 1490.328472][T25961] FAULT_INJECTION: forcing a failure.
[ 1490.328472][T25961] name failslab, interval 1, probability 0, space 0, times 0
[ 1490.332913][T25961] CPU: 1 UID: 0 PID: 25961 Comm: syz.1.5379 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1490.332933][T25961] Tainted: [L]=SOFTLOCKUP
[ 1490.332938][T25961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1490.332945][T25961] Call Trace:
[ 1490.332950][T25961]  <TASK>
[ 1490.332955][T25961]  dump_stack_lvl+0x100/0x190
[ 1490.332973][T25961]  should_fail_ex.cold+0x5/0xa
[ 1490.332987][T25961]  should_failslab+0xc2/0x120
[ 1490.333001][T25961]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1490.333021][T25961]  ? __alloc_skb+0x140/0x710
[ 1490.333058][T25961]  ? __alloc_skb+0x5b7/0x710
[ 1490.333071][T25961]  __alloc_skb+0x140/0x710
[ 1490.333083][T25961]  ? __alloc_skb+0x5b7/0x710
[ 1490.333095][T25961]  ? __pfx___alloc_skb+0x10/0x10
[ 1490.333111][T25961]  netlink_alloc_large_skb+0x69/0x150
[ 1490.333130][T25961]  netlink_sendmsg+0x680/0xda0
[ 1490.333150][T25961]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1490.333193][T25961]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1490.333237][T25961]  ____sys_sendmsg+0x9e1/0xb70
[ 1490.333270][T25961]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1490.333288][T25961]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1490.333312][T25961]  ___sys_sendmsg+0x190/0x1e0
[ 1490.333331][T25961]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1490.333355][T25961]  ? find_held_lock+0x2b/0x80
[ 1490.333379][T25961]  __sys_sendmsg+0x170/0x220
[ 1490.333393][T25961]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1490.333406][T25961]  ? __fget_files+0x21f/0x3d0
[ 1490.333423][T25961]  ? ksys_write+0x1ac/0x250
[ 1490.333437][T25961]  ? rcu_is_watching+0x12/0xc0
[ 1490.333453][T25961]  __do_fast_syscall_32+0xe7/0x950
[ 1490.333464][T25961]  ? lockdep_hardirqs_on+0x78/0x100
[ 1490.333483][T25961]  do_fast_syscall_32+0x32/0x70
[ 1490.333494][T25961]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1490.333510][T25961] RIP: 0023:0xf709ef7c
[ 1490.333520][T25961] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1490.333531][T25961] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1490.333543][T25961] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[ 1490.333550][T25961] RDX: 0000000020008004 RSI: 0000000000000000 RDI: 0000000000000000
[ 1490.333557][T25961] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1490.333563][T25961] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1490.333570][T25961] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1490.333583][T25961]  </TASK>
[ 1490.639298][T25972] A link change request failed with some changes committed already. Interface syzkaller0 may have been left with an inconsistent configuration, please check.
[ 1491.083965][T25982] netlink: 'syz.2.5384': attribute type 12 has an invalid length.
[ 1491.091274][T25982] FAULT_INJECTION: forcing a failure.
[ 1491.091274][T25982] name failslab, interval 1, probability 0, space 0, times 0
[ 1491.096394][T25982] CPU: 1 UID: 0 PID: 25982 Comm: syz.2.5384 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1491.096436][T25982] Tainted: [L]=SOFTLOCKUP
[ 1491.096443][T25982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1491.096453][T25982] Call Trace:
[ 1491.096481][T25982]  <TASK>
[ 1491.096488][T25982]  dump_stack_lvl+0x100/0x190
[ 1491.096653][T25982]  should_fail_ex.cold+0x5/0xa
[ 1491.096693][T25982]  ? tomoyo_encode2+0xfb/0x3c0
[ 1491.096790][T25982]  should_failslab+0xc2/0x120
[ 1491.096829][T25982]  __kmalloc_noprof+0xe0/0x850
[ 1491.096849][T25982]  tomoyo_encode2+0xfb/0x3c0
[ 1491.096875][T25982]  tomoyo_encode+0x29/0x50
[ 1491.096896][T25982]  tomoyo_realpath_from_path+0x18c/0x690
[ 1491.096924][T25982]  tomoyo_path_number_perm+0x23c/0x580
[ 1491.096945][T25982]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1491.096968][T25982]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1491.096989][T25982]  ? get_pid_task+0x106/0x250
[ 1491.097054][T25982]  ? find_held_lock+0x2b/0x80
[ 1491.097075][T25982]  ? __fget_files+0x215/0x3d0
[ 1491.097094][T25982]  ? hook_file_ioctl_common+0x149/0x410
[ 1491.097112][T25982]  ? __fget_files+0x215/0x3d0
[ 1491.097136][T25982]  ? __fget_files+0x21f/0x3d0
[ 1491.097186][T25982]  security_file_ioctl_compat+0xd3/0x230
[ 1491.097231][T25982]  __ia32_compat_sys_ioctl+0xc2/0x360
[ 1491.097254][T25982]  __do_fast_syscall_32+0xe7/0x950
[ 1491.097463][T25982]  ? lockdep_hardirqs_on+0x78/0x100
[ 1491.097493][T25982]  do_fast_syscall_32+0x32/0x70
[ 1491.097511][T25982]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1491.097534][T25982] RIP: 0023:0xf702ef7c
[ 1491.097551][T25982] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1491.097569][T25982] RSP: 002b:00000000f53fc50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[ 1491.097587][T25982] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000000008955
[ 1491.097598][T25982] RDX: 00000000800003c0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1491.097608][T25982] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1491.097617][T25982] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1491.097626][T25982] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1491.097646][T25982]  </TASK>
[ 1491.097788][T25982] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1491.777379][T18751] Bluetooth: hci4: command 0x040f tx timeout
[ 1491.842179][T18751] Bluetooth: hci2: command 0x041b tx timeout
[ 1492.281618][T25995] __nla_validate_parse: 5 callbacks suppressed
[ 1492.281716][T25995] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5387'.
[ 1493.069393][T26011] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5392'.
[ 1493.127400][T26011] bond2: Unable to set down delay as MII monitoring is disabled
[ 1493.133541][T26011] bond2 (unregistering): Released all slaves
[ 1493.608297][T26016] FAULT_INJECTION: forcing a failure.
[ 1493.608297][T26016] name failslab, interval 1, probability 0, space 0, times 0
[ 1493.620486][T26016] CPU: 0 UID: 0 PID: 26016 Comm: syz.2.5395 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1493.620518][T26016] Tainted: [L]=SOFTLOCKUP
[ 1493.620524][T26016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1493.620534][T26016] Call Trace:
[ 1493.620541][T26016]  <TASK>
[ 1493.620548][T26016]  dump_stack_lvl+0x100/0x190
[ 1493.620577][T26016]  should_fail_ex.cold+0x5/0xa
[ 1493.620600][T26016]  ? vb2_core_allocated_buffers_storage+0x184/0x220
[ 1493.620669][T26016]  should_failslab+0xc2/0x120
[ 1493.620691][T26016]  __kmalloc_noprof+0xe0/0x850
[ 1493.620720][T26016]  vb2_core_allocated_buffers_storage+0x184/0x220
[ 1493.620743][T26016]  vb2_core_reqbufs+0x382/0xf30
[ 1493.620770][T26016]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[ 1493.620805][T26016]  __vb2_init_fileio+0x32d/0x1000
[ 1493.620827][T26016]  ? aa_file_perm+0x7f3/0x14d0
[ 1493.620853][T26016]  ? __lock_acquire+0x4a5/0x2630
[ 1493.620877][T26016]  __vb2_perform_fileio+0x91e/0x1380
[ 1493.620908][T26016]  ? __pfx___vb2_perform_fileio+0x10/0x10
[ 1493.620933][T26016]  ? get_pid_task+0xfc/0x250
[ 1493.620965][T26016]  vb2_fop_write+0x1f8/0x550
[ 1493.620992][T26016]  v4l2_write+0x229/0x2c0
[ 1493.621013][T26016]  vfs_write+0x2aa/0x1070
[ 1493.621036][T26016]  ? __pfx_v4l2_write+0x10/0x10
[ 1493.621056][T26016]  ? __pfx_vfs_write+0x10/0x10
[ 1493.621074][T26016]  ? find_held_lock+0x2b/0x80
[ 1493.621095][T26016]  ? __fget_files+0x215/0x3d0
[ 1493.621145][T26016]  ? __fget_files+0x215/0x3d0
[ 1493.621172][T26016]  ? __fget_files+0x21f/0x3d0
[ 1493.621200][T26016]  ksys_write+0x12a/0x250
[ 1493.621220][T26016]  ? __pfx_ksys_write+0x10/0x10
[ 1493.621239][T26016]  ? ksys_write+0x1ac/0x250
[ 1493.621260][T26016]  ? rcu_is_watching+0x12/0xc0
[ 1493.621286][T26016]  __do_fast_syscall_32+0xe7/0x950
[ 1493.621305][T26016]  ? lockdep_hardirqs_on+0x78/0x100
[ 1493.621333][T26016]  do_fast_syscall_32+0x32/0x70
[ 1493.621350][T26016]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1493.621374][T26016] RIP: 0023:0xf702ef7c
[ 1493.621389][T26016] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1493.621406][T26016] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[ 1493.621424][T26016] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080001b00
[ 1493.621435][T26016] RDX: 00000000fffffd9d RSI: 0000000000000000 RDI: 0000000000000000
[ 1493.621445][T26016] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1493.621455][T26016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1493.621465][T26016] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1493.621489][T26016]  </TASK>
[ 1493.802093][T26023] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5396'.
[ 1493.929523][T26023] bond1: Unable to set down delay as MII monitoring is disabled
[ 1493.983678][T26023] bond1 (unregistering): Released all slaves
[ 1494.212120][T26035] FAULT_INJECTION: forcing a failure.
[ 1494.212120][T26035] name failslab, interval 1, probability 0, space 0, times 0
[ 1494.216082][T26035] CPU: 1 UID: 0 PID: 26035 Comm: syz.3.5400 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1494.216100][T26035] Tainted: [L]=SOFTLOCKUP
[ 1494.216104][T26035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1494.216111][T26035] Call Trace:
[ 1494.216116][T26035]  <TASK>
[ 1494.216121][T26035]  dump_stack_lvl+0x100/0x190
[ 1494.216138][T26035]  should_fail_ex.cold+0x5/0xa
[ 1494.216153][T26035]  should_failslab+0xc2/0x120
[ 1494.216167][T26035]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1494.216186][T26035]  ? __alloc_skb+0x140/0x710
[ 1494.216222][T26035]  ? __alloc_skb+0x5b7/0x710
[ 1494.216236][T26035]  __alloc_skb+0x140/0x710
[ 1494.216265][T26035]  ? __alloc_skb+0x5b7/0x710
[ 1494.216277][T26035]  ? __pfx___alloc_skb+0x10/0x10
[ 1494.216293][T26035]  netlink_alloc_large_skb+0x69/0x150
[ 1494.216313][T26035]  netlink_sendmsg+0x680/0xda0
[ 1494.216332][T26035]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1494.216351][T26035]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1494.216371][T26035]  ____sys_sendmsg+0x9e1/0xb70
[ 1494.216407][T26035]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1494.216425][T26035]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1494.216447][T26035]  ___sys_sendmsg+0x190/0x1e0
[ 1494.216466][T26035]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1494.216490][T26035]  ? find_held_lock+0x2b/0x80
[ 1494.216513][T26035]  __sys_sendmsg+0x170/0x220
[ 1494.216526][T26035]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1494.216539][T26035]  ? __fget_files+0x21f/0x3d0
[ 1494.216557][T26035]  ? ksys_write+0x1ac/0x250
[ 1494.216570][T26035]  ? rcu_is_watching+0x12/0xc0
[ 1494.216586][T26035]  __do_fast_syscall_32+0xe7/0x950
[ 1494.216598][T26035]  ? lockdep_hardirqs_on+0x78/0x100
[ 1494.216616][T26035]  do_fast_syscall_32+0x32/0x70
[ 1494.216628][T26035]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1494.216642][T26035] RIP: 0023:0xf7f04f7c
[ 1494.216652][T26035] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1494.216664][T26035] RSP: 002b:00000000f53c650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1494.216675][T26035] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[ 1494.216682][T26035] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1494.216688][T26035] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1494.216700][T26035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1494.216706][T26035] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1494.216720][T26035]  </TASK>
[ 1494.246831][T26022] A link change request failed with some changes committed already. Interface syzkaller0 may have been left with an inconsistent configuration, please check.
