last executing test programs:

4m17.847548627s ago: executing program 2 (id=893):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2501, 0x0)
socket$inet6(0xa, 0x3, 0x5)
setuid(0xee01)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SNAPSHOT_S2RAM(r0, 0x330b)

4m17.683003769s ago: executing program 2 (id=895):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448ca, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e0402030c"], 0x7)

4m17.285727985s ago: executing program 2 (id=899):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f00000000c0)={0x84, @dev={0xac, 0x14, 0x14, 0x3d}, 0x4e20, 0x3, 'dh\x00', 0x1, 0x800002, 0x6e}, 0x2c)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000580)={{0x84, @multicast2, 0x4e23, 0x3, 'lc\x00', 0x2, 0x4, 0x7e}, {@private=0xa010102, 0x4e20, 0x0, 0xc8, 0x80012d58, 0x12d5c}}, 0x44)

4m17.107025348s ago: executing program 2 (id=901):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

4m16.049552424s ago: executing program 2 (id=903):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0x400}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
userfaultfd(0x80001)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0xc14)
ioctl$TIOCSETD(r4, 0x5423, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x6)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
setresgid(0x0, 0xee01, 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x8000, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x250942, 0x1cd)
r6 = openat(r5, &(0x7f0000000400)='./file1\x00', 0x80c0, 0x4)
fchown(r6, 0x0, 0x0)
quotactl_fd$Q_GETNEXTQUOTA(r5, 0xffffffff80000901, 0xee00, 0x0)

4m14.87880283s ago: executing program 2 (id=909):
rseq(0x0, 0x0, 0x0, 0x0)
syz_usb_connect(0x3, 0x24, &(0x7f00000003c0)={{0x12, 0x1, 0x0, 0x43, 0xa2, 0xb8, 0x10, 0x403, 0xda74, 0x4a7b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xe7, 0x3, 0x0, 0xf0, 0x1b, 0x4b, 0x8}}]}}]}}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16], 0x2)

4m14.685488333s ago: executing program 32 (id=909):
rseq(0x0, 0x0, 0x0, 0x0)
syz_usb_connect(0x3, 0x24, &(0x7f00000003c0)={{0x12, 0x1, 0x0, 0x43, 0xa2, 0xb8, 0x10, 0x403, 0xda74, 0x4a7b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xe7, 0x3, 0x0, 0xf0, 0x1b, 0x4b, 0x8}}]}}]}}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16], 0x2)

12.715522995s ago: executing program 1 (id=1578):
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
mount$bind(0x0, &(0x7f00000006c0)='./file0/file0\x00', 0x0, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x90, 0x0, 0x2, {0x2, 0x0, 0x0, 0x0, 0x4000, 0x0, {0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3ff, 0xa000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000340)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x809000}}, 0x50)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)

12.460942769s ago: executing program 0 (id=1582):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x104}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x841, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000080)={0x0, 0x5}, &(0x7f00000000c0)=0x8)

11.515232333s ago: executing program 0 (id=1586):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x474, &(0x7f00000004c0)="$eJzs3EtsG0UfAPD/rvNo+viSr5RHSwuBgqh4JE36oAcuIJA4gIQEhyJOIUmrUrdBTZBoVUHhUI6oEnfEEYk7Eie4IOCAkLjCHVWqql5aOBmtvZs6jp06tRu3+PeT1p7ZXWfm79mxxzN2Auhb49lNErE1Iv6IiNFaduUJ47W7G9fOz/597fxsEpXKm1eT6nnXr52fLU4tHrellqlUIoaz5HCTci++EzFTLs+fyfOTS6fen1w8e+65E6dmjs8fnz89feTIwQN7hg5PH+oovjS/z+K6vuujhd07X3370uuzRy+9+/M3WX235sfr47gtWbQNxmvPbqNHs5snOyrsrvJrdrOtbkcy0PrkiQ2oEO0rRUTWXIPV/j8apRhZPjYar3za08oBd1SlUqk0e3/OXagA/2FJ9LoGQG8Ub/TZ599i26Chx13hyou1D0BZ3DfyrXZkYHnuYLDh8203jUfE0Qv/fJlt0Y15CACAW/g+G/8822z8l8YDdef9L19DGYuI/0fE9oi4LyJ2RMT9EdVzH4yIh9ZZfuMKyerxT3r5tgJrUzb+eyFf21o5/itGfzFWynPbqvEPJsdOlOf358/JvhgczvJTa5Txw8u/f16kNzUcqx//ZVtWfjEWzOtxeaBhgm5uZmmm07gLVz6J2DXQLP4kimWcJCJ2RsSu2yzjxNNf72517Nbxr2GNdaZ2Vb6KeKrW/hdiRfw3myppuT459fzh6UOTm6I8v3+yuCpW++W3i2+0Kr+j+Lsga//NTa//5VXgsWRTxOLZcyer67WL6y/j4p+f1fXpFavLWfzptxHrvv6Hkreq6aF834czS0tnpiKGktdW75+++dgiX5yfxb9vb/P+v72uxg9HRHYR74mIR/JF3KztHouIxyNi7xrx//TSE++1Oraq/UeK+NeYle+iLP65W7V/1Lf/+hOlkz9+13b8Tdv/YDW1L9/TzutfuxXs5LkDAACAe0Va/Q58kk4sp9N0YqL2Hf4dsTktLywuPXNs4YPTc7Xvyo/FYFrMdI3WzYdO5XPDRX66IX8gnzf+ojRSzU/MLpTneh089LktLfp/5q9Sr2sH3HFdWEcD7lH6P/Qv/R/6l/4P/Uv/h/7VrP9/3IN6ABvP+z/0L/0f+pf+D/1L/4e+1PK38WlHP/nvcaL43wkd/J2rvY+i48TInSwi0t4H2BeJgU4u43YSw00P9fiFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv+DQAA//9L2OJW")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40086610, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r0)
setxattr$incfs_size(&(0x7f0000000000)='./cgroup.cpu/cpuset.cpus\x00', &(0x7f0000000100), 0x0, 0xdf, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r4, 0x0, 0x16, 0x0, &(0x7f00000001c0)=0x2)

10.380102719s ago: executing program 5 (id=1587):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x14, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000001500000018010000716c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000001000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000001000", 0x0, 0x2e00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

10.31944064s ago: executing program 5 (id=1588):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_getattr(r0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x80)
r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r3, r5}, 0x10)
socket$inet6(0xa, 0x2, 0x3a)
bind$unix(0xffffffffffffffff, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x8, 0x3a, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, {[], @echo_reply={0x81, 0x0, 0x0, 0x200}}}}}}, 0x0)

8.94180526s ago: executing program 0 (id=1591):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xf7, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

8.94019891s ago: executing program 5 (id=1592):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1400c, &(0x7f0000001040)={[{@stripe={'stripe', 0x3d, 0x3d}}, {@test_dummy_encryption}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x44c, &(0x7f0000000340)="$eJzs28tvG1UXAPAzdpx++dKSUMqr5REoiIpH0qQFumABCCQWRUKCBSyjJK1C3QQ1QaJVJFIWZYUQEnvEkn+BFWwQYoXEFvaoUoWyoWVlNPZMYru2m6R2XOrfT5r23Hnk3uOZa9+ZawcwsCbSf5KI/RHxe0SM1YqNO0zU/ru+sTZ3Y2NtLolK5d2/kup+f2+szeW75seN1hciiSMt6l25eOncbLm8cCErT62e/2hq5eKlFxbPz55dOLuwNHPq1MkT0y+/NPNiV/IcjUIWvfXBV2+f/qIh/6Y8umSi08anK5UuV9dfB+riZKiPDWFHihGRnq5Stf+PRTG2Tt5YvPlZXxsH9FSlUqmMtt+8XgHuYkk0lnV5GBT5B316/5svzYOAV3s3/Oi7a6/VboDSvK9nS23L0OYTg1LT/W03TUTE++v/fJMu0ZvnEAAADX5Ixz/Pp6Od5vFfIR6o2++ebG5oPCLujYiDEXFfLMWhiLg/orrvgxHx0A7rb54kuXn8U7i6q8S2KR3/vZLNbTWO//LRX4wXs9KBav6l5MxieeF49poci9K+tDzdoY4f3/jty3bb6sd/6ZLWn48Fs3ZcHdrXeMz87Ors7eRc79rliMNDrfJPNmcCkoh4OCIO77KOxWe/e6Tdtlvn30EX5pkq30Y8Uzv/69GUfy7pPD859b8oLxyfyq+Km/3y65V32tV/W/l3QXr+/9/y+t/Mfzypn69d2XkdV/74vO09zW6v/+HkvWo8nK37ZHZ19cJ0xHByutbo+vUzW8fm5Xz/NP9jR1v3/4Ox9UociYj0In40Ih6LiMeztj8REU9GxNEO+f/8+lMfNq8b2Xb+vZXmP7+j878VDEfzmtZB8dxP3zdUOr4VZvnf6Hz+T1ajY9ma7bz/baddu7uaAQAA4L+nEBH7IylMbsaFwuRk7Tv8hyIK5eWV1efOLH+8NF/7jcB4lAr5k66xuueh09ltfa18OSJqXy3It5+IQvW58dfFkWp5cm65PN/v5GHAjbbp/6k/i/1uHdBzfq8Fg0v/h8Gl/8Pg2ln/39ezdgB7r0X/H+lHO4C91+rz/9M+tAPYe03937QfDBDP/2Bw6f8wuPR/GEgrI3HrH8l3DPK/tMvD79ogSndEM3oWROGOaIagR0F/35cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC65d8AAAD//9S+3I8=")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000140), 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000380)=0x3c, 0xfcb5)
setitimer(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410484, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x105042, 0x1db)
writev(r6, &(0x7f0000000140)=[{&(0x7f0000001200)}], 0x1)

7.895202385s ago: executing program 1 (id=1595):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1500, &(0x7f0000001900)="$eJzs3Au0TlX3MPA511qb4+TyJLnvuebmSS6LJAklySVJkpA7CUmSJEnikFsSkpDrSXIPuaeTjvv9knvSyStJkpCQZH3jdPn8ey//3vf99//0vWf+xtjjrPnsPdee68zxnGfvPcZ5vuo2vHqjGlXqMzP8O/SvA/z5RxIAJADAIADIAQABAJTNWTZn+v4sGpP+rZOI/yUNZl7pCsSVJP3P2KT/GZv0P2OT/mds0v+MTfqfsUn/MzbpvxAZ2ux8V8uWcTd5/v//OfU/SZbP/wwB/9EO6f9/Gv0vHS39z9ik/xmb9D9jk/5nZMGVLkBcYfL+z9ik/0JkaH/4M+WN56/0M23Z/oVNCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYT4f+C8v8wAwK/jK12XEEIIIYQQQggh/jj+nStdgRBCCCGEEEIIIf73ISjQYCCATJAZEiALJMJVkBWyQXbIATG4GnLCNZALroXckAfyQj7IDwWgIIRAYIEhgkJQGOJwHRSB66EoFIPiUAIclIRScAOUhhuhDNwEZeFmKAe3QHmo8NM5090OleEOqAJ3QlWoBtWhBtwFNeFuqAX3QG24F+rAfVAX7od68ADUhwbQEB6ERtAYmkBTaAbNoQW0hFa/k5+c4+/lPwc94XnoBb0hCfpAX3gB+kF/GAADYRC8CIPhJRgCL8NQGAbD4RUYAa/CSHgNRsFoGAOvw1gYB+NhAkyESZAMb8BkeBOmwFuNs8E0mA4zYCbMgtnwNsyBuTAP3oH5sAAWQnKWxbAElsK7sAzegxR4H5bDB5AKK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A4fwg7YCbtgN+yBvbAPPoL98DEcgE8gDT/9F/PP/TYfuiMgoEKFBg1mwkyYgAmYiImYFbNidsyOMYxhTsyJuTAX5sbcmBfzYhLmx4JYEAkJGRkLYSGMYxyLYBEsikWxOBZHhw5LYSksjTdiGSyDZbEslsNyWB4rYAW8FW/FSlgJK2NlrIJVsCpWxepYHe/Cu/BurIW1sDbWxjpYB+tiXayH9bA+1seG2BAbYSNsgk2wGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHbAjdsRO2Ak7Y2fsgl2wK3bFbtgNu+Oz+Cw+h8/h8/g89saqqg/2xb7YD/vhAByIA/FFHIwv4Uv4Mg7FYTgcX8FX8FUciWdxFI7GMTgGK6lxOB4nIKtJmIzJmBkm4xScglNxGk7DGTgTZ+FsnI1zcC7OxXdwPi7ABbgIF+ESXIpLcRm+hymYgsvxHKbiClyJq3A1rsHVuA7X4zrciJtwI27BLbgNt+GH+CHuxJ24G3fjXtyLH+FH+DF+jEMxDdPwIB7EQ3gID+NhPIJH8CgexWN4DI/jcTyBJ/AknsLTeArP4Bk8i+fwPABcwAt4ES/iJbyU/uZX6YwyKpPKpBJUgkpUiSqryqqyq+wqpmIqp8qpcqlcKrfKrfKqvCq/yq8KqoKKFClWkSqkCqm4iqsiqogqqoqq4qq4csqpUqqUKq1KqzKqjCqrblbl1C2qvKqg2rpb1a2qkmrnKqs7VBVVRVVV1VR1VUPVUDVVTVVL1VK1VW1VR9VRddX9qp7qgwOwgUrvTCM1DJuo4dhMNVctVEv1Kj6kWquR2Ea1Ve3UI2o0jsIOqrXrqB5XndR47KyeVBPwKdVVTcJu6hnVXT2reqjnVE/VxvVSvdVU7KP6qhnYT/VXA9RANQerqfSOVVcvq+cyD1PD1StqCb6qRqrX1Cg1Wo1Rr6uxapwaryaoiWqSSlZvqMnqTTVFvaWmqmlqupqhZqpZarZ6W81Rc9U89Y6arxaohWqRWqyWqKXqXbVMvadS1PtqufpApaoVaqVapVarNWqtWqfWqw1qo9qkNqstaqvaprarD9UOtVPtUrvVHrVX7VMfqf3qY3VAfaLS1KfqoPqLOqQ+U4fV5+qI+kIdVV+qY+ordVx9rU6ob9RJdUqdVt+qM+o7dVadU+fV9+qC+kFdVD+qS8or0KiV1troQGfSmXWCzqIT9VU6q86ms+scOqav1jn1NTqXvlbn1nl0XpNP59cFdEEdatJWs450IV1Yx/V1uoi+XhfVxXRxXUI7XVKX0jfo0vpGXUbfpMvqm3U5fYsuryvoih70bbqSvl1X1nfoKvpOXVVX09V1DX2Xrqnv1rX0Pbq2vlfX0ffpuvp+XU8/oOvrBrqhflA30o11E91UN9PNdQvdUrfSD+nW+mHdRrfV7fQjur1+VHfQj+mO+nHdST+hO+sndRf9lO6qn9bd9DO6u35W99A/6kva6166t07SfXRf/YLup/vrAXqgHqRf1IP1S3qIflkP1cP0cP2KHqFf1SP1a3qUHq3H6Nf1WD1Oj9cT9EQ9SSfrN/Rk/aaeot/SU/U0PV3P0DP1LD3gl5nm/RP5b/6d/CE/nX2b3q4/1Dv0Tr1L79Z79F69T+/T+/V+fUAf0Gk6TR/UB/UhfUgf1of1EX1EH9VH9TF9TB/Xx/UJfUKf1Kf09/pbfUZ/p8/qc/qc/l5f0Bf0xV9+B2DQKKONMYHJZDKbBJPFJJqrTFaTzWQ3OUzMXG1ymmtMLnOtyW3ymLwmn8lvCpiCJjRkrGETmUKmsImb60wRc70paoqZ4qaEcaakKWVu+B/n/159rUwr09q0Nm1MG9POtDPtTXvTwXQwHU1H08l0Mp1NZ9PFdDFdTVfTzXQz3U1308P0MD1NT9PL9DJJJsn0NS+Yfqa/GWAGmkHmRTPYDDZDzBAz1Aw1w81wM8KMMCPNSDPKjDJjzBgz1ow14814M9FMNMk+h5lsJpspZoqZaqaa6YNymJlmppltZps5Zo6ZZ+aZ+Wa+WWgWmsVmsVlqlpplZplJMSlmuVluUs0Ks8KsMqvMGrPGrDPrzAazwWwym8wWs8Wkmu1mu9lhdphdZpfZY/aYfWaf2W/2mwPmgEkzaeagOWgOmUPmsDlsjpgj5qg5ao6ZY+a4OW5OmBPmpDlpTpvT5ow5Y86as+a8OW8umAvmorloLplL6Zd9gQpUYAITZAoyBQlBQpAYJAZZg6xB9iB7EAtiQc4gZ5AruDbIHeQJ8gb5gvxBgaBgEAYU2ICDKCgUFA7iwXVBkeD6oGhQLCgelAhcUDIoFdwQlA5uDMoENwVlg5uDcsEtQfmgQlAxuDW4LagU3B5UDu4IqgR3BlWDakH1oEZwV1AzuDuoFdwT1A7uDeoE9wV1g/uDesEDQf2gQdAweDBoFDQOmgRNg2ZB86BF0DJo9YfO7/3ZPA+7XmHvMCnsE/YNXwj7hf3DAeHAcFD4Yjg4fCkcEr4cDg2HhcPDV8IR4avhyPC1cFQ4OhwTvh6ODceF48MJ4cRwUpgcvhFODt8Mp4RvhVPDaeH0YEY4M5wVzg7fDueEc8N54Tvh/HBBuDBcFC4Ol4T48yUxpITvh8vDD8LUcEW4MlwVrg7XhGvDdeH6cEO4MdwUbg63lB3886HhjnBnuCvcHe4J94b7wo/C/eHH4YHwkzAt/DQ8GP4lPBR+Fh4OPw+PhF+ER8Mvw2PhV+Hx8OvwRPhNeDI8FZ4Ovw3PhN+FZ8Nz4fnw+/BC+EN4MfwxvBT69Iv79I93MmQoE2WiBEqgREqkrJSVslN2ilGMclJOykW5KDflpryUl/JTfipIBSkdE1MhKkRxilMRKkJFqSgVp+LkyFEpKkWlqTSVoTJUlspSOSpH5ak8VaSKdBvdRrfT7XQH3UF30p1UjapRDapBNakm1aJaVJtqUx2qQ3WpLtWjelSf6lNDakiNqBE1oSbUjJpRC2pBragVtabW1IbaUDtqR+2pPXWgDtSROlIn6kSdqTN1oS7UlbpSN+pG3ak79aAe1JN6Ui/qRUmURH2pL/WjfjSABtAgGkSDaTANoSE0lIbScBpOI2gEjaSRNIpG0xh6ncbSOBpPE2giTaJkSqbJNJmm0BSaSlNpOk2nmTSTZtNsmkNzaB7No/k0nxbSQlpMi2kpLaVltIxSKIWW03JKpVRaSStpNa2mtbSW1tN62kgbaTNtpq20lbbTdtpBO2gX7aI9tIf20T7aT/vpAB2gNEqjg3SQDtEhOkyH6QgdoaN0lI7RMTpOx+kEnaCTdJJO02k6Q2foLJ2l83SeLtAPdJF+pEvkKcFmsYn2KpvVZrPZbQ7713Fem8/mtwVsQRva3DbPb2Ky1ha1xWxxW8I6W9KWsjf8TVzeVrAV7a32NlvJ3m4r2/I2C/zXuKa929ay99ja9l5bw971m7iOvc/WtY1tPdvU1rfNbUPb0jayjW0T29Q2s81tC9vStreP2g72MdvRPm472Sf+Jl5m37Pr7Qa70W6y++3H9rz93h6zX9kL9gfby/a2g+yLdrB9yQ6xL9uhdthvYwA7xr5ux9pxdrydYCfaSX8TT7cz7Ew7y862b9s5du7fxEvtu3a+TbEL7SK72C75KU6vKcW+b5fbD2yqXWFX2lV2tV1j19p1/7fWVXaL3Wq32X32I7vD7rS77G67x+79KU5fxwH7iU2zn9qj9kt7yH5mD9vj9oj94qc4fX3H7df2hP3GnrSn7Gn7rT1jv7Nn7bmf1p++9m/tj/aS9RYYWbFmwwFn4sycwFk4ka/irJyNs3MOjvHVnJOv4Vx8LefmPJyX83F+LsAFOWRiy8wRF+LCHOfruAhfz0W5GBfnEuy4JJfiG7g038hl+CYuyzdzOb6Fy3MFrsi38m1ciW/nynwHV+E7uSpX4+pcg+/imnw31+J7uDbfy3X4Pq7L93M9foDrcwNuyA9yI27MTbgpN+Pm3IJbcit+iFvzw9yG23I7foTb86PcgR/jjvw4d+InuDM/yV34Ke7KT3M3foa787Pcg5/jnvw89+LenMR9uC+/wP24Pw/ggTyIX+TB/BIP4Zd5KA/j4fwKj+BXeSS/xqN4NI/h13ksj+PxPIEn8iRO5jd4Mr/JU/gtnsrTeDrP4Jk8i2fz2zyH5/I8fofn8wJeyIt4MS/hpfwuL+P3OIXf5+X8AafyCl7Jq3g1r+G1vI7X8wbeyJt4M2/hrbyNt/OHvIN38i7ezXt4L+/jj3g/f8wH+BNO40/5IP+FD/FnfJg/5yP8BR/lL/kYf8XH+Ws+wd/wST7Fp/lbPsPf8Vk+x+f5e77AP/BF/pEvsWeIMFKRjkwURJmizFFClCVKjK6KskbZouxRjigWXR3ljK6JckXXRrmjPFHeKF+UPyoQFYzCiCIbcRRFhaLCUTy6LioSXR8VjYpFxaMSkYtKRqWiG6LS0Y1RmeimqGx0c1QuuiUqH1WIKka3RrdFlaLbo8rRHVGV6M6oalQtqh7ViO6KakZ3R7Wie6La0b1Rmei+qG50f1QveiCqHzWIGkYPRo2ixlGTqGnULGoetYhaRq2ih6LW0cNRm6ht1C56JGofPRp1iB6LOkaPR52iJy7vLxb8/Gn6V/uToj6R/uUJ2T16cXxJfGn83fiy+Hvxxt1+fjU1viK+Mr4qvjq+Jr42vi6+Pr4hvjG+Kb45viW+Nb4t7n2NzOAw/UYYjAtcJpfZJbgsLtFd5bK6bC67y+Fi7mqX013jcrlrXW6Xx+V1+Vx+V8AVdKEjZx27yBVyhV3cXeeKuOtdUVfMFXclnHMlXSnX0rVyrVxr97Br49q6du4R94h71D3qHkv4pXDX2T3purinXFf3tHvaPeO6u2ddD/ec6+med71cb5fkklxf19f1c/3cADfADXKD3GA32A1xQ9xQN9QNd8PdCDfCjXQj3Sg3yo1xY9xYN9aNd+PdRDfRJbtkN9lNdlPcFDfVTXXT3XQ30810s91sN8fNcfPcPDffzXcL3UK32C12S91St8wtcykuxS13y12qS3Ur3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1waS7NHXQH3SF3yB12n7sj7gt31H3pjrmv3HH3tTvhvnEn3Sl32nl9xn3nzrpz7rz73l1wP7iL7kd3yXmXHHsjNjn2ZmxK7K3Y1Ni02PTYjNjM2KzY7NjbsTmxubF5sXdi82MLYgtji2KLY0tiS2PvxpbF3oulxN6PLY99EEuNrYitjK2KrY6tiXlfYEfkC/nCPu6v80X89b6oL+aL+xLe+ZK+lL/Bl/Y3+jL+Jl/W3+zL+Vt8eV/BV/RNfTPf3LfwLX0r/5Bv7R/2bXxb384/4tv7R30H/5jv6B/3nfwTvrN/0nfxT/mu/mnfzT+z4Jcu+57+ed/L9/ZJvo/v61/w/Xx/P8AP9IP8i36wf8kP8S/7oX6YH+5f8SP8q36kf82P8qP9GP+6H+vH+fF+gp/oJ/lk/4af7N/0U/xbfqqf5qf7GX6mn+Vn+7f9HD/Xz/Pv+Pl+gV/oF/nFfolf6t/1y/x7PsW/75f7D3yqX+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+m1+u//Q7/A7/S6/2+/xe/0+/5Hf7z/2B/wnPs1/6g/6v/hD/jN/2H/uj/gv/FH/pT/mv/LH/df+hP/Gn/Sn/Gn/rT/jv/Nn/Tl/3n/vL/gf/EX/o78k/7MmhBBCCPFP0b+zv8/feU39sqXrCwDZduY78tdzbs7987i/2t8pBgCP9+7W4NetQYOkpKRfjk3VEBReBACxy/k/ff/AL/EKaAePQkdoC6X/bn39VcWfrvv+u/njNwMkAmT5NSf99igR/nr+G//B/E3f5d+bfxFA0cKXc9JP9Gt8ef4y/2D+ve1/Z/4snyUDtPkvOVnhcnx5/lLwMDwBHX9zpBBCCCGEEEII8bP+6kL337u/Tb8/z28u52SGy/Hv3Z//jsp/xBqEEEIIIYQQQgjx33vq2R6PPdSxY9su/8mDzH+OMv4EAwSAP0EZMvjzD670XyYhhBBCCCHEH+3yRf+VrkQIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhMi4/v1vCFP/9MFXeo1CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfZ/AgAA///M7VMc")
prlimit64(0x0, 0xe, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)

