last executing test programs: 17.675059438s ago: executing program 2 (id=6): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20, 0xfc, @dev={0xfe, 0x80, '\x00', 0xc}, 0x7}, 0x1c) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000000)=0x2, 0x4) 14.684740601s ago: executing program 0 (id=1): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x5885, 0x100, 0x0, 0xffeffc03}, &(0x7f0000000340)=0x0, &(0x7f0000000240)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0xc, 0x0, 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', &(0x7f0000000500)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1}) io_uring_enter(r3, 0x351e, 0x483, 0x0, 0x0, 0x0) 11.463720358s ago: executing program 4 (id=5): shutdown(0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x185) r1 = inotify_init() inotify_add_watch(r1, &(0x7f00000000c0)='.\x00', 0x5000009) fallocate(r0, 0x0, 0x1000000, 0x3) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0) 11.060911747s ago: executing program 0 (id=13): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) write$UHID_CREATE2(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) socket$inet6_mptcp(0xa, 0x1, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000) r2 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81) ioctl$HIDIOCSFEATURE(r2, 0xc0404806, &(0x7f0000000080)) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x58) close_range(r0, 0xffffffffffffffff, 0x0) 9.327113032s ago: executing program 4 (id=15): bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setrlimit(0x7, &(0x7f0000000200)={0x5, 0xb}) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x7, 0x1}}, 0x20) 8.967028044s ago: executing program 3 (id=17): syz_emit_ethernet(0x0, 0x0, 0x0) unshare(0x20000400) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa1780c20605"], 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x40, 0x2, 0x2, 0x201, 0x0, 0x0, {0x7, 0x0, 0x798}, [@CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0xf6}, @CTA_EXPECT_HELP_NAME={0xf, 0x6, 'tftp-20000\x00'}, @CTA_EXPECT_FN={0xa, 0xb, 'Q.931\x00'}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x7}]}, 0x40}, 0x1, 0x0, 0x0, 0x4c080}, 0x4004040) sendmmsg$alg(0xffffffffffffffff, &(0x7f00000042c0), 0x0, 0x20040) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x5c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4000}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x14}]}]}, 0x5c}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) 8.646064633s ago: executing program 1 (id=18): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x4bf, &(0x7f0000000540)="$eJzs3c9vG1kdAPDvTJImm81usrASPwRsWRYKqtZO3N1otaflAkKrlRArThzakLhRFDuOYqc0oYf0f0CiEif4EzggcUDqiTs3uCGkckAqUIEaJA5GM56kaWqnEU08Vfz5SE8zb57t73tt573pt41fACPrckTsRcSliLgREbPF9aQo8VGvZK97/OjO8v6jO8tJdLuf/iPJ27NrceQ9mVeLz5yKiB98N+LHybNx2zu760uNRn2rqFc7zc1qe2f3L2vNpdX6an2jVltcWJz/4Nr7tTMb61vNXz/8ztrHP/zdb7/84A973/pp1q2Zou3oOM5Sb+gTh3Ey4xHx8XkEK8FYMZ5LZXeE/0saEZ+JiLez+79bdm8AgGHodmejO3u0DgBcdGmeA0vSSpELmIk0rVR6Obw3YzpttNqdqzdb2xsrvVzZXEykN9ca9fkiVzgXE0lWX8jPn9Rrx+rXIuKNiPjZ5Ct5vbLcaqyU+eADACPs1WPr/78ne+s/AHDBTZXdAQBg6Kz/ADB6rP8AMHqs/wAweqz/ADB6rP8AMHqs/wAwUr7/ySdZ6e4X33+9cmtne711692Venu90txeriy3tjYrq63Wav6dPc3nfV6j1dpceC+2b1c79Xan2t7Zvd5sbW90ruff6329PjGUUQEAJ3njrft/SiJi78NX8hJH9nKwVsPFlpbdAaA0Y2V3ACjNeNkdAErj7/hAny16nzLwvwjdG/gWUwu85K58Qf4fRpX8P4wu+X8YXfL/MLq63cSe/wAwYuT4gXP4938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC48GbykqSVYi/wmUjTSiXitYiYi4nk5lqjPh8Rr0fEHycnJrP6QtmdBgBeUPq3pNj/68rsOzPHWy8l/5nMjxHxk198+vPbS53O1kJ2/Z+H1zv3iuu1EwPZahAASnKwTh+s4wceP7qzfFCG2Z+H3+5tLprF3S9Kr2U8xvPjVP7gMP2vpKj3ZM8rY2cQf+9uRHy+3/iTPDcyV+x8ejx+Fvu1ocZPn4qf5m29Y/Zr8dkz6AuMmvvZ/PNRv/svjcv5sf/9P5XPUC/uYP7bf2b+Sw/nv7EB89/l08Z47/ffG9h2N+KL4/3iJ4fxkwHx3zll/D9/6StvD2rr/jLiSvSPfzRWtdPcrLZ3dt9day6t1lfrG7Xa4sLi/AfX3q9V8xx19SBT/ay/f3j19ZPGPz0g/tRzxv/1U47/V/+98aOvnhD/m1/r//v/5gnxszXxG6eMvzT9m4Hbd2fxV/qPv3jP4PFfPWX8B3/dXTnlSwGAIWjv7K4vNRr1LSdDO8me3V6Cbjgp7ST7E3AWn/O5c+xq2TMTcN6e3PRl9wQAAAAAAAAAAAAAABhkGD/wVPYYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+FwAA//+vctdr") r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x19c) write(r1, &(0x7f0000000540)="953820a61a166fd5dd4b4b", 0xfdef) 8.318655382s ago: executing program 4 (id=19): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2000000) r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) close(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000380)=ANY=[@ANYRES32=r6, @ANYRES32=r5, @ANYBLOB='&'], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20) sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0) 8.267066714s ago: executing program 3 (id=20): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x14, r1, 0x1, 0xffffffff}, 0x14}, 0x1, 0x620b}, 0x0) 6.880521544s ago: executing program 2 (id=21): socket(0x2, 0xa, 0x300) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x18, 0x5, &(0x7f00000001c0)=ANY=[@ANYRES64], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000}, 0x94) r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x4ee97ffd, 0x8e00) ioctl$EVIOCGMASK(r1, 0x80104592, &(0x7f0000000000)={0x14, 0x0, 0x0}) bpf$PROG_LOAD(0x5, 0x0, 0x0) epoll_create1(0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x8d, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa}, 0x94) socket$nl_generic(0x10, 0x3, 0x10) listen(0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r2 = io_uring_setup(0x71b5, &(0x7f0000000040)={0x0, 0x6079, 0x4, 0x0, 0x365}) io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8054}, 0x4af584f715520309) io_uring_enter(0xffffffffffffffff, 0xf00, 0x2, 0x17, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x20048812) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="500000000001010400000000141afbff02000010240001801400018008000100e000000108000200e00000010cb65c5e0500010000000000180002801400018008000100ac1414aa08000200ac1e"], 0x50}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a03000000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140004"], 0xa4}}, 0x0) r5 = socket$inet(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, 0x0, 0x0) 6.686145532s ago: executing program 3 (id=22): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ppoll(&(0x7f0000000500), 