[ 1494.352853][T26039] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5401'.
[ 1494.430248][T26044] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5401'.
[ 1494.570044][T26053] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[ 1494.572161][T26053] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1494.582671][T26053] vhci_hcd vhci_hcd.0: Device attached
[ 1494.673290][T26038] Set syz1 is full, maxelem 65536 reached
[ 1494.887386][ T5817] usb 42-1: SetAddress Request (39) to port 0
[ 1494.891120][ T5817] usb 42-1: new SuperSpeed USB device number 39 using vhci_hcd
[ 1495.239831][T26054] vhci_hcd: connection reset by peer
[ 1495.243419][T20248] vhci_hcd vhci_hcd.2: stop threads
[ 1495.245080][T20248] vhci_hcd vhci_hcd.2: release socket
[ 1495.246898][T20248] vhci_hcd vhci_hcd.2: disconnect device
[ 1495.489874][T26061] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5405'.
[ 1495.619984][T26063] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5405'.
[ 1495.941888][T26066] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5406'.
[ 1496.014123][T26066] bond2: Unable to set down delay as MII monitoring is disabled
[ 1496.176964][T26066] bond2 (unregistering): Released all slaves
[ 1496.674544][T26073] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5409'.
[ 1496.765359][T26073] bond1: Unable to set down delay as MII monitoring is disabled
[ 1496.778869][T26073] bond1 (unregistering): Released all slaves
[ 1496.994325][T26081] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5410'.
[ 1497.187608][T26085] netlink: 'syz.4.5411': attribute type 21 has an invalid length.
[ 1497.194413][T26085] netlink: 'syz.4.5411': attribute type 20 has an invalid length.
[ 1497.614425][T26099] libceph: resolve '.‹RЇHЦe'м»Л /Пвµьл1эCё 
Ј~—1W–мЇ‘лЁeюxEA®БюeSb{~Rр' (ret=-3): failed
[ 1497.689035][T26087] Set syz1 is full, maxelem 65536 reached
[ 1498.267956][T26121] FAULT_INJECTION: forcing a failure.
[ 1498.267956][T26121] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1498.273585][T26121] CPU: 3 UID: 0 PID: 26121 Comm: syz.1.5419 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1498.273614][T26121] Tainted: [L]=SOFTLOCKUP
[ 1498.273619][T26121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1498.273628][T26121] Call Trace:
[ 1498.273662][T26121]  <TASK>
[ 1498.273671][T26121]  dump_stack_lvl+0x100/0x190
[ 1498.273850][T26121]  should_fail_ex.cold+0x5/0xa
[ 1498.273891][T26121]  _copy_from_iter+0x1f4/0x1690
[ 1498.273992][T26121]  ? __pfx__copy_from_iter+0x10/0x10
[ 1498.274015][T26121]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1498.274069][T26121]  copy_page_from_iter+0x238/0x300
[ 1498.274094][T26121]  tun_build_skb.constprop.0+0x2ea/0x18f0
[ 1498.274199][T26121]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[ 1498.274228][T26121]  ? unwind_get_return_address+0x59/0xa0
[ 1498.274274][T26121]  ? arch_stack_walk+0xa6/0xf0
[ 1498.274298][T26121]  ? __lock_acquire+0x4a5/0x2630
[ 1498.274332][T26121]  tun_get_user+0x16d6/0x3c20
[ 1498.274369][T26121]  ? __pfx_tun_get_user+0x10/0x10
[ 1498.274399][T26121]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1498.274469][T26121]  ? find_held_lock+0x2b/0x80
[ 1498.274493][T26121]  ? tun_get+0x191/0x370
[ 1498.274517][T26121]  ? tun_get+0x191/0x370
[ 1498.274551][T26121]  tun_chr_write_iter+0xdc/0x200
[ 1498.274579][T26121]  vfs_write+0x6ac/0x1070
[ 1498.274603][T26121]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1498.274623][T26121]  ? __pfx_vfs_write+0x10/0x10
[ 1498.274641][T26121]  ? find_held_lock+0x2b/0x80
[ 1498.274680][T26121]  ksys_write+0x12a/0x250
[ 1498.274697][T26121]  ? __pfx_ksys_write+0x10/0x10
[ 1498.274719][T26121]  ? rcu_is_watching+0x12/0xc0
[ 1498.274743][T26121]  do_int80_emulation+0x141/0x700
[ 1498.274961][T26121]  asm_int80_emulation+0x1a/0x20
[ 1498.274981][T26121] RIP: 0023:0xf71d61ab
[ 1498.274996][T26121] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1498.275015][T26121] RSP: 002b:00000000f548d44c EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[ 1498.275033][T26121] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000340
[ 1498.275045][T26121] RDX: 0000000000000066 RSI: 0000000000000000 RDI: 0000000000000000
[ 1498.275057][T26121] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1498.275069][T26121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1498.275078][T26121] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1498.275101][T26121]  </TASK>
[ 1498.429180][T26126] fuse: Unknown parameter 'grЖхDKЭЬЭбЊuЎвu00000000000000000000'
[ 1498.532628][T26122] block device autoloading is deprecated and will be removed.
[ 1498.648362][T26134] __nla_validate_parse: 2 callbacks suppressed
[ 1498.648465][T26134] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5422'.
[ 1498.771309][T26134] bond1: Unable to set down delay as MII monitoring is disabled
[ 1498.788953][T26134] bond1 (unregistering): Released all slaves
[ 1498.914956][T26145] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5424'.
[ 1499.208237][   T40] audit: type=1326 audit(1779901970.612:1682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26147 comm="syz.4.5427" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf705ef7c code=0x0
[ 1499.698168][T26152] FAULT_INJECTION: forcing a failure.
[ 1499.698168][T26152] name failslab, interval 1, probability 0, space 0, times 0
[ 1499.702430][T26152] CPU: 2 UID: 0 PID: 26152 Comm: syz.1.5428 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1499.702449][T26152] Tainted: [L]=SOFTLOCKUP
[ 1499.702453][T26152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1499.702460][T26152] Call Trace:
[ 1499.702466][T26152]  <TASK>
[ 1499.702472][T26152]  dump_stack_lvl+0x100/0x190
[ 1499.702490][T26152]  should_fail_ex.cold+0x5/0xa
[ 1499.702505][T26152]  should_failslab+0xc2/0x120
[ 1499.702518][T26152]  __kmalloc_cache_node_noprof+0x7d/0x770
[ 1499.702532][T26152]  ? process_measurement+0x4c8/0x2350
[ 1499.702575][T26152]  ? __get_vm_area_node+0x101/0x330
[ 1499.702589][T26152]  ? process_measurement+0x4c8/0x2350
[ 1499.702608][T26152]  __get_vm_area_node+0x101/0x330
[ 1499.702629][T26152]  __vmalloc_node_range_noprof+0x228/0x1630
[ 1499.702645][T26152]  ? bpf_prog_alloc_no_stats+0x58/0x640
[ 1499.702662][T26152]  ? tomoyo_check_open_permission+0x1db/0x3c0
[ 1499.702676][T26152]  ? tomoyo_check_open_permission+0x1db/0x3c0
[ 1499.702691][T26152]  ? bpf_prog_alloc_no_stats+0x58/0x640
[ 1499.702710][T26152]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1499.702726][T26152]  ? __lock_acquire+0x4a5/0x2630
[ 1499.702742][T26152]  ? bpf_prog_alloc_no_stats+0x58/0x640
[ 1499.702757][T26152]  __vmalloc_node_noprof+0xad/0xf0
[ 1499.702772][T26152]  ? bpf_prog_alloc_no_stats+0x58/0x640
[ 1499.702789][T26152]  __vmalloc_noprof+0xa3/0x120
[ 1499.702804][T26152]  ? __pfx___vmalloc_noprof+0x10/0x10
[ 1499.702820][T26152]  ? rcu_is_watching+0x12/0xc0
[ 1499.702834][T26152]  ? apparmor_capable+0x1d7/0x4d0
[ 1499.702846][T26152]  ? unwind_get_return_address+0x59/0xa0
[ 1499.702863][T26152]  bpf_prog_alloc_no_stats+0x58/0x640
[ 1499.702877][T26152]  ? security_capable+0x80/0x260
[ 1499.702916][T26152]  bpf_prog_alloc+0x3b/0x200
[ 1499.702930][T26152]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1499.702947][T26152]  bpf_prog_load+0x48c/0x2b30
[ 1499.702962][T26152]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1499.702984][T26152]  ? bpf_lsm_bpf+0x9/0x10
[ 1499.702998][T26152]  __sys_bpf+0x223a/0x4b90
[ 1499.703011][T26152]  ? __pfx___sys_bpf+0x10/0x10
[ 1499.703022][T26152]  ? get_pid_task+0x106/0x250
[ 1499.703038][T26152]  ? proc_fail_nth_write+0x9f/0x220
[ 1499.703075][T26152]  ? find_held_lock+0x2b/0x80
[ 1499.703092][T26152]  ? find_held_lock+0x2b/0x80
[ 1499.703107][T26152]  ? ksys_write+0x190/0x250
[ 1499.703122][T26152]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[ 1499.703134][T26152]  ? kernel_write+0x5e3/0x6c0
[ 1499.703154][T26152]  ? fput+0x79/0x100
[ 1499.703169][T26152]  ? ksys_write+0x1ac/0x250
[ 1499.703183][T26152]  __ia32_sys_bpf+0x79/0xf0
[ 1499.703195][T26152]  ? lockdep_hardirqs_on+0x78/0x100
[ 1499.703213][T26152]  __do_fast_syscall_32+0xe7/0x950
[ 1499.703224][T26152]  ? lockdep_hardirqs_on+0x78/0x100
[ 1499.703243][T26152]  do_fast_syscall_32+0x32/0x70
[ 1499.703254][T26152]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1499.703269][T26152] RIP: 0023:0xf709ef7c
[ 1499.703279][T26152] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1499.703290][T26152] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[ 1499.703314][T26152] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000240
[ 1499.703322][T26152] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[ 1499.703329][T26152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1499.703335][T26152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1499.703342][T26152] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1499.703356][T26152]  </TASK>
[ 1499.703464][T26152] syz.1.5428: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1499.870472][T26152] CPU: 2 UID: 0 PID: 26152 Comm: syz.1.5428 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1499.870492][T26152] Tainted: [L]=SOFTLOCKUP
[ 1499.870496][T26152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1499.870503][T26152] Call Trace:
[ 1499.870507][T26152]  <TASK>
[ 1499.870513][T26152]  dump_stack_lvl+0x100/0x190
[ 1499.870544][T26152]  warn_alloc.cold+0x95/0x1c1
[ 1499.870557][T26152]  ? __pfx_warn_alloc+0x10/0x10
[ 1499.870575][T26152]  ? trace_kmalloc+0xe3/0x110
[ 1499.870590][T26152]  ? __kmalloc_cache_node_noprof+0x2d9/0x770
[ 1499.870604][T26152]  ? __kasan_kmalloc+0x8a/0xb0
[ 1499.870621][T26152]  ? __get_vm_area_node+0x208/0x330
[ 1499.870638][T26152]  __vmalloc_node_range_noprof+0xccd/0x1630
[ 1499.870655][T26152]  ? tomoyo_check_open_permission+0x1db/0x3c0
[ 1499.870669][T26152]  ? tomoyo_check_open_permission+0x1db/0x3c0
[ 1499.870684][T26152]  ? bpf_prog_alloc_no_stats+0x58/0x640
[ 1499.870704][T26152]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1499.870719][T26152]  ? __lock_acquire+0x4a5/0x2630
[ 1499.870736][T26152]  ? bpf_prog_alloc_no_stats+0x58/0x640
[ 1499.870751][T26152]  __vmalloc_node_noprof+0xad/0xf0
[ 1499.870766][T26152]  ? bpf_prog_alloc_no_stats+0x58/0x640
[ 1499.870783][T26152]  __vmalloc_noprof+0xa3/0x120
[ 1499.870798][T26152]  ? __pfx___vmalloc_noprof+0x10/0x10
[ 1499.870814][T26152]  ? rcu_is_watching+0x12/0xc0
[ 1499.870828][T26152]  ? apparmor_capable+0x1d7/0x4d0
[ 1499.870839][T26152]  ? unwind_get_return_address+0x59/0xa0
[ 1499.870855][T26152]  bpf_prog_alloc_no_stats+0x58/0x640
[ 1499.870870][T26152]  ? security_capable+0x80/0x260
[ 1499.870889][T26152]  bpf_prog_alloc+0x3b/0x200
[ 1499.870903][T26152]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1499.870921][T26152]  bpf_prog_load+0x48c/0x2b30
[ 1499.870935][T26152]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1499.870958][T26152]  ? bpf_lsm_bpf+0x9/0x10
[ 1499.870972][T26152]  __sys_bpf+0x223a/0x4b90
[ 1499.870985][T26152]  ? __pfx___sys_bpf+0x10/0x10
[ 1499.870995][T26152]  ? get_pid_task+0x106/0x250
[ 1499.871013][T26152]  ? proc_fail_nth_write+0x9f/0x220