6.813307601s ago: executing program 0 (id=1597):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2000c16, &(0x7f0000000000)={[{@nodelalloc}, {@barrier}]}, 0xff, 0x257, &(0x7f0000000500)="$eJzs3U9oFFccB/DfzO42TbKUtL0USv9AKaUNhPRW6CW9tBAoIZRSaAsppfSiJEJM8JZ48uJBj6KSk5cg3oweJZfgRRE8Rc0hXgQNHgweVFjZnQTyTxOzmx1xPh+YzEzy5v3eMPN9ExaGDaCweiJiICJKEdEbEZWISDY2+DJbetZ2ZzoXRiJqtd8eJ4122X5m/bjuiJiOiB8iYj5N4lA5YnLur+Wni798c3Ki8vWFuT8723qSa1aWl35dPT904vLg95M3bz8cSmIgqpvOq/WSHX5XTiI+Oohib4mknPcI2IvhY5fu1HP/cUR81ch/JdLILt6p8ffmK/HduVcde/rRrU/bOVag9Wq1Sv0ZOF0DCieNiGokaV9EZNtp2teX/Q9/t9SVHh4bP9r7/9jE6H95z1RAq1Qjln6+2nGle0v+H5Sy/APvqOxDqaXfh2fv1TdWS3kPCGiLz7JV/fnf+8/UtyH/UDjyD8Ul/1Bc8g/FJf9QXPIPxSX/UFzyD8Ul/1Bc+87/mRcHNyigLTbmHwAollrHvt4abv2LyEDb5T3/AAAAAAAAAAAAAAAAAAAA2810LoysL63psbxri+tnI1Z+yppur19qfB9xxPuNn11Pkk09Jnuq8Hp/f9FkB026mPPb1x/cz7f+jc/zrT81GjF9PCL6y+Xt91+ydv/t34e7/L3yb5MF3lCyZf/HP9pbf6vns/nWH1yMuFaff/p3mn/S+KSx3nn+qdavX5P1jzxrsgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa5mUAAAD//7FLbdg=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f0000000200)={0xffffffff, 0x8000000003ff, 0x4, 0x100})

6.575554004s ago: executing program 3 (id=1598):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r3, 0x3)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e130100c9"], 0x16)
setgroups(0x0, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setregid(0x0, 0xee01)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)

6.575331644s ago: executing program 1 (id=1599):
syz_open_dev$video4linux(&(0x7f0000000000), 0x3fe, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
setsockopt$TIPC_SRC_DROPPABLE(0xffffffffffffffff, 0x10f, 0x80, &(0x7f00000000c0)=0x3, 0x4)
syz_open_dev$media(&(0x7f0000000080), 0x34, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)

4.567216184s ago: executing program 3 (id=1600):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x20000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_dev$usbfs(0x0, 0x76, 0x101b81)
ioctl$USBDEVFS_SETINTERFACE(r3, 0x8008550e, &(0x7f0000000040))

4.435098956s ago: executing program 5 (id=1601):
r0 = fsopen(&(0x7f0000000200)='mqueue\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r4, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, r5, 0x303, 0x0, 0x25dfdbfd, {0x3d}}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)

4.187537159s ago: executing program 4 (id=1603):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, 0x0, 0x0)

4.13781524s ago: executing program 3 (id=1604):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6092c01f00082f00fe8000000000000000000000000000bb00"], 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000000280), 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000180)=""/73, 0x49, 0xac8c)

4.082422821s ago: executing program 4 (id=1605):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000000c0)=@sg0, 0x0, &(0x7f0000000100)='./file1\x00')

3.798462335s ago: executing program 4 (id=1606):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f00000006c0)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)

2.910259098s ago: executing program 0 (id=1607):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000010640)={'#! ', './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x1000a)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB="3800000000090300000000000000000007000000d23b888899f060a300000000180002001400010800000100e0000002080002000000000060b12259def6181e00aaa297407c510d1ee02b0bd373aeddea623da1fe8b5813691a309f6e98ef100aa9c109949f3d36d7f2caf8280dc683550c9116e61a7b88b509b644ecc6c6924cf60000000000000000"], 0x38}, 0x1, 0x0, 0x0, 0x4040884}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000280)='kfree\x00', r4}, 0x18)
mremap(&(0x7f0000186000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00000ad000/0x3000)=nil)

2.909316718s ago: executing program 5 (id=1608):
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x2000000, &(0x7f0000000800)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a37e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731200f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e548355376ec821c05008685c055a367ea51b653eff6581710e72f1e7e4d9d1607d004d9ed64f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6611628606afadb04e0158f42f1853f2e8598a5e250e0f4c9a"], 0x1, 0x1506, &(0x7f0000002ac0)="$eJzs3QnYj9XWMPC19t43D0n/JPNee938k2GTJBmSZEiSJEkyJSRJjiQkHjIlIQmZk8whmUIyz1PmJDmSJAkJSfZ3PXXOcc7b+d7e853zft73POt3Xfd173Xte+177//ifw/Xcz3PNx0HV61frVJdZoZ/Cv66SwWAFADoBwDXAEAEAKWylcqW1p9JY+o/dxLxr/XQtCs9A3ElSf3TN6l/+ib1T9+k/umb1D99k/qnb1L/9E3qL0R6tm167mtlS7/bP//+P+XXnbz//19Irv/pm9T/382ZTP/I0VL/fyeXQgj/WIbUP32T+qdvUv/0Teqfvkn90zepvxDp2ZV+/yzbld2u9L8/IYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBDpw/lwmQGAtH10pSclhBBCCCGEEEKIf6mQ8UrPQAghhBBCCCGEEP/9EBRoMBBBBsgIKZAJMsNVkAWuhqxwDSTgWsgG10F2uB5yQE7IBbkhD+SFfGCBwAFDDPmhACThBigIN0IhKAxFoCh4KAbF4SYoATdDSbgFSsGtUBpugzJQFspBebgdKsAdUBHuhEpwF1SGKlAVqsHdUB3ugRpwL9SE+6AW3A+14QGoAw9CXXgI6sHDUB8egQbwKDSERtAYmkDT/6f8F6ArvAjdoDukQg/oCS9BL+gNfaAv9IOXoT+8AgPgVRgIg2AwvAZD4HUYCm/AMBgOI+BNGAmjYDSMgbEwDsbDWzAB3oaJ8A5MgskwBabCNJgOM+BdmAmzYDa8B3PgfZgL82A+LICF8AEsgsWwBD6EpfARLIPlsAJWwipYDWtgLayD9bABNsIm2AxbYCtsg49hO+yAnbALdsMe2AufwD74FPbDZ3AAPv8H88/9h/xOCAioUKFBgxkwA6ZgCmbGzJgFs2BWzIoJTGA2zIbZMTvmwByYC3NhHsyD+TAfEhIyMubH/JjEJBbEglgIC2ERLIIePRbH4lgCb8aSWBJLYSksjaWxDJbFslgey2MFrIAVsSJWwkpYGStjVayKd+PdeA/WwBpYE2tiLayFtbE21sE6WBfrYj2sh/WxPjbABtgQG2JjbIxNsSk2w2bYHJtjS2yJrbAVtsbW2AbbYFtsi+2wHbbH9tgBO2BH7IidsDN2xhfwBXwRX8TuWFn1wJ7YE3thL+yDfbEvvoz98RV8BV/FgTgIB+Nr+Bq+jkPxLA7D4TgCR2AFNQpH4xhkNQ7H43icgBNwIk7ESTgZJ+NUnIbTcQbOwJk4C2fhezgH38f3cR7OwwW4EBfiIlyMS3AJLsVzuAyX4wpciatwNa7CtbgO1+IG3IgbcDNuxq24FT/Gj3EH7sBduAv34B78BD/BT/FTHIgH8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8jifwBJ7EU3gaT+EZPINn8Ryex/N4AS/gRbyIl/BS2n9+lcYoozKoDCpFpajMKrPKorKorCqrSqiEyqayqewqu8qhcqhcKpfKo/KofCqfIkWKVazyq/wqqZKqoCqoCqlCqogqorzyqrgqrkqoEqqkKqlKqVtVaXWbKqPKqha+vCqvKqiWvqK6U1VSlVRlVUVVVdVUNVVdVVc1VA1VU9VUtVQtVVs9oOqoHtgHH1JplamvBmEDNRgbqkaqsWqiXsfHVDM1FJurFqqlekINx2HYWjXzbdTTqq0aje3UH9QYfFZ1UOOwo3pedVKdVRf1guqqmvtuqruahD1UTzUVe6neqo/qq2ZiFZVWsarqVTVQDVKD1WtqAb6uhqo31DA1XI1Qb6qRapQarcaosWqcGq/eUhPU22qiekdNUpPVFDVVTVPT1Yy0r1Y1S81W76k56n01V81T89UCtVB9oBapxWqJ+lAtVR+pZWq5WqFWqlVqtVqj1qp1ar3aoDaqTRGoLWqr2qY+VtvVDrVT7VK71R61V32i9qlP1X71mTqgPlcH1R/VIfWFOqy+VEfUV+qo+lodU9+o4+pbdUJ9p06qU+q0+l6dUT+os+qcOq9+VBfUT+qi+lldUkGBRq201kZHOoPOqFN0Jp1ZX6Wz6Kt1Vn2NTuhrdTZ9nc6ur9c5dE6dS+fWeXRenU9bTdpp1rHOrwvopL5BF9Q36kK6sC6ii2qvi+ni+iZdQt+sS+pbdCl9qy6tb9NldFldTpfXt+sK+g5dUd+pK+m7dGVdRVfV1fTdurq+R9fQ9+qa+j5dS9+va+sHdB39oK6rH9L19MO6vn5EN9CP6oa6kW6sm+im+jHdTD+um+sWuqV+QrfST+rW+indRj+t2+pndDv9B91eP6s76Od0R/287qQ76y76Z31JB91Nd9epuofuqV/SvXRv3Uf31f30y7q/fkUP0K/qgXqQHqxf00P063qofkMP08P1CP2mHqlH6dF6jB6rx+nx+i09Qb+tJ+p39CQ9WU/RU/U0PV33+dNIs/8L+W//nfwBv5x9q96mP9bb9Q69U+/Su/UevVfv1fv0Pr1f79cH9AF9UB/Uh/QhfVgf1kf0EX1UH9XH9DF9XB/XJ/QJfVKf0j/q7/UZ/YM+q8/pc/pHfUFf0Bf/9BmAQaOMNsZEJoPJaFJMJpPZXGWymKtNVnONSZhrTTZznclurjc5TE6Ty+Q2eUxek89YQ8YZNrHJbwqYpLnBFDQ3mkKmsCliihpvipni5qZ/Ov/35tfUNDXNTDPT3DQ3LU1L08q0Mq1Na9PGtDFtTVvTzrQz7U1708F0MB1NR9PJdDJdTBfT1XQ1AQBSTarpaV4yvUxv08f0Nf3My6a/6W8GmAFmoBloBpvBZogZYoaaoWaYGWZGmBFmpBlpRpvRZqwZa8ab8WaCmWAmmolmkplkppgpZpqZZmaYGWammWlmm9lmjplj5pq5Zr6ZbxaahWaRWWSWmCVmqVlqlpnlZrlZaVaa1Wa1WWvWmvVmvdloNprNZrNZZv78A5o7zU6z2+w2e81es8/sM/vNfnPAHDAHzUFzyBwyh81hc8QcMUfNUXPMHDPHzXFzwpwwJ81Jc9qcNmfMGXPWnDXnzXlzwVwwF81Fc8lcSrvti1SkIhOZKEOUIUqJUqLMUeYoS5QlyhpljRJRIsoWZYuyR9dHOaKcUa4od5Qnyhvli2xEkYs4iqP8UYEoGd0QFYxujApFhaMiUdHIR8Wi4tFNUYno5qhkdEtUKro1Kh3dFpWJykblovLR7VGF6I6oYnRnVCm6K6ocVYmqRtWiu6Pq0T1RjejeqGZ0X1Qruj+qHT0Q1YkejOpGD0X1ooej+tEjUYPo0ahh1ChqHDWJmv5Lxw/hbM7HfTfb3abaHranfcn2sr1tH9vX9rMv2/72FTvAvmoH2kF2sH3NDrGv26H2DTvMDrcj7Jt2pB1lR9sxdqwdZ8fbt+wE+7adaN+xk+xkO8VOtdPsdDvDvmtn2ll2tn3PzrHv27l2np1vF9iF9gO7yC62S+yHdqn9yC6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9Vusx/b7XaH3Wl32d12j91rP7H77Kd2v/3MHrCf24P2j/aQ/cIetl/aI/Yre9R+bY/Zb+xx+609Yb+zJ+0pe9p+b8/YH+xZe86etz/aC/Yne9H+bC/ZkHZzn3Z5J0OGMlAGSqEUykyZKQtloayUlRKUoGyUjbJTdspBOSgX5aI8lIfyUT5Kw8SUn/JTkpJUkApSISpERagIefJUnIpTCSpBJakklaJSVJpKUxkqQ+Uo7aJ5O91Bd9CddCfdRXdRFapC1agaVafqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUgBpQQ2pIjakxNaWm1IyaUXNqTi2pJbWiVtSaWlMbakNtqS21o3bUntpTB+pAHakjdaJO1IW6UFfqSt2oG6VSKvWkntSLelEf6kP9qB/1p/40gAbQQBpIg2kwDaEhNJSG0jAaTiPoTRpJo2g0jaGxNI7G03iaQBNoIk2kSTSJptAUmkbTaAbNoJk0k2bTbJpDc2guzaX5NJ8W0kJaRItoCS2hpbSUltEyWkEraBWtojW0htbROtpAG2gTbaIttIW20TbaTttpJ+2k3bSb9tJe2kf7aD/tpwN0gA7SQTpEh+gwHaYjdISO0lE6RsfoOB2nE3SCTtJJPE2n6QydobN0ls7TebpAP9FF+pkuUaAUl8lldle5LO5ql9Vd41Jcpu4A8Jc4l8vt8ri8Lp+zLofL+TcxOecKucKuiCvqvCvmirubfhOX6VHWlXPl3e2ugrvDVXRl3N/G1d09roa719V097lq7u6/iWu5+11t94ir4x51dV0jV881cfXdI66Be9Q1dI1cY9fEtXJPutbuKdfGPe3aumd+Ey9yi906t95tcBvdPvepO+9+dMfcN+6C+8l1c91dP/ey6+9ecQPcq26gG/SbeIR70410o9xoN8aNdeN+E09xU900N93NcO+6mW7Wb+KF7gM3xy1xc908N98t+CVOm9MS96Fb6j5yy9xyt8KtdKvcarfGrf3LXFe6zW6L2+r2uk/cdrfD7XS73G6355c4bR373WfugPvcHXVfu0PuC3fYHXdH3Fe/xGnrO+6+dSfcd+6kO+VOu+/dGfeDO+vO/bL+tLV/7352l1xwwMiKNRuOOANn5BTOxJn5Ks7CV3NWvoYTfC1n4+s4O1/POTgn5+LcnIfzcj62TOyYOeb8XICTfAMX5Bu5EBfmIlyUPRfj4nwTl+CbuSTfwqX4Vi7Nt3EZLsvluDzfzhX4Dq7Id3IlvosrcxWuytX4bq7O93ANvpdr8n1ci+/n2vwA1+EHuS4/xPX4Ya7Pj3ADfpQbciNuzE24KT/Gzfhxbs4tuCU/wa34SW7NT3Ebfprb8jPcjv/A7flZ7sDPcUd+njtxZ+7CL3BXfpG7cXdO5R7ck1/iXtyb+3Bf7scvc39+hQfwqzyQB/Fgfo2H8Os8lN/gYTycR/CbPJJH8Wgew2N5HI/nt3gCv80T+R2exJN5Ck/laTydZ/C7PJNn8Wx+j+fw+zyX5/F8XsAL+QNexIt5CX/IS/kjXsbLeQWv5FW8mtfwWl7H63kDb+RNvJm38Fbexh/zdt7BO3kX7+Y9vJc/4X38Ke/nz/gAf84H+Y98iL/gw/wlH+Gv+Ch/zcf4Gz7O3/IJ/o5P8ik+zd/zGf6Bz/I5Ps8/8gX+iS/yz3yJA0OMsYp1bOIozhBnjFPiTHHm+Ko4S3x1nDW+Jk7E18bZ4uvi7PH1cY44Z5wrzh3nifPG+WIbU+xijuM4f1wgTsY3xAXjG+NCceG4SFw09nGxuHh8U1wivjkuGd8Sl4pvjUvHt8Vl4rJxubh8fHtcIb4jrhjfGVeK74orx1XiqnG1+O64enxPXCO+N64Z3xeXjO+Pa8cPxHXiB+O68UNxvfjhuH78SNwgfjRuGDeKG8dN4qbxY3Gz+PG4edwibhk/EbeKn4xbx0/FbeKn47bxM7/bnxr3iHvGL8UvxSHcq+cnFyQXJj9ILkouTi5JfphcmvwouSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObkluTUZQrWM4NErr73xkc/gM/oUn8ln9lf5LP5qn9Vf4xP+Wp/NX+ez++t9Dp/T5/K5fR6f1+fz1pN3nn3s8/sCPulv8AX9jb6QL+yL+KLe+2K+uG/im/qmvpl/3Df3LXxL/4R/wj/pn/RP+af8076tf8a385Bo75/1Hfxz/jn/vO/kO/su/gXf1b/ou/nuPtWn+p6+p+/le/k+vo/v5/v5/r6/H+AH+IF+oB/sB/shfogf6of6YX6YH+FH+JF+pB/tR/uxfqwf78f7CX6Cn+gn+kl+kp/ip/hpfpqf4Wf4mX6mn+1n+zl+jp/r5/r5fr5f6Bf6RX6RX+KX+KV+qV/ml/kVfoVf5Vf5NX6NX+fX+Q1+g9/kN/ktfovf5rf57X673+l3+t1+t9/r9/p9fp/f7/f7A/6AP+gP+kP+kD/sv/RH/Ff+qP/aH/Pf+OP+W3/Cf+dP+lP+tP/en/E/+LP+nD/vf/QX/E/+ov/ZX/LBj0+8lZiQeDsxMfFOYlJicmJKYmpiWmJ6Ykbi3cTMxKzE7MR7iTmJ9xNzE/MS8xMLEgsTHyQWJRYnliQ+TCxNfJRYllieWJFYmViVWJ0IIe/2OOQPBUIy3BAKhhtDoVA4FAlFgw/FQvFwUygRbg4lwy2hVLg1lA63hTKhbCgXHg0NQ6PQODQJTcNjoVl4PDQPLULL8ERoFZ4MrcNToU14OrQNz4R24Q+hfXg2dAjPhY7h+dApdA5dwguha3gxdAvdQ2roEXqGl0Kv0Dv0CX1Dv/By6B9eCQPCq2FgGBQGh9fCkPB6GBreCMPC8DAivBlGhlFhdBgTxoZxYXx4K0wIb4eJ4Z0wKUwOU8LUMC1MDzPCu2FmmBVmh/fCnPB+mBvmhflhQVgYPgiLwuKwJHwYloaPwrKwPKwIK8OqsDqsCWvDurA+bAgbw6awOWwJW8O28HHYHnaEnWFX2B32hL3hk7AvfBr2h8/CgfB5OBj+GA6FL8Lh8GU4Er4KR8PX4Vj4JhwP34YT4btwMpwKp8P34Uz4IZwN58L58GO4EH4KF8PP4VII4Uq/SRdCCCGE+N9A/05/j/9LjvpTuycAXL0j95H/2L8px6/t3hnztEoAwNPdOz70561y5dTU1D8du0xDVGAeACQu52eAy/FyaAlPQhtoASX+0p/yV+fqrTpf4P9sfIAoeStA5r/KScv/c3x5/Jv/7vp7q1Fz/tPxNUTJeQCFClzOyQSX48vjl/y746eqnM1+Z/xMX4wHaP5XOVngcnx5/OLwODwDbf7mSCGEEEIIIYQQ4le9Vbn2v/d8m/Z8nsdczskIl+O/93wuhBBCCCGEEEKI/1me7dzlqcfatGnRXhr/HY0UAAjX/PpR/0+YjzSk8V9sXOlvJiGEEEIIIcS/2uWb/is9EyGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQIv36//HrxP58rt/7W4NCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHEv6v/EwAA//8oYjL2")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="796104000000000000007e000000a46a589a21f9714f4125aec6662c8d27a3c0192f1384239b2f61be6b48e5e98f33504804d5c583b5dc69791f2ffba2b2ef1a8e4cbde712e9b6440165dd0fc948cb041b8767dd385ae0408c6df0a01be4b47501a18008a164"], 0x1c}}, 0x300000000000000)