0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x1843}, 0x18) openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) r2 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="380000000314010030bd7000ffdbdf250900020073797a30000000000800410073697700140033007767310000000000f4ffff0600000000"], 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x4008010) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x5, [@enum={0x2, 0x1, 0x0, 0x6, 0x4, [{0x3, 0x7}]}]}, {0x0, [0x61, 0x61, 0x5f]}}, 0x0, 0x31, 0x0, 0x1, 0xafe}, 0x28) 6.044196183s ago: executing program 1 (id=23): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) setsockopt$sock_attach_bpf(r2, 0x1, 0x4a, &(0x7f0000000100)=r1, 0x4) 5.721224281s ago: executing program 4 (id=24): pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RGETLOCK(r0, &(0x7f00000002c0)=ANY=[], 0x200002e6) r1 = socket$key(0xf, 0x3, 0x2) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r2, 0x0, 0x3}, 0x18) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r3) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r5 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e) sendmmsg$unix(r7, &(0x7f0000000280), 0x400000000000180, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='sched_switch\x00', r9}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x1c, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4008084}, 0x0) sendmsg$key(r1, &(0x7f00000007c0)={0x400000000000000, 0x0, &(0x7f0000000700)={&(0x7f0000001900)=ANY=[@ANYBLOB="020f000015000000000000000000000005000500000000000a00000000000000000000000000000000432e0000000000000000000000000008001200000002000000f1edc4ea00000600000000000000000000000000000000000000000000000000000000000000fc01000000000000000000000000810005000600000000000a00000000000000ff0200000000000000000000000000010000000000000000010018"], 0xa8}}, 0x40080) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffe}, 0xfffffea6) fcntl$setpipe(r0, 0x407, 0x1) 5.448757581s ago: executing program 2 (id=25): syz_mount_image$exfat(&(0x7f0000000000), &(0x7f00000002c0)='./file0\x00', 0x1200082, &(0x7f0000000500)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c6572726f72733d636f6e74696e75652c757466382c756d61736b3d30303030303030303030303030303030303032313632362c696f636861727365743d63703935302c646973636172642c616c6c6f775f7574696d653d3030303030303030352c6572726f72733d72656d6f756e742d726f2c646973636172642c00d50194377d24b5953951fbb0e6d2204f459a2129e54509e955e3ac3e9dd76061aeb341a8ae53564e806289fad8cab1be25d1de2b9d46be57d2e9c2ded432413ab147de643c400dba4f15a90c962bcd8d805d7d5f57"], 0x5, 0x1531, &(0x7f0000002f80)="$eJzs3AuYjlX3MPC19t43Y5r0NMlh2Huvm4cG2yRJDklySJIkSc4JSZMkCYkhp6QhCTlOksMQksPEpHE+H3JOkleSJCEhyf6uKX3+b/3fq/7f2/t5/++s33Xd1+w1z7PWs+5nzTX34blmvu42vFaT2tUbERH8U/CXLykAEAMAgwHgGgAIAKB8fPn47MfzSEz5516E/bUeTL/SHbArieefs/H8czaef87G88/ZeP45G88/Z+P552w8f8Zysq0zC13LW87dLt3/jwG+/58D8fE/Z+P5/8fw3vf5Hyfx/HM2nn/OxvPP2Xj+ORvPP2fj+ecs9jcxz5+xnOwvuY+c+1Kxf/gc8b/5c4Zf36p/sk7x4Jcy/6o+g/+nvCv0Y8cYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjLIc55y9TAPDr+kr3xRhjjDHGGGOMsb+Oz32lO2CMMcYYY4wxxti/HgIoCQoCyAW5IQbyQCxcBXFwNeSFayAC10I8XAf54HrIDwWgIBSCBCgMRUCDAQsEIRSFYhCF4lACboBEKAmloDQ4KANJcCOUhZugHNwM5eEWqAC3QkWoBJWhCtwGVeF2qAZ3QHW4E2pATagFteEuqIN3Q124B+rBvVAf7oMGcD80hAegETwIjeEhaAIPQ1NoBs2hBbSEVtD6t/nwZ/Kfh17wAvSGPpACfaEfvAj9YQAMhEEwGF6CIfAyDIVXIBWGwXB4FUbAazASXodRMBrGwBswFsbBeJgAE2ESpMGbMBneginwNkyFaTAdZkA6zIRZ8A7MhjkwF96FefAezIcFsBAWQQa8D4thCWTCB7AUPoQsWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFb4CLbBdtgBO2EX7IY98DHshU9gH3wK++Gz/2H+2d/kd0dAQIECFSrMhbkwBmMwFmMxDuMwL+bFCEYwHuMxH+bD/JgfC2JBTMAELIJF0KBBQsKiWBSjGMUSWAITMRFLYSl06DAJk7As3oTlsByWx/JYAStgRayElbAKVsGqWBWrYTWsfusCAKyBtbAW3oV34d1YF+tiPayH9bE+NsAG2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2xtbYBttgW2yL7bE9dsAO2BE7YjImYyfshJ2xM3bBLtgVu2I37IbdsQf2wOfxeXwBX8A+WEP0xX7YD/tjfxyIg3AQvoRD8GV8GV/BVByGw/FVfBVfw5F4BkfhaByDY7CqGIfjcQKSmIRpmIaTcTJOwSk4FafhNJyB6TgTZ+EsnI1zcA6+i/PwPXwPF+ACXIQZmIGLcQlmYiYuxbOYhctwOa7AlQC4EtfgWlyD63EDrsdNuAm34Bb8CD/C7bgdd+JO3I278WP8GD/BTzAVmwHAATyAB/EgHsJDeBgP4xE8gkfxKB7DY3gcj+MJPImn8CSextN4Bs/iOTyH5/E8XsBnE75svLvkulQQ2ZRQIpfIJWJEjIgVsSJOxIm8Iq+IiIiIF/Ein8gn8ov8oqAoKBJEgigiiggjjCARiqKiqIiKqCghSohEkShKiVKir3AiSSSJsqKsKCfKifLiFlFB3Coqikqinasiqoiqor2rJu4Q1UV1UUPUFLVEbVFb1BF1RF1RV9QT9UR9UV8oAGgo+uJAfFBkT6aJGIZNxXBsLlqIlqKVeA0fEW3ESGwr2on24jExGkdhR9HGJYsnRScxHjuLp8UEfEZ0FZOwm3hOdBc9RE/xvOgl2rreoo+Yin1FPzED+4sBYqAYJGZjTZE9sVriFZEqhonh4lWxCF8TI8XrYpQYLcaIN8RYMU6MFxPERDFJpIk3xWTxlpgi3hZTxTQxXcwQ6WKmmCXeEbPFHDFXvCvmiffEfLFALBSLRIZ4XywWS0Sm+EAsFR+KLLFMLBcrxEqxSqwWa8RasU6sFxvERrFJbBZbxFbxkdgmtosdYqfYJXaLPeJjsVd8IvaJT8V+8Zk4IP4mDorPxSHxhTgsvhRHxFfiqPhaHBPfiOOijzghTopT4jtxWnwvzoiz4pz4QZwXP4oL4idxUXgBEqWQUioZyFwyt4yReWSsvErGyatlXnmNjMhrZby8TuaT18v8soAsKAvJBFlYFpFaGmklyVAWlcVkVBaXJeQNMlGWlKVkaelkGZkkb5Rl5U2ynLxZlpe3yAryVllRVpKVZRV5m6wqb5fV5B2yurxT1pA1ZS1ZW94l68i7ZV15j6wn75X15X2ygbxfNpQPyEbyQdlYPiSbyIdlU9lMNpctZEvZSraWj8g28lHZVraT7eVjsoN8XHaUT8hk+aTsJJ+SneXTsot8RnaVz8pu8jnZXfaQPeVP8qL0srfsI1NkX9lPvij7y+xj4SA5WL4kh8iX5VD5ikyVw+Rw+aocIV+TI+XrcpQcLcfIN+RYOU6OlxPkRDlJpsk35WT5lpwi35ZT5TQ5Xc6Q6XKmHHip0tw/kf/Wr/kefzkky5lyaEqqHJayRW6VH8ltcrvcIXfKXXK33CP3yL1yr9wn98n9cr88IA/Ig/KgPCQPycPysDwij8ij8qg8Jo/J4/K4PCFPyh/kd/K0/F6ekWflWfmDPC/PywuX3gNQqISSSqlA5VK5VYzKo2LVVSpOXa3yCgBQ16p4dZ3Kp65X+VUBVVAVUgmqsCqitDLKKlKhKqqKqagqrkqoG1SiKqlKqdLKqTIqSd2oIv9k/t/3J3/tb8X0X94p1Vq1Vm1UG9VWtVXtVXvVQXVQHVVHlaySVSfVSXVWnVUX1UV1VV1VN9VNdVfdVU/VU/VSvVRvBJWiUlQ/9aLqrwaogWqQGqxeUkPUEDVUDVWpKlUNV8PVCDVCjVQj1Sg1So1RY9RYNVaNV+PVRDVRpak0NVlNVlPUFDVVTVXT1XSVrtLVLDVLzVaz1Vw1V81T89R8NV8tVAtVhspQi9Vilaky1VK1VGWpZWqZWqFWqFVqlVqj1qh1ap3aoDaoTWqTylJb1Va1TW1TO9QOtUvtUnvUHrVX7VX71D61X+1XB9QBdVAdVIfUIXVYHVZH1BF1VB1Vx9QxdVwdVyfUCXVKnVKn1Wl1Rp1R59Q5dV6dVxfUBXVRXcw+7QtEIAIVqCBXkCuICWKC2CA2iAvigrxB3iASRIL4ID7IF1wf5A8KBAWDQkFCUDgoEujABDagIAyKBsWCaFA8KBHcECQGJYNSQenABWWCpODGoGxwU1AuuDkoH9wSVAhuDSoGlYLKQZXgtqBqcHtQLbgjqB7cGdQIaga1gtrBXUGd4O6gbnBPUC+4N6gf3Bc0CO4PGgYPBI2CB4PGwUNBk+DhoGnQLGgetAhaBq2C1n9Vfcyu7/2ZAo+63rqPzg19dT/9ou6vB+iBepAerF/SQ/TLeqh+RafqYXp4zKt6hH5Nj9Sv61F6tB6j39Bj9Tg9Xk/QE/Uknabf1JP1W3qKfltP1dP0dD1Dp+uZepZ+R8/Wc/Rc/a6ep9/T8/UCvVAv0hn6fb1YL9GZ+gO9VH+os/QyvVyv0Cv1Kr1ar9Fr9Tq9Xm/QG/UmvVlv0Vv1R3qb3q536J16l96t