[ 1499.871032][T26152]  ? find_held_lock+0x2b/0x80
[ 1499.871049][T26152]  ? find_held_lock+0x2b/0x80
[ 1499.871064][T26152]  ? ksys_write+0x190/0x250
[ 1499.871079][T26152]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[ 1499.871091][T26152]  ? kernel_write+0x5e3/0x6c0
[ 1499.871111][T26152]  ? fput+0x79/0x100
[ 1499.871126][T26152]  ? ksys_write+0x1ac/0x250
[ 1499.871141][T26152]  __ia32_sys_bpf+0x79/0xf0
[ 1499.871152][T26152]  ? lockdep_hardirqs_on+0x78/0x100
[ 1499.871170][T26152]  __do_fast_syscall_32+0xe7/0x950
[ 1499.871180][T26152]  ? lockdep_hardirqs_on+0x78/0x100
[ 1499.871199][T26152]  do_fast_syscall_32+0x32/0x70
[ 1499.871210][T26152]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1499.871224][T26152] RIP: 0023:0xf709ef7c
[ 1499.871233][T26152] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1499.871244][T26152] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[ 1499.871255][T26152] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000240
[ 1499.871263][T26152] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[ 1499.871269][T26152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1499.871276][T26152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1499.871282][T26152] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1499.871296][T26152]  </TASK>
[ 1500.004550][T26152] Mem-Info:
[ 1500.005097][    C2] hpet: Lost 7 RTC interrupts
[ 1500.005999][T26152] active_anon:4157 inactive_anon:558 isolated_anon:0
[ 1500.005999][T26152]  active_file:9236 inactive_file:9555 isolated_file:0
[ 1500.005999][T26152]  unevictable:1768 dirty:718 writeback:0
[ 1500.005999][T26152]  slab_reclaimable:6557 slab_unreclaimable:66367
[ 1500.005999][T26152]  mapped:25170 shmem:3972 pagetables:1376
[ 1500.005999][T26152]  sec_pagetables:318 bounce:0
[ 1500.005999][T26152]  kernel_misc_reclaimable:0
[ 1500.005999][T26152]  free:61377 free_pcp:12046 free_cma:0
[ 1500.072864][T26152] Node 0 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7564kB pagetables:1200kB sec_pagetables:1112kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[ 1500.092449][T26152] Node 1 active_anon:9928kB inactive_anon:2232kB active_file:36944kB inactive_file:38084kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:95356kB dirty:2868kB writeback:0kB shmem:3752kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6296kB pagetables:4604kB sec_pagetables:160kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[ 1500.108243][T26152] Node 0 DMA free:3904kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:128kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1500.126897][T26152] lowmem_reserve[]: 0 285 285 285 285
[ 1500.132023][T26152] Node 0 DMA32 free:40424kB boost:29448kB min:42536kB low:45808kB high:49080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:3536kB writepending:4kB zspages:380kB present:1032196kB managed:292508kB mlocked:0kB bounce:0kB free_pcp:1392kB local_pcp:1236kB free_cma:0kB
[ 1500.150171][T26152] lowmem_reserve[]: 0 0 0 0 0
[ 1500.152077][T26152] Node 1 DMA32 free:205340kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:10128kB inactive_anon:2232kB active_file:36944kB inactive_file:38084kB unevictable:3536kB writepending:2868kB zspages:5004kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:49548kB local_pcp:9712kB free_cma:0kB
[ 1500.153718][T26166] FAULT_INJECTION: forcing a failure.
[ 1500.153718][T26166] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1500.164685][T26152] lowmem_reserve[]: 0 0 0 0 0
[ 1500.171194][T26152] Node 0 DMA: 104*4kB (U) 50*8kB (U) 35*16kB (U) 29*32kB (U) 7*64kB (U) 3*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 3904kB
[ 1500.174281][T26169] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5433'.
[ 1500.181358][T26166] CPU: 1 UID: 0 PID: 26166 Comm: syz.3.5432 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1500.181385][T26166] Tainted: [L]=SOFTLOCKUP
[ 1500.181392][T26166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1500.181402][T26166] Call Trace:
[ 1500.181409][T26166]  <TASK>
[ 1500.181418][T26166]  dump_stack_lvl+0x100/0x190
[ 1500.181448][T26166]  should_fail_ex.cold+0x5/0xa
[ 1500.181474][T26166]  _copy_to_user+0x32/0xd0
[ 1500.181500][T26166]  simple_read_from_buffer+0xcb/0x170
[ 1500.181526][T26166]  proc_fail_nth_read+0x1af/0x230
[ 1500.181557][T26166]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1500.181588][T26166]  ? rw_verify_area+0xce/0x6d0
[ 1500.181622][T26152] Node 0 
[ 1500.181630][T26166]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1500.181661][T26166]  vfs_read+0x1e4/0xb30
[ 1500.181686][T26166]  ? __pfx_vfs_read+0x10/0x10
[ 1500.181705][T26166]  ? find_held_lock+0x2b/0x80
[ 1500.181727][T26166]  ? __fget_files+0x215/0x3d0
[ 1500.181751][T26166]  ? __fget_files+0x21f/0x3d0
[ 1500.181777][T26166]  ksys_read+0x12a/0x250
[ 1500.181796][T26166]  ? __pfx_ksys_read+0x10/0x10
[ 1500.181814][T26166]  ? rcu_is_watching+0x12/0xc0
[ 1500.181834][T26166]  ? rcu_is_watching+0x12/0xc0
[ 1500.181857][T26166]  do_int80_emulation+0x141/0x700
[ 1500.181879][T26166]  asm_int80_emulation+0x1a/0x20
[ 1500.181896][T26166] RIP: 0023:0xf71061ab
[ 1500.181911][T26166] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1500.181927][T26166] RSP: 002b:00000000f53c64bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1500.181943][T26166] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f53c65d0
[ 1500.181954][T26166] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1500.181964][T26166] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1500.181973][T26166] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1500.181983][T26166] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1500.182006][T26166]  </TASK>
[ 1500.267947][T26152] DMA32: 1220*4kB (UME) 527*8kB (UME) 216*16kB (UME) 355*32kB (UME) 68*64kB (UME) 19*128kB (UME) 6*256kB (UME) 6*512kB (ME) 1*1024kB (M) 2*2048kB (M) 0*4096kB = 40424kB
[ 1500.276122][T26152] Node 1 DMA32: 3485*4kB (UM) 4447*8kB (UME) 3759*16kB (UM) 10*32kB (M) 10*64kB (ME) 150*128kB (UME) 94*256kB (UME) 28*512kB (UME) 12*1024kB (UME) 12*2048kB (UME) 0*4096kB = 205084kB
[ 1500.287039][T26152] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1500.291184][T26152] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1500.295145][T26152] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1500.299005][T26152] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1500.305455][T26152] 21509 total pagecache pages
[ 1500.307517][T26152] 925 pages in swap cache
[ 1500.309309][T26152] Free swap  = 101504kB
[ 1500.311116][T26152] Total swap = 124996kB
[ 1500.317842][T26152] 524155 pages RAM
[ 1500.319744][T26152] 0 pages HighMem/MovableOnly
[ 1500.321740][T26173] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5434'.
[ 1500.325542][T26152] 210135 pages reserved
[ 1500.327285][T26152] 0 pages cma reserved
[ 1500.334801][T26175] tipc: Started in network mode
[ 1500.335332][ T5817] usb 42-1: device descriptor read/8, error -110
[ 1500.337612][T26175] tipc: Node identity ac14140f, cluster identity 4711
[ 1500.343292][T26175] tipc: New replicast peer: 255.255.255.255
[ 1500.392177][T26175] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1500.471816][T26179] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5434'.
[ 1500.756741][ T9217] usb 6-1: new high-speed USB device number 63 using dummy_hcd
[ 1500.770526][ T5817] usb usb42-port1: attempt power cycle
[ 1500.919179][ T9217] usb 6-1: Using ep0 maxpacket: 8
[ 1500.922129][ T9217] usb 6-1: config 0 has no interfaces?
[ 1500.923906][ T9217] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1500.926854][ T9217] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1500.937406][ T9217] usb 6-1: config 0 descriptor??
[ 1501.081145][T26191] fuse: Unknown parameter '0x00000000000000070x00000000000000050000000000000000000700000000000000000000'
[ 1501.327135][T26199] FAULT_INJECTION: forcing a failure.
[ 1501.327135][T26199] name failslab, interval 1, probability 0, space 0, times 0
[ 1501.331455][T26199] CPU: 1 UID: 0 PID: 26199 Comm: syz.3.5441 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1501.331475][T26199] Tainted: [L]=SOFTLOCKUP
[ 1501.331479][T26199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1501.331487][T26199] Call Trace:
[ 1501.331492][T26199]  <TASK>
[ 1501.331497][T26199]  dump_stack_lvl+0x100/0x190
[ 1501.331515][T26199]  should_fail_ex.cold+0x5/0xa
[ 1501.331531][T26199]  should_failslab+0xc2/0x120
[ 1501.331551][T26199]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1501.331570][T26199]  ? __alloc_skb+0x140/0x710
[ 1501.331606][T26199]  ? __alloc_skb+0x5b7/0x710
[ 1501.331619][T26199]  __alloc_skb+0x140/0x710
[ 1501.331631][T26199]  ? __alloc_skb+0x5b7/0x710
[ 1501.331643][T26199]  ? __pfx___alloc_skb+0x10/0x10
[ 1501.331659][T26199]  netlink_alloc_large_skb+0x69/0x150
[ 1501.331687][T26199]  netlink_sendmsg+0x680/0xda0
[ 1501.331707][T26199]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1501.331726][T26199]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1501.331755][T26199]  ____sys_sendmsg+0x9e1/0xb70
[ 1501.331801][T26199]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1501.331831][T26199]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1501.331865][T26199]  ___sys_sendmsg+0x190/0x1e0
[ 1501.331893][T26199]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1501.331918][T26199]  ? find_held_lock+0x2b/0x80
[ 1501.331942][T26199]  __sys_sendmsg+0x170/0x220
[ 1501.331956][T26199]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1501.331969][T26199]  ? __fget_files+0x21f/0x3d0
[ 1501.331986][T26199]  ? ksys_write+0x1ac/0x250
[ 1501.332001][T26199]  ? rcu_is_watching+0x12/0xc0
[ 1501.332017][T26199]  __do_fast_syscall_32+0xe7/0x950
[ 1501.332034][T26199]  ? lockdep_hardirqs_on+0x78/0x100
[ 1501.332061][T26199]  do_fast_syscall_32+0x32/0x70
[ 1501.332080][T26199]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1501.332101][T26199] RIP: 0023:0xf7f04f7c
[ 1501.332114][T26199] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1501.332133][T26199] RSP: 002b:00000000f53c650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1501.332153][T26199] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240
[ 1501.332164][T26199] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[ 1501.332175][T26199] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1501.332185][T26199] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1501.332194][T26199] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1501.332219][T26199]  </TASK>
[ 1501.437476][ T5817] usb usb42-port1: unable to enumerate USB device
[ 1501.601727][ T5817] tipc: Node number set to 2886997007
[ 1501.699134][   T34] usb 7-1: new high-speed USB device number 55 using dummy_hcd
[ 1501.710607][T19255] usb 9-1: new high-speed USB device number 32 using dummy_hcd
[ 1501.861515][   T34] usb 7-1: Using ep0 maxpacket: 32
[ 1501.864500][   T34] usb 7-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[ 1501.868385][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1501.872601][T19255] usb 9-1: Using ep0 maxpacket: 32
[ 1501.876640][   T34] usb 7-1: config 0 descriptor??