2.79310212s ago: executing program 4 (id=1609):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x104}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x841, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000080)={0x0, 0x5}, &(0x7f00000000c0)=0x8)

2.578940113s ago: executing program 3 (id=1610):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r4, 0x0, 0x4008800)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
truncate(&(0x7f0000000500)='./file0\x00', 0x3)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
syz_open_procfs(r0, &(0x7f0000000240)='net/psched\x00')

2.419318275s ago: executing program 1 (id=1611):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x81c0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x81c0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x18, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r1, 0x1, &(0x7f0000000180)={0x4000, r0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0xd, 0x200200090}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
r6 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r5, 0x0, 0x8}, 0x18)
r7 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x82, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r7, 0xc0045005, &(0x7f0000000080)=0x3)
landlock_restrict_self(r1, 0x0)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x1, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1, 0x0)
truncate(&(0x7f0000000240)='./file0\x00', 0x1)
ftruncate(r8, 0x1)
truncate(&(0x7f0000000280)='./file1\x00', 0x1)

1.181079273s ago: executing program 5 (id=1612):
syz_open_dev$video4linux(&(0x7f0000000000), 0x3fe, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
setsockopt$TIPC_SRC_DROPPABLE(0xffffffffffffffff, 0x10f, 0x80, &(0x7f00000000c0)=0x3, 0x4)
r1 = syz_open_dev$media(&(0x7f0000000080), 0x34, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, &(0x7f0000000100)=<r5=>0xffffffffffffffff)
ioctl$MEDIA_REQUEST_IOC_QUEUE(r5, 0x7c80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)

915.409137ms ago: executing program 3 (id=1613):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r2=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYRESHEX=r1, @ANYBLOB="7a8877f00e26beb8e136ffbdbc051433dfed38a4001ab928a8be5088f88a46d5fd0db3cceac1236e6ca0b206a5f14f36879213530ba015cb2f20bfa146af8a98225f11f10d8abd2d9100e54335e4e35a86ea3248d44b070f920b8651d044c44a2810bbc17657ebff7d243a4688552bec16ad50612b536ecdb49d78e5660a0b4b385ff6c54309fc45f76f4dd35b67f1dfce2c6e8277728b4a1867e3a4d94696dbfd8f20a75bd141a8431bbc74e38d3dd17ffa5eec308ddca10d0a9a5729615b1a5b22d32abcd38602f2f02067f81107079243ac2d10e8bf4486ca3a66b8", @ANYRESDEC=r2], &(0x7f0000000200)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7ef6a832a4ed8bd2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$inet6(0xa, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r7=>r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r8}, 0x10)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1200000005000000080000000800000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000f0ff0000000000a44f25c52f97c7d79065bfe09fa4e2dd1be1e39f28f5682cab5a41e62b6c17628620037401d9bf6d0e0520babbf951ac9224674dd7a742b422575d16354d86831978ce43a331802a15c763def8d8cd6e3470254e7b59d048339ca025a5903befb8ba028f9180c21390df86be1617716a1fce1449b0cfb46aa1042765cc1f33", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYRESOCT=r9, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRESHEX=r1, @ANYRES32=r7, @ANYBLOB="0000004d0000000000cd00"/29], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0xffffffffffffffb8, 0x0, 0x41100, 0x39, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r11}, 0x18)
r12 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r12, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r9, &(0x7f0000000240), &(0x7f00000000c0)=@udp6=r5}, 0x20)
sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
recvfrom$inet6(r5, &(0x7f0000000240)=""/117, 0x75, 0x20040, 0x0, 0x0)
r13 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000340), 0x201, 0x0)
ioctl$AUTOFS_IOC_FAIL(r13, 0x4c80, 0xfffff)
r14 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r14, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

915.125567ms ago: executing program 4 (id=1614):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x20000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_dev$usbfs(0x0, 0x76, 0x101b81)
ioctl$USBDEVFS_SETINTERFACE(r3, 0x8008550e, &(0x7f0000000040))

914.642677ms ago: executing program 1 (id=1615):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, 0x0, 0x0)

835.416748ms ago: executing program 0 (id=1616):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0100000004000000040000000800000000000000", @ANYBLOB], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x18)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000380)=ANY=[@ANYRES32=r5, @ANYRES32, @ANYBLOB='\v\x00\x00\x00\x00\x00\x00\x00\x00@\x00', @ANYRES32], 0x10)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r7}, 0x18)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r8, 0x8955, &(0x7f0000000a80)={{0x2, 0x4e22, @empty}, {0x0, @remote}, 0x48, {0x2, 0x0, @empty}, 'lo\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYRESHEX], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

834.986208ms ago: executing program 3 (id=1617):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRES64, @ANYRES16], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
r0 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x8000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x8031, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(r0, 0x0, 0x15b0)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(0xffffffffffffffff, 0x0, 0x0)
fchdir(r3)
ftruncate(0xffffffffffffffff, 0x2007ffb)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000018c0)=ANY=[@ANYBLOB="dc000000", @ANYRES16=r5, @ANYBLOB="a18300050000000000200500", @ANYRES32=0x0, @ANYBLOB="c0000e80"], 0xdc}}, 0x0)

48.50802ms ago: executing program 1 (id=1618):
r0 = fsopen(&(0x7f0000000200)='mqueue\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r4, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, r5, 0x303, 0x0, 0x25dfdbfd, {0x3d}}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)

0s ago: executing program 4 (id=1619):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1800410, &(0x7f0000000000)={[{@bh}, {@grpquota}]}, 0x4, 0x501, &(0x7f0000000540)="$eJzs3b9vW1sdAPDvdX6+PPelD94ACHjl8aCgqk7itlFVBtoFhKpKiIqJoQ2JG0Wx6yhOShM6pCM7EpWY4E9gY0DqxMDGBhtLGZAKVKAGicFP9/rmR5O4SdokbuzPR7q595x7m+85ds851ye2TwA961xErEXEYETcjYjRPD/Jt7je2tLrXr54NL3+4tF0Es3m7X8l2fk0L7b9m9T7+e8cjogffT/ip8nuuI2V1fmparWymKfHlmoLY42V1YtzhTynPDkxOX710pXyoevU1yb/49rvnn9v7uaP//D7rzz789q3f54Wq/iLM9m57fU4Sq2qD0RxW15/RNw8jmAd0p///+H0SVvb5yLik6z9j0Zf9mwCAN2s2RyN5uj2NADQ7dLX/8VICqV8LqAYhUKp1JrD+yhGCtV6Y+nCaH35/kxkc1hnY6Bwb65aGc/nCs/GQJKmJ7LjrXR5R/pSRHwYEb8cei9Ll6br1ZlO3vgAQA97f8f4/9+h1vgPAHS54UNe7y0CAHD6HXb8BwBOP+M/APSeQ4z/pv4BoEt4/Q8Avcf4DwC9Z9/x//HJlAMAOBE/vHUr3Zrr+fdfzzxYWf5O8cHFmUpjvlRbni5N1xcXSrP1+my1UppuNvf7fdV6fWHi8maysbJ6p1Zfvr90Z642NVu5Uxk45voAAPv78OOnf00iYu3ae9kW29ZyMFZDdyt0ugBAx7RbKwvofm/4eR7LvUEXOMBrfNMA0OX2WKL3FW3fIvTE3QCcVue/aP4fepX5f+hdbzb//90jLwdw8nyfF/SuZjOx5j8A9Bhz/MBb/f0fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAelQx25JCKVsLfC39WSiVIs5ExNkYSO7NVSvjEfFBRPxlaGAoTU90utAAwFsq/CPJ1/86P/ppcefZweR/Q9k+In7269u/eji1tLQ4keb/ezN/6UmeXx7sRAUAgO2u70hvLPZbjtgYxze8fPFoemM7ySI+v9FaXDSNu55vrTP90Z/th7Nij/wnydMt6f1K3xHEX3scEV/Yqv/DbRGK2RxIa+XTnfHT2GeOIf7W478zfuGV+IXsXLofyB6Lzx9BWaDXPL3R6ifztpc2sbz9FeJctt+7/Q9nPdTb2+j/1nf1f4XN/q9vV/wka/PnNtOvL8nzy3/8wa7M5mjr3OOIL/XvFT/ZjJ+06X8/PWAd//blr37S7lzzNxHnY+/4LbWsmx1bqi2MNVZWL87VpmYrs5X75fLkxOT41UtXymPZHHXr55/2ivHPaxc+aBc/rf9Im/jD+9T/Gwes/2//f/cnX3tN/G99fe/n/6PXxE/HxG8eMP7UyPW2y3en8Wfa1H+/5//CAeM/+/vqzAEvBQBOQGNldX6qWq0s7nOQ3mvud42D03kQaxHvQDHyg8F4J4rR8wfteozmyXZQwLHZavSdLgkAAAAAAAAAAAAAANBOY2V1fiiO9+NEna4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3euzAAAA//8CXMzk")
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000ac0)=0x2, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
pidfd_getfd(0xffffffffffffffff, r1, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000bc0)={r3, &(0x7f0000000b00)="3eaa276ac0994d333b1dd6f4cd27e64fbbb7e0fe7dfa937d4692daf0752dde85664b6e68bc4e3acc0cf96cdc8e6f87442ea0665ebe158a8c868f29747a546a02676c5bb4b3de2aa05625c2d96bd4aab018ab362fa51b3d4efe3b9bf9c8aa7e19c1e528858b82188fc8cfadd7ac446df99084afb8a60a0a3049655848782d08e322ccec"}, 0x20)
io_uring_register$IORING_REGISTER_EVENTFD(0xffffffffffffffff, 0x4, 0x0, 0x1)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x2f8, 0x9)
unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000380)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet(0x2, 0x2, 0x1)

kernel console output (not intermixed with test programs):