9+iP9V79id6nP9X79Wf6gP6bPqg/14f0F/qw/lIf0V/po/prfUx/o4/rb/UJfVKf0t/p0/p7fUaf1ef0D/q8/lFf0D/pi9pnn9xnH96NMsrkMrlMjIkxsSbWxJk4k9fkNRETMfEm3uQz+Ux+k98UNAVNgkkwRUwRk40MmaKmqImaqClhSphEk2hKmVLGGWeSTJIpa8qacqacKW/KmwqmgqloKprKprK5zdxmbje3mzvMHeZOc6epaWqa2qa2qWPqmLqmrqln6pn6pr5pYBqYhqahaWQamcamsWlimpimpqlpbpqblqalaW1amzamjWlr2pr2pr3pYDqYjqajSTbJppPpZDqbzqaL6WK6mq6mm+lmupvupqfpaXqZXqa36W1STIrpZ/qZ/qa/GWgGmsFmsBlihpihZqhJNalmuBluRpgRZqQZaUaZ0WaMecOMNePMeDPBTDSTTJpJM5PNZDPFTDFTzVQz3Uw36SbdzDKzzGwz28w1c808M8/MN/PNQrPQZJgMs9gsNpkm0yw1S02WyTLLzXKz0qw0q81qs9asNevNerPRbDSbzWaz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQRMDh8xhc9gcMUfMUXPUHDPHzHFz3JwwJ8wpc8qcNqfNGXPGnDPnzHnzo7lgfjIXjTcxNo+NtVfZOHu1zWuvsb+NC9pCNsEWtkWstvltgb+LjbU20Za0pWxp62wZm2Rv/F1c0VaylW0Ve5utam+31X4X17F327r2HlvP3mtr27v+Lq5v77MN7MO2oW1mG9kWtrFtZZvYh21T28w2ty1sS9vKdrCP2472CZtsn7Sd7FO/ixfbJXatXWfX2w12r/3EnrM/2KP2a3ve/mh72z52sH3JDrEv26H2FZtqh/0uHmPfsGPtODveTrAT7aTfxdPtDJtuZ9pZ9h072875XZxh37fzbKadbxfYhXbRz3F2T5n2A7vUfmiz7DK73K6wK+0qu9qu+b+9rrCb7Ga7xe6xH9ttdrvdYXfaXXb3z3H2fuyzn9r99jN7xH5lD9rP7SF7zB62X/4cZ+/fMfuNPW6/tSfsSXvKfmdP2+/tGXv25/3P3vfv7E/2ovUWCEmQJEUB5aLcFEN5KJauoji6mvLSNRShaymerqN8dD3lpwJUkApRAhWmIqTJkCWikIpSMYpScSpBN1AilaRSVJoclaEkupHK0k1Ujm6m8nQLVaBbqSJVospUhW6jqnQ7VaM7qDrdSTWoJtWi2nQX1aG7qS7dQ/XoXqpP91EDup8a0gPUiB6kxvQQNaGHqSk1o+bUglpSK2pNj1AbepTaUjtqT49RB3qcOtITlExPUid6ijrT09SFnqGu9Cx1o+eoO/WgnvQ89aIXqDf1oRTqS/3oRepPA2ggDaLB9FINAKCh9Aql0jAaTq/SCHqNRtLrNIpG0xh6g8bSOBpPE2giTaI0epMm01s0hd6mqTSNptMMSqeZNIveodk0h+bSuzSP3qP5tIAW0iLKoPdpMS2hTPqAltKHlEXLaDmtoJW0ilbTGp8bgNbTBtpIm2gzbaGt9BFto+2EtJN20W7aQx/TXvqE9tGntJ8+owOEeJA+p0P0BR2mL+kIfUVH6Ws6Rt/QcfqWTtBJOkXf0Wn6ns7QWTpHP9B5+pEu0E90kTxBiKEIZajCIMwV5g5jwjxhbHhVGBdeHeYNrwkj4bVhfHhdmC+8PswfFggLhoXChLBwWCTUoQltSGEYFg2LhdGweFgivCFMDEuGpcLSoQvLhEnhjWHZ8KawXHhzWD68JawQ3hpWDCuFD99bJbwtrBreHlYL7wirh3eGNcKaYa2wdnhXWCe8O6wb3hPWC+8Ny4X3hQ3C+8OG4QNho/DBsHH4UNgkfDhsGjYLm4ctwpZhq7B1+EjYJnw0bBu2C9uHj4UdwsfDjuETYXL4ZNgpfOoPH08J+4b9whfDF0Pv75ELo4uiGdH3o4ujS6KZ0Q+iS6MfRrOiy6LLoyuiK6Oroquja6Jro+ui66Mbohujm6Kbo1ui3tfODQ6dcNIpF7hcLreLcXlcrLvKxbmrXV53jYu4a128u87lc9e7/K6AK+gKuQRX2BVx2hlnHbnQFXXFXNQVdyXcDS7RlXSlXGnnXBmX5Fq51q61a+MedW1dO9fePeYec4+7x90T7gn3pOvknnKd3dOui3vGdXXPumfdc6676+F6uuddL/eC6+36uBSX4vq5fq6/6+8GuoFusBvshrghbqgb6lJdqhvuhrsRboQb6Ua6UW6UG+PGuLFurBvvxruJfqJLc2luspvsprgpbqqb6qa76S7dpbtZbpab7Wa7uW6um5c4z813891Ct9BluAy32C12mS7TLXVLXZbLcsvdcrfSrXSr3Wq31q116916t9FtdJvdZrfVbXXb3Da3w+1wu9wut8ftcXvdXrfP7XP73X53wB04591Bd8h94Q67L90R95U76r52x9w37rj71p1wJ90p95077b53Z9xZd8794M67H90F95O76LxLi7wZmRx5KzIl8nZkamRaZHpkRiQ9MjMyK/JOZHZkTmRuBGFe5L3I/MiCyMLIokhG5P3I4siSSGbkg8jSyIeRrMiyyPLIisjKyKqI94W3hb6oL+ajvrgv4W/wib6kL+VLe+fL+CR/oy/rb/Ll/M2+vL/FV/C3+oq+kq/sm/nmvoVv6Vv51v4R38Y/6tv6dr69f8x38I/7jv4Jn+yf9J38U76zf9p38c/4rv5Z380/57v7Hr6nf9738i/43r6PT/F9fT//ou/vB/iBfpAf7F/yQ/zLfqh/xaf6YX64f9WP8K/5kf51P8qP9mP8G36sH+fH+wl+op/k0/ybfrJ/y0/xb/upfpqf7mf4dD/Tz/Lv+Nl+jp/r3/Xz/Ht+vl/gF/pFPsO/7xf7JT7Tf+CX+g99ll/ml/sVHmJW+dV+jV/r1/n1foPf6Df5zX6L3+o/8tv8dr/D7/S7/G6/x3/s9/pP/D7/qd/vP/MH/N/8Qf+5P+S/8If9l/6I/8of9V/7Y/4bf9x/60/4k/6U/86f9t/7M/6sP+d/8Of9j/6C/8lf5L9ZY4wxxhj7U+QfPN73v/meuLRl6wcAV28vdPi3NTfm/2U9QCR0iADAk326PXjp042UGjVSUlIuPTdLQlBsAQBELufngsvxMmgPj0MytIOy/21/A0SP83Sp/q/bb+tHbwGI/S85MXA5vlz/pn9Qf9y8P6y/ACCx2OWcPHA5vly/3D+oX6DNH9TP83kaQNv/khMHl+PL9ZPgUXgKkv9ooL848KeexRhjjDHGGGPsP8YAUbnLH13fZl+fJ6jLObnhcvxH1+c/+3PXpIwxxhhjjDHGGPsXeaZHzyceSU5u1+VKLQCu5Kvz4s8scv17tPEftpD/Hm38o8WV/s3EGGOMMcYY+6tdPum/0p0wxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGM51/+Pfyd2pfeRMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYu9L+TwAAAP//tVgiNQ==") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101142, 0x0) 5.365166346s ago: executing program 0 (id=26): syz_usb_connect(0x0, 0x24, &(0x7f0000000380)=ANY=[@ANYBLOB="120100004b41460860163209ea800102030109021e0001000000000904"], 0x0) r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000340)={&(0x7f0000000140)}) 4.895664856s ago: executing program 1 (id=27): syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2000844, &(0x7f0000001580)=ANY=[@ANYBLOB="74696d655f6f66667365743d3078303030303030303030303030303466362c646f74732c646f74732c666c7573682c616c6c6f775f7574696d653d30303030303030303030303030303030303037373737352c6e6f646f74732c6e6f636173652c636865636b3d7374726963742c71756965742c666d61736b3d30303030303030303030303030303030303030303737362c7379735f696d6d757461626c652c757365667265652c646f74732c7379735f696d6d757461626c652c6572726f72733d72656d6f756e742d726f2c73686f77657865632c005530906363a9696b9e7a5ed1e1fdd8e80b9c8871e81ff8251b37bdde89710c3d4b74ff313381025bab8f4a076362fe7bfe6f0fa96c0edee5487ca3e2b00eaa188c94fb91efbd9b9d1f05f57ce05f47f407049e530b09525852783dc271f4f0bfd1076cb05f75ca8a56cd182ebfe31538bb529a14b1151072beab8a6eeebb25948a5993cc5648bada83c7dac555ea2676f8983b67152a01d86bf596f38e9add5211b588e4154a0b959ce973a67f8a25e8f98a9c607f1864c7a4fb0211388f592661be3d94"], 0x21, 0x23d, &(0x7f0000000a40)="$eJzs3cFqE0EcBvB/27Td9mLP4mHBi6eivkGQCOKCENmDnlyoXloR0svqKY/hM/hIPkZPva3YXZq6UQ+yySbu7wdhP/IxMHPJ5DCTvHvw8fzs0+WH6vvXSJI0RhHzuI44id3Yi9pO89y9yQdx1zwAgG0znRbjvudAh3aW3jmKiGI/Ig6XqvzbmmYFAAAAAAAAAABAx5z/B4Dhcf7//zebjYvj5vvbr5z/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPpzXVX3qr+8+p4fANA9+z8ADI/9HwCGx/4PAMPz+s3bl+Msm0zTNIm4mpd5mdfPun/+Ips8Tm+cLEZdlWW+3+Rs8qTu03Z/3Ix/+tv+IB49rPuf3bNXWas/jLNVLx4AAAAAAAAAAAAAAAAAAAA2xGl6q3W/f6/uT//U1+nO7wO07u+P4v5obcsAAAAAAAAAAAAAAAAAAACArXb5+ct5cXHxfiYIt+Eo/mFUEpsxeaGT0PcnEwAAAAAAAAAAAAAAAAAADM/i0m/fMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/iz+/391oe81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMPwIwAA//++jJCI") r0 = openat$dir(0xffffffffffffff9c, 0x0, 0x440, 0x164) ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x40047211, &(0x7f0000000080)) 4.824503945s ago: executing program 3 (id=28): prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x4d}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sched_setscheduler(0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000000000), 0x400000000000041, 0x0) r1 = socket(0x1e, 0x4, 0x0) connect$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) sendmmsg$unix(r1, &(0x7f0000004400), 0x400000000000203, 0x0) 2.767520621s ago: executing program 2 (id=29): bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setrlimit(0x7, &(0x7f0000000200)={0x5, 0xb}) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x7, 0x1}}, 0x20) 2.615005789s ago: executing program 1 (id=30): syz_emit_ethernet(0x0, 0x0, 0x0) unshare(0x20000400) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa1780c20605"], 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x40, 0x2, 0x2, 0x201, 0x0, 0x0, {0x7, 0x0, 0x798}, [@CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0xf6}, @CTA_EXPECT_HELP_NAME={0xf, 0x6, 'tftp-20000\x00'}, @CTA_EXPECT_FN={0xa, 0xb, 'Q.931\x00'}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x7}]}, 0x40}, 0x1, 0x0, 0x0, 0x4c080}, 0x4004040) sendmmsg$alg(0xffffffffffffffff, &(0x7f00000042c0), 0x0, 0x20040) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x5c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4000}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x14}]}]}, 0x5c}}, 0x0) 1.739003179s ago: executing program 4 (id=31): mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x13, 0xffffffffffffffff, 0x3cc85000) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50) syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r1, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x80) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0xf000000, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40840}, 0x0) 1.676927522s ago: executing program 3 (id=32): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xb}, @NFTA_SET_EXPRESSIONS={0x24, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x80}]}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x130}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x90}, 0x1, 0x0, 0x0, 0x4044050}, 0x40) 1.599471914s ago: executing program 0 (id=33): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x8e}, 0x0) sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x100) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) syz_mount_image$ocfs2(&(0x7f00000026c0), &(0x7f0000004780)='./file0\x00', 0x200000, &(0x7f0000002640)={[{@usrquota}, {@coherency_full}, {@err_cont}, {@heartbeat_none}, {@err_cont}, {@nointr}, {@grpquota}]}, 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535eogjjOAC/M7pZIKV0EfIYGCKiNwkL+kUklGtgxy6dgzpEQgZFQWFEx4IgCOoWFQSdAsu/IOognbrVpYIOBhFUjM6k7AgbLvSa8zywvDPM7jtfGHZ33vczvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOvHmZ0LnVl7afeWxVdXXwgd+bFNIYSRZGn787620B1C+PZ1+lRYpS10N/T/ZmJmrHzW5M/WgbFHN0aStddffLY4b1dI0sEV+7uSNB0cXHv/G9XdgedTA0kIaexCiGJ+9OnpWgihLXYhRPHr49zF7Pe9PXYhRNH34V5ndv1rsQshim17PvXW8ns8qud8/cLAyv/+ZrfgLdyisw69PXHlfeqiVt7LfPzfnn/HjQer4cu52XcvYhdBNNdmJo/GrgEAAPi3zjbJ/8PWpe0Hl5PQ3VXO/b835P89Df2vnv8vu7/j5uh0SyHE9tLcZLY/tL+VPje+k/1X77yume+pKvl/tcn/q03+X23y/2qT/1eb/J/Mq3z8n8j/K+XJrb0Ls7GLIBr5PwAAVM/h4+OT9aHhbPC/+WdHOa/vzdt6nqc/vD3V/3jFvJH88P925Nj4wUNDw/l1L08ILq//kC4e/ZE/79HYFiYanrtotv5Dz7P5uesd5XfU//L5jaK+4rzWfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgN7tzT8MgGIVh9LutiNpoVTRh4SfBBxoYEYAUZjSggwkDMBACChjIOcu9ybO8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADzfv8rr4vtLY6TXGpGmssuu/XM8zX7mvh2W99njxq0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbO3AgAwAAACDM3zqP9gMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABPBQAA//8lxsws") openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x1a10c1, 0x9c37611dc13d0d83) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x0) ftruncate(r3, 0x2007ffc) 1.373867647s ago: executing program 1 (id=34): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f00000004c0)=0x27) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000000)={r2, 0xe7, 0x1614, 0x800, 0x8, 0x5}, 0x14) 1.012618555s ago: executing program 2 (id=35): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f00000000c0)=0x9d, 0x4) bind$inet6(r0, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x7e) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0xe0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x2, @loopback, 0xfffffffd}}, 0x0, 0x0, 0x500, 0x0, 0x54, 0xa}, 0x9c) 828.489625ms ago: executing program 3 (id=36): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) write$UHID_CREATE2(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) socket$inet6_mptcp(0xa, 0x1, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000) r2 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81) ioctl$HIDIOCSFEATURE(r2, 0xc0404806, &(0x7f0000000080)) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x58) close_range(r0, 0xffffffffffffffff, 0x0) 472.60693ms ago: executing program 4 (id=37): syz_usb_connect(0x5, 0x239, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e388d640697a01006ba8010203010902270201020010000904"], 0x0) syz_open_procfs$pagemap(0x0, 0x0) r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_SMBUS(r0, 0x720, &(0x7f00000000c0)={0x0, 0x6, 0x0, &(0x7f0000000080)={0x1b, "40190f0f0fbf4e2a0649ccbd3c6b3835727011913082a814856d4b0433e5195bba"}}) 299.958391ms ago: executing program 1 (id=38): r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtfilter={0x54, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xb, 0x4}, {}, {0x7, 0xfff1}}, [@filter_kind_options=@f_basic={{0xa}, {0x24, 0x2, [@TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{0x7, 0x2, 0x6}, {0xffff}}}]}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x20041090}, 0x8000) 0s ago: executing program 2 (id=39): r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a8230800090400bc6435fb4d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read(r1, 0x0, 0x0) syz_usb_disconnect(r0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.10.0' (ED25519) to the list of known hosts. [ 171.782543][ T5784] cgroup: Unknown subsys name 'net' [ 171.911526][ T5784] cgroup: Unknown subsys name 'cpuset' [ 171.925682][ T5784] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 177.663082][ T5784] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 181.949121][ T5802] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 181.959372][ T5802] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 181.967566][ T5802] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 181.977707][ T5802] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 181.985931][ T5802] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 181.999325][ T5802] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 182.010691][ T5802] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 182.031230][ T5802] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 182.060756][ T5808] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 182.077636][ T5802] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 182.077922][ T5808] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 182.105557][ T5808] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 182.129680][ T5806] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 182.134585][ T5097] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 182.146729][ T5097] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 182.156060][ T5097] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 182.169358][ T5097] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 182.180942][ T5097] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 182.193059][ T5808] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 182.204971][ T5808] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 182.213282][ T5806] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 182.318972][ T5808] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 182.350835][ T5808] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 182.553725][ T5808] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 182.565779][ T5808] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 183.412804][ T5801] chnl_net:caif_netlink_parms(): no params data found [ 183.755837][ T5804] chnl_net:caif_netlink_parms(): no params data found [ 184.056977][ T50] Bluetooth: hci0: command tx timeout [ 184.187888][ T5811] chnl_net:caif_netlink_parms(): no params data found [ 184.209269][ T50] Bluetooth: hci1: command tx timeout [ 184.271828][ T50] Bluetooth: hci2: command tx timeout [ 184.277484][ T5808] Bluetooth: hci3: command tx timeout [ 184.632894][ T5810] chnl_net:caif_netlink_parms(): no params data found [ 184.680249][ T50] Bluetooth: hci4: command tx timeout [ 184.688234][ T5815] chnl_net:caif_netlink_parms(): no params data found [ 184.995754][ T5804] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.005239][ T5804] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.013204][ T5804] bridge_slave_0: entered allmulticast mode [ 185.022976][ T5804] bridge_slave_0: entered promiscuous mode [ 185.129342][ T5804] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.137088][ T5804] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.144957][ T5804] bridge_slave_1: entered allmulticast mode [ 185.154425][ T5804] bridge_slave_1: entered promiscuous mode [ 185.167320][ T5801] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.174927][ T5801] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.182714][ T5801] bridge_slave_0: entered allmulticast mode [ 185.191981][ T5801] bridge_slave_0: entered promiscuous mode [ 185.342570][ T5801] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.350113][ T5801] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.365396][ T5801] bridge_slave_1: entered allmulticast mode [ 185.375169][ T5801] bridge_slave_1: entered promiscuous mode [ 185.385956][ T5811] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.393746][ T5811] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.401947][ T5811] bridge_slave_0: entered allmulticast mode [ 185.411232][ T5811] bridge_slave_0: entered promiscuous mode [ 185.442181][ T5804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 185.545093][ T5804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 185.558408][ T5811] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.566193][ T5811] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.576406][ T5811] bridge_slave_1: entered allmulticast mode [ 185.586224][ T5811] bridge_slave_1: entered promiscuous mode [ 185.610976][ T5801] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 185.675839][ T5801] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 185.929679][ T5804] team0: Port device team_slave_0 added [ 185.943830][ T5801] team0: Port device team_slave_0 added [ 185.950451][ T5810] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.959736][ T5810] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.969804][ T5810] bridge_slave_0: entered allmulticast mode [ 185.979265][ T5810] bridge_slave_0: entered promiscuous mode [ 186.073767][ T5811] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 186.084300][ T5815] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.092017][ T5815] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.099644][ T5815] bridge_slave_0: entered allmulticast mode [ 186.111935][ T50] Bluetooth: hci0: command tx timeout [ 186.114211][ T5815] bridge_slave_0: entered promiscuous mode [ 186.139298][ T5804] team0: Port device team_slave_1 added [ 186.145905][ T5815] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.153632][ T5815] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.161237][ T5815] bridge_slave_1: entered allmulticast mode [ 186.170913][ T5815] bridge_slave_1: entered promiscuous mode [ 186.189644][ T5801] team0: Port device team_slave_1 added [ 186.196156][ T5810] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.203964][ T5810] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.211955][ T5810] bridge_slave_1: entered allmulticast mode [ 186.221231][ T5810] bridge_slave_1: entered promiscuous mode [ 186.240727][ T5811] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 186.282296][ T50] Bluetooth: hci1: command tx timeout [ 186.354839][ T50] Bluetooth: hci2: command tx timeout [ 186.354887][ T5808] Bluetooth: hci3: command tx timeout [ 186.596704][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 186.604336][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 186.630657][ T5804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 186.653314][ T5815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 186.672840][ T5815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 186.684374][ T5801] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 186.691689][ T5801] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 