[ 1501.885478][T19255] usb 9-1: config index 0 descriptor too short (expected 539, got 27)
[ 1501.888870][T19255] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1501.890656][   T34] as10x_usb: device has been detected
[ 1501.898741][T19255] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1501.900493][   T34] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[ 1501.908434][T19255] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1501.920014][T19255] usb 9-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[ 1501.925317][T19255] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1501.928418][   T34] usb 7-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[ 1501.928946][T19255] usb 9-1: Product: syz
[ 1501.933305][T19255] usb 9-1: Manufacturer: syz
[ 1501.935304][T19255] usb 9-1: SerialNumber: syz
[ 1501.941285][T19255] usb 9-1: config 0 descriptor??
[ 1501.948075][T26203] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[ 1501.958390][T19255] hub 9-1:0.0: bad descriptor, ignoring hub
[ 1501.961666][T19255] hub 9-1:0.0: probe with driver hub failed with error -5
[ 1501.968150][T19255] input: syz syz as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input15
[ 1501.997055][   T34] as10x_usb: error during firmware upload part1
[ 1502.001892][   T34] Registered device nBox DVB-T Dongle
[ 1502.103448][   T34] usb 7-1: USB disconnect, device number 55
[ 1502.119015][   T34] Unregistered device nBox DVB-T Dongle
[ 1502.119875][   T34] as10x_usb: device has been disconnected
[ 1502.255168][ T9217] usb 9-1: USB disconnect, device number 32
[ 1502.255325][    C1] usbtouchscreen 9-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[ 1502.290176][T26220] Set syz1 is full, maxelem 65536 reached
[ 1502.762450][ T1432] ieee802154 phy1 wpan1: encryption failed: -22
[ 1502.859967][T26236] FAULT_INJECTION: forcing a failure.
[ 1502.859967][T26236] name failslab, interval 1, probability 0, space 0, times 0
[ 1502.865880][T26236] CPU: 3 UID: 0 PID: 26236 Comm: syz.4.5451 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1502.865911][T26236] Tainted: [L]=SOFTLOCKUP
[ 1502.865917][T26236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1502.865927][T26236] Call Trace:
[ 1502.865934][T26236]  <TASK>
[ 1502.865941][T26236]  dump_stack_lvl+0x100/0x190
[ 1502.865968][T26236]  should_fail_ex.cold+0x5/0xa
[ 1502.865992][T26236]  should_failslab+0xc2/0x120
[ 1502.866014][T26236]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1502.866043][T26236]  ? __alloc_skb+0x140/0x710
[ 1502.866064][T26236]  ? __alloc_skb+0x5b7/0x710
[ 1502.866086][T26236]  __alloc_skb+0x140/0x710
[ 1502.866104][T26236]  ? __alloc_skb+0x5b7/0x710
[ 1502.866123][T26236]  ? __pfx___alloc_skb+0x10/0x10
[ 1502.866150][T26236]  netlink_alloc_large_skb+0x69/0x150
[ 1502.866179][T26236]  netlink_sendmsg+0x680/0xda0
[ 1502.866208][T26236]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1502.866238][T26236]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1502.866271][T26236]  ____sys_sendmsg+0x9e1/0xb70
[ 1502.866297][T26236]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1502.866323][T26236]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1502.866360][T26236]  ___sys_sendmsg+0x190/0x1e0
[ 1502.866389][T26236]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1502.866428][T26236]  ? find_held_lock+0x2b/0x80
[ 1502.866468][T26236]  __sys_sendmsg+0x170/0x220
[ 1502.866491][T26236]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1502.866510][T26236]  ? __fget_files+0x21f/0x3d0
[ 1502.866538][T26236]  ? ksys_write+0x1ac/0x250
[ 1502.866561][T26236]  ? rcu_is_watching+0x12/0xc0
[ 1502.866586][T26236]  __do_fast_syscall_32+0xe7/0x950
[ 1502.866606][T26236]  ? lockdep_hardirqs_on+0x78/0x100
[ 1502.866641][T26236]  do_fast_syscall_32+0x32/0x70
[ 1502.866659][T26236]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1502.866683][T26236] RIP: 0023:0xf705ef7c
[ 1502.866699][T26236] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1502.866715][T26236] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1502.866733][T26236] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000380
[ 1502.866743][T26236] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1502.866754][T26236] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1502.866764][T26236] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1502.866792][T26236] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1502.866816][T26236]  </TASK>
[ 1503.142519][T26247] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1503.152310][T26247] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1503.156043][T26247] FAULT_INJECTION: forcing a failure.
[ 1503.156043][T26247] name failslab, interval 1, probability 0, space 0, times 0
[ 1503.160138][T26247] CPU: 2 UID: 0 PID: 26247 Comm: syz.1.5455 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1503.160163][T26247] Tainted: [L]=SOFTLOCKUP
[ 1503.160169][T26247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1503.160178][T26247] Call Trace:
[ 1503.160185][T26247]  <TASK>
[ 1503.160192][T26247]  dump_stack_lvl+0x100/0x190
[ 1503.160217][T26247]  should_fail_ex.cold+0x5/0xa
[ 1503.160235][T26247]  ? tomoyo_encode2+0xfb/0x3c0
[ 1503.160250][T26247]  should_failslab+0xc2/0x120
[ 1503.160264][T26247]  __kmalloc_noprof+0xe0/0x850
[ 1503.160274][T26247]  ? d_absolute_path+0x136/0x1b0
[ 1503.160288][T26247]  tomoyo_encode2+0xfb/0x3c0
[ 1503.160305][T26247]  tomoyo_encode+0x29/0x50
[ 1503.160319][T26247]  tomoyo_realpath_from_path+0x18c/0x690
[ 1503.160337][T26247]  tomoyo_path_number_perm+0x23c/0x580
[ 1503.160349][T26247]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1503.160363][T26247]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1503.160376][T26247]  ? get_pid_task+0x106/0x250
[ 1503.160406][T26247]  ? find_held_lock+0x2b/0x80
[ 1503.160420][T26247]  ? __fget_files+0x215/0x3d0
[ 1503.160433][T26247]  ? hook_file_ioctl_common+0x149/0x410
[ 1503.160445][T26247]  ? __fget_files+0x215/0x3d0
[ 1503.160461][T26247]  ? __fget_files+0x21f/0x3d0
[ 1503.160476][T26247]  security_file_ioctl_compat+0xd3/0x230
[ 1503.160491][T26247]  __ia32_compat_sys_ioctl+0xc2/0x360
[ 1503.160504][T26247]  __do_fast_syscall_32+0xe7/0x950
[ 1503.160517][T26247]  ? lockdep_hardirqs_on+0x78/0x100
[ 1503.160535][T26247]  do_fast_syscall_32+0x32/0x70
[ 1503.160547][T26247]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1503.160562][T26247] RIP: 0023:0xf709ef7c
[ 1503.160571][T26247] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1503.160582][T26247] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[ 1503.160593][T26247] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080dc5521
[ 1503.160601][T26247] RDX: 0000000080000480 RSI: 0000000000000000 RDI: 0000000000000000
[ 1503.160607][T26247] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1503.160614][T26247] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1503.160620][T26247] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1503.160635][T26247]  </TASK>
[ 1503.160645][T26247] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1503.313881][T26250] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1503.317724][T26250] block device autoloading is deprecated and will be removed.
[ 1503.363953][T26257] netlink: 'syz.4.5458': attribute type 4 has an invalid length.
[ 1503.367484][T26257] netlink: 224 bytes leftover after parsing attributes in process `syz.4.5458'.
[ 1503.556996][T26260] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5459'.
[ 1503.671511][T26260] bond2: Unable to set down delay as MII monitoring is disabled
[ 1503.690037][T26260] bond2 (unregistering): Released all slaves
[ 1503.822211][T26266] overlay: Unknown parameter 'audit'
[ 1503.977485][T26270] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5463'.
[ 1505.412055][T26284] ieee802154 phy1 wpan1: encryption failed: -22
[ 1505.958133][T26290] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5466'.
[ 1505.998604][T26293] FAULT_INJECTION: forcing a failure.
[ 1505.998604][T26293] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1506.007866][T26293] CPU: 1 UID: 0 PID: 26293 Comm: syz.1.5467 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1506.007887][T26293] Tainted: [L]=SOFTLOCKUP
[ 1506.007891][T26293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1506.007898][T26293] Call Trace:
[ 1506.007903][T26293]  <TASK>
[ 1506.007909][T26293]  dump_stack_lvl+0x100/0x190
[ 1506.007926][T26293]  should_fail_ex.cold+0x5/0xa
[ 1506.007949][T26293]  _copy_to_iter+0x5a4/0x1720
[ 1506.007965][T26293]  ? __pfx__copy_to_iter+0x10/0x10
[ 1506.007977][T26293]  ? __pfx_bpf_link_show_fdinfo+0x10/0x10
[ 1506.007991][T26293]  ? fput+0x79/0x100
[ 1506.008007][T26293]  ? __pfx_bpf_link_show_fdinfo+0x10/0x10
[ 1506.008020][T26293]  ? seq_show+0x590/0x870
[ 1506.008041][T26293]  seq_read_iter+0xdab/0x1270
[ 1506.008060][T26293]  seq_read+0x33b/0x4c0
[ 1506.008073][T26293]  ? __pfx_seq_read+0x10/0x10
[ 1506.008084][T26293]  ? __pfx___might_resched+0x10/0x10
[ 1506.008098][T26293]  ? lock_acquire+0x1b1/0x370
[ 1506.008115][T26293]  ? rw_verify_area+0xce/0x6d0
[ 1506.008126][T26293]  ? __pfx_seq_read+0x10/0x10
[ 1506.008138][T26293]  vfs_read+0x1e4/0xb30
[ 1506.008153][T26293]  ? __pfx_vfs_read+0x10/0x10
[ 1506.008164][T26293]  ? find_held_lock+0x2b/0x80
[ 1506.008179][T26293]  ? __fget_files+0x215/0x3d0
[ 1506.008195][T26293]  ? __fget_files+0x21f/0x3d0
[ 1506.008212][T26293]  ksys_read+0x12a/0x250
[ 1506.008225][T26293]  ? __pfx_ksys_read+0x10/0x10
[ 1506.008237][T26293]  ? ksys_write+0x1ac/0x250
[ 1506.008250][T26293]  ? rcu_is_watching+0x12/0xc0
[ 1506.008266][T26293]  __do_fast_syscall_32+0xe7/0x950
[ 1506.008279][T26293]  ? lockdep_hardirqs_on+0x78/0x100
[ 1506.008297][T26293]  do_fast_syscall_32+0x32/0x70
[ 1506.008309][T26293]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1506.008323][T26293] RIP: 0023:0xf709ef7c
[ 1506.008333][T26293] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1506.008344][T26293] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000003
[ 1506.008355][T26293] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000a00
[ 1506.008362][T26293] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[ 1506.008369][T26293] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1506.008375][T26293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1506.008382][T26293] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1506.008396][T26293]  </TASK>
[ 1506.307330][T26320] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5473'.