7295 subj=unconfined pid=5503 comm=6C25868E36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8fb33ba8 code=0x7ffc0000
[  163.683320][ T5517] netlink: 136 bytes leftover after parsing attributes in process `syz.2.363'.
[  163.944949][ T1533] Bluetooth: hci1: command 0x0406 tx timeout
[  163.947892][ T1533] Bluetooth: hci0: command 0x0406 tx timeout
[  163.951339][ T1533] Bluetooth: hci4: command 0x0406 tx timeout
[  163.954642][ T1533] Bluetooth: hci2: command 0x0406 tx timeout
[  163.957003][ T1533] Bluetooth: hci3: command 0x0406 tx timeout
[  164.278907][ T5532] netlink: 'syz.4.368': attribute type 16 has an invalid length.
[  164.291372][ T5532] netlink: 'syz.4.368': attribute type 17 has an invalid length.
[  164.330230][ T5532] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  164.346015][ T5532] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  164.355747][ T5532] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  164.373317][ T5532] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  164.411006][ T5532] net_ratelimit: 10 callbacks suppressed
[  164.411013][ T5532] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  165.684670][ T5550] input: syz0 as /devices/virtual/input/input11
[  166.922507][ T5560] bridge0: port 3(netdevsim0) entered blocking state
[  166.925011][ T5560] bridge0: port 3(netdevsim0) entered disabled state
[  166.955687][ T5560] device netdevsim0 entered promiscuous mode
[  166.963067][ T5560] bridge0: port 3(netdevsim0) entered blocking state
[  166.965068][ T5560] bridge0: port 3(netdevsim0) entered forwarding state
[  167.554546][ T5570] udc-core: couldn't find an available UDC or it's busy
[  167.556610][ T5570] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  167.962799][ T5570] udc-core: couldn't find an available UDC or it's busy
[  167.964897][ T5570] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  168.847507][ T5597] input: syz0 as /devices/virtual/input/input13
[  169.528845][ T5606] udc-core: couldn't find an available UDC or it's busy
[  169.531732][ T5606] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  171.130111][ T5642] tipc: Started in network mode
[  171.131860][ T5642] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  171.135152][ T5642] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  171.194867][ T5644] input: syz0 as /devices/virtual/input/input14
[  171.201243][ T5642] tipc: Enabled bearer <udp:syz1>, priority 10
[  171.203215][ T5641] netlink: 44 bytes leftover after parsing attributes in process `syz.2.403'.
[  172.316231][ T5254] tipc: Node number set to 1
[  172.863475][ T5684] udc-core: couldn't find an available UDC or it's busy
[  172.877582][ T5684] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  173.170901][ T5254] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  173.441094][ T5254] usb 1-1: Using ep0 maxpacket: 16
[  173.554391][ T5700] input: syz0 as /devices/virtual/input/input15
[  173.561610][ T5254] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  173.565094][ T5254] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  173.569675][ T5254] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  173.582739][ T5254] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  173.626720][ T5254] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  173.711276][ T5254] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  173.720435][ T5254] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  173.728218][ T5254] usb 1-1: Manufacturer: syz
[  173.760415][ T5254] usb 1-1: config 0 descriptor??
[  174.041364][ T5254] Registered IR keymap rc-hauppauge
[  175.020869][ T5254] rc_core: Loaded IR protocol module ir-rc5-decoder, but protocol rc-5 still not available
[  175.024081][ T5254] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  175.056817][ T5254] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  175.083198][ T5254] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  175.089726][ T5254] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input16
[  175.110625][ T5254] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  175.151645][ T5254] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  175.181091][ T5254] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  175.351637][ T5254] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  175.381001][ T5254] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  175.801281][ T5722] 9pnet_virtio: no channels available for device syz
[  176.404662][ T5254] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  176.441027][ T5254] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  176.471444][ T5254] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  176.501291][ T5254] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  176.601929][ T5254] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  176.618779][ T5730] udc-core: couldn't find an available UDC or it's busy
[  176.620740][ T5730] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  176.632576][ T5254] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  176.635107][ T5254] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  176.671101][ T5254] usb 1-1: USB disconnect, device number 3
[  177.076167][ T5726] loop4: detected capacity change from 0 to 32768
[  177.090966][ T5726] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz.4.431 (5726)
[  177.112360][ T5726] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  177.120912][ T5726] BTRFS info (device loop4): turning on sync discard
[  177.122795][ T5726] BTRFS info (device loop4): unrecognized rescue option 'ignoremetacsums'
[  177.125389][ T5726] BTRFS error (device loop4): unrecognized rescue value ignoremetacsums
[  177.129525][ T5726] BTRFS error (device loop4): open_ctree failed: -22
[  177.207054][ T4333] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by udevd (4333)
[  179.111797][ T5760] set match dimension is over the limit!
[  179.864179][ T5773] input: syz0 as /devices/virtual/input/input17
[  181.702952][ T5797] udc-core: couldn't find an available UDC or it's busy
[  181.724770][ T5797] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  183.286974][ T5814] set match dimension is over the limit!
[  184.560410][ T5821] input: syz0 as /devices/virtual/input/input18
[  185.585724][ T5835] binder: 5834:5835 ioctl 4018620d 0 returned -22
[  185.599260][ T5835] binder: 5834:5835 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  185.613952][ T5835] binder: 5835 RLIMIT_NICE not set
[  185.645356][ T5842] udc-core: couldn't find an available UDC or it's busy
[  185.650888][ T5842] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  186.603853][ T5855] xt_connbytes: Forcing CT accounting to be enabled
[  186.606128][ T5855] Cannot find set identified by id 0 to match
[  187.064652][ T5862] input: syz0 as /devices/virtual/input/input19
[  189.396920][ T5889] binder: 5884:5889 tried to acquire reference to desc 0, got 1 instead
[  190.012716][ T5891] netlink: 20 bytes leftover after parsing attributes in process `syz.0.485'.
[  190.244273][ T5895] xt_connbytes: Forcing CT accounting to be enabled
[  190.246194][ T5895] Cannot find set identified by id 0 to match
[  191.172493][ T5908] input: syz0 as /devices/virtual/input/input20
[  192.441935][ T5928] binder: tried to use weak ref as strong ref
[  192.444267][ T5928] binder: 5927:5928 Acquire 1 refcount change on invalid ref 0 ret -22
[  192.454652][ T5924] netlink: 12 bytes leftover after parsing attributes in process `syz.2.495'.
[  192.510647][ T5931] netlink: 20 bytes leftover after parsing attributes in process `syz.1.497'.
[  192.518618][ T2055] ieee802154 phy0 wpan0: encryption failed: -22
[  192.520463][ T2055] ieee802154 phy1 wpan1: encryption failed: -22
[  193.048693][ T5938] set match dimension is over the limit!
[  194.034742][ T5950] input: syz0 as /devices/virtual/input/input21
[  195.148509][ T5964] binder: tried to use weak ref as strong ref
[  195.150301][ T5964] binder: 5963:5964 Acquire 1 refcount change on invalid ref 0 ret -22
[  195.176488][ T5967] udc-core: couldn't find an available UDC or it's busy
[  195.178422][ T5967] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  195.185375][ T5967] netlink: 'syz.4.509': attribute type 27 has an invalid length.
[  196.073683][ T5972] netlink: 20 bytes leftover after parsing attributes in process `syz.3.510'.
[  196.268265][ T5982] set match dimension is over the limit!
[  196.565020][ T5967] bridge0: port 3(netdevsim0) entered disabled state
[  196.567351][ T5967] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.570105][ T5967] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.696718][ T5967] batman_adv: batadv0: Interface deactivated: dummy0
[  197.588719][ T5994] input: syz0 as /devices/virtual/input/input22
[  197.824552][ T5967] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  197.892823][ T5967] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  199.591095][ T6010] binder: tried to use weak ref as strong ref
[  199.595605][ T6010] binder: 6009:6010 Acquire 1 refcount change on invalid ref 0 ret -22
[  200.426083][ T5967] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.428672][ T5967] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.431807][ T5967] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.434341][ T5967] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.612697][ T6019] netlink: 40 bytes leftover after parsing attributes in process `syz.0.523'.
[  200.781965][ T6021] netlink: 40 bytes leftover after parsing attributes in process `syz.0.534'.
[  201.123863][ T6031] binder: 6022:6031 got transaction to invalid handle, 1
[  201.125914][ T6031] binder: 6022:6031 transaction failed 29201/-22, size 104-24 line 2917
[  201.931712][ T4722] binder: undelivered TRANSACTION_ERROR: 29201
[  201.994406][ T6036] input: syz0 as /devices/virtual/input/input23
[  202.139111][ T6040] set match dimension is over the limit!
[  203.159922][ T6050] loop4: detected capacity change from 0 to 256
[  203.178886][ T6050] exfat: Deprecated parameter 'namecase'
[  203.190948][ T6050] exfat: Unknown parameter 'zero_size_dir'
[  205.299553][ T6065] binder: 6058:6065 tried to acquire reference to desc 0, got 1 instead
[  205.868801][ T6069] loop2: detected capacity change from 0 to 512
[  205.920400][ T6072] udc-core: couldn't find an available UDC or it's busy
[  205.936549][ T6072] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  205.965262][ T6069] EXT4-fs (loop2): mounted filesystem without journal. Opts: sb=0x0000000000000001,nodioread_nolock,,errors=continue. Quota mode: writeback.
[  205.967671][ T6077] netlink: 40 bytes leftover after parsing attributes in process `syz.0.538'.
[  206.194797][ T6079] device syzkaller1 entered promiscuous mode
[  207.571004][   T13] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  207.576752][ T6092] input: syz0 as /devices/virtual/input/input24
[  209.511128][   T13] usb 1-1: Using ep0 maxpacket: 16
[  209.871130][ T6115] binder: 6111:6115 tried to acquire reference to desc 0, got 1 instead
[  210.941622][ T6126] netlink: 16 bytes leftover after parsing attributes in process `syz.0.553'.
[  211.022282][   T13] usb 1-1: unable to read config index 0 descriptor/start: -71
[  211.024621][   T13] usb 1-1: can't read configurations, error -71
[  211.997471][ T6142] netlink: 8 bytes leftover after parsing attributes in process `syz.0.558'.
[  212.085165][ T6144] device syzkaller1 entered promiscuous mode
[  212.413382][   T13] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  212.686615][ T6152] binder: 6147:6152 tried to acquire reference to desc 0, got 1 instead
[  214.417557][ T4051] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  214.420363][ T4051] CPU: 0 PID: 4051 Comm: kworker/u5:4 Not tainted 5.15.186-syzkaller #0
[  214.422586][ T4051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  214.425309][ T4051] Workqueue: hci2 hci_rx_work
[  214.426606][ T4051] Call trace:
[  214.427492][ T4051]  dump_backtrace+0x0/0x43c
[  214.428721][ T4051]  show_stack+0x2c/0x3c
[  214.429882][ T4051]  __dump_stack+0x30/0x40
[  214.431031][ T4051]  dump_stack_lvl+0xf8/0x160
[  214.432296][ T4051]  dump_stack+0x1c/0x5c
[  214.433427][ T4051]  sysfs_create_dir_ns+0x22c/0x24c
[  214.434843][ T4051]  kobject_add_internal+0x590/0xc54
[  214.436275][ T4051]  kobject_add+0x134/0x1f8
[  214.437480][ T4051]  device_add+0x3f0/0xf94
[  214.438655][ T4051]  hci_conn_add_sysfs+0xbc/0x1cc
[  214.439971][ T4051]  le_conn_complete_evt+0x9a4/0x11bc
[  214.441378][ T4051]  hci_le_meta_evt+0x85c/0x3010
[  214.442741][ T4051]  hci_event_packet+0xd10/0x11bc
[  214.444022][ T4051]  hci_rx_work+0x1cc/0x880
[  214.445174][ T4051]  process_one_work+0x79c/0x1140
[  214.446487][ T4051]  worker_thread+0x8f4/0x101c
[  214.447696][ T4051]  kthread+0x374/0x454
[  214.448765][ T4051]  ret_from_fork+0x10/0x20
[  214.453828][ T4051] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  214.457399][ T4051] Bluetooth: hci2: failed to register connection device
[  214.682097][   T13] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  214.691084][   T13] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.696272][   T13] usb 1-1: config 0 descriptor??
[  214.729251][ T6162] udc-core: couldn't find an available UDC or it's busy
[  214.751031][ T6162] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  214.925032][   T13] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  215.149219][ T6167] netlink: 16 bytes leftover after parsing attributes in process `syz.1.566'.
[  215.176227][   T13] usb 1-1: USB disconnect, device number 5
[  215.690969][   T13] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  216.151923][ T6188] binder: tried to use weak ref as strong ref
[  216.153879][ T6188] binder: 6181:6188 Acquire 1 refcount change on invalid ref 0 ret -22
[  216.181380][   T13] usb 1-1: Using ep0 maxpacket: 16
[  216.512609][ T4722] Bluetooth: hci2: command 0x2016 tx timeout
[  216.944046][ T6192] udc-core: couldn't find an available UDC or it's busy
[  216.946030][ T6192] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  217.041172][   T13] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  217.043915][   T13] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  217.046611][   T13] usb 1-1: config 0 has no interface number 0
[  217.221112][   T13] usb 1-1: New USB device found, idVendor=1a86, idProduct=752d, bcdDevice=2d.4d
[  217.223703][   T13] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.226003][   T13] usb 1-1: Product: syz
[  217.227239][   T13] usb 1-1: Manufacturer: syz
[  217.230072][   T13] usb 1-1: SerialNumber: syz
[  217.326673][   T13] usb 1-1: config 0 descriptor??
[  217.425191][   T13] snd-usb-audio: probe of 1-1:0.1 failed with error -2
[  217.489168][ T6203] netlink: 16 bytes leftover after parsing attributes in process `syz.2.580'.
[  217.494407][ T4333] udevd[4333]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.1/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  217.672729][ T5254] usb 1-1: USB disconnect, device number 6
[  218.500106][ T4077] Bluetooth: hci4: command 0x0409 tx timeout
[  219.773899][ T6226] binder: tried to use weak ref as strong ref
[  219.775874][ T6226] binder: 6223:6226 Acquire 1 refcount change on invalid ref 0 ret -22
[  220.476655][ T6232] udc-core: couldn't find an available UDC or it's busy
[  220.478539][ T6232] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  220.869996][ T6242] Cannot find set identified by id 0 to match
[  220.944553][ T6244] input: syz0 as /devices/virtual/input/input25
[  223.478146][ T6267] binder: tried to use weak ref as strong ref
[  223.479991][ T6267] binder: 6264:6267 Acquire 1 refcount change on invalid ref 0 ret -22
[  226.581918][ T6306] netlink: 'syz.0.615': attribute type 10 has an invalid length.
[  226.585606][ T6306] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.588263][ T6306] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.602203][ T6306] bridge0: port 2(bridge_slave_1) entered blocking state
[  226.604713][ T6306] bridge0: port 2(bridge_slave_1) entered forwarding state
[  226.606905][ T6306] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.608909][ T6306] bridge0: port 1(bridge_slave_0) entered forwarding state
[  226.614048][ T6306] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  226.754726][ T6307] binder: tried to use weak ref as strong ref
[  226.756617][ T6307] binder: 6301:6307 Acquire 1 refcount change on invalid ref 0 ret -22
[  227.456873][ T6312] udc-core: couldn't find an available UDC or it's busy
[  227.458834][ T6312] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  228.355067][ T6328] udc-core: couldn't find an available UDC or it's busy
[  228.357141][ T6328] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  228.399706][ T6331] netlink: 'syz.1.625': attribute type 27 has an invalid length.
[  228.513944][ T6334] input: syz0 as /devices/virtual/input/input26
[  228.800322][ T6338] udc-core: couldn't find an available UDC or it's busy
[  228.806885][ T6338] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  228.833110][ T6331] bridge0: port 3(netdevsim0) entered disabled state
[  228.835208][ T6331] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.837409][ T6331] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.408964][ T6331] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  230.475350][ T6331] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  231.010965][ T6359] binder: tried to use weak ref as strong ref
[  231.012745][ T6359] binder: 6350:6359 Acquire 1 refcount change on invalid ref 0 ret -22
[  231.737185][ T6366] netlink: 24 bytes leftover after parsing attributes in process `syz.2.637'.
[  232.410986][   T13] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  232.475478][ T6331] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.478047][ T6331] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.480464][ T6331] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.483109][ T6331] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.681189][   T13] usb 1-1: Using ep0 maxpacket: 16
[  232.931035][   T13] usb 1-1: config index 0 descriptor too short (expected 16456, got 72)
[  232.933395][   T13] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  232.935630][   T13] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  232.937851][   T13] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  232.940268][   T13] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  232.951421][   T13] usb 1-1: config 0 has no interface number 0
[  232.953291][   T13] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  232.968485][   T13] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  232.976538][   T13] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  232.979293][   T13] usb 1-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  233.011566][   T13] usb 1-1: config 0 interface 125 has no altsetting 0
[  233.013457][   T13] usb 1-1: config 0 interface 125 has no altsetting 2
[  233.019714][ T6394] input: syz0 as /devices/virtual/input/input27
[  233.680760][ T6398] udc-core: couldn't find an available UDC or it's busy
[  233.697869][ T6398] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  233.856086][   T13] usb 1-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  233.858784][   T13] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.861031][   T13] usb 1-1: Product: syz
[  233.862304][   T13] usb 1-1: Manufacturer: syz
[  233.863650][   T13] usb 1-1: SerialNumber: syz
[  233.869046][   T13] usb 1-1: config 0 descriptor??
[  233.902487][   T13] usb 1-1: selecting invalid altsetting 2
[  234.696145][ T6409] binder: tried to use weak ref as strong ref
[  234.697977][ T6409] binder: 6406:6409 Acquire 1 refcount change on invalid ref 0 ret -22
[  235.422614][   T13] parport0: fix this legacy no-device port driver!
[  235.477618][   T13] usb 1-1: USB disconnect, device number 7
[  235.567240][ T6411] udc-core: couldn't find an available UDC or it's busy
[  235.569237][ T6411] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  237.652484][ T4051] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  237.655931][ T4051] CPU: 1 PID: 4051 Comm: kworker/u5:4 Not tainted 5.15.186-syzkaller #0
[  237.658336][ T4051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  237.661086][ T4051] Workqueue: hci1 hci_rx_work
[  237.662374][ T4051] Call trace:
[  237.663275][ T4051]  dump_backtrace+0x0/0x43c
[  237.664468][ T4051]  show_stack+0x2c/0x3c
[  237.665644][ T4051]  __dump_stack+0x30/0x40
[  237.666834][ T4051]  dump_stack_lvl+0xf8/0x160
[  237.668113][ T4051]  dump_stack+0x1c/0x5c
[  237.669233][ T4051]  sysfs_create_dir_ns+0x22c/0x24c
[  237.670665][ T4051]  kobject_add_internal+0x590/0xc54
[  237.672122][ T4051]  kobject_add+0x134/0x1f8
[  237.673368][ T4051]  device_add+0x3f0/0xf94
[  237.674545][ T4051]  hci_conn_add_sysfs+0xbc/0x1cc
[  237.675903][ T4051]  le_conn_complete_evt+0x9a4/0x11bc
[  237.677322][ T4051]  hci_le_meta_evt+0x85c/0x3010
[  237.678683][ T4051]  hci_event_packet+0xd10/0x11bc
[  237.680017][ T4051]  hci_rx_work+0x1cc/0x880
[  237.681208][ T4051]  process_one_work+0x79c/0x1140
[  237.682603][ T4051]  worker_thread+0x8f4/0x101c
[  237.683902][ T4051]  kthread+0x374/0x454
[  237.685039][ T4051]  ret_from_fork+0x10/0x20
[  237.693757][ T4051] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  237.698712][ T4051] Bluetooth: hci1: failed to register connection device
[  239.129696][ T6465] udc-core: couldn't find an available UDC or it's busy
[  239.139671][ T6465] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  239.459426][ T6473] udc-core: couldn't find an available UDC or it's busy
[  239.465908][ T6473] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  239.711027][ T5254] Bluetooth: hci1: command 0x2016 tx timeout
[  239.781008][ T6485] udc-core: couldn't find an available UDC or it's busy
[  239.783103][ T6485] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  240.326152][ T6495] binder: tried to use weak ref as strong ref
[  240.328072][ T6495] binder: 6491:6495 Acquire 1 refcount change on invalid ref 0 ret -22
[  241.303754][ T4091] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  241.389934][ T6526] udc-core: couldn't find an available UDC or it's busy
[  241.399959][ T6526] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  241.423628][ T6527] set match dimension is over the limit!
[  241.507056][ T6529] ksmbd: Unknown IPC event: 6, ignore.
[  241.561674][ T4091] usb 1-1: Using ep0 maxpacket: 8
[  241.710990][ T4091] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  241.713904][ T4091] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  241.716768][ T4091] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  241.719519][ T4091] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  241.723175][ T4091] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  241.726085][ T4091] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.791042][ T5254] Bluetooth: hci4: command 0x0405 tx timeout
[  242.001301][ T4091] usb 1-1: GET_CAPABILITIES returned 0
[  242.003016][ T4091] usbtmc 1-1:16.0: can't read capabilities
[  242.230873][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.234755][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.237424][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.239968][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.242389][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.244851][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.247272][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.249741][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.252208][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.254689][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.257187][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.259611][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.262082][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.264544][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.267081][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.269527][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  242.272209][    C0] vkms_vblank_simulate: vblank timer overrun