186.718099][ T5801] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 186.738453][ T5810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 186.757637][ T5810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 186.768456][ T50] Bluetooth: hci4: command tx timeout [ 186.779754][ T5811] team0: Port device team_slave_0 added [ 186.787983][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 186.795195][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 186.821618][ T5804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 186.898877][ T5801] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 186.906161][ T5801] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 186.932470][ T5801] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 186.991073][ T5811] team0: Port device team_slave_1 added [ 187.019384][ T5815] team0: Port device team_slave_0 added [ 187.036014][ T5815] team0: Port device team_slave_1 added [ 187.234077][ T5810] team0: Port device team_slave_0 added [ 187.271176][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 187.278436][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 187.304784][ T5811] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 187.367906][ T5804] hsr_slave_0: entered promiscuous mode [ 187.377158][ T5804] hsr_slave_1: entered promiscuous mode [ 187.389135][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 187.396910][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 187.423090][ T5815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 187.443657][ T5810] team0: Port device team_slave_1 added [ 187.451998][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 187.459118][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 187.485462][ T5815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 187.499523][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 187.506808][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 187.533370][ T5811] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 187.700491][ T5801] hsr_slave_0: entered promiscuous mode [ 187.710547][ T5801] hsr_slave_1: entered promiscuous mode [ 187.719390][ T5801] debugfs: 'hsr0' already exists in 'hsr' [ 187.725374][ T5801] Cannot create hsr debugfs directory [ 187.828195][ T5810] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 187.835602][ T5810] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 187.861918][ T5810] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 188.020178][ T5810] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 188.027485][ T5810] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 188.055218][ T5810] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 188.115481][ T5815] hsr_slave_0: entered promiscuous mode [ 188.125567][ T5815] hsr_slave_1: entered promiscuous mode [ 188.134268][ T5815] debugfs: 'hsr0' already exists in 'hsr' [ 188.140208][ T5815] Cannot create hsr debugfs directory [ 188.191754][ T50] Bluetooth: hci0: command tx timeout [ 188.264148][ T5811] hsr_slave_0: entered promiscuous mode [ 188.274253][ T5811] hsr_slave_1: entered promiscuous mode [ 188.282837][ T5811] debugfs: 'hsr0' already exists in 'hsr' [ 188.288712][ T5811] Cannot create hsr debugfs directory [ 188.356576][ T50] Bluetooth: hci1: command tx timeout [ 188.440140][ T50] Bluetooth: hci3: command tx timeout [ 188.441623][ T5808] Bluetooth: hci2: command tx timeout [ 188.813723][ T5810] hsr_slave_0: entered promiscuous mode [ 188.826787][ T5810] hsr_slave_1: entered promiscuous mode [ 188.832064][ T5808] Bluetooth: hci4: command tx timeout [ 188.836103][ T5810] debugfs: 'hsr0' already exists in 'hsr' [ 188.843919][ T5810] Cannot create hsr debugfs directory [ 189.538823][ T5804] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 189.612665][ T5804] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 189.645144][ T5804] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 189.665387][ T5804] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 189.923695][ T5801] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 189.947135][ T5801] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 190.002023][ T5801] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 190.037704][ T5801] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 190.212915][ T5815] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 190.270314][ T5815] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 190.273036][ T5808] Bluetooth: hci0: command tx timeout [ 190.312582][ T5815] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 190.379329][ T5815] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 190.447240][ T5808] Bluetooth: hci1: command tx timeout [ 190.512160][ T5808] Bluetooth: hci3: command tx timeout [ 190.517762][ T5808] Bluetooth: hci2: command tx timeout [ 190.522908][ T5811] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 190.571725][ T5811] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 190.618432][ T5811] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 190.637514][ T5811] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 190.774096][ T5810] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 190.838794][ T5810] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 190.902844][ T5804] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.912846][ T50] Bluetooth: hci4: command tx timeout [ 190.914079][ T5810] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 191.002422][ T5810] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 191.149941][ T5804] 8021q: adding VLAN 0 to HW filter on device team0 [ 191.332022][ T3721] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.339625][ T3721] bridge0: port 1(bridge_slave_0) entered forwarding state [ 191.356412][ T3721] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.364098][ T3721] bridge0: port 2(bridge_slave_1) entered forwarding state [ 191.572994][ T5801] 8021q: adding VLAN 0 to HW filter on device bond0 [ 191.803003][ T5801] 8021q: adding VLAN 0 to HW filter on device team0 [ 191.824444][ T5815] 8021q: adding VLAN 0 to HW filter on device bond0 [ 191.922272][ T3471] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.929786][ T3471] bridge0: port 1(bridge_slave_0) entered