[ 1506.324812][T26320] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5473'.
[ 1506.416024][T26295] Set syz1 is full, maxelem 65536 reached
[ 1506.493413][T26320] zonefs (nullb0) ERROR: Not a zoned block device
[ 1506.844663][T26325] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5474'.
[ 1506.919599][T26326] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5474'.
[ 1507.320270][T26329] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5475'.
[ 1507.371408][T26329] bond2: Unable to set down delay as MII monitoring is disabled
[ 1507.379221][T26329] bond2 (unregistering): Released all slaves
[ 1507.779734][    C2] hpet: Lost 1 RTC interrupts
[ 1509.053377][T26340] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5478'.
[ 1509.152605][T26348] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5478'.
[ 1509.177506][T26351] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5482'.
[ 1509.217366][T26349] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[ 1509.219380][T26349] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1509.469437][T26349] vhci_hcd vhci_hcd.0: Device attached
[ 1509.548267][T26360] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5483'.
[ 1509.899128][   T50] usb 42-1: SetAddress Request (43) to port 0
[ 1509.899474][   T50] usb 42-1: new SuperSpeed USB device number 43 using vhci_hcd
[ 1510.521381][T26361] bond1: Unable to set down delay as MII monitoring is disabled
[ 1510.642780][T26361] bond1 (unregistering): Released all slaves
[ 1510.827191][T26349] rdma_rxe: rxe_newlink: failed to add wg2
[ 1510.852105][T26350] vhci_hcd: connection reset by peer
[ 1510.854625][  T515] vhci_hcd vhci_hcd.2: stop threads
[ 1510.856944][  T515] vhci_hcd vhci_hcd.2: release socket
[ 1510.859416][  T515] vhci_hcd vhci_hcd.2: disconnect device
[ 1510.914321][T26376] netlink: 'syz.4.5487': attribute type 1 has an invalid length.
[ 1511.332250][T26382] bond1: Unable to set down delay as MII monitoring is disabled
[ 1511.430872][T26382] bond1 (unregistering): Released all slaves
[ 1511.749284][T26387] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1511.940958][T26396] __nla_validate_parse: 5 callbacks suppressed
[ 1511.941011][T26396] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5492'.
[ 1512.237568][T26406] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5496'.
[ 1512.388182][T26409] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5494'.
[ 1512.395603][T26397] bond1: Unable to set down delay as MII monitoring is disabled
[ 1512.410568][T26397] bond1 (unregistering): Released all slaves
[ 1512.499873][T26411] overlayfs: missing 'lowerdir'
[ 1514.152705][T26409] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[ 1514.278232][T26425] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5501'.
[ 1514.286125][T26425] bridge_slave_0: left allmulticast mode
[ 1514.288040][T26425] bridge_slave_0: left promiscuous mode
[ 1514.290024][T26425] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1514.336303][T26430] netlink: 204 bytes leftover after parsing attributes in process `syz.4.5499'.
[ 1514.364697][T26433] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5502'.
[ 1514.456399][T26434] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5502'.
[ 1514.665243][T26437] syz.2.5503 (26437): drop_caches: 2
[ 1515.425951][   T50] usb 42-1: device descriptor read/8, error -110
[ 1515.525081][T26449] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5507'.
[ 1515.549972][T26453] FAULT_INJECTION: forcing a failure.
[ 1515.549972][T26453] name failslab, interval 1, probability 0, space 0, times 0
[ 1515.577907][T26453] CPU: 1 UID: 0 PID: 26453 Comm: syz.1.5508 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1515.577938][T26453] Tainted: [L]=SOFTLOCKUP
[ 1515.577945][T26453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1515.577955][T26453] Call Trace:
[ 1515.577985][T26453]  <TASK>
[ 1515.577993][T26453]  dump_stack_lvl+0x100/0x190
[ 1515.578170][T26453]  should_fail_ex.cold+0x5/0xa
[ 1515.578212][T26453]  should_failslab+0xc2/0x120
[ 1515.578252][T26453]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1515.578280][T26453]  ? __alloc_skb+0x140/0x710
[ 1515.578358][T26453]  ? __alloc_skb+0x5b7/0x710
[ 1515.578380][T26453]  __alloc_skb+0x140/0x710
[ 1515.578398][T26453]  ? __alloc_skb+0x5b7/0x710
[ 1515.578416][T26453]  ? __pfx___alloc_skb+0x10/0x10
[ 1515.578442][T26453]  alloc_skb_with_frags+0xdd/0x760
[ 1515.578465][T26453]  ? bpf_ksym_find+0x124/0x1c0
[ 1515.578490][T26453]  sock_alloc_send_pskb+0x801/0x980
[ 1515.578531][T26453]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1515.578612][T26453]  ? arch_stack_walk+0xa6/0xf0
[ 1515.578659][T26453]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[ 1515.578676][T26453]  ? find_held_lock+0x2b/0x80
[ 1515.578697][T26453]  ? dev_get_by_index+0x180/0x380
[ 1515.578715][T26453]  ? dev_get_by_index+0x180/0x380
[ 1515.578738][T26453]  packet_sendmsg+0x1eda/0x5100
[ 1515.578805][T26453]  ? __pfx___might_resched+0x10/0x10
[ 1515.578831][T26453]  ? aa_sk_perm+0x309/0xaa0
[ 1515.578891][T26453]  ? __pfx_packet_sendmsg+0x10/0x10
[ 1515.578916][T26453]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1515.578934][T26453]  ? __might_fault+0xc5/0x140
[ 1515.578966][T26453]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1515.578999][T26453]  __sys_sendto+0x468/0x4b0
[ 1515.579016][T26453]  ? __pfx_packet_sendmsg+0x10/0x10
[ 1515.579044][T26453]  ? __pfx___sys_sendto+0x10/0x10
[ 1515.579070][T26453]  ? __fget_files+0x215/0x3d0
[ 1515.579092][T26453]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1515.579282][T26453]  ? fput+0x79/0x100
[ 1515.579308][T26453]  ? ksys_write+0x1ac/0x250
[ 1515.579330][T26453]  __ia32_sys_sendto+0xdd/0x1b0
[ 1515.579350][T26453]  ? __do_fast_syscall_32+0x98/0x950
[ 1515.579369][T26453]  ? lockdep_hardirqs_on+0x78/0x100
[ 1515.579395][T26453]  __do_fast_syscall_32+0xe7/0x950
[ 1515.579412][T26453]  ? lockdep_hardirqs_on+0x78/0x100
[ 1515.579440][T26453]  do_fast_syscall_32+0x32/0x70
[ 1515.579458][T26453]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1515.579480][T26453] RIP: 0023:0xf709ef7c
[ 1515.579495][T26453] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1515.579512][T26453] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000171
[ 1515.579530][T26453] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000280
[ 1515.579542][T26453] RDX: 0000000000000012 RSI: 0000000006008092 RDI: 0000000080000080
[ 1515.579553][T26453] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[ 1515.579564][T26453] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1515.579575][T26453] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1515.579599][T26453]  </TASK>
[ 1515.624241][T26449] bond2: Unable to set down delay as MII monitoring is disabled
[ 1515.735211][T26449] bond2 (unregistering): Released all slaves
[ 1515.857455][   T50] usb usb42-port1: attempt power cycle
[ 1515.869217][T26461] Set syz1 is full, maxelem 65536 reached
[ 1516.951121][T26483] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5516'.
[ 1516.964001][T26484] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5515'.
[ 1517.043362][T26484] bond1: Unable to set down delay as MII monitoring is disabled
[ 1517.055177][T26484] bond1 (unregistering): Released all slaves
[ 1517.499006][   T50] usb usb42-port1: unable to enumerate USB device
[ 1518.458612][T26490] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1518.467245][T26490] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1520.287111][T26519] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1520.299837][T26519] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1520.386651][T26524] __nla_validate_parse: 1 callbacks suppressed
[ 1520.386669][T26524] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5525'.
[ 1520.481370][T26526] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5525'.
[ 1520.497036][T26505] Set syz1 is full, maxelem 65536 reached
[ 1520.670862][T26528] Set syz1 is full, maxelem 65536 reached
[ 1520.751940][T26538] FAULT_INJECTION: forcing a failure.
[ 1520.751940][T26538] name failslab, interval 1, probability 0, space 0, times 0
[ 1520.759463][T26538] CPU: 1 UID: 0 PID: 26538 Comm: syz.3.5527 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1520.759492][T26538] Tainted: [L]=SOFTLOCKUP
[ 1520.759499][T26538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1520.759510][T26538] Call Trace:
[ 1520.759516][T26538]  <TASK>
[ 1520.759523][T26538]  dump_stack_lvl+0x100/0x190
[ 1520.759551][T26538]  should_fail_ex.cold+0x5/0xa
[ 1520.759574][T26538]  should_failslab+0xc2/0x120
[ 1520.759596][T26538]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1520.759623][T26538]  ? __alloc_skb+0x140/0x710
[ 1520.759642][T26538]  ? __alloc_skb+0x5b7/0x710
[ 1520.759665][T26538]  __alloc_skb+0x140/0x710
[ 1520.759683][T26538]  ? __alloc_skb+0x5b7/0x710
[ 1520.759700][T26538]  ? __pfx___alloc_skb+0x10/0x10
[ 1520.759741][T26538]  netlink_alloc_large_skb+0x69/0x150
[ 1520.759770][T26538]  netlink_sendmsg+0x680/0xda0
[ 1520.759799][T26538]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1520.759826][T26538]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1520.759856][T26538]  ____sys_sendmsg+0x9e1/0xb70
[ 1520.759879][T26538]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1520.759905][T26538]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1520.759941][T26538]  ___sys_sendmsg+0x190/0x1e0
[ 1520.759969][T26538]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1520.760005][T26538]  ? find_held_lock+0x2b/0x80
[ 1520.760041][T26538]  __sys_sendmsg+0x170/0x220
[ 1520.760061][T26538]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1520.760081][T26538]  ? __fget_files+0x21f/0x3d0
[ 1520.760110][T26538]  ? ksys_write+0x1ac/0x250
[ 1520.760129][T26538]  ? rcu_is_watching+0x12/0xc0
[ 1520.760151][T26538]  __do_fast_syscall_32+0xe7/0x950
[ 1520.760168][T26538]  ? lockdep_hardirqs_on+0x78/0x100
[ 1520.760192][T26538]  do_fast_syscall_32+0x32/0x70
[ 1520.760207][T26538]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1520.760226][T26538] RIP: 0023:0xf7f04f7c
[ 1520.760239][T26538] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1520.760254][T26538] RSP: 002b:00000000f53c650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1520.760268][T26538] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[ 1520.760278][T26538] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1520.760287][T26538] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1520.760301][T26538] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1520.760310][T26538] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1520.760330][T26538]  </TASK>
[ 1520.940286][T26540] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1521.887777][T26556] overlayfs: missing 'lowerdir'
[ 1522.096410][T26559] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5534'.
[ 1522.519304][T18751] Bluetooth: hci2: command 0x041b tx timeout
[ 1522.521671][T18751] Bluetooth: hci4: command 0x040f tx timeout
[ 1522.839817][T26560] bond1: Unable to set down delay as MII monitoring is disabled
[ 1522.944539][T26560] bond1 (unregistering): Released all slaves
[ 1523.219040][T26555] bridge_slave_0: left allmulticast mode
[ 1523.228189][T26555] bridge_slave_0: left promiscuous mode
[ 1523.231236][T26555] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1523.276501][T26555] bridge_slave_1: left allmulticast mode
[ 1523.281789][T26555] bridge_slave_1: left promiscuous mode
[ 1523.303791][T26555] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1523.348542][T26573] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5537'.