[  242.281090][ T4091] usb 1-1: USB disconnect, device number 8
[  243.680088][ T6555] netlink: 4 bytes leftover after parsing attributes in process `syz.3.705'.
[  243.707212][ T6555] device bridge_slave_1 left promiscuous mode
[  243.709081][ T6555] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.768523][ T6555] device bridge_slave_0 left promiscuous mode
[  243.770430][ T6555] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.946896][ T6571] udc-core: couldn't find an available UDC or it's busy
[  243.949377][ T6571] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  244.000968][ T5254] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  244.034643][ T6576] udc-core: couldn't find an available UDC or it's busy
[  244.036701][ T6576] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  245.030497][ T5254] usb 1-1: config 2 has an invalid interface number: 2 but max is 0
[  245.032747][ T5254] usb 1-1: config 2 has no interface number 0
[  245.034376][ T5254] usb 1-1: config 2 interface 2 has no altsetting 0
[  245.118005][ T6585] udc-core: couldn't find an available UDC or it's busy
[  245.119977][ T6585] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  245.226703][ T5254] usb 1-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=7f.a4
[  245.229491][ T5254] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.232341][ T5254] usb 1-1: Product: syz
[  245.233502][ T5254] usb 1-1: Manufacturer: syz
[  245.234756][ T5254] usb 1-1: SerialNumber: syz
[  246.290442][ T6598] udc-core: couldn't find an available UDC or it's busy
[  246.292413][ T6598] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  246.384310][ T6603] udc-core: couldn't find an available UDC or it's busy
[  246.386324][ T6603] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  246.546940][ T5254] usb 1-1: USB disconnect, device number 9
[  246.737034][ T6608] input: syz0 as /devices/virtual/input/input28
[  246.761311][ T4333] udevd[4333]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:2.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  247.274653][ T4722] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  248.087249][ T4722] usb 1-1: device descriptor read/64, error -71
[  248.139357][ T6626] udc-core: couldn't find an available UDC or it's busy
[  248.141408][ T6626] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  248.365517][ T4722] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  248.400881][ T6631] binder: tried to use weak ref as strong ref
[  248.402631][ T6631] binder: 6628:6631 Acquire 1 refcount change on invalid ref 0 ret -22
[  248.548726][ T4722] usb 1-1: device descriptor read/64, error -71
[  248.668921][ T4722] usb usb1-port1: attempt power cycle
[  249.907190][ T4722] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  250.225832][ T4722] usb 1-1: device not accepting address 12, error -71
[  252.235777][ T6693] binder: tried to use weak ref as strong ref
[  252.238617][ T6693] binder: 6681:6693 Acquire 1 refcount change on invalid ref 0 ret -22
[  253.077449][ T4722] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  253.166525][ T4722] usb 1-1: Using ep0 maxpacket: 32
[  253.222156][ T6706] udc-core: couldn't find an available UDC or it's busy
[  253.227037][ T5254] Bluetooth: hci4: command 0x0405 tx timeout
[  253.230307][ T6706] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  253.306354][ T4722] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  253.335047][ T4722] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  253.495131][ T4722] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.521131][ T4722] usb 1-1: config 0 descriptor??
[  253.557212][ T4722] hub 1-1:0.0: bad descriptor, ignoring hub
[  253.559227][ T4722] hub: probe of 1-1:0.0 failed with error -5
[  253.567266][ T4722] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  253.924186][ T6718] udc-core: couldn't find an available UDC or it's busy
[  253.926334][ T6718] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  253.990115][ T2055] ieee802154 phy0 wpan0: encryption failed: -22
[  253.992037][ T2055] ieee802154 phy1 wpan1: encryption failed: -22
[  255.196211][ T6734] binder: tried to use weak ref as strong ref
[  255.197973][ T6734] binder: 6730:6734 Acquire 1 refcount change on invalid ref 0 ret -22
[  255.213082][ T1533] usb 1-1: USB disconnect, device number 13
[  256.104361][ T6745] udc-core: couldn't find an available UDC or it's busy
[  256.110107][ T6745] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  256.114906][   T25] Bluetooth: hci5: command 0x1003 tx timeout
[  256.116806][ T4035] Bluetooth: hci5: sending frame failed (-49)
[  257.650539][ T6767] netlink: 2384 bytes leftover after parsing attributes in process `syz.0.776'.
[  258.676755][ T4035] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  258.679640][ T4035] CPU: 0 PID: 4035 Comm: kworker/u5:1 Not tainted 5.15.186-syzkaller #0
[  258.681852][ T4035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  258.684656][ T4035] Workqueue: hci3 hci_rx_work
[  258.685940][ T4035] Call trace:
[  258.686830][ T4035]  dump_backtrace+0x0/0x43c
[  258.688074][ T4035]  show_stack+0x2c/0x3c
[  258.689278][ T4035]  __dump_stack+0x30/0x40
[  258.690564][ T4035]  dump_stack_lvl+0xf8/0x160
[  258.691875][ T4035]  dump_stack+0x1c/0x5c
[  258.693049][ T4035]  sysfs_create_dir_ns+0x22c/0x24c
[  258.694515][ T4035]  kobject_add_internal+0x590/0xc54
[  258.695918][ T4035]  kobject_add+0x134/0x1f8
[  258.697146][ T4035]  device_add+0x3f0/0xf94
[  258.698378][ T4035]  hci_conn_add_sysfs+0xbc/0x1cc
[  258.699767][ T4035]  le_conn_complete_evt+0x9a4/0x11bc
[  258.701276][ T4035]  hci_le_meta_evt+0x85c/0x3010
[  258.702690][ T4035]  hci_event_packet+0xd10/0x11bc
[  258.704068][ T4035]  hci_rx_work+0x1cc/0x880
[  258.705327][ T4035]  process_one_work+0x79c/0x1140
[  258.706671][ T4035]  worker_thread+0x8f4/0x101c
[  258.707929][ T4035]  kthread+0x374/0x454
[  258.709035][ T4035]  ret_from_fork+0x10/0x20
[  259.054143][ T4035] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  259.058509][ T4035] Bluetooth: hci3: failed to register connection device
[  259.326144][ T4144] Bluetooth: hci5: command 0x1001 tx timeout
[  259.386217][ T4037] Bluetooth: hci5: sending frame failed (-49)
[  259.424894][ T6784] netlink: 'syz.1.782': attribute type 2 has an invalid length.
[  259.431557][ T6784] netlink: 'syz.1.782': attribute type 8 has an invalid length.
[  259.444390][ T6784] netlink: 132 bytes leftover after parsing attributes in process `syz.1.782'.
[  259.651352][ T6786] binder: tried to use weak ref as strong ref
[  259.653292][ T6786] binder: 6778:6786 Acquire 1 refcount change on invalid ref 0 ret -22
[  259.800926][ T6794] udc-core: couldn't find an available UDC or it's busy
[  259.810098][ T6794] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  261.081668][ T6810] Cannot find set identified by id 0 to match
[  261.142372][ T1533] Bluetooth: hci3: command 0x2016 tx timeout
[  261.781614][ T4144] Bluetooth: hci5: command 0x1009 tx timeout
[  264.186182][ T6829] udc-core: couldn't find an available UDC or it's busy
[  264.188273][ T6829] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  264.311159][ T6833] binder: 6831:6833 IncRefs 0 refcount change on invalid ref 0 ret -22
[  266.150686][ T6851] device syzkaller1 entered promiscuous mode
[  266.975560][ T6849] sctp: failed to load transform for md5: -2
[  267.292882][ T6874] input: syz0 as /devices/virtual/input/input29
[  268.592679][ T4144] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  269.468245][ T4144] usb 1-1: Using ep0 maxpacket: 32
[  269.611791][ T6895] binder: tried to use weak ref as strong ref
[  269.613653][ T6895] binder: 6890:6895 Acquire 1 refcount change on invalid ref 0 ret -22
[  269.649172][ T4144] usb 1-1: config 0 has an invalid interface number: 132 but max is 0
[  269.653544][ T4144] usb 1-1: config 0 has no interface number 0
[  269.655357][ T4144] usb 1-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  269.756997][ T6897] udc-core: couldn't find an available UDC or it's busy
[  269.771062][ T6897] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  269.838189][ T4144] usb 1-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  269.840952][ T4144] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.844406][ T4144] usb 1-1: Product: syz
[  269.849576][ T4144] usb 1-1: Manufacturer: syz
[  269.855176][ T4144] usb 1-1: SerialNumber: syz
[  269.875887][ T4144] usb 1-1: config 0 descriptor??
[  269.922076][ T4144] em28xx 1-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  269.925146][ T4144] em28xx 1-1:0.132: Video interface 132 found:
[  270.343357][ T4144] em28xx 1-1:0.132: unknown em28xx chip ID (0)
[  270.447902][ T4144] em28xx 1-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[  270.450589][ T4144] em28xx 1-1:0.132: board has no eeprom
[  270.541383][ T4144] em28xx 1-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  270.543675][ T4144] em28xx 1-1:0.132: analog set to bulk mode.
[  270.560981][ T4144] usb 1-1: USB disconnect, device number 14
[  270.563277][ T4144] em28xx 1-1:0.132: Disconnecting em28xx
[  270.565190][ T4722] em28xx 1-1:0.132: Registering V4L2 extension
[  271.302629][ T4722] em28xx 1-1:0.132: Config register raw data: 0xffffffed
[  271.305166][ T4722] em28xx 1-1:0.132: AC97 chip type couldn't be determined
[  271.307650][ T4722] em28xx 1-1:0.132: No AC97 audio processor
[  271.337008][ T4722] usb 1-1: Decoder not found
[  271.346697][ T4722] em28xx 1-1:0.132: failed to create media graph
[  271.358217][ T4722] em28xx 1-1:0.132: V4L2 device video11 deregistered
[  271.423002][ T4722] em28xx 1-1:0.132: Remote control support is not available for this card.
[  271.425617][ T4144] em28xx 1-1:0.132: Closing input extension
[  271.437032][ T4144] em28xx 1-1:0.132: Freeing device
[  271.703118][ T6924] loop1: detected capacity change from 0 to 1024
[  271.750897][ T6924] EXT4-fs (loop1): Ignoring removed oldalloc option
[  271.752951][ T6924] EXT4-fs (loop1): Ignoring removed bh option
[  271.754831][ T6924] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  271.821020][ T4144] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  271.826151][ T6924] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,nobarrier,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  272.056944][ T4144] usb 1-1: Using ep0 maxpacket: 16
[  272.387198][ T6931] set match dimension is over the limit!
[  272.446906][ T4144] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  273.900699][ T4144] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  273.903408][ T4144] usb 1-1: config 0 interface 0 has no altsetting 0
[  273.905269][ T4144] usb 1-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.00
[  273.932107][ T6940] udc-core: couldn't find an available UDC or it's busy
[  273.967306][ T6940] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  275.123380][ T4144] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.128257][ T4144] usb 1-1: config 0 descriptor??
[  275.145458][ T4144] usb 1-1: can't set config #0, error -71
[  275.150652][ T4144] usb 1-1: USB disconnect, device number 15
[  275.270390][ T6955] udc-core: couldn't find an available UDC or it's busy
[  275.272358][ T6955] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  276.663155][ T6974] input: syz0 as /devices/virtual/input/input30
[  279.247509][ T7008] Cannot find set identified by id 0 to match
[  279.599647][ T7010] udc-core: couldn't find an available UDC or it's busy
[  279.612146][ T7010] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  280.123221][ T7018] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  280.125355][ T7018] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  280.128611][ T7024] udc-core: couldn't find an available UDC or it's busy
[  280.129010][ T7022] netlink: 8 bytes leftover after parsing attributes in process `syz.3.851'.
[  280.130604][ T7024] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  280.632738][ T7018] vhci_hcd vhci_hcd.0: Device attached
[  280.712648][ T7020] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 0
[  280.724352][ T4192] vhci_hcd: stop threads
[  280.726690][ T4192] vhci_hcd: release socket
[  280.727954][ T4192] vhci_hcd: disconnect device
[  280.903768][ T7036] netlink: 'syz.2.855': attribute type 10 has an invalid length.
[  280.906344][ T7036] bridge0: port 4(team0) entered blocking state
[  280.911774][ T7036] bridge0: port 4(team0) entered disabled state
[  280.915226][ T7036] device team0 entered promiscuous mode
[  280.916864][ T7036] device team_slave_0 entered promiscuous mode
[  280.918706][ T7036] device team_slave_1 entered promiscuous mode
[  280.921424][ T7036] bridge0: port 4(team0) entered blocking state
[  280.923397][ T7036] bridge0: port 4(team0) entered forwarding state
[  281.634592][ T7049] mmap: syz.4.861 (7049) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  281.934138][ T7062] netlink: 8 bytes leftover after parsing attributes in process `syz.4.865'.
[  281.949018][ T7063] set match dimension is over the limit!
[  282.040420][ T7064] input: syz0 as /devices/virtual/input/input31
[  283.670888][ T7089] udc-core: couldn't find an available UDC or it's busy
[  283.675754][ T7089] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  283.698665][ T7090] binder: 7088:7090 ioctl c0306201 0 returned -14
[  283.754781][ T7091] binder: 7088:7091 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  283.757192][ T7091] binder: 7088:7091 got reply transaction with no transaction stack
[  283.762716][ T7091] binder: 7088:7091 transaction failed 29201/-71, size 0-24 line 2822
[  283.779765][ T7093] udc-core: couldn't find an available UDC or it's busy
[  283.782160][ T7093] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  283.796484][ T7093] netlink: 4 bytes leftover after parsing attributes in process `syz.1.876'.
[  284.571904][ T4144] binder: undelivered TRANSACTION_ERROR: 29201
[  286.338703][ T4037] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  286.341453][ T4037] CPU: 0 PID: 4037 Comm: kworker/u5:2 Not tainted 5.15.186-syzkaller #0
[  286.343691][ T4037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  286.346506][ T4037] Workqueue: hci2 hci_rx_work
[  286.347759][ T4037] Call trace:
[  286.348644][ T4037]  dump_backtrace+0x0/0x43c
[  286.349862][ T4037]  show_stack+0x2c/0x3c
[  286.350963][ T4037]  __dump_stack+0x30/0x40
[  286.352091][ T4037]  dump_stack_lvl+0xf8/0x160
[  286.353297][ T4037]  dump_stack+0x1c/0x5c
[  286.354369][ T4037]  sysfs_create_dir_ns+0x22c/0x24c
[  286.355681][ T4037]  kobject_add_internal+0x590/0xc54
[  286.357083][ T4037]  kobject_add+0x134/0x1f8
[  286.358247][ T4037]  device_add+0x3f0/0xf94
[  286.359359][ T4037]  hci_conn_add_sysfs+0xbc/0x1cc
[  286.360621][ T4037]  le_conn_complete_evt+0x9a4/0x11bc
[  286.362069][ T4037]  hci_le_meta_evt+0x85c/0x3010
[  286.363323][ T4037]  hci_event_packet+0xd10/0x11bc
[  286.364661][ T4037]  hci_rx_work+0x1cc/0x880
[  286.365849][ T4037]  process_one_work+0x79c/0x1140
[  286.367208][ T4037]  worker_thread+0x8f4/0x101c
[  286.368498][ T4037]  kthread+0x374/0x454
[  286.369604][ T4037]  ret_from_fork+0x10/0x20
[  286.377850][ T4037] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  286.381644][ T4037] Bluetooth: hci2: failed to register connection device
[  286.993016][ T4144] Bluetooth: hci4: command 0x2016 tx timeout
[  287.207616][ T7139] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  287.236474][ T7139] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  287.238633][ T7139] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  287.335645][ T7145] netlink: 4 bytes leftover after parsing attributes in process `syz.1.894'.
[  287.611349][ T7153] xt_connbytes: Forcing CT accounting to be enabled
[  287.635191][ T7153] set match dimension is over the limit!
[  288.412728][ T4091] Bluetooth: hci2: command 0x2016 tx timeout
[  291.027711][ T7185] netlink: 4 bytes leftover after parsing attributes in process `syz.0.910'.
[  291.072418][ T7185] device batadv0 entered promiscuous mode
[  291.074503][ T7185] device macvtap1 entered promiscuous mode
[  291.092162][ T7185] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  291.742253][ T7192] chnl_net:caif_netlink_parms(): no params data found
[  292.293051][ T7192] bridge0: port 1(bridge_slave_0) entered blocking state
[  292.295864][ T7192] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.306875][ T7192] device bridge_slave_0 entered promiscuous mode
[  292.324137][ T7192] bridge0: port 2(bridge_slave_1) entered blocking state
[  292.336468][ T7192] bridge0: port 2(bridge_slave_1) entered disabled state
[  292.344516][ T7192] device bridge_slave_1 entered promiscuous mode
[  292.418885][ T7192] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  292.423507][ T7192] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  292.464042][ T7192] team0: Port device team_slave_0 added
[  292.477243][ T7192] team0: Port device team_slave_1 added
[  292.513090][ T7192] batman_adv: batadv0: Adding interface: batadv_slave_0
[  292.515274][ T7192] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.553854][ T7192] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  292.580769][ T7192] batman_adv: batadv0: Adding interface: batadv_slave_1
[  292.582795][ T7192] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.655170][ T7192] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  293.286289][ T1533] Bluetooth: hci4: command 0x0409 tx timeout
[  293.546968][ T7192] device hsr_slave_0 entered promiscuous mode
[  293.696475][ T7192] device hsr_slave_1 entered promiscuous mode
[  293.739465][ T7192] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  293.742969][ T7192] Cannot create hsr debugfs directory
[  293.744653][ T7215] netlink: 28 bytes leftover after parsing attributes in process `syz.4.915'.
[  293.747114][ T7215] netlink: 8 bytes leftover after parsing attributes in process `syz.4.915'.
[  295.424492][   T25] Bluetooth: hci4: command 0x041b tx timeout
[  296.240346][ T4051] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  296.243771][ T4051] CPU: 1 PID: 4051 Comm: kworker/u5:4 Not tainted 5.15.186-syzkaller #0
[  296.245936][ T4051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  296.248526][ T4051] Workqueue: hci1 hci_rx_work
[  296.249744][ T4051] Call trace:
[  296.250571][ T4051]  dump_backtrace+0x0/0x43c
[  296.251788][ T4051]  show_stack+0x2c/0x3c
[  296.252875][ T4051]  __dump_stack+0x30/0x40
[  296.254068][ T4051]  dump_stack_lvl+0xf8/0x160
[  296.255285][ T4051]  dump_stack+0x1c/0x5c
[  296.256391][ T4051]  sysfs_create_dir_ns+0x22c/0x24c
[  296.257720][ T4051]  kobject_add_internal+0x590/0xc54
[  296.259076][ T4051]  kobject_add+0x134/0x1f8
[  296.260242][ T4051]  device_add+0x3f0/0xf94
[  296.261363][ T4051]  hci_conn_add_sysfs+0xbc/0x1cc
[  296.262681][ T4051]  le_conn_complete_evt+0x9a4/0x11bc
[  296.264111][ T4051]  hci_le_meta_evt+0x85c/0x3010
[  296.265394][ T4051]  hci_event_packet+0xd10/0x11bc
[  296.266673][ T4051]  hci_rx_work+0x1cc/0x880
[  296.267913][ T4051]  process_one_work+0x79c/0x1140
[  296.269223][ T4051]  worker_thread+0x8f4/0x101c
[  296.270428][ T4051]  kthread+0x374/0x454
[  296.271500][ T4051]  ret_from_fork+0x10/0x20
[  296.278373][ T4051] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  296.283072][ T4051] Bluetooth: hci1: failed to register connection device
[  296.915378][ T7192] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  296.934892][ T7252] netlink: 60 bytes leftover after parsing attributes in process `syz.3.926'.
[  297.009288][ T7252] netlink: 60 bytes leftover after parsing attributes in process `syz.3.926'.
[  297.040726][ T4436] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.073275][ T7192] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  297.137213][ T7192] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  297.176024][ T7249] netlink: 60 bytes leftover after parsing attributes in process `syz.3.926'.
[  297.179560][ T7192] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  297.238823][ T4436] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.342970][ T7283] udc-core: couldn't find an available UDC or it's busy
[  297.363950][ T7283] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  297.370939][ T4436] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.444205][ T1533] Bluetooth: hci4: command 0x040f tx timeout
[  297.487350][ T7192] 8021q: adding VLAN 0 to HW filter on device bond0
[  297.513568][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  297.516630][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  297.537496][ T7192] 8021q: adding VLAN 0 to HW filter on device team0
[  297.552153][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  297.634178][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  297.750932][ T4192] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.752983][ T4192] bridge0: port 1(bridge_slave_0) entered forwarding state
[  297.770230][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  297.785928][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  297.809174][ T4192] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.811221][ T4192] bridge0: port 2(bridge_slave_1) entered forwarding state
[  297.827464][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  297.847453][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  298.063022][ T4436] bridge0: port 3(netdevsim0) entered disabled state
[  298.076145][ T4436] device netdevsim0 left promiscuous mode
[  298.082389][ T4436] bridge0: port 3(netdevsim0) entered disabled state
[  298.135506][ T7286] block nbd3: shutting down sockets
[  298.323905][ T5254] Bluetooth: hci1: command 0x2016 tx timeout
[  298.724516][ T4436] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.835589][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  298.838479][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  298.842128][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  298.845035][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  298.847859][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  298.854691][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  298.859590][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  298.865275][ T7192] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  298.869287][ T7192] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  299.048115][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  299.052210][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  299.055404][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  299.233703][ T4051] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  299.236908][ T4051] CPU: 1 PID: 4051 Comm: kworker/u5:4 Not tainted 5.15.186-syzkaller #0
[  299.239260][ T4051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  299.242208][ T4051] Workqueue: hci3 hci_rx_work
[  299.243605][ T4051] Call trace:
[  299.244445][ T4051]  dump_backtrace+0x0/0x43c
[  299.245689][ T4051]  show_stack+0x2c/0x3c
[  299.246867][ T4051]  __dump_stack+0x30/0x40
[  299.248065][ T4051]  dump_stack_lvl+0xf8/0x160
[  299.249334][ T4051]  dump_stack+0x1c/0x5c
[  299.250483][ T4051]  sysfs_create_dir_ns+0x22c/0x24c
[  299.252129][ T4051]  kobject_add_internal+0x590/0xc54
[  299.253511][ T4051]  kobject_add+0x134/0x1f8
[  299.254814][ T4051]  device_add+0x3f0/0xf94
[  299.256057][ T4051]  hci_conn_add_sysfs+0xbc/0x1cc
[  299.257472][ T4051]  le_conn_complete_evt+0x9a4/0x11bc
[  299.258921][ T4051]  hci_le_meta_evt+0x85c/0x3010
[  299.260431][ T4051]  hci_event_packet+0xd10/0x11bc
[  299.261754][ T4051]  hci_rx_work+0x1cc/0x880
[  299.263079][ T4051]  process_one_work+0x79c/0x1140
[  299.264518][ T4051]  worker_thread+0x8f4/0x101c
[  299.265899][ T4051]  kthread+0x374/0x454
[  299.267152][ T4051]  ret_from_fork+0x10/0x20
[  299.277256][ T4051] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  299.284829][ T4051] Bluetooth: hci3: failed to register connection device