forwarding state [ 191.960095][ T5811] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.055208][ T3471] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.062954][ T3471] bridge0: port 2(bridge_slave_1) entered forwarding state [ 192.174439][ T5811] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.198125][ T5815] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.265917][ T3572] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.273532][ T3572] bridge0: port 1(bridge_slave_0) entered forwarding state [ 192.451597][ T3572] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.459100][ T3572] bridge0: port 1(bridge_slave_0) entered forwarding state [ 192.475234][ T3572] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.482891][ T3572] bridge0: port 2(bridge_slave_1) entered forwarding state [ 192.504483][ T3572] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.512171][ T3572] bridge0: port 2(bridge_slave_1) entered forwarding state [ 192.739194][ T5810] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.992350][ T5810] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.061865][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.069378][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.142524][ T5815] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 193.181426][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.188902][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.463838][ T5804] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 194.004122][ T5804] veth0_vlan: entered promiscuous mode [ 194.103604][ T5804] veth1_vlan: entered promiscuous mode [ 194.544261][ T5804] veth0_macvtap: entered promiscuous mode [ 194.575549][ T5801] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 194.602813][ T5804] veth1_macvtap: entered promiscuous mode [ 194.874562][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 194.925342][ T5811] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 194.986244][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 195.094747][ T5815] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 195.146349][ T3551] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.225802][ T3551] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.269619][ T3551] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.284549][ T5801] veth0_vlan: entered promiscuous mode [ 195.329454][ T3551] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.436335][ T5801] veth1_vlan: entered promiscuous mode [ 195.647968][ T5810] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 195.689959][ T5815] veth0_vlan: entered promiscuous mode [ 195.821443][ T5801] veth0_macvtap: entered promiscuous mode [ 195.853330][ T5815] veth1_vlan: entered promiscuous mode [ 195.883105][ T5801] veth1_macvtap: entered promiscuous mode [ 196.219019][ T5801] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 196.229788][ T5810] veth0_vlan: entered promiscuous mode [ 196.306746][ T5815] veth0_macvtap: entered promiscuous mode [ 196.349170][ T5801] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 196.392850][ T5810] veth1_vlan: entered promiscuous mode [ 196.427494][ T3572] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.486788][ T5815] veth1_macvtap: entered promiscuous mode [ 196.516756][ T3572] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.552439][ T3572] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.595431][ T3572] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.666159][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 196.753670][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 196.866226][ T5810] veth0_macvtap: entered promiscuous mode [ 196.880872][ T3572] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.922230][ T5810] veth1_macvtap: entered promiscuous mode [ 196.951485][ T3572] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.964955][ T154] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.016305][ T154] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.220046][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 197.407406][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 197.496582][ T3471] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.560930][ T3471] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.581432][ T5811] veth0_vlan: entered promiscuous mode [ 197.603181][ T3721] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.674814][ T3721] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.725420][ T5811] veth1_vlan: entered promiscuous mode [ 198.008956][ T5811] veth0_macvtap: entered promiscuous mode [ 198.121014][ T5811] veth1_macvtap: entered promiscuous mode [ 198.336221][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 198.437383][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 198.514256][ T1006] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.540889][ T1006] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.603530][ T1006] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.662227][ T1006] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.852903][ T3521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 201.860952][ T3521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.076591][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 202.087988][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.439975][ T5804] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 203.145407][ T3521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.155521][ T3521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.255271][ T3521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.265071][ T3521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.430562][ T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!! [ 203.441521][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 203.821556][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 204.064588][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 204.129198][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 204.233106][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 204.334176][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 204.435361][ T0] NOHZ tick-stop error: local softirq work is