[ 1523.376958][T26555] bond0: (slave bond_slave_0): Releasing backup interface
[ 1523.436769][T26555] bond0: (slave bond_slave_1): Releasing backup interface
[ 1523.604559][T26577] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5538'.
[ 1523.728138][T26579] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5538'.
[ 1523.995049][T26555] team0: Port device team_slave_0 removed
[ 1524.157743][T26555] team0: Port device team_slave_1 removed
[ 1524.171640][T26555] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1524.178684][T26555] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1524.213768][T26555] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1524.216851][T26555] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1524.356873][T26555] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1524.393887][T26574] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5535'.
[ 1524.751867][T26606] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5542'.
[ 1524.857892][T26596] Set syz1 is full, maxelem 65536 reached
[ 1524.979572][T26610] bond1: Unable to set down delay as MII monitoring is disabled
[ 1524.986110][T26610] bond1 (unregistering): Released all slaves
[ 1525.194129][T26621] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1525.471983][T26633] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1525.474064][T26633] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1525.870552][T26658] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5553'.
[ 1525.949088][T26663] netlink: 'syz.2.5555': attribute type 4 has an invalid length.
[ 1525.952197][T26663] netlink: 224 bytes leftover after parsing attributes in process `syz.2.5555'.
[ 1526.092556][T26662] bond3: Unable to set down delay as MII monitoring is disabled
[ 1526.116666][T26662] bond3 (unregistering): Released all slaves
[ 1526.392079][T26642] Set syz1 is full, maxelem 65536 reached
[ 1526.694806][  T105] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1526.709881][  T105] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1526.712668][  T105] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1526.715372][  T105] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1526.867853][T26679] sch_fq: defrate 4294967295 ignored.
[ 1527.006678][T26685] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5560'.
[ 1527.032892][T26685] bond1: Unable to set down delay as MII monitoring is disabled
[ 1527.038237][T26685] bond1 (unregistering): Released all slaves
[ 1527.125531][T26687] overlayfs: missing 'lowerdir'
[ 1527.275320][T26687] bond3 (unregistering): Released all slaves
[ 1527.717701][T10353] Bluetooth: hci2: command 0x041b tx timeout
[ 1527.720736][T10353] Bluetooth: hci4: command 0x040f tx timeout
[ 1528.931826][T26695] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5563'.
[ 1528.934850][T26695] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5563'.
[ 1529.104634][T26705] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5565'.
[ 1529.154505][T26705] bond3: Unable to set down delay as MII monitoring is disabled
[ 1529.160221][T26705] bond3 (unregistering): Released all slaves
[ 1529.280571][T19255] usb 7-1: new high-speed USB device number 56 using dummy_hcd
[ 1529.450466][T19255] usb 7-1: Using ep0 maxpacket: 32
[ 1529.486622][T19255] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[ 1529.492836][T19255] usb 7-1: config 0 has no interface number 0
[ 1529.516535][T19255] usb 7-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[ 1529.520307][T19255] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1529.524338][T19255] usb 7-1: Product: syz
[ 1529.528359][T19255] usb 7-1: Manufacturer: syz
[ 1529.530311][T19255] usb 7-1: SerialNumber: syz
[ 1529.621178][T19255] usb 7-1: config 0 descriptor??
[ 1529.670448][T19255] usb 7-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[ 1529.673935][T19255] usb 7-1: selecting invalid altsetting 1
[ 1529.675979][T19255] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[ 1529.726916][T19255] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1529.734618][T19255] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[ 1529.738892][T19255] usb 7-1: media controller created
[ 1529.838708][T19255] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1530.264784][T19255] usb 7-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[ 1530.271530][T19255] zl10353_read_register: readreg error (reg=127, ret==-71)
[ 1530.275780][T19255] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[ 1530.299932][T26717] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5567'.
[ 1530.427600][T26722] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5567'.
[ 1531.053096][T26731] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5570'.
[ 1531.463173][T19255] usb 7-1: USB disconnect, device number 56
[ 1531.504091][T26736] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5572'.
[ 1531.638679][T26732] bond2: Unable to set down delay as MII monitoring is disabled
[ 1531.737769][T26732] bond2 (unregistering): Released all slaves
[ 1531.875682][T26736] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5572'.
[ 1531.922637][T26749] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[ 1531.933188][T26740] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1531.935216][T26740] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1532.081748][T26755] FAULT_INJECTION: forcing a failure.
[ 1532.081748][T26755] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1532.087585][T26755] CPU: 0 UID: 0 PID: 26755 Comm: syz.4.5576 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1532.087614][T26755] Tainted: [L]=SOFTLOCKUP
[ 1532.087620][T26755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1532.087647][T26755] Call Trace:
[ 1532.087654][T26755]  <TASK>
[ 1532.087662][T26755]  dump_stack_lvl+0x100/0x190
[ 1532.087689][T26755]  should_fail_ex.cold+0x5/0xa
[ 1532.087713][T26755]  _copy_to_user+0x32/0xd0
[ 1532.087767][T26755]  simple_read_from_buffer+0xcb/0x170
[ 1532.087791][T26755]  proc_fail_nth_read+0x1af/0x230
[ 1532.087845][T26755]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1532.087875][T26755]  ? rw_verify_area+0xce/0x6d0
[ 1532.087894][T26755]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1532.087921][T26755]  vfs_read+0x1e4/0xb30
[ 1532.087946][T26755]  ? __pfx_vfs_read+0x10/0x10
[ 1532.087963][T26755]  ? find_held_lock+0x2b/0x80
[ 1532.087988][T26755]  ? __fget_files+0x215/0x3d0
[ 1532.088014][T26755]  ? __fget_files+0x21f/0x3d0
[ 1532.088042][T26755]  ksys_read+0x12a/0x250
[ 1532.088063][T26755]  ? __pfx_ksys_read+0x10/0x10
[ 1532.088082][T26755]  ? rcu_is_watching+0x12/0xc0
[ 1532.088104][T26755]  ? rcu_is_watching+0x12/0xc0
[ 1532.088134][T26755]  do_int80_emulation+0x141/0x700
[ 1532.088158][T26755]  asm_int80_emulation+0x1a/0x20
[ 1532.088177][T26755] RIP: 0023:0xf71961ab
[ 1532.088192][T26755] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1532.088210][T26755] RSP: 002b:00000000f544d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1532.088227][T26755] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f544d5d0
[ 1532.088239][T26755] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1532.088249][T26755] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1532.088258][T26755] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1532.088270][T26755] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1532.088293][T26755]  </TASK>
[ 1532.396879][ T5885] usb 7-1: new high-speed USB device number 57 using dummy_hcd
[ 1532.559149][ T5885] usb 7-1: Using ep0 maxpacket: 32
[ 1532.569602][ T5885] usb 7-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f
[ 1532.577050][ T5885] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1532.579889][ T5885] usb 7-1: Product: syz
[ 1532.583618][ T5885] usb 7-1: Manufacturer: syz
[ 1532.585516][ T5885] usb 7-1: SerialNumber: syz
[ 1532.618752][ T5885] usb 7-1: config 0 descriptor??
[ 1532.676657][ T5885] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state.
[ 1532.686605][ T5885] dvb-usb: bulk message failed: -22 (4/0)
[ 1532.688759][ T5885] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1532.695138][ T5885] dvb-usb: bulk message failed: -22 (5/0)
[ 1532.697306][ T5885] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1532.725508][ T5885] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1532.730859][ T5885] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0)
[ 1532.736346][T26760] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5577'.
[ 1532.736617][ T5885] usb 7-1: media controller created
[ 1532.814013][ T5885] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1532.932107][ T5885] usb 7-1: selecting invalid altsetting 3
[ 1532.935541][ T5885] ttusb2: set interface to alts=3 failed
[ 1532.945719][T26759] A link change request failed with some changes committed already. Interface syzkaller0 may have been left with an inconsistent configuration, please check.
[ 1532.980827][ T5885] DVB: Unable to find symbol tda10086_attach()
[ 1532.984079][ T5885] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0'
[ 1533.015396][ T5885] dvb-usb: bulk message failed: -22 (4/0)
[ 1533.029479][ T5885] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1533.047608][ T5885] dvb-usb: bulk message failed: -22 (5/0)
[ 1533.050464][ T5885] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1533.056503][ T5885] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected.
[ 1533.110680][ T5885] usb 7-1: USB disconnect, device number 57
[ 1533.141077][ T5885] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected.
[ 1533.343302][T26775] FAULT_INJECTION: forcing a failure.
[ 1533.343302][T26775] name failslab, interval 1, probability 0, space 0, times 0
[ 1533.348336][T26775] CPU: 1 UID: 0 PID: 26775 Comm: syz.3.5580 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1533.348361][T26775] Tainted: [L]=SOFTLOCKUP
[ 1533.348366][T26775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1533.348375][T26775] Call Trace:
[ 1533.348381][T26775]  <TASK>
[ 1533.348388][T26775]  dump_stack_lvl+0x100/0x190
[ 1533.348410][T26775]  should_fail_ex.cold+0x5/0xa
[ 1533.348430][T26775]  should_failslab+0xc2/0x120
[ 1533.348448][T26775]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1533.348473][T26775]  ? __alloc_skb+0x140/0x710
[ 1533.348488][T26775]  ? __alloc_skb+0x5b7/0x710
[ 1533.348506][T26775]  __alloc_skb+0x140/0x710
[ 1533.348519][T26775]  ? __alloc_skb+0x5b7/0x710
[ 1533.348562][T26775]  ? __pfx___alloc_skb+0x10/0x10
[ 1533.348582][T26775]  netlink_alloc_large_skb+0x69/0x150
[ 1533.348605][T26775]  netlink_sendmsg+0x680/0xda0
[ 1533.348630][T26775]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1533.348653][T26775]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1533.348680][T26775]  ____sys_sendmsg+0x9e1/0xb70
[ 1533.348700][T26775]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1533.348722][T26775]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1533.348750][T26775]  ___sys_sendmsg+0x190/0x1e0
[ 1533.348773][T26775]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1533.348803][T26775]  ? find_held_lock+0x2b/0x80
[ 1533.348835][T26775]  __sys_sendmsg+0x170/0x220
[ 1533.348852][T26775]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1533.348867][T26775]  ? __fget_files+0x21f/0x3d0
[ 1533.348889][T26775]  ? ksys_write+0x1ac/0x250
[ 1533.348906][T26775]  ? rcu_is_watching+0x12/0xc0
[ 1533.348926][T26775]  __do_fast_syscall_32+0xe7/0x950
[ 1533.348941][T26775]  ? lockdep_hardirqs_on+0x78/0x100
[ 1533.348964][T26775]  do_fast_syscall_32+0x32/0x70
[ 1533.348979][T26775]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1533.348999][T26775] RIP: 0023:0xf7f04f7c
[ 1533.349013][T26775] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1533.349028][T26775] RSP: 002b:00000000f53c650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1533.349043][T26775] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000740
[ 1533.349053][T26775] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1533.349062][T26775] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1533.349070][T26775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1533.349079][T26775] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1533.349098][T26775]  </TASK>
[ 1533.458157][T26775] netlink: 140 bytes leftover after parsing attributes in process `syz.3.5580'.
[ 1534.112361][T26803] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1534.115345][T26803] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1534.132837][T26807] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5588'.
[ 1534.140763][T18751] Bluetooth: hci2: command 0x041b tx timeout
[ 1534.142963][T10353] Bluetooth: hci4: command 0x040f tx timeout
[ 1534.232487][T26808] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5588'.
[ 1536.117171][T26813] netlink: 766 bytes leftover after parsing attributes in process `syz.2.5590'.