[  299.523592][   T25] Bluetooth: hci4: command 0x0419 tx timeout
[  300.113688][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  300.115940][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  300.128648][ T7192] 8021q: adding VLAN 0 to HW filter on device batadv0
[  300.568949][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  300.580025][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  300.599277][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  300.609696][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  300.628333][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  300.631098][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  300.656142][ T7192] device veth0_vlan entered promiscuous mode
[  300.669308][ T7192] device veth1_vlan entered promiscuous mode
[  300.732421][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  300.735252][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  300.738330][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  300.860305][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  301.299383][ T7192] device veth0_macvtap entered promiscuous mode
[  301.323368][ T7192] device veth1_macvtap entered promiscuous mode
[  301.352975][ T7348] udc-core: couldn't find an available UDC or it's busy
[  301.355032][ T7348] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  301.362783][ T1533] Bluetooth: hci3: command 0x2016 tx timeout
[  301.385557][ T7192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.388330][ T7192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.391264][ T7192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.425681][ T7192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.428528][ T7192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.451978][ T7192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.456538][ T7192] batman_adv: batadv0: Interface activated: batadv_slave_0
[  301.473753][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  301.476616][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  301.483362][ T7192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.486400][ T7192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.489115][ T7192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.541051][ T7192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.544811][ T7192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.549077][ T7192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.568785][ T7192] batman_adv: batadv0: Interface activated: batadv_slave_1
[  301.582142][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  301.585712][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  301.601975][ T7192] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.618536][ T7192] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  301.635119][ T7192] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  301.651246][ T7192] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  302.315938][ T7370] input: syz0 as /devices/virtual/input/input32
[  302.698696][ T4601] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  302.701195][ T4601] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  302.705856][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  302.924186][ T4601] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  303.691065][ T4601] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  303.945409][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  305.980315][ T4051] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  305.985192][ T4051] CPU: 0 PID: 4051 Comm: kworker/u5:4 Not tainted 5.15.186-syzkaller #0
[  305.987646][ T4051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  305.990613][ T4051] Workqueue: hci1 hci_rx_work
[  305.992050][ T4051] Call trace:
[  305.992963][ T4051]  dump_backtrace+0x0/0x43c
[  305.994271][ T4051]  show_stack+0x2c/0x3c
[  305.995477][ T4051]  __dump_stack+0x30/0x40
[  305.996679][ T4051]  dump_stack_lvl+0xf8/0x160
[  305.998012][ T4051]  dump_stack+0x1c/0x5c
[  305.999278][ T4051]  sysfs_create_dir_ns+0x22c/0x24c
[  306.000734][ T4051]  kobject_add_internal+0x590/0xc54
[  306.002166][ T4051]  kobject_add+0x134/0x1f8
[  306.003381][ T4051]  device_add+0x3f0/0xf94
[  306.004639][ T4051]  hci_conn_add_sysfs+0xbc/0x1cc
[  306.006022][ T4051]  le_conn_complete_evt+0x9a4/0x11bc
[  306.007588][ T4051]  hci_le_meta_evt+0x85c/0x3010
[  306.009082][ T4051]  hci_event_packet+0xd10/0x11bc
[  306.010509][ T4051]  hci_rx_work+0x1cc/0x880
[  306.011797][ T4051]  process_one_work+0x79c/0x1140
[  306.013253][ T4051]  worker_thread+0x8f4/0x101c
[  306.014623][ T4051]  kthread+0x374/0x454
[  306.015792][ T4051]  ret_from_fork+0x10/0x20
[  306.020659][ T4051] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  306.024790][ T4051] Bluetooth: hci1: failed to register connection device
[  306.157745][   T26] audit: type=1326 audit(167772466.131:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7422 comm="syz.5.959" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  306.854125][   T26] audit: type=1326 audit(167772466.831:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7422 comm="syz.5.959" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=60 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  307.038408][   T26] audit: type=1326 audit(167772467.011:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7422 comm="syz.5.959" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  307.228029][ T7440] input: syz0 as /devices/virtual/input/input33
[  308.341138][   T13] Bluetooth: hci1: command 0x2016 tx timeout
[  310.089485][ T4436] device hsr_slave_0 left promiscuous mode
[  310.120786][ T7472] udc-core: couldn't find an available UDC or it's busy
[  310.123200][ T7472] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  310.223635][ T4436] device hsr_slave_1 left promiscuous mode
[  311.348013][ T4436] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  311.351432][ T4436] batman_adv: batadv0: Removing interface: batadv_slave_0
[  311.523800][ T4436] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  311.525908][ T4436] batman_adv: batadv0: Removing interface: batadv_slave_1
[  311.533311][ T4436] device team0 left promiscuous mode
[  311.534789][ T4436] device team_slave_0 left promiscuous mode
[  311.547743][ T4436] device team_slave_1 left promiscuous mode
[  311.550907][ T4436] bridge0: port 4(team0) entered disabled state
[  312.619657][ T4436] device bridge_slave_1 left promiscuous mode
[  312.621563][ T4436] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.122490][ T7508] input: syz0 as /devices/virtual/input/input34
[  313.475575][ T7513] udc-core: couldn't find an available UDC or it's busy
[  313.481671][ T7513] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  313.642558][ T4436] device bridge_slave_0 left promiscuous mode
[  313.644412][ T4436] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.936581][ T4436] device veth1_macvtap left promiscuous mode
[  313.938811][ T4436] device veth0_macvtap left promiscuous mode
[  313.940702][ T4436] device veth1_vlan left promiscuous mode
[  313.942543][ T4436] device veth0_vlan left promiscuous mode
[  314.970144][ T7532] serio: Serial port ptm2
[  315.369174][ T2055] ieee802154 phy0 wpan0: encryption failed: -22
[  315.371418][ T2055] ieee802154 phy1 wpan1: encryption failed: -22
[  316.263138][ T7542] block device autoloading is deprecated and will be removed.
[  317.277585][ T7558] input: syz0 as /devices/virtual/input/input35
[  319.630173][ T4436] team0 (unregistering): Port device team_slave_1 removed
[  319.682642][ T4436] team0 (unregistering): Port device team_slave_0 removed
[  319.708159][ T4436] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  319.860909][ T4436] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  320.790138][ T4436] bond0 (unregistering): Released all slaves
[  321.080489][ T7589] Cannot find set identified by id 0 to match
[  321.726689][ T7569] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  321.729207][ T7569] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  322.478891][ T7603] udc-core: couldn't find an available UDC or it's busy
[  322.480867][ T7603] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  323.946271][ T7607] netlink: 'syz.3.1004': attribute type 10 has an invalid length.
[  324.195680][ T7607] 8021q: adding VLAN 0 to HW filter on device batadv0
[  324.201175][ T7607] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  324.574187][ T7625] input: syz0 as /devices/virtual/input/input36
[  326.568114][ T7648] binder: tried to use weak ref as strong ref
[  326.579939][ T7648] binder: 7633:7648 Acquire 1 refcount change on invalid ref 0 ret -22
[  327.087373][ T7658] xt_connbytes: Forcing CT accounting to be enabled
[  327.093962][ T7658] Cannot find set identified by id 0 to match
[  332.213644][ T7715] udc-core: couldn't find an available UDC or it's busy
[  332.215633][ T7715] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  332.556824][ T7720] input: syz0 as /devices/virtual/input/input37
[  336.287057][ T7745] udc-core: couldn't find an available UDC or it's busy
[  336.289084][ T7745] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  338.506674][ T7769] input: syz0 as /devices/virtual/input/input38
[  340.176854][ T7784] binder: tried to use weak ref as strong ref
[  340.178633][ T7784] binder: 7774:7784 Acquire 1 refcount change on invalid ref 0 ret -22
[  341.248652][ T7790] syz.5.1046 sent an empty control message without MSG_MORE.
[  342.712536][ T7794] udc-core: couldn't find an available UDC or it's busy
[  342.733810][ T7794] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  343.328089][ T7821] udc-core: couldn't find an available UDC or it's busy
[  343.375109][ T7821] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  346.595410][ T7860] udc-core: couldn't find an available UDC or it's busy
[  346.597662][ T7860] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  346.698350][ T7862] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1060'.
[  346.706782][ T7862] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1060'.
[  351.892080][ T7937] udc-core: couldn't find an available UDC or it's busy
[  351.984510][ T7937] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  357.237731][ T7990] loop5: detected capacity change from 0 to 32768
[  357.252216][ T7994] loop1: detected capacity change from 0 to 32768
[  357.333175][ T7994] debugfs: Directory 'B1DE653C5FFC4D88B33B244AAB9EB3E9' with parent 'ocfs2' already present!
[  357.343354][ T7990] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  357.366325][ T7994] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  357.457214][ T8020] udc-core: couldn't find an available UDC or it's busy
[  357.483817][ T8020] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  357.575362][ T7990] (syz.5.1087,7990,0):ocfs2_read_blocks_sync:112 ERROR: status = -12
[  357.600087][ T7990] (syz.5.1087,7990,1):update_backups:188 ERROR: status = -12
[  357.602142][ T7990] ocfs2: Failed to update super blocks on 7,5 during fs resize. This condition is not fatal, but fsck.ocfs2 should be run to fix it
[  357.686767][ T7996] loop4: detected capacity change from 0 to 32768
[  357.746336][ T7996] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  357.748780][ T7996] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  357.848918][ T4045] ocfs2: Unmounting device (7,1) on (node local)
[  357.999315][ T7996] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  358.008683][ T4144] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  358.010953][ T4144] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  358.328630][ T4144] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 317ms
[  358.366519][ T4144] gfs2: fsid=syz:syz.0: jid=0: Done
[  358.369005][ T7996] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  358.431220][ T7192] ocfs2: Unmounting device (7,5) on (node local)
[  360.049776][ T8030] loop1: detected capacity change from 0 to 32768
[  360.146850][ T8030] BTRFS info (device loop1): using crc32c (crc32c-generic) checksum algorithm
[  360.149359][ T8030] BTRFS info (device loop1): setting nodatasum
[  360.161258][ T8030] BTRFS info (device loop1): force zlib compression, level 3
[  360.171396][ T8030] BTRFS info (device loop1): metadata ratio 4
[  360.173419][ T8030] BTRFS info (device loop1): enabling ssd optimizations
[  360.177140][ T8030] BTRFS info (device loop1): allowing degraded mounts
[  360.178993][ T8030] BTRFS info (device loop1): using free space tree
[  360.180792][ T8030] BTRFS info (device loop1): has skinny extents
[  360.445265][ T8039] loop3: detected capacity change from 0 to 32768
[  360.472068][ T8039] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.1099 (8039)
[  360.491960][ T8039] BTRFS info (device loop3): using sha256 (sha256-ce) checksum algorithm
[  360.511967][ T8039] BTRFS info (device loop3): enabling disk space caching
[  360.519897][ T8039] BTRFS info (device loop3): doing ref verification
[  360.521799][ T8039] BTRFS info (device loop3): use zlib compression, level 3
[  360.564525][ T8039] BTRFS info (device loop3): force clearing of disk cache
[  360.566500][ T8039] BTRFS info (device loop3): setting nodatacow, compression disabled
[  360.568956][ T8039] BTRFS info (device loop3): doing ref verification
[  360.592781][ T8039] BTRFS info (device loop3): disk space caching is enabled
[  360.594968][ T8039] BTRFS info (device loop3): has skinny extents
[  360.672237][ T8030] fs-verity: sha512 using implementation "sha512-arm64"
[  360.853162][ T8079] udc-core: couldn't find an available UDC or it's busy
[  360.855136][ T8079] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  360.936528][ T8039] BTRFS info (device loop3): enabling ssd optimizations
[  360.939616][ T8039] BTRFS info (device loop3): clearing free space tree
[  360.941547][ T8039] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  360.972681][ T8039] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  361.205555][ T8102] BTRFS error (device loop3): balance: mixed groups data and metadata options must be the same
[  362.185161][ T8136] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  363.159426][ T8030] fs-verity (loop1, inode 260): Error -4 building Merkle tree
[  363.358296][ T8030] BTRFS: error (device loop1) in rollback_verity:465: errno=-4 unknown (failed to drop verity items in rollback 260)
[  363.406815][ T8030] BTRFS info (device loop1): forced readonly
[  363.408609][ T8030] BTRFS error (device loop1): failed to rollback verity items: -4
[  363.468503][ T8152] 8021q: adding VLAN 0 to HW filter on device bond0
[  363.499277][ T8155] loop3: detected capacity change from 0 to 512
[  363.524179][ T8152] bond0: (slave rose0): Enslaving as an active interface with an up link
[  363.566928][ T8155] EXT4-fs (loop3): Ignoring removed oldalloc option
[  363.571356][ T4438] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  363.745250][ T8155] EXT4-fs (loop3): 1 truncate cleaned up
[  363.746859][ T8155] EXT4-fs (loop3): mounted filesystem without journal. Opts: quota,bsdgroups,nouid32,errors=remount-ro,jqfmt=vfsv1,oldalloc,stripe=0x0000000000000005,. Quota mode: writeback.
[  363.770715][ T8163] loop5: detected capacity change from 0 to 128
[  363.872448][ T8163] EXT4-fs (loop5): mounted filesystem without journal. Opts: minixdf,nodelalloc,,errors=continue. Quota mode: none.
[  365.219340][ T8184] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  365.379702][ T8195] loop3: detected capacity change from 0 to 512
[  365.413338][ T8195] EXT4-fs (loop3): Ignoring removed oldalloc option
[  365.440052][ T8195] EXT4-fs (loop3): 1 truncate cleaned up
[  365.441732][ T8195] EXT4-fs (loop3): mounted filesystem without journal. Opts: quota,bsdgroups,nouid32,errors=remount-ro,jqfmt=vfsv1,oldalloc,stripe=0x0000000000000005,. Quota mode: writeback.
[  366.178066][ T8205] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  367.660389][ T8227] loop5: detected capacity change from 0 to 512
[  367.684905][ T8227] EXT4-fs (loop5): Ignoring removed oldalloc option
[  368.511117][ T8227] EXT4-fs (loop5): 1 truncate cleaned up
[  368.512671][ T8227] EXT4-fs (loop5): mounted filesystem without journal. Opts: quota,bsdgroups,nouid32,errors=remount-ro,jqfmt=vfsv1,oldalloc,stripe=0x0000000000000005,. Quota mode: writeback.
[  368.531219][ T8225] loop3: detected capacity change from 0 to 4096
[  368.930266][ T8256] input: syz0 as /devices/virtual/input/input39
[  369.816141][ T8258] vcan0 speed is unknown, defaulting to 1000
[  369.891045][ T8258] vcan0 speed is unknown, defaulting to 1000
[  369.893213][ T8258] vcan0 speed is unknown, defaulting to 1000
[  370.039983][ T8267] bridge0: port 4(syz_tun) entered blocking state
[  370.041966][ T8267] bridge0: port 4(syz_tun) entered disabled state
[  370.061634][ T8267] device syz_tun entered promiscuous mode
[  370.085677][ T8258] infiniband syz1: set active
[  370.087061][   T13] vcan0 speed is unknown, defaulting to 1000
[  370.089336][ T8258] infiniband syz1: added vcan0
[  370.238588][ T8258] RDS/IB: syz1: added
[  370.239928][ T8258] smc: adding ib device syz1 with port count 1
[  370.286894][ T8258] smc:    ib device syz1 port 1 has pnetid 
[  370.289146][   T13] vcan0 speed is unknown, defaulting to 1000
[  370.291723][ T8258] vcan0 speed is unknown, defaulting to 1000
[  370.873774][   T13] Bluetooth: hci1: command 0x2016 tx timeout
[  371.060502][ T8258] vcan0 speed is unknown, defaulting to 1000
[  371.312967][ T8258] vcan0 speed is unknown, defaulting to 1000
[  371.413142][ T8258] vcan0 speed is unknown, defaulting to 1000
[  372.495760][ T8258] vcan0 speed is unknown, defaulting to 1000
[  372.926468][ T4237] Bluetooth: hci1: command 0x0419 tx timeout
[  373.037278][ T8332] input: syz0 as /devices/virtual/input/input40
[  373.349799][ T8297] infiniband syz0: set down
[  373.356211][ T8297] infiniband syz0: added ipvlan1
[  373.408095][ T8297] infiniband syz0: Couldn't open port 1
[  373.520739][ T8297] RDS/IB: syz0: added
[  373.521993][ T8297] smc: adding ib device syz0 with port count 1
[  373.556498][ T8297] smc:    ib device syz0 port 1 has pnetid SYZ0 (user defined)
[  373.599793][ T8320] loop4: detected capacity change from 0 to 32768
[  373.666637][ T8320] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1152 (8320)
[  373.746777][ T8320] BTRFS info (device loop4): using sha256 (sha256-ce) checksum algorithm
[  373.749209][ T8320] BTRFS info (device loop4): setting nodatacow, compression disabled
[  373.751548][ T8320] BTRFS info (device loop4): force clearing of disk cache
[  373.753423][ T8320] BTRFS info (device loop4): setting datacow
[  373.755023][ T8320] BTRFS info (device loop4): doing ref verification
[  373.784230][ T8320] BTRFS info (device loop4): disabling free space tree
[  373.796481][ T8320] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  373.802276][ T8320] BTRFS info (device loop4): use zstd compression, level 3
[  373.807945][ T4051] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  373.809955][ T8320] BTRFS info (device loop4): enabling ssd optimizations
[  373.810904][ T4051] CPU: 1 PID: 4051 Comm: kworker/u5:4 Not tainted 5.15.186-syzkaller #0
[  373.814801][ T4051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  373.817578][ T4051] Workqueue: hci1 hci_rx_work
[  373.818844][ T4051] Call trace:
[  373.819714][ T4051]  dump_backtrace+0x0/0x43c
[  373.820915][ T4051]  show_stack+0x2c/0x3c
[  373.822040][ T4051]  __dump_stack+0x30/0x40
[  373.823210][ T4051]  dump_stack_lvl+0xf8/0x160
[  373.824467][ T4051]  dump_stack+0x1c/0x5c
[  373.825615][ T4051]  sysfs_create_dir_ns+0x22c/0x24c
[  373.825961][ T8320] BTRFS info (device loop4): using spread ssd allocation scheme
[  373.826988][ T4051]  kobject_add_internal+0x590/0xc54
[  373.829072][ T8320] BTRFS info (device loop4): not using ssd optimizations
[  373.830469][ T4051]  kobject_add+0x134/0x1f8
[  373.830485][ T4051]  device_add+0x3f0/0xf94
[  373.830495][ T4051]  hci_conn_add_sysfs+0xbc/0x1cc
[  373.830507][ T4051]  le_conn_complete_evt+0x9a4/0x11bc
[  373.837543][ T4051]  hci_le_meta_evt+0x85c/0x3010
[  373.838848][ T4051]  hci_event_packet+0xd10/0x11bc
[  373.840205][ T4051]  hci_rx_work+0x1cc/0x880
[  373.841414][ T4051]  process_one_work+0x79c/0x1140
[  373.842689][ T8320] BTRFS info (device loop4): not using spread ssd allocation scheme
[  373.842736][ T4051]  worker_thread+0x8f4/0x101c
[  373.844871][ T8320] BTRFS info (device loop4): has skinny extents
[  373.846083][ T4051]  kthread+0x374/0x454
[  373.846097][ T4051]  ret_from_fork+0x10/0x20
[  373.846699][ T4051] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  373.853772][ T4051] Bluetooth: hci1: failed to register connection device
[  373.966417][ T8353] Cannot find set identified by id 0 to match
[  374.521405][ T8320] BTRFS info (device loop4): clearing free space tree
[  374.523478][ T8320] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  374.535237][ T8320] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  375.005619][ T8127] Bluetooth: hci1: command 0x0406 tx timeout
[  376.797201][ T2055] ieee802154 phy0 wpan0: encryption failed: -22
[  376.807858][ T2055] ieee802154 phy1 wpan1: encryption failed: -22
[  377.306203][ T4237] Bluetooth: hci1: command 0x2016 tx timeout
[  378.051924][ T8432] input: syz0 as /devices/virtual/input/input41
[  378.827915][ T8440] vcan0 speed is unknown, defaulting to 1000
[  379.067997][ T8436] loop4: detected capacity change from 0 to 32768
[  379.123778][ T8436] (syz.4.1168,8436,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  379.132767][ T8436] (syz.4.1168,8436,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  379.180465][ T8436] JBD2: Ignoring recovery information on journal
[  379.289336][ T8436] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  379.370433][ T8465] loop1: detected capacity change from 0 to 8
[  379.441203][ T8466] binder: tried to use weak ref as strong ref
[  379.442985][ T8466] binder: 8446:8466 Acquire 1 refcount change on invalid ref 0 ret -22
[  379.493785][ T8465] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  380.311792][ T8465] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  380.471756][ T8436] ocfs2: Unmounting device (7,4) on (node local)
[  380.476312][ T4333] udevd[4333]: incorrect cramfs checksum on /dev/loop1
[  380.824586][ T8478] vcan0 speed is unknown, defaulting to 1000
[  380.948175][ T8472] loop5: detected capacity change from 0 to 32768
[  380.994830][ T8472] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.1174 (8472)
[  381.005443][ T8472] BTRFS info (device loop5): using crc32c (crc32c-generic) checksum algorithm
[  381.007928][ T8472] BTRFS info (device loop5): turning on sync discard
[  381.009711][ T8472] BTRFS info (device loop5): disabling tree log
[  381.011402][ T8472] BTRFS info (device loop5): metadata ratio 5
[  381.018770][ T8472] BTRFS info (device loop5): using free space tree
[  381.032958][ T8472] BTRFS info (device loop5): has skinny extents
[  381.183133][ T8472] BTRFS info (device loop5): enabling ssd optimizations
[  381.956482][ T8513] input: syz0 as /devices/virtual/input/input42
[  382.458787][ T8521] loop4: detected capacity change from 0 to 128
[  382.495307][ T8521] EXT4-fs (loop4): Ignoring removed bh option
[  382.686078][ T8521] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,bh,,errors=continue. Quota mode: none.
[  383.791232][ T8539] loop3: detected capacity change from 0 to 512
[  383.865809][ T8539] EXT4-fs (loop3): Ignoring removed bh option
[  383.982563][ T8539] EXT4-fs (loop3): mounted filesystem without journal. Opts: bh,grpquota,,errors=continue. Quota mode: writeback.
[  384.784385][ T8559] ip6t_REJECT: ECHOREPLY is not supported
[  388.318954][   T26] audit: type=1326 audit(167772548.312:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8575 comm="syz.3.1201" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa48f5ba8 code=0x7fc00000
[  388.436408][ T8590] loop1: detected capacity change from 0 to 1024
[  388.499711][ T8590] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  388.501663][ T8590] EXT4-fs (loop1): Ignoring removed bh option
[  388.503326][ T8590] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  388.689193][ T8590] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,block_validity,data_err=ignore,max_dir_size_kb=0x0000000000000004,data_err=ignore,grpquota,mblk_io_submit,nodiscard,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  392.081180][ T8618] binder: 8617:8618 IncRefs 0 refcount change on invalid ref 0 ret -22
[  393.064530][ T8625] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  395.383469][ T4037] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  395.386339][ T4037] CPU: 1 PID: 4037 Comm: kworker/u5:2 Not tainted 5.15.186-syzkaller #0
[  395.388556][ T4037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  395.391329][ T4037] Workqueue: hci3 hci_rx_work
[  395.392705][ T4037] Call trace:
[  395.393616][ T4037]  dump_backtrace+0x0/0x43c
[  395.394832][ T4037]  show_stack+0x2c/0x3c
[  395.396044][ T4037]  __dump_stack+0x30/0x40
[  395.397251][ T4037]  dump_stack_lvl+0xf8/0x160
[  395.398499][ T4037]  dump_stack+0x1c/0x5c
[  395.399636][ T4037]  sysfs_create_dir_ns+0x22c/0x24c
[  395.400989][ T4037]  kobject_add_internal+0x590/0xc54
[  395.402395][ T4037]  kobject_add+0x134/0x1f8
[  395.403590][ T4037]  device_add+0x3f0/0xf94
[  395.404783][ T4037]  hci_conn_add_sysfs+0xbc/0x1cc
[  395.406081][ T4037]  le_conn_complete_evt+0x9a4/0x11bc
[  395.407460][ T4037]  hci_le_meta_evt+0x85c/0x3010
[  395.408749][ T4037]  hci_event_packet+0xd10/0x11bc
[  395.410105][ T4037]  hci_rx_work+0x1cc/0x880
[  395.411316][ T4037]  process_one_work+0x79c/0x1140
[  395.412693][ T4037]  worker_thread+0x8f4/0x101c
[  395.413977][ T4037]  kthread+0x374/0x454
[  395.415099][ T4037]  ret_from_fork+0x10/0x20
[  395.419885][ T4037] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  395.423633][ T4037] Bluetooth: hci3: failed to register connection device
[  397.706051][ T5252] Bluetooth: hci3: command 0x2016 tx timeout
[  397.807622][ T8681] loop4: detected capacity change from 0 to 1024
[  397.863772][   T26] audit: type=1326 audit(167772557.887:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8682 comm="syz.0.1226" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffac780ba8 code=0x7ffc0000
[  397.879484][ T8681] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  397.881456][ T8681] EXT4-fs (loop4): Ignoring removed bh option
[  397.883271][ T8681] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  397.903742][   T26] audit: type=1326 audit(167772557.927:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8682 comm="syz.0.1226" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffac780ba8 code=0x7ffc0000
[  397.927421][   T26] audit: type=1326 audit(167772557.927:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8682 comm="syz.0.1226" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffac780ba8 code=0x7ffc0000
[  397.953664][   T26] audit: type=1326 audit(167772557.927:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8682 comm="syz.0.1226" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffac780ba8 code=0x7ffc0000
[  397.989321][   T26] audit: type=1326 audit(167772557.927:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8682 comm="syz.0.1226" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffac780ba8 code=0x7ffc0000
[  398.043193][   T26] audit: type=1326 audit(167772557.927:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8682 comm="syz.0.1226" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=269 compat=0 ip=0xffffac780ba8 code=0x7ffc0000
[  398.074299][ T8681] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,block_validity,data_err=ignore,max_dir_size_kb=0x0000000000000004,data_err=ignore,grpquota,mblk_io_submit,nodiscard,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  403.650129][ T8722] input: syz0 as /devices/virtual/input/input43
[  404.321504][ T8733] udc-core: couldn't find an available UDC or it's busy
[  404.323495][ T8733] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  405.891429][ T8754] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1245'.
[  406.719729][ T8769] loop3: detected capacity change from 0 to 512
[  407.461516][ T8781] input: syz0 as /devices/virtual/input/input44
[  408.296336][ T8769] fscrypt (loop3, inode 2): Error -61 getting encryption context
[  408.299135][ T8769] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -61
[  408.301440][ T8769] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #13: comm syz.3.1249: iget: bad i_size value: 12154757448730
[  408.318905][ T8769] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.1249: couldn't read orphan inode 13 (err -117)
[  408.369868][ T8791] loop4: detected capacity change from 0 to 8192
[  408.395667][ T8769] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,nojournal_checksum,noload,dax=inode,usrjquota=,grpjquota=.seclabel,,errors=continue. Quota mode: writeback.
[  408.465109][ T8791]  loop4: p1 p2[DM] p4
[  408.467515][ T8791] loop4: p1 size 196608 extends beyond EOD, truncated
[  408.502543][ T8791] loop4: p2 start 4292936063 is beyond EOD, truncated
[  408.504495][ T8791] loop4: p4 size 50331648 extends beyond EOD, truncated
[  411.065739][ T8811] udc-core: couldn't find an available UDC or it's busy
[  411.071046][ T8811] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  411.085659][ T8808] vcan0 speed is unknown, defaulting to 1000
[  411.235724][ T3652]  loop4: p1 p2[DM] p4
[  411.237154][ T3652] loop4: p1 size 196608 extends beyond EOD, truncated
[  411.247421][ T3652] loop4: p2 start 4292936063 is beyond EOD, truncated
[  411.254343][ T3652] loop4: p4 size 50331648 extends beyond EOD, truncated
[  411.694126][ T8819] loop5: detected capacity change from 0 to 256
[  411.951853][ T3652]  loop4: p1 p2[DM] p4
[  411.953265][ T3652] loop4: p1 size 196608 extends beyond EOD, truncated
[  411.955904][ T3652] loop4: p2 start 4292936063 is beyond EOD, truncated
[  411.965064][ T3652] loop4: p4 size 50331648 extends beyond EOD, truncated
[  411.986642][ T8819] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  412.409653][ T8826] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1264'.
[  412.410157][ T8826] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  412.410177][ T8826] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  414.396959][ T8841] input: syz0 as /devices/virtual/input/input45
[  415.160973][ T8412] Bluetooth: hci4: command 0x0406 tx timeout
[  415.254753][ T4394] udevd[4394]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  415.498413][   T26] audit: type=1326 audit(167772575.526:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8851 comm="syz.5.1269" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  415.505416][   T26] audit: type=1326 audit(167772575.526:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8851 comm="syz.5.1269" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  415.512011][   T26] audit: type=1326 audit(167772575.536:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8851 comm="syz.5.1269" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  415.518840][   T26] audit: type=1326 audit(167772575.536:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8851 comm="syz.5.1269" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  415.524964][   T26] audit: type=1326 audit(167772575.536:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8851 comm="syz.5.1269" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  415.534972][   T26] audit: type=1326 audit(167772575.536:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8851 comm="syz.5.1269" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  415.541255][   T26] audit: type=1326 audit(167772575.536:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8851 comm="syz.5.1269" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  415.547806][   T26] audit: type=1326 audit(167772575.536:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8851 comm="syz.5.1269" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  415.553632][   T26] audit: type=1326 audit(167772575.536:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8851 comm="syz.5.1269" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  415.561080][   T26] audit: type=1326 audit(167772575.536:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8851 comm="syz.5.1269" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  418.166040][ T4333] udevd[4333]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  418.627091][ T4176] udevd[4176]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  418.636838][ T4333] udevd[4333]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  419.019627][ T4394] udevd[4394]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  419.030238][ T4333] udevd[4333]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  419.991879][ T8899] loop3: detected capacity change from 0 to 512
[  420.000374][ T8904] input: syz0 as /devices/virtual/input/input46
[  420.404266][ T8899] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,norecovery,,errors=continue. Quota mode: writeback.
[  421.025901][   T26] kauditd_printk_skb: 61 callbacks suppressed
[  421.025914][   T26] audit: type=1326 audit(167772581.068:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8918 comm="syz.4.1294" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb893fba8 code=0x7ffc0000
[  421.044328][   T26] audit: type=1326 audit(167772581.068:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8918 comm="syz.4.1294" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb893fba8 code=0x7ffc0000
[  421.074707][   T26] audit: type=1326 audit(167772581.098:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8918 comm="syz.4.1294" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb893fba8 code=0x7ffc0000
[  421.080723][   T26] audit: type=1326 audit(167772581.098:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8918 comm="syz.4.1294" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb893fba8 code=0x7ffc0000
[  421.112335][   T26] audit: type=1326 audit(167772581.098:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8918 comm="syz.4.1294" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb893fba8 code=0x7ffc0000
[  421.123756][ T8921] loop3: detected capacity change from 0 to 1024
[  421.153106][   T26] audit: type=1326 audit(167772581.098:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8918 comm="syz.4.1294" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb893fba8 code=0x7ffc0000
[  421.159162][   T26] audit: type=1326 audit(167772581.098:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8918 comm="syz.4.1294" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb893fba8 code=0x7ffc0000
[  421.176177][ T8921] EXT4-fs (loop3): Ignoring removed orlov option
[  421.178502][ T8921] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (23153!=20869)
[  421.185680][   T26] audit: type=1326 audit(167772581.098:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8918 comm="syz.4.1294" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb893fba8 code=0x7ffc0000
[  421.195330][ T8921] EXT4-fs (loop3): group descriptors corrupted!
[  421.262275][   T26] audit: type=1326 audit(167772581.098:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8918 comm="syz.4.1294" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb893fba8 code=0x7ffc0000
[  421.278967][   T26] audit: type=1326 audit(167772581.098:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8918 comm="syz.4.1294" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb893fba8 code=0x7ffc0000
[  421.511302][ T8928] udc-core: couldn't find an available UDC or it's busy
[  421.513648][ T8928] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  422.797807][ T8941] loop3: detected capacity change from 0 to 1024
[  422.901919][ T8941] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  422.903963][ T8941] EXT4-fs (loop3): Ignoring removed bh option
[  422.905633][ T8941] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  422.978894][ T8941] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,block_validity,data_err=ignore,max_dir_size_kb=0x0000000000000004,data_err=ignore,grpquota,mblk_io_submit,nodiscard,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  425.864206][ T8961] loop3: detected capacity change from 0 to 512
[  426.161675][ T8961] EXT4-fs (loop3): Ignoring removed bh option
[  426.163939][ T8961] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  426.167433][ T8961] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  426.434368][ T8961] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2825: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  426.446061][ T8961] EXT4-fs (loop3): 1 truncate cleaned up
[  426.447792][ T8961] EXT4-fs (loop3): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000004,debug_want_extra_isize=0x0000000000000068,nombcache,bh,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: none.
[  430.076584][ T8993] netlink: 'syz.5.1313': attribute type 13 has an invalid length.
[  430.098091][ T8993] gretap0: refused to change device tx_queue_len
[  430.100217][ T8993] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  430.731779][ T9002] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  431.526965][ T9013] input: syz0 as /devices/virtual/input/input47
[  434.117114][ T9040] loop3: detected capacity change from 0 to 512
[  434.620984][ T9040] EXT2-fs (loop3): warning: feature flags set on rev 0 fs, running e2fsck is recommended
[  435.137448][ T9040] EXT2-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended
[  435.140158][ T9040] EXT2-fs (loop3): 0.5b, 95/08/09, bs=4096, gc=1, bpg=32768, ipg=32, mo=8001c]
[  436.534740][ T9057] ip6t_REJECT: ECHOREPLY is not supported
[  438.957033][ T2055] ieee802154 phy0 wpan0: encryption failed: -22
[  438.959035][ T2055] ieee802154 phy1 wpan1: encryption failed: -22
[  439.261681][ T9091] udc-core: couldn't find an available UDC or it's busy
[  439.263782][ T9091] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  445.135940][ T9142] vcan0 speed is unknown, defaulting to 1000
[  445.771444][ T9154] loop3: detected capacity change from 0 to 512
[  445.852881][ T9154] EXT4-fs (loop3): Unrecognized mount option "context=user_u" or missing value
[  446.511932][ T9164] loop3: detected capacity change from 0 to 512
[  446.541247][ T9165] input: syz0 as /devices/virtual/input/input48
[  446.588561][ T9164] EXT4-fs error (device loop3): ext4_get_branch:178: inode #13: block 2: comm syz.3.1358: invalid block
[  446.598274][ T9164] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1358: invalid indirect mapped block 10 (level 1)
[  446.604692][ T9164] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1358: invalid indirect mapped block 8 (level 1)
[  446.615388][ T9164] EXT4-fs (loop3): 1 truncate cleaned up
[  446.617358][ T9164] EXT4-fs (loop3): mounted filesystem without journal. Opts: acl,user_xattr,,errors=continue. Quota mode: none.
[  446.624136][ T9164] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.1358: unexpected EA_INODE flag
[  447.818325][ T9170] netlink: 'syz.0.1360': attribute type 10 has an invalid length.
[  451.051967][ T9190] loop3: detected capacity change from 0 to 1024
[  451.057166][ T9190] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  451.059297][ T9190] EXT4-fs (loop3): Ignoring removed bh option
[  451.060964][ T9190] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  451.230318][ T9190] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,block_validity,data_err=ignore,max_dir_size_kb=0x0000000000000004,data_err=ignore,grpquota,mblk_io_submit,nodiscard,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  453.278684][ T4051] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  453.281768][ T4051] CPU: 1 PID: 4051 Comm: kworker/u5:4 Not tainted 5.15.186-syzkaller #0
[  453.283977][ T4051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  453.286625][ T4051] Workqueue: hci3 hci_rx_work
[  453.287854][ T4051] Call trace:
[  453.288709][ T4051]  dump_backtrace+0x0/0x43c
[  453.289886][ T4051]  show_stack+0x2c/0x3c
[  453.290969][ T4051]  __dump_stack+0x30/0x40
[  453.292147][ T4051]  dump_stack_lvl+0xf8/0x160
[  453.293333][ T4051]  dump_stack+0x1c/0x5c
[  453.294430][ T4051]  sysfs_create_dir_ns+0x22c/0x24c
[  453.295806][ T4051]  kobject_add_internal+0x590/0xc54
[  453.297201][ T4051]  kobject_add+0x134/0x1f8
[  453.298373][ T4051]  device_add+0x3f0/0xf94
[  453.299515][ T4051]  hci_conn_add_sysfs+0xbc/0x1cc
[  453.300878][ T4051]  le_conn_complete_evt+0x9a4/0x11bc
[  453.302350][ T4051]  hci_le_meta_evt+0x85c/0x3010
[  453.303600][ T4051]  hci_event_packet+0xd10/0x11bc
[  453.305008][ T4051]  hci_rx_work+0x1cc/0x880
[  453.306180][ T4051]  process_one_work+0x79c/0x1140
[  453.307499][ T4051]  worker_thread+0x8f4/0x101c
[  453.308723][ T4051]  kthread+0x374/0x454
[  453.309806][ T4051]  ret_from_fork+0x10/0x20
[  453.315363][ T4051] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  453.319629][ T4051] Bluetooth: hci3: failed to register connection device
[  455.956638][ T8129] Bluetooth: hci3: command 0x2016 tx timeout
[  457.566888][ T9248] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  459.493252][ T9262] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1386'.
[  459.695696][ T9262] device gretap0 entered promiscuous mode
[  459.697520][ T9262] device vlan2 entered promiscuous mode
[  460.693002][ T4037] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  460.695854][ T4037] CPU: 1 PID: 4037 Comm: kworker/u5:2 Not tainted 5.15.186-syzkaller #0
[  460.698076][ T4037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  460.700825][ T4037] Workqueue: hci4 hci_rx_work
[  460.702078][ T4037] Call trace:
[  460.703024][ T4037]  dump_backtrace+0x0/0x43c
[  460.704251][ T4037]  show_stack+0x2c/0x3c
[  460.705409][ T4037]  __dump_stack+0x30/0x40
[  460.706607][ T4037]  dump_stack_lvl+0xf8/0x160
[  460.707910][ T4037]  dump_stack+0x1c/0x5c
[  460.709026][ T4037]  sysfs_create_dir_ns+0x22c/0x24c
[  460.710387][ T4037]  kobject_add_internal+0x590/0xc54
[  460.711778][ T4037]  kobject_add+0x134/0x1f8
[  460.713007][ T4037]  device_add+0x3f0/0xf94
[  460.714250][ T4037]  hci_conn_add_sysfs+0xbc/0x1cc
[  460.715565][ T4037]  le_conn_complete_evt+0x9a4/0x11bc
[  460.716976][ T4037]  hci_le_meta_evt+0x85c/0x3010
[  460.718304][ T4037]  hci_event_packet+0xd10/0x11bc
[  460.719623][ T4037]  hci_rx_work+0x1cc/0x880
[  460.720840][ T4037]  process_one_work+0x79c/0x1140
[  460.722186][ T4037]  worker_thread+0x8f4/0x101c
[  460.723422][ T4037]  kthread+0x374/0x454
[  460.724524][ T4037]  ret_from_fork+0x10/0x20
[  460.733507][ T4037] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  460.737209][ T4037] Bluetooth: hci4: failed to register connection device
[  461.532973][ T9279] input: syz0 as /devices/virtual/input/input49
[  461.538638][ T9279] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  462.801563][ T4237] Bluetooth: hci4: command 0x2016 tx timeout
[  463.693528][   T26] kauditd_printk_skb: 7 callbacks suppressed
[  463.693540][   T26] audit: type=1326 audit(167772622.889:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9292 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  463.703989][   T26] audit: type=1326 audit(167772622.889:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9292 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  463.713341][   T26] audit: type=1326 audit(167772622.889:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9292 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=107 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  463.720010][   T26] audit: type=1326 audit(167772622.889:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9292 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  463.726479][   T26] audit: type=1326 audit(167772622.889:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9292 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  463.737642][   T26] audit: type=1326 audit(167772622.949:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9292 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=233 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  463.751144][   T26] audit: type=1326 audit(167772622.969:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9292 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  463.757288][   T26] audit: type=1326 audit(167772622.979:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9292 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  463.868892][   T26] audit: type=1326 audit(167772623.240:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9292 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=425 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  463.895093][   T26] audit: type=1326 audit(167772623.280:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9292 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff830f6ba8 code=0x7ffc0000
[  465.288594][ T4037] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  465.291604][ T4037] CPU: 0 PID: 4037 Comm: kworker/u5:2 Not tainted 5.15.186-syzkaller #0
[  465.293797][ T4037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  465.296540][ T4037] Workqueue: hci1 hci_rx_work
[  465.297838][ T4037] Call trace:
[  465.298732][ T4037]  dump_backtrace+0x0/0x43c
[  465.299920][ T4037]  show_stack+0x2c/0x3c
[  465.301019][ T4037]  __dump_stack+0x30/0x40
[  465.302214][ T4037]  dump_stack_lvl+0xf8/0x160
[  465.303475][ T4037]  dump_stack+0x1c/0x5c
[  465.304618][ T4037]  sysfs_create_dir_ns+0x22c/0x24c
[  465.305958][ T4037]  kobject_add_internal+0x590/0xc54
[  465.307315][ T4037]  kobject_add+0x134/0x1f8
[  465.308494][ T4037]  device_add+0x3f0/0xf94
[  465.309647][ T4037]  hci_conn_add_sysfs+0xbc/0x1cc
[  465.310948][ T4037]  le_conn_complete_evt+0x9a4/0x11bc
[  465.312341][ T4037]  hci_le_meta_evt+0x85c/0x3010
[  465.313624][ T4037]  hci_event_packet+0xd10/0x11bc
[  465.314990][ T4037]  hci_rx_work+0x1cc/0x880
[  465.316145][ T4037]  process_one_work+0x79c/0x1140
[  465.317544][ T4037]  worker_thread+0x8f4/0x101c
[  465.318823][ T4037]  kthread+0x374/0x454
[  465.319898][ T4037]  ret_from_fork+0x10/0x20
[  465.323571][ T4037] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  465.327072][ T4037] Bluetooth: hci1: failed to register connection device
[  465.689717][ T9339] loop1: detected capacity change from 0 to 512
[  465.883054][ T9339] EXT4-fs (loop1): Ignoring removed bh option
[  465.886798][ T9339] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  467.069063][ T9339] EXT4-fs (loop1): 1 truncate cleaned up
[  467.070931][ T9339] EXT4-fs (loop1): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000004,debug_want_extra_isize=0x0000000000000068,nombcache,bh,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: none.
[  467.546827][ T4077] Bluetooth: hci1: command 0x2016 tx timeout
[  468.935915][ T9349] loop5: detected capacity change from 0 to 512
[  468.963817][ T9349] EXT2-fs (loop5): warning: feature flags set on rev 0 fs, running e2fsck is recommended
[  468.983344][ T9349] EXT2-fs (loop5): warning: maximal mount count reached, running e2fsck is recommended
[  468.986080][ T9349] EXT2-fs (loop5): 0.5b, 95/08/09, bs=4096, gc=1, bpg=32768, ipg=32, mo=8001c]
[  470.992855][ T9377] loop3: detected capacity change from 0 to 1024
[  471.028898][ T9377] EXT4-fs (loop3): Ignoring removed oldalloc option
[  471.030821][ T9377] EXT4-fs (loop3): Ignoring removed orlov option
[  471.087127][ T9377] EXT4-fs (loop3): mounted filesystem without journal. Opts: stripe=0x0000000000000002,journal_dev=0x0000000000001045,oldalloc,noquota,data_err=ignore,barrier=0x0000000000000002,delalloc,errors=continue,orlov,user_xattr,quota,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  471.327462][ T9377] EXT4-fs (loop3): Ignoring removed orlov option
[  471.329441][ T9377] EXT4-fs (loop3): can't enable nombcache during remount
[  471.365876][ T9387] input: syz0 as /devices/virtual/input/input50
[  471.399693][ T9388] udc-core: couldn't find an available UDC or it's busy