[ 1536.344966][T26816] Set syz1 is full, maxelem 65536 reached
[ 1537.115315][T26841] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[ 1537.120075][T26841] batman_adv: batadv0: Adding interface: ip6gretap1
[ 1537.122265][T26841] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1537.129922][T26841] batman_adv: batadv0: Interface activated: ip6gretap1
[ 1537.135426][T26843] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1537.139384][T26843] mac80211_hwsim hwsim27 syzkaller0: entered promiscuous mode
[ 1537.141339][T26840] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1537.143760][T26843] mac80211_hwsim hwsim27 syzkaller0: entered allmulticast mode
[ 1537.147076][T26840] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1537.162746][ T9217] usb 8-1: new high-speed USB device number 40 using dummy_hcd
[ 1537.211885][T26846] tipc: Resetting bearer <eth:syzkaller0>
[ 1537.336097][ T9217] usb 8-1: Using ep0 maxpacket: 8
[ 1537.340896][ T9217] usb 8-1: config 162 has an invalid interface number: 97 but max is 0
[ 1537.344499][ T9217] usb 8-1: config 162 has an invalid descriptor of length 0, skipping remainder of the config
[ 1537.348834][ T9217] usb 8-1: config 162 has no interface number 0
[ 1537.351576][ T9217] usb 8-1: too many endpoints for config 162 interface 97 altsetting 3: 255, using maximum allowed: 30
[ 1537.356211][ T9217] usb 8-1: config 162 interface 97 altsetting 3 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 1537.360830][ T9217] usb 8-1: config 162 interface 97 altsetting 3 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1537.365035][ T9217] usb 8-1: config 162 interface 97 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[ 1537.370545][ T9217] usb 8-1: config 162 interface 97 has no altsetting 0
[ 1537.376286][ T9217] usb 8-1: New USB device found, idVendor=0c2e, idProduct=0700, bcdDevice=e1.3b
[ 1537.380142][ T9217] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1537.383468][ T9217] usb 8-1: Product: syz
[ 1537.385270][ T9217] usb 8-1: Manufacturer: syz
[ 1537.387247][ T9217] usb 8-1: SerialNumber: syz
[ 1537.411912][T14723] usb 9-1: new high-speed USB device number 33 using dummy_hcd
[ 1537.573659][T26851] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1537.578725][T26851] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1537.704336][T14723] usb 9-1: Using ep0 maxpacket: 16
[ 1537.826795][ T9217] metro_usb 8-1:162.97: interrupt-out endpoint missing
[ 1537.829529][T14723] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1537.833808][T14723] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1537.837042][T14723] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1537.842204][T14723] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1537.845498][ T9217] usb 8-1: USB disconnect, device number 40
[ 1537.850129][T14723] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1537.858891][T14723] usb 9-1: config 0 descriptor??
[ 1538.000727][T26854] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1538.017662][T26854] fuse: Bad value for 'fd'
[ 1538.175037][T26860] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5600'.
[ 1538.300749][T14723] hid_parser_main: 68 callbacks suppressed
[ 1538.300764][T14723] microsoft 0003:045E:07DA.0042: unknown main item tag 0x0
[ 1538.305194][T14723] microsoft 0003:045E:07DA.0042: ignoring exceeding usage max
[ 1538.308909][T14723] microsoft 0003:045E:07DA.0042: unknown main item tag 0x0
[ 1538.311315][T14723] microsoft 0003:045E:07DA.0042: unknown main item tag 0x0
[ 1538.313545][T14723] microsoft 0003:045E:07DA.0042: unknown main item tag 0x0
[ 1538.315814][T14723] microsoft 0003:045E:07DA.0042: unknown main item tag 0x0
[ 1538.318173][T14723] microsoft 0003:045E:07DA.0042: unknown main item tag 0x0
[ 1538.328414][T14723] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/0003:045E:07DA.0042/input/input17
[ 1538.355608][T26864] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5601'.
[ 1538.427884][T26864] bond1: Unable to set down delay as MII monitoring is disabled
[ 1538.442703][T14723] microsoft 0003:045E:07DA.0042: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[ 1538.448287][T26864] bond1 (unregistering): Released all slaves
[ 1538.694083][T26840] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1538.713168][T26840] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1538.724238][T26840] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5594'.
[ 1538.762967][T26877] Set syz0 is full, maxelem 0 reached
[ 1538.941061][   T40] audit: type=1804 audit(1779902007.447:1683): pid=26886 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.5605" name="/newroot/112/file1" dev="fuse" ino=1 res=1 errno=0
[ 1538.948041][   T40] audit: type=1804 audit(1779902007.447:1684): pid=26890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.5605" name="/newroot/112/file1" dev="fuse" ino=1 res=1 errno=0
[ 1538.968626][T26886] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1538.972711][T26886] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1538.976331][T26886] netlink: 'syz.1.5605': attribute type 3 has an invalid length.
[ 1539.037248][T26895] netlink: 'syz.2.5606': attribute type 4 has an invalid length.
[ 1539.039731][T26895] netlink: 224 bytes leftover after parsing attributes in process `syz.2.5606'.
[ 1539.247690][T26901] FAULT_INJECTION: forcing a failure.
[ 1539.247690][T26901] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1539.251909][T26901] CPU: 3 UID: 0 PID: 26901 Comm: syz.3.5609 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1539.251928][T26901] Tainted: [L]=SOFTLOCKUP
[ 1539.251933][T26901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1539.251940][T26901] Call Trace:
[ 1539.251944][T26901]  <TASK>
[ 1539.251950][T26901]  dump_stack_lvl+0x100/0x190
[ 1539.251968][T26901]  should_fail_ex.cold+0x5/0xa
[ 1539.251984][T26901]  _copy_from_user+0x2e/0xd0
[ 1539.251999][T26901]  ucma_write+0x128/0x330
[ 1539.252038][T26901]  ? __pfx_ucma_write+0x10/0x10
[ 1539.252053][T26901]  ? bpf_lsm_file_permission+0x9/0x10
[ 1539.252066][T26901]  ? security_file_permission+0x76/0x210
[ 1539.252103][T26901]  ? rw_verify_area+0xce/0x6d0
[ 1539.252116][T26901]  vfs_write+0x2aa/0x1070
[ 1539.252129][T26901]  ? __pfx_ucma_write+0x10/0x10
[ 1539.252145][T26901]  ? __pfx_vfs_write+0x10/0x10
[ 1539.252157][T26901]  ? find_held_lock+0x2b/0x80
[ 1539.252173][T26901]  ? __fget_files+0x215/0x3d0
[ 1539.252186][T26901]  ? __fget_files+0x215/0x3d0
[ 1539.252201][T26901]  ? __fget_files+0x21f/0x3d0
[ 1539.252217][T26901]  ksys_write+0x1f8/0x250
[ 1539.252230][T26901]  ? __pfx_ksys_write+0x10/0x10
[ 1539.252243][T26901]  ? ksys_write+0x1ac/0x250
[ 1539.252256][T26901]  ? rcu_is_watching+0x12/0xc0
[ 1539.252273][T26901]  __do_fast_syscall_32+0xe7/0x950
[ 1539.252286][T26901]  ? lockdep_hardirqs_on+0x78/0x100
[ 1539.252305][T26901]  do_fast_syscall_32+0x32/0x70
[ 1539.252316][T26901]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1539.252332][T26901] RIP: 0023:0xf7f04f7c
[ 1539.252341][T26901] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1539.252352][T26901] RSP: 002b:00000000f53c650c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[ 1539.252364][T26901] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[ 1539.252371][T26901] RDX: 0000000000000030 RSI: 0000000000000000 RDI: 0000000000000000
[ 1539.252378][T26901] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1539.252384][T26901] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1539.252391][T26901] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1539.252404][T26901]  </TASK>
[ 1540.064820][T26919] netlink: 'syz.4.5615': attribute type 4 has an invalid length.
[ 1540.068019][T26919] netlink: 224 bytes leftover after parsing attributes in process `syz.4.5615'.
[ 1540.359932][T14723] usb 9-1: USB disconnect, device number 33
[ 1540.764501][T26934] loop9: detected capacity change from 0 to 7
[ 1540.864900][    C0] blk_print_req_error: 16 callbacks suppressed
[ 1540.864926][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1540.871266][    C0] buffer_io_error: 15 callbacks suppressed
[ 1540.871282][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1540.922534][T26939] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5618'.
[ 1540.984067][T26935] 
[ 1540.984896][T26935] ======================================================
[ 1540.987041][T26935] WARNING: possible circular locking dependency detected
[ 1540.989207][T26935] syzkaller #0 Tainted: G             L     
[ 1540.991221][T26935] ------------------------------------------------------
[ 1540.993368][T26935] syz.2.5617/26935 is trying to acquire lock:
[ 1540.995237][T26935] ffff88801ce9fa10 (&root->kernfs_iattr_rwsem){++++}-{4:4}, at: kernfs_iop_getattr+0x9c/0xf0
[ 1540.998415][T26935] 
[ 1540.998415][T26935] but task is already holding lock:
[ 1541.000684][T26935] ffff8880273ca5a0 (&q->q_usage_counter(io)#26){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[ 1541.004119][T26935] 
[ 1541.004119][T26935] which lock already depends on the new lock.