[  471.410021][ T9388] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  471.671146][ T9377] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3876: comm syz.3.1421: Allocating blocks 385-513 which overlap fs metadata
[  471.720739][ T9376] EXT4-fs (loop3): pa 000000002dfff44d: logic 16, phys. 129, len 24
[  471.723340][ T9376] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 8
[  472.148727][ T9396] loop0: detected capacity change from 0 to 256
[  473.558225][ T9396] FAT-fs (loop0): Directory bread(block 64) failed
[  473.560211][ T9396] FAT-fs (loop0): Directory bread(block 65) failed
[  473.562071][ T9396] FAT-fs (loop0): Directory bread(block 66) failed
[  473.563880][ T9396] FAT-fs (loop0): Directory bread(block 67) failed
[  473.565672][ T9396] FAT-fs (loop0): Directory bread(block 68) failed
[  473.567526][ T9396] FAT-fs (loop0): Directory bread(block 69) failed
[  473.569303][ T9396] FAT-fs (loop0): Directory bread(block 70) failed
[  473.571064][ T9396] FAT-fs (loop0): Directory bread(block 71) failed
[  473.572792][ T9396] FAT-fs (loop0): Directory bread(block 72) failed
[  473.574536][ T9396] FAT-fs (loop0): Directory bread(block 73) failed
[  476.419945][ T9411] loop3: detected capacity change from 0 to 256
[  476.542966][ T9411] FAT-fs (loop3): Directory bread(block 64) failed
[  476.544940][ T9411] FAT-fs (loop3): Directory bread(block 65) failed
[  476.546783][ T9411] FAT-fs (loop3): Directory bread(block 66) failed
[  476.548604][ T9411] FAT-fs (loop3): Directory bread(block 67) failed
[  476.550432][ T9411] FAT-fs (loop3): Directory bread(block 68) failed
[  476.552307][ T9411] FAT-fs (loop3): Directory bread(block 69) failed
[  476.554078][ T9411] FAT-fs (loop3): Directory bread(block 70) failed
[  476.555899][ T9411] FAT-fs (loop3): Directory bread(block 71) failed
[  476.557746][ T9411] FAT-fs (loop3): Directory bread(block 72) failed
[  476.559545][ T9411] FAT-fs (loop3): Directory bread(block 73) failed
[  477.914143][ T4051] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  477.916850][ T4051] CPU: 1 PID: 4051 Comm: kworker/u5:4 Not tainted 5.15.186-syzkaller #0
[  477.919155][ T4051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  477.921781][ T4051] Workqueue: hci1 hci_rx_work
[  477.923032][ T4051] Call trace:
[  477.923872][ T4051]  dump_backtrace+0x0/0x43c
[  477.925009][ T4051]  show_stack+0x2c/0x3c
[  477.926109][ T4051]  __dump_stack+0x30/0x40
[  477.927229][ T4051]  dump_stack_lvl+0xf8/0x160
[  477.928482][ T4051]  dump_stack+0x1c/0x5c
[  477.929591][ T4051]  sysfs_create_dir_ns+0x22c/0x24c
[  477.931026][ T4051]  kobject_add_internal+0x590/0xc54
[  477.932441][ T4051]  kobject_add+0x134/0x1f8
[  477.933668][ T4051]  device_add+0x3f0/0xf94
[  477.934811][ T4051]  hci_conn_add_sysfs+0xbc/0x1cc
[  477.936206][ T4051]  le_conn_complete_evt+0x9a4/0x11bc
[  477.937607][ T4051]  hci_le_meta_evt+0x85c/0x3010
[  477.938922][ T4051]  hci_event_packet+0xd10/0x11bc
[  477.940319][ T4051]  hci_rx_work+0x1cc/0x880
[  477.941513][ T4051]  process_one_work+0x79c/0x1140
[  477.942872][ T4051]  worker_thread+0x8f4/0x101c
[  477.944150][ T4051]  kthread+0x374/0x454
[  477.945259][ T4051]  ret_from_fork+0x10/0x20
[  477.947678][ T4051] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  477.951309][ T4051] Bluetooth: hci1: failed to register connection device
[  479.826629][ T9438] loop5: detected capacity change from 0 to 256
[  479.992937][ T8129] Bluetooth: hci1: command 0x2016 tx timeout
[  481.249810][ T9454] loop3: detected capacity change from 0 to 256
[  481.299868][ T9454] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[  484.024800][ T9484] input: syz0 as /devices/virtual/input/input51
[  486.710870][ T9498] netlink: 'syz.1.1453': attribute type 4 has an invalid length.
[  486.769231][ T9499] netlink: 'syz.1.1453': attribute type 4 has an invalid length.
[  488.391570][ T9521] Cannot find set identified by id 0 to match
[  489.053118][ T9525] loop0: detected capacity change from 0 to 512
[  489.136040][ T9525] EXT4-fs (loop0): Ignoring removed bh option
[  489.222578][ T9525] EXT4-fs (loop0): mounted filesystem without journal. Opts: bh,grpquota,,errors=continue. Quota mode: writeback.
[  489.452383][ T9537] ip6t_REJECT: ECHOREPLY is not supported
[  489.897831][ T4051] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  489.900671][ T4051] CPU: 1 PID: 4051 Comm: kworker/u5:4 Not tainted 5.15.186-syzkaller #0
[  489.902973][ T4051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  489.905632][ T4051] Workqueue: hci3 hci_rx_work
[  489.906923][ T4051] Call trace:
[  489.907879][ T4051]  dump_backtrace+0x0/0x43c
[  489.909111][ T4051]  show_stack+0x2c/0x3c
[  489.910218][ T4051]  __dump_stack+0x30/0x40
[  489.911409][ T4051]  dump_stack_lvl+0xf8/0x160
[  489.912686][ T4051]  dump_stack+0x1c/0x5c
[  489.913802][ T4051]  sysfs_create_dir_ns+0x22c/0x24c
[  489.915164][ T4051]  kobject_add_internal+0x590/0xc54
[  489.916598][ T4051]  kobject_add+0x134/0x1f8
[  489.917814][ T4051]  device_add+0x3f0/0xf94
[  489.918978][ T4051]  hci_conn_add_sysfs+0xbc/0x1cc
[  489.920299][ T4051]  le_conn_complete_evt+0x9a4/0x11bc
[  489.921744][ T4051]  hci_le_meta_evt+0x85c/0x3010
[  489.923025][ T4051]  hci_event_packet+0xd10/0x11bc
[  489.924321][ T4051]  hci_rx_work+0x1cc/0x880
[  489.925493][ T4051]  process_one_work+0x79c/0x1140
[  489.926821][ T4051]  worker_thread+0x8f4/0x101c
[  489.928086][ T4051]  kthread+0x374/0x454
[  489.929189][ T4051]  ret_from_fork+0x10/0x20
[  489.930789][ T4051] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  489.934438][ T4051] Bluetooth: hci3: failed to register connection device
[  490.454728][ T9546] binder: 9541:9546 Acquire 1 refcount change on invalid ref 0 ret -22
[  491.271199][ T9553] udc-core: couldn't find an available UDC or it's busy
[  491.277494][ T9553] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  492.149305][ T8129] Bluetooth: hci3: command 0x2016 tx timeout
[  492.381314][ T9563] input: syz0 as /devices/virtual/input/input52
[  495.504270][ T9593] Cannot find set identified by id 0 to match
[  495.746827][ T4051] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  495.749601][ T4051] CPU: 1 PID: 4051 Comm: kworker/u5:4 Not tainted 5.15.186-syzkaller #0
[  495.751881][ T4051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  495.754643][ T4051] Workqueue: hci2 hci_rx_work
[  495.756016][ T4051] Call trace:
[  495.756906][ T4051]  dump_backtrace+0x0/0x43c
[  495.758103][ T4051]  show_stack+0x2c/0x3c
[  495.759218][ T4051]  __dump_stack+0x30/0x40
[  495.760363][ T4051]  dump_stack_lvl+0xf8/0x160
[  495.761583][ T4051]  dump_stack+0x1c/0x5c
[  495.762741][ T4051]  sysfs_create_dir_ns+0x22c/0x24c
[  495.764114][ T4051]  kobject_add_internal+0x590/0xc54
[  495.765476][ T4051]  kobject_add+0x134/0x1f8
[  495.766684][ T4051]  device_add+0x3f0/0xf94
[  495.767849][ T4051]  hci_conn_add_sysfs+0xbc/0x1cc
[  495.769194][ T4051]  le_conn_complete_evt+0x9a4/0x11bc
[  495.770596][ T4051]  hci_le_meta_evt+0x85c/0x3010
[  495.771883][ T4051]  hci_event_packet+0xd10/0x11bc
[  495.773235][ T4051]  hci_rx_work+0x1cc/0x880
[  495.774415][ T4051]  process_one_work+0x79c/0x1140
[  495.775767][ T4051]  worker_thread+0x8f4/0x101c
[  495.776968][ T4051]  kthread+0x374/0x454
[  495.778049][ T4051]  ret_from_fork+0x10/0x20
[  495.779805][ T4051] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  495.783457][ T4051] Bluetooth: hci2: failed to register connection device
[  498.169820][ T5252] Bluetooth: hci2: command 0x2016 tx timeout
[  500.233153][ T2055] ieee802154 phy0 wpan0: encryption failed: -22
[  500.234964][ T2055] ieee802154 phy1 wpan1: encryption failed: -22
[  500.855222][ T9647] input: syz0 as /devices/virtual/input/input53
[  501.532310][ T4051] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  501.535192][ T4051] CPU: 0 PID: 4051 Comm: kworker/u5:4 Not tainted 5.15.186-syzkaller #0
[  501.537534][ T4051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  501.540254][ T4051] Workqueue: hci2 hci_rx_work
[  501.541529][ T4051] Call trace:
[  501.542478][ T4051]  dump_backtrace+0x0/0x43c
[  501.543754][ T4051]  show_stack+0x2c/0x3c
[  501.544847][ T4051]  __dump_stack+0x30/0x40
[  501.546081][ T4051]  dump_stack_lvl+0xf8/0x160
[  501.547385][ T4051]  dump_stack+0x1c/0x5c
[  501.548509][ T4051]  sysfs_create_dir_ns+0x22c/0x24c
[  501.549872][ T4051]  kobject_add_internal+0x590/0xc54
[  501.551268][ T4051]  kobject_add+0x134/0x1f8
[  501.552443][ T4051]  device_add+0x3f0/0xf94
[  501.553668][ T4051]  hci_conn_add_sysfs+0xbc/0x1cc
[  501.555046][ T4051]  le_conn_complete_evt+0x9a4/0x11bc
[  501.556453][ T4051]  hci_le_meta_evt+0x85c/0x3010
[  501.557792][ T4051]  hci_event_packet+0xd10/0x11bc
[  501.559135][ T4051]  hci_rx_work+0x1cc/0x880
[  501.560389][ T4051]  process_one_work+0x79c/0x1140
[  501.561722][ T4051]  worker_thread+0x8f4/0x101c
[  501.562995][ T4051]  kthread+0x374/0x454
[  501.564102][ T4051]  ret_from_fork+0x10/0x20
[  501.567016][ T4051] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  501.571367][ T4051] Bluetooth: hci2: failed to register connection device
[  502.551017][ T9659] set match dimension is over the limit!
[  504.521793][ T8412] Bluetooth: hci2: command 0x2016 tx timeout
[  507.672834][ T9706] set match dimension is over the limit!
[  508.126284][ T4037] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  508.129073][ T4037] CPU: 0 PID: 4037 Comm: kworker/u5:2 Not tainted 5.15.186-syzkaller #0
[  508.131298][ T4037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  508.134024][ T4037] Workqueue: hci1 hci_rx_work
[  508.135323][ T4037] Call trace:
[  508.136173][ T4037]  dump_backtrace+0x0/0x43c
[  508.137304][ T4037]  show_stack+0x2c/0x3c
[  508.138369][ T4037]  __dump_stack+0x30/0x40
[  508.139492][ T4037]  dump_stack_lvl+0xf8/0x160
[  508.140735][ T4037]  dump_stack+0x1c/0x5c
[  508.141894][ T4037]  sysfs_create_dir_ns+0x22c/0x24c
[  508.143254][ T4037]  kobject_add_internal+0x590/0xc54
[  508.144707][ T4037]  kobject_add+0x134/0x1f8
[  508.145874][ T4037]  device_add+0x3f0/0xf94
[  508.147100][ T4037]  hci_conn_add_sysfs+0xbc/0x1cc
[  508.148463][ T4037]  le_conn_complete_evt+0x9a4/0x11bc
[  508.149971][ T4037]  hci_le_meta_evt+0x85c/0x3010
[  508.151275][ T4037]  hci_event_packet+0xd10/0x11bc
[  508.152609][ T4037]  hci_rx_work+0x1cc/0x880
[  508.153818][ T4037]  process_one_work+0x79c/0x1140
[  508.155150][ T4037]  worker_thread+0x8f4/0x101c
[  508.156392][ T4037]  kthread+0x374/0x454
[  508.157519][ T4037]  ret_from_fork+0x10/0x20
[  508.166393][ T4037] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  508.170019][ T4037] Bluetooth: hci1: failed to register connection device
[  510.630268][ T4091] Bluetooth: hci1: command 0x2016 tx timeout
[  512.923462][ T9737] loop4: detected capacity change from 0 to 256
[  514.522958][ T9737] FAT-fs (loop4): Directory bread(block 64) failed
[  514.524843][ T9737] FAT-fs (loop4): Directory bread(block 65) failed
[  514.526736][ T9737] FAT-fs (loop4): Directory bread(block 66) failed
[  514.528430][ T9737] FAT-fs (loop4): Directory bread(block 67) failed
[  514.530228][ T9737] FAT-fs (loop4): Directory bread(block 68) failed
[  514.531986][ T9737] FAT-fs (loop4): Directory bread(block 69) failed
[  514.533819][ T9737] FAT-fs (loop4): Directory bread(block 70) failed
[  514.535525][ T9737] FAT-fs (loop4): Directory bread(block 71) failed
[  514.537345][ T9737] FAT-fs (loop4): Directory bread(block 72) failed
[  514.539089][ T9737] FAT-fs (loop4): Directory bread(block 73) failed
[  515.200543][ T9741] input: syz0 as /devices/virtual/input/input54
[  515.340997][   T26] kauditd_printk_skb: 4 callbacks suppressed
[  515.341010][   T26] audit: type=1326 audit(167772675.336:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.1521" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa48f5ba8 code=0x7ffc0000
[  515.374609][   T26] audit: type=1326 audit(167772675.336:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.1521" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa48f5ba8 code=0x7ffc0000
[  515.435205][   T26] audit: type=1326 audit(167772675.346:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.1521" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa48f5ba8 code=0x7ffc0000
[  515.483044][   T26] audit: type=1326 audit(167772675.346:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.1521" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa48f5ba8 code=0x7ffc0000
[  515.523550][   T26] audit: type=1326 audit(167772675.346:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.1521" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa48f5ba8 code=0x7ffc0000
[  515.742293][   T26] audit: type=1326 audit(167772675.346:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.1521" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa48f5ba8 code=0x7ffc0000
[  515.767790][ T9746] set match dimension is over the limit!
[  515.816282][   T26] audit: type=1326 audit(167772675.346:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.1521" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=219 compat=0 ip=0xffffa48f5ba8 code=0x7ffc0000
[  515.822222][   T26] audit: type=1326 audit(167772675.346:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.1521" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa48f5ba8 code=0x7ffc0000
[  517.332057][ T9770] binder: 9762:9770 Acquire 1 refcount change on invalid ref 0 ret -22
[  519.885745][ T9776] input: syz0 as /devices/virtual/input/input55
[  520.437226][ T9799] set match dimension is over the limit!
[  522.942281][ T9811] binder: 9805:9811 Acquire 1 refcount change on invalid ref 0 ret -22
[  523.727133][ T9823] input: syz0 as /devices/virtual/input/input56
[  523.764488][ T9831] loop4: detected capacity change from 0 to 512
[  524.029276][ T9831] EXT4-fs (loop4): Ignoring removed bh option
[  527.515184][ T9831] EXT4-fs: error -4 creating inode table initialization thread
[  527.520279][ T9831] EXT4-fs (loop4): mount failed
[  527.923563][ T9871] loop5: detected capacity change from 0 to 512
[  528.048367][ T9871] EXT4-fs (loop5): Ignoring removed bh option
[  528.088768][ T9871] EXT4-fs (loop5): mounted filesystem without journal. Opts: bh,grpquota,,errors=continue. Quota mode: writeback.
[  528.186647][ T9880] Cannot find set identified by id 0 to match
[  532.894123][ T9930] Cannot find set identified by id 0 to match
[  533.773896][ T9940] loop0: detected capacity change from 0 to 512
[  533.814570][ T9940] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  533.856097][ T9940] EXT4-fs (loop0): invalid journal inode
[  533.857930][ T9940] EXT4-fs (loop0): can't get journal size
[  533.878069][ T9940] EXT4-fs (loop0): 1 truncate cleaned up
[  533.879685][ T9940] EXT4-fs (loop0): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  534.125670][ T4037] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  534.129171][ T4037] CPU: 1 PID: 4037 Comm: kworker/u5:2 Not tainted 5.15.186-syzkaller #0
[  534.131479][ T4037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  534.134250][ T4037] Workqueue: hci4 hci_rx_work
[  534.135541][ T4037] Call trace:
[  534.136361][ T4037]  dump_backtrace+0x0/0x43c
[  534.137575][ T4037]  show_stack+0x2c/0x3c
[  534.138707][ T4037]  __dump_stack+0x30/0x40
[  534.139870][ T4037]  dump_stack_lvl+0xf8/0x160
[  534.141093][ T4037]  dump_stack+0x1c/0x5c
[  534.142274][ T4037]  sysfs_create_dir_ns+0x22c/0x24c
[  534.143720][ T4037]  kobject_add_internal+0x590/0xc54
[  534.145096][ T4037]  kobject_add+0x134/0x1f8
[  534.146241][ T4037]  device_add+0x3f0/0xf94
[  534.147476][ T4037]  hci_conn_add_sysfs+0xbc/0x1cc
[  534.148880][ T4037]  le_conn_complete_evt+0x9a4/0x11bc
[  534.150310][ T4037]  hci_le_meta_evt+0x85c/0x3010
[  534.151604][ T4037]  hci_event_packet+0xd10/0x11bc
[  534.152965][ T4037]  hci_rx_work+0x1cc/0x880
[  534.154122][ T4037]  process_one_work+0x79c/0x1140
[  534.155470][ T4037]  worker_thread+0x8f4/0x101c
[  534.156716][ T4037]  kthread+0x374/0x454
[  534.157808][ T4037]  ret_from_fork+0x10/0x20
[  534.159022][    C1] vkms_vblank_simulate: vblank timer overrun
[  534.164969][ T4037] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  534.169633][ T4037] Bluetooth: hci4: failed to register connection device
[  535.942693][ T9936] loop4: detected capacity change from 0 to 512
[  536.139047][ T9936] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  536.166698][ T9961] loop5: detected capacity change from 0 to 512
[  536.204993][ T8129] Bluetooth: hci4: command 0x2016 tx timeout
[  536.220937][ T9936] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  537.134614][ T9972] loop0: detected capacity change from 0 to 512
[  537.168956][ T9961] EXT4-fs (loop5): Test dummy encryption mode enabled
[  537.171065][ T9961] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  537.187054][ T9961] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.1592: bad orphan inode 131083
[  537.196127][ T9961] EXT4-fs (loop5): mounted filesystem without journal. Opts: stripe=0x000000000000003d,test_dummy_encryption,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  537.386868][ T9983] loop1: detected capacity change from 0 to 256
[  537.393263][ T9972] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.1591: casefold flag without casefold feature
[  537.401363][ T9972] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.1591: couldn't read orphan inode 15 (err -117)
[  537.422766][ T9972] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  538.104105][ T9986] fscrypt (loop5): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  538.135819][ T9983] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[  539.463735][ T4037] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  539.466420][ T4037] CPU: 1 PID: 4037 Comm: kworker/u5:2 Not tainted 5.15.186-syzkaller #0
[  539.468712][ T4037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  539.471414][ T4037] Workqueue: hci2 hci_rx_work
[  539.472685][ T4037] Call trace:
[  539.473532][ T4037]  dump_backtrace+0x0/0x43c
[  539.474768][ T4037]  show_stack+0x2c/0x3c
[  539.475867][ T4037]  __dump_stack+0x30/0x40
[  539.477067][ T4037]  dump_stack_lvl+0xf8/0x160
[  539.478341][ T4037]  dump_stack+0x1c/0x5c
[  539.479425][ T4037]  sysfs_create_dir_ns+0x22c/0x24c
[  539.480814][ T4037]  kobject_add_internal+0x590/0xc54
[  539.482271][ T4037]  kobject_add+0x134/0x1f8
[  539.483493][ T4037]  device_add+0x3f0/0xf94
[  539.484604][ T4037]  hci_conn_add_sysfs+0xbc/0x1cc
[  539.485995][ T4037]  le_conn_complete_evt+0x9a4/0x11bc
[  539.487460][ T4037]  hci_le_meta_evt+0x85c/0x3010
[  539.488793][ T4037]  hci_event_packet+0xd10/0x11bc
[  539.490089][ T4037]  hci_rx_work+0x1cc/0x880
[  539.491313][ T4037]  process_one_work+0x79c/0x1140
[  539.492583][ T4037]  worker_thread+0x8f4/0x101c
[  539.493861][ T4037]  kthread+0x374/0x454
[  539.494951][ T4037]  ret_from_fork+0x10/0x20
[  539.517977][ T4037] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  539.521582][ T4037] Bluetooth: hci2: failed to register connection device
[  539.796910][T10004] loop0: detected capacity change from 0 to 128
[  541.002915][T10004] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodelalloc,barrier,,errors=continue. Quota mode: none.
[  542.206452][T10027] loop5: detected capacity change from 0 to 256
[  542.298262][T10027] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  542.358547][ T8129] Bluetooth: hci2: command 0x2016 tx timeout
[  542.795666][T10036] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1608'.
[  542.798550][T10036] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  542.801158][T10036] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  544.998061][T10061] loop3: detected capacity change from 0 to 128
[  545.269058][T10066] loop4: detected capacity change from 0 to 512
[  546.083707][    C0] ==================================================================
[  546.086507][    C0] BUG: KASAN: use-after-free in rose_timer_expiry+0x40c/0x470
[  546.088513][    C0] Read of size 2 at addr ffff0000e936e82a by task ksoftirqd/0/14
[  546.090574][    C0] 
[  546.091192][    C0] CPU: 0 PID: 14 Comm: ksoftirqd/0 Not tainted 5.15.186-syzkaller #0
[  546.093366][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  546.096062][    C0] Call trace:
[  546.096993][    C0]  dump_backtrace+0x0/0x43c
[  546.098260][    C0]  show_stack+0x2c/0x3c
[  546.099357][    C0]  __dump_stack+0x30/0x40
[  546.100516][    C0]  dump_stack_lvl+0xf8/0x160
[  546.101799][    C0]  print_address_description+0x78/0x30c
[  546.103267][    C0]  kasan_report+0xec/0x15c
[  546.104464][    C0]  __asan_report_load2_noabort+0x44/0x50
[  546.106064][    C0]  rose_timer_expiry+0x40c/0x470
[  546.107437][    C0]  call_timer_fn+0x19c/0x858
[  546.108719][    C0]  __run_timers+0x46c/0x6c4
[  546.109956][    C0]  run_timer_softirq+0x7c/0x114
[  546.111306][    C0]  handle_softirqs+0x344/0xbf0
[  546.112632][    C0]  run_ksoftirqd+0x7c/0x2a0
[  546.113916][    C0]  smpboot_thread_fn+0x4b0/0x920
[  546.115322][    C0]  kthread+0x374/0x454
[  546.116454][    C0]  ret_from_fork+0x10/0x20
[  546.117733][    C0] 
[  546.118373][    C0] Allocated by task 9755:
[  546.119567][    C0]  __kasan_kmalloc+0xb0/0xf0
[  546.120846][    C0]  __kmalloc_node_track_caller+0x234/0x3bc
[  546.122427][    C0]  kmalloc_reserve+0xe4/0x26c
[  546.123693][    C0]  __alloc_skb+0x23c/0x67c
[  546.124919][    C0]  __netdev_alloc_skb+0xb4/0x3b8
[  546.126232][    C0]  __ieee80211_beacon_get+0x934/0x19dc
[  546.127752][    C0]  ieee80211_beacon_get_tim+0x5c/0x790
[  546.129363][    C0]  mac80211_hwsim_beacon_tx+0x10c/0x7ac
[  546.130970][    C0]  __iterate_interfaces+0x204/0x484
[  546.132410][    C0]  ieee80211_iterate_active_interfaces_atomic+0xd4/0x180
[  546.134362][    C0]  mac80211_hwsim_beacon+0x90/0x174
[  546.135772][    C0]  __hrtimer_run_queues+0x428/0xb6c
[  546.137215][    C0]  hrtimer_run_softirq+0x160/0x400
[  546.138673][    C0]  handle_softirqs+0x344/0xbf0
[  546.139977][    C0]  __irq_exit_rcu+0x240/0x440
[  546.141324][    C0]  irq_exit+0x14/0x88
[  546.142424][    C0]  handle_domain_irq+0x14c/0x1fc
[  546.143768][    C0]  gic_handle_irq+0x78/0x1c8
[  546.145016][    C0] 
[  546.145634][    C0] The buggy address belongs to the object at ffff0000e936e800
[  546.145634][    C0]  which belongs to the cache kmalloc-512 of size 512
[  546.149651][    C0] The buggy address is located 42 bytes inside of
[  546.149651][    C0]  512-byte region [ffff0000e936e800, ffff0000e936ea00)
[  546.153416][    C0] The buggy address belongs to the page:
[  546.155027][    C0] page:0000000043b929c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff0000e936c800 pfn:0x12936c
[  546.158294][    C0] head:0000000043b929c0 order:2 compound_mapcount:0 compound_pincount:0
[  546.160581][    C0] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[  546.162911][    C0] raw: 05ffc00000010200 fffffc0003a53708 fffffc000323d508 ffff0000c0002600
[  546.165242][    C0] raw: ffff0000e936c800 0000000000100005 00000001ffffffff 0000000000000000
[  546.167656][    C0] page dumped because: kasan: bad access detected
[  546.169403][    C0] 
[  546.170052][    C0] Memory state around the buggy address:
[  546.171666][    C0]  ffff0000e936e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  546.173905][    C0]  ffff0000e936e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  546.176261][    C0] >ffff0000e936e800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  546.178529][    C0]                                   ^
[  546.180050][    C0]  ffff0000e936e880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  546.182269][    C0]  ffff0000e936e900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  546.184495][    C0] ==================================================================
[  546.186842][    C0] Disabling lock debugging due to kernel taint
[  546.252316][T10066] EXT4-fs (loop4): Ignoring removed bh option
[  546.751430][T10066] EXT4-fs (loop4): mounted filesystem without journal. Opts: bh,grpquota,,errors=continue. Quota mode: writeback.
[  546.817128][T10074] netlink: 200 bytes leftover after parsing attributes in process `syz.3.1617'.