[ 1541.004119][T26935] 
[ 1541.007254][T26935] 
[ 1541.007254][T26935] the existing dependency chain (in reverse order) is:
[ 1541.010001][T26935] 
[ 1541.010001][T26935] -> #2 (&q->q_usage_counter(io)#26){++++}-{0:0}:
[ 1541.012583][T26935]        blk_alloc_queue+0x610/0x790
[ 1541.014232][T26935]        blk_mq_alloc_queue+0x174/0x290
[ 1541.015953][T26935]        __blk_mq_alloc_disk+0x29/0x120
[ 1541.017681][T26935]        loop_add+0x498/0xb60
[ 1541.019188][T26935]        loop_init+0x1d3/0x200
[ 1541.020848][T26935]        do_one_initcall+0x121/0x750
[ 1541.022483][T26935]        kernel_init_freeable+0x6ea/0x7b0
[ 1541.024316][T26935]        kernel_init+0x1f/0x1e0
[ 1541.025847][T26935]        ret_from_fork+0x72b/0xd50
[ 1541.027447][T26935]        ret_from_fork_asm+0x1a/0x30
[ 1541.029162][T26935] 
[ 1541.029162][T26935] -> #1 (fs_reclaim){+.+.}-{0:0}:
[ 1541.031394][T26935]        fs_reclaim_acquire+0xc4/0x100
[ 1541.033102][T26935]        kmem_cache_alloc_noprof+0x4c/0x6e0
[ 1541.034928][T26935]        __kernfs_iattrs+0x124/0x3e0
[ 1541.036566][T26935]        __kernfs_setattr+0x4d/0x3c0
[ 1541.038214][T26935]        kernfs_iop_setattr+0xda/0x130
[ 1541.039894][T26935]        notify_change+0xb25/0x1330
[ 1541.041373][T26935]        do_truncate+0x1df/0x240
[ 1541.042918][T26935]        path_openat+0x2a55/0x31a0
[ 1541.044511][T26935]        do_file_open+0x20e/0x430
[ 1541.046075][T26935]        do_sys_openat2+0x10d/0x1e0
[ 1541.047706][T26935]        __x64_sys_openat+0x12d/0x210
[ 1541.049379][T26935]        do_syscall_64+0x10b/0xf80
[ 1541.050973][T26935]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1541.052959][T26935] 
[ 1541.052959][T26935] -> #0 (&root->kernfs_iattr_rwsem){++++}-{4:4}:
[ 1541.055538][T26935]        __lock_acquire+0x14b8/0x2630
[ 1541.057189][T26935]        lock_acquire+0x1b1/0x370
[ 1541.058757][T26935]        down_read+0x99/0x450
[ 1541.060261][T26935]        kernfs_iop_getattr+0x9c/0xf0
[ 1541.061939][T26935]        vfs_getattr_nosec+0x2d4/0x430
[ 1541.063643][T26935]        vfs_getattr+0x4a/0x60
[ 1541.065145][T26935]        loop_query_min_dio_size.isra.0+0x117/0x250
[ 1541.067159][T26935]        lo_ioctl+0x13aa/0x1bc0
[ 1541.068695][T26935]        lo_compat_ioctl+0xf3/0x160
[ 1541.070299][T26935]        compat_blkdev_ioctl+0x682/0x7b0
[ 1541.072040][T26935]        __ia32_compat_sys_ioctl+0x2cf/0x360
[ 1541.073888][T26935]        __do_fast_syscall_32+0xe7/0x950
[ 1541.075653][T26935]        do_fast_syscall_32+0x32/0x70
[ 1541.077330][T26935]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1541.079417][T26935] 
[ 1541.079417][T26935] other info that might help us debug this:
[ 1541.079417][T26935] 
[ 1541.082516][T26935] Chain exists of:
[ 1541.082516][T26935]   &root->kernfs_iattr_rwsem --> fs_reclaim --> &q->q_usage_counter(io)#26
[ 1541.082516][T26935] 
[ 1541.086865][T26935]  Possible unsafe locking scenario:
[ 1541.086865][T26935] 
[ 1541.089153][T26935]        CPU0                    CPU1
[ 1541.090820][T26935]        ----                    ----
[ 1541.092508][T26935]   lock(&q->q_usage_counter(io)#26);
[ 1541.094169][T26935]                                lock(fs_reclaim);
[ 1541.096160][T26935]                                lock(&q->q_usage_counter(io)#26);
[ 1541.098582][T26935]   rlock(&root->kernfs_iattr_rwsem);
[ 1541.100231][T26935] 
[ 1541.100231][T26935]  *** DEADLOCK ***
[ 1541.100231][T26935] 
[ 1541.102680][T26935] 3 locks held by syz.2.5617/26935:
[ 1541.104217][T26935]  #0: ffff888027467430 (&lo->lo_mutex){+.+.}-{4:4}, at: loop_global_lock_killable+0x30/0xb0
[ 1541.107030][T26935]  #1: ffff8880273ca5a0 (&q->q_usage_counter(io)#26){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[ 1541.110590][T26935]  #2: ffff8880273ca5d8 (&q->q_usage_counter(queue)#10){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[ 1541.114246][T26935] 
[ 1541.114246][T26935] stack backtrace:
[ 1541.116084][T26935] CPU: 0 UID: 0 PID: 26935 Comm: syz.2.5617 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1541.116104][T26935] Tainted: [L]=SOFTLOCKUP
[ 1541.116108][T26935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1541.116116][T26935] Call Trace:
[ 1541.116122][T26935]  <TASK>
[ 1541.116128][T26935]  dump_stack_lvl+0x100/0x190
[ 1541.116142][T26935]  print_circular_bug.cold+0x178/0x1c7
[ 1541.116161][T26935]  check_noncircular+0x146/0x160
[ 1541.116182][T26935]  __lock_acquire+0x14b8/0x2630
[ 1541.116195][T26935]  lock_acquire+0x1b1/0x370
[ 1541.116206][T26935]  ? kernfs_iop_getattr+0x9c/0xf0
[ 1541.116218][T26935]  ? __pfx___might_resched+0x10/0x10
[ 1541.116232][T26935]  down_read+0x99/0x450
[ 1541.116246][T26935]  ? kernfs_iop_getattr+0x9c/0xf0
[ 1541.116256][T26935]  ? find_held_lock+0x2b/0x80
[ 1541.116270][T26935]  ? __pfx_down_read+0x10/0x10
[ 1541.116281][T26935]  ? kernfs_root+0xee/0x2a0
[ 1541.116292][T26935]  kernfs_iop_getattr+0x9c/0xf0
[ 1541.116304][T26935]  vfs_getattr_nosec+0x2d4/0x430
[ 1541.116319][T26935]  ? __pfx_kernfs_iop_getattr+0x10/0x10
[ 1541.116331][T26935]  vfs_getattr+0x4a/0x60
[ 1541.116345][T26935]  loop_query_min_dio_size.isra.0+0x117/0x250
[ 1541.116364][T26935]  ? __pfx_loop_query_min_dio_size.isra.0+0x10/0x10
[ 1541.116387][T26935]  lo_ioctl+0x13aa/0x1bc0
[ 1541.116398][T26935]  ? __pfx_lo_ioctl+0x10/0x10
[ 1541.116427][T26935]  ? blk_get_meta_cap+0xd4/0x6c0
[ 1541.116465][T26935]  ? lockdep_hardirqs_on+0x78/0x100
[ 1541.116484][T26935]  ? __pfx_blk_get_meta_cap+0x10/0x10
[ 1541.116498][T26935]  ? tomoyo_path_number_perm+0x28f/0x580
[ 1541.116514][T26935]  ? tomoyo_path_number_perm+0x28f/0x580
[ 1541.116528][T26935]  ? blkdev_common_ioctl+0x515/0x2b80
[ 1541.116544][T26935]  ? tomoyo_path_number_perm+0x188/0x580
[ 1541.116560][T26935]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[ 1541.116578][T26935]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1541.116596][T26935]  ? do_vfs_ioctl+0x226/0x13e0
[ 1541.116606][T26935]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1541.116618][T26935]  lo_compat_ioctl+0xf3/0x160
[ 1541.116629][T26935]  ? __pfx_lo_compat_ioctl+0x10/0x10
[ 1541.116640][T26935]  compat_blkdev_ioctl+0x682/0x7b0
[ 1541.116654][T26935]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[ 1541.116668][T26935]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[ 1541.116681][T26935]  __ia32_compat_sys_ioctl+0x2cf/0x360
[ 1541.116694][T26935]  __do_fast_syscall_32+0xe7/0x950
[ 1541.116706][T26935]  do_fast_syscall_32+0x32/0x70
[ 1541.116716][T26935]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1541.116730][T26935] RIP: 0023:0xf702ef7c
[ 1541.116740][T26935] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1541.116752][T26935] RSP: 002b:00000000f53fc50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[ 1541.116762][T26935] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000004c06
[ 1541.116769][T26935] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000000
[ 1541.116776][T26935] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1541.116782][T26935] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1541.116788][T26935] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1541.116798][T26935]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1541.118303][T26941] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5618'.
[ 1541.251191][    C2] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1541.254921][    C2] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1541.260958][    C2] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1541.265153][    C2] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1541.273522][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1541.277238][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1541.281157][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1541.284937][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1541.288248][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1541.292137][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1541.295699][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1541.299423][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1541.303281][T26934] ldm_validate_partition_table(): Disk read failed.
[ 1541.313376][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1541.316070][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1541.326907][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1541.329787][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1541.334956][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1541.337837][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1541.340442][T26934] Dev loop9: unable to read RDB block 0
[ 1541.347150][T26934]  loop9: unable to read partition table
[ 1541.351993][T26934] loop9: partition table beyond EOD, truncated
[ 1541.361484][T26934] loop_reread_partitions: partition scan of loop9 (ъщ) failed (rc=-5)
[ 1541.375664][T26935] ldm_validate_partition_table(): Disk read failed.
[ 1541.381630][T26935] Dev loop9: unable to read RDB block 0
[ 1541.386706][T26935]  loop9: unable to read partition table
[ 1541.393671][T26935] loop9: partition table beyond EOD, truncated
[ 1541.398672][T26935] loop_reread_partitions: partition scan of loop9 (ъщ) failed (rc=-5)
[ 1541.680745][   T50] usb 6-1: USB disconnect, device number 63
[ 1541.818646][T26940] bridge0: port 3(syz_tun) entered disabled state
[ 1541.822307][T26940] syz_tun (unregistering): left allmulticast mode
[ 1541.824478][T26940] syz_tun (unregistering): left promiscuous mode
[ 1541.826541][T26940] bridge0: port 3(syz_tun) entered disabled state
[ 1542.486845][T26626] bond0 (unregistering): Released all slaves
[ 1542.491528][ T5449] 8021q: adding VLAN 0 to HW filter on device eth6
[ 1542.574478][T26626] tipc: Disabling bearer <udp:syz2>
[ 1542.579570][T26626] tipc: Disabling bearer <eth:syzkaller0>
[ 1542.590031][T26626] tipc: Left network mode
[ 1542.609946][ T5449] 8021q: adding VLAN 0 to HW filter on device eth7
[ 1542.735341][ T5449] 8021q: adding VLAN 0 to HW filter on device eth8
[ 1542.825785][T26626] hsr_slave_0: left promiscuous mode
[ 1542.829577][T26626] hsr_slave_1: left promiscuous mode
[ 1542.953651][ T5449] 8021q: adding VLAN 0 to HW filter on device eth9
[ 1543.601562][T26626] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1543.656349][T26626] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1543.733346][T26626] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1543.829760][T26626] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1543.933359][T26626] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1544.035058][T26626] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1544.067697][ T5449] 8021q: adding VLAN 0 to HW filter on device eth10
[ 1544.112659][T26626] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1544.200831][ T5449] 8021q: adding VLAN 0 to HW filter on device eth11
[ 1544.209008][T26626] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1544.296549][T26626] bridge_slave_1: left allmulticast mode
[ 1544.298328][T26626] bridge_slave_1: left promiscuous mode
[ 1544.300149][T26626] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1544.304510][T26626] bridge_slave_0: left allmulticast mode
[ 1544.306346][T26626] bridge_slave_0: left promiscuous mode
[ 1544.311783][T26626] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1544.316694][T26626] bridge_slave_1: left allmulticast mode
[ 1544.318386][T26626] bridge_slave_1: left promiscuous mode
[ 1544.320112][T26626] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1544.460484][T26626] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1544.466319][T26626] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1544.470849][T26626] bond0 (unregistering): Released all slaves
[ 1544.475111][T26626] bond1 (unregistering): Released all slaves
[ 1544.574260][T26626] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1544.579627][T26626] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1544.584652][T26626] bond0 (unregistering): Released all slaves
[ 1544.592340][ T5449] 8021q: adding VLAN 0 to HW filter on device eth12
[ 1544.722037][T26626] tipc: Left network mode
[ 1544.732648][ T5449] 8021q: adding VLAN 0 to HW filter on device eth13
[ 1544.873583][ T5449] 8021q: adding VLAN 0 to HW filter on device eth14
[ 1544.981914][ T5449] 8021q: adding VLAN 0 to HW filter on device eth15
[ 1545.088523][ T5449] 8021q: adding VLAN 0 to HW filter on device eth16
[ 1545.202257][ T5449] 8021q: adding VLAN 0 to HW filter on device eth17
[ 1545.270043][T26626] hsr_slave_0: left promiscuous mode
[ 1545.272067][T26626] hsr_slave_1: left promiscuous mode
[ 1545.274467][T26626] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1545.276991][T26626] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1545.279577][T26626] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1545.281965][T26626] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1545.286045][T26626] hsr_slave_0: left promiscuous mode
[ 1545.288735][T26626] hsr_slave_1: left promiscuous mode
[ 1545.291046][T26626] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1545.293942][T26626] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1545.296997][T26626] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1545.299782][T26626] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1545.304731][T26626] veth1_macvtap: left promiscuous mode
[ 1545.306247][T26626] veth0_macvtap: left promiscuous mode
[ 1545.307963][T26626] veth1_vlan: left promiscuous mode
[ 1545.310864][T26626] veth0_vlan: left promiscuous mode
[ 1545.313091][T26626] veth1_macvtap: left promiscuous mode
[ 1545.314829][T26626] veth0_macvtap: left promiscuous mode
[ 1545.316559][T26626] veth1_vlan: left promiscuous mode
[ 1545.318177][T26626] veth0_vlan: left promiscuous mode
[ 1545.419387][T26626] team0 (unregistering): Port device team_slave_1 removed
[ 1545.424193][T26626] team0 (unregistering): Port device team_slave_0 removed
[ 1545.454299][T26626] team0 (unregistering): Port device dummy0 removed
[ 1545.472633][T26625] smbdirect: ib_dev[syz2] removed
[ 1545.497554][T26626] team0 (unregistering): Port device team_slave_1 removed
[ 1545.501977][T26626] team0 (unregistering): Port device team_slave_0 removed
[ 1545.535693][ T1041] infiniband syz2: ib_query_port failed (-19)
[ 1546.291491][T26626] IPVS: stop unused estimator thread 0...