pending, handler #108!!! [ 204.435964][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 205.323076][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 211.464695][ T3521] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 211.472886][ T3521] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 211.507136][ T3471] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 211.515277][ T3471] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 211.936539][ T3471] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 211.944812][ T3471] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 212.196862][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 212.205011][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 212.394462][ T5994] veth1_macvtap: left promiscuous mode [ 212.400227][ T5994] macsec0: entered promiscuous mode [ 214.559780][ T6003] loop3: detected capacity change from 0 to 1024 [ 214.686864][ T6003] ======================================================= [ 214.686864][ T6003] WARNING: The mand mount option has been deprecated and [ 214.686864][ T6003] and is ignored by this kernel. Remove the mand [ 214.686864][ T6003] option from the mount to silence this warning. [ 214.686864][ T6003] ======================================================= [ 216.182705][ T3521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 216.190931][ T3521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 216.339466][ T1006] hfsplus: b-tree write err: -5, ino 4 [ 216.659963][ T3551] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 216.668913][ T3551] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.279529][ T42] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 218.333324][ T42] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 220.845759][ T6031] loop1: detected capacity change from 0 to 512 [ 220.973847][ T6031] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 220.987960][ T6031] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 222.362022][ T30] audit: type=1800 audit(1765262785.252:2): pid=6031 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.18" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 222.608201][ T6045] syz.2.21 uses obsolete (PF_INET,SOCK_PACKET) [ 223.052303][ T5801] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 223.113584][ T6046] Zero length message leads to an empty skb [ 223.930348][ T6056] loop2: detected capacity change from 0 to 256 [ 224.044739][ T6056] exfat: Deprecated parameter 'utf8' [ 224.547039][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 224.553884][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 224.587523][ T6064] loop1: detected capacity change from 0 to 512 [ 224.686531][ T6056] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 225.258358][ T5868] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 225.305070][ T6066] syz.4.24 (6066) used greatest stack depth: 2328 bytes left [ 225.400475][ T6064] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 225.603461][ T5868] usb 1-1: Using ep0 maxpacket: 8 [ 225.685727][ T5868] usb 1-1: config index 0 descriptor too short (expected 30, got 18) [ 225.766738][ T5868] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 225.776879][ T5868] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 225.785364][ T5868] usb 1-1: Product: syz [ 225.789818][ T5868] usb 1-1: Manufacturer: syz [ 225.806249][ T5868] usb 1-1: SerialNumber: syz [ 226.048751][ T5868] usb 1-1: config 0 descriptor?? [ 226.130949][ T5868] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 226.144689][ T5868] usb 1-1: setting power ON [ 226.149387][ T5868] dvb-usb: bulk message failed: -22 (2/0) [ 226.451980][ T5868] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 226.534921][ T5868] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 226.543943][ T5868] usb 1-1: media controller created [ 226.654896][ T5868] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 227.335086][ T5868] usb 1-1: selecting invalid altsetting 6 [ 227.341074][ T5868] usb 1-1: digital interface selection failed (-22) [ 227.351916][ T5868] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 227.462525][ T5868] usb 1-1: setting power OFF [ 227.467322][ T5868] dvb-usb: bulk message failed: -22 (2/0) [ 227.473589][ T5868] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 227.486840][ T5868] (NULL device *): no alternate interface [ 228.604005][ T6078] loop0: detected capacity change from 0 to 32768 [ 228.637699][ T6078] (syz.0.33,6078,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 228.653397][ T6078] (syz.0.33,6078,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 228.713086][ T5868] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 228.753375][ T5868] usb 1-1: USB disconnect, device number 2 [ 228.817197][ T6078] JBD2: Ignoring recovery information on journal [ 228.847504][ T42] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 228.928233][ T6078] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 229.033490][ T42] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 229.047738][ T3471] ocfs2: Finishing quota recovery on device (7,0) for slot 0 [ 229.055694][ T3471] ===================================================== [ 229.063080][ T3471] BUG: KMSAN: uninit-value in _find_next_bit+0x129/0x140 [ 229.070266][ T3471] _find_next_bit+0x129/0x140 [ 229.076097][ T3471] ocfs2_finish_quota_recovery+0xa93/0x3ea0 [ 229.083232][ T3471] ocfs2_complete_recovery+0x29c1/0x3ad0 [ 229.089191][ T3471] process_scheduled_works+0xb91/0x1d80 [ 229.095309][ T3471] worker_thread+0xedf/0x1590 [ 229.100150][ T3471] kthread+0xd5c/0xf00 [ 229.104631][ T3471] ret_from_fork+0x208/0x710 [ 229.109418][ T3471] ret_from_fork_asm+0x1a/0x30 [ 229.119303][ T3471] [ 229.123623][ T3471] Uninit was stored to memory at: [ 229.128867][ T3471] _find_next_bit+0x122/0x140 [ 229.133822][ T3471] ocfs2_finish_quota_recovery+0xa93/0x3ea0 [ 229.139926][ T3471] ocfs2_complete_recovery+0x29c1/0x3ad0 [ 229.145941][ T3471] process_scheduled_works+0xb91/0x1d80 [ 229.151886][ T3471] worker_thread+0xedf/0x1590 [ 229.156715][ T3471] kthread+0xd5c/0xf00 [ 229.160927][ T3471] ret_from_fork+0x208/0x710 [ 229.165822][ T3471] ret_from_fork_asm+0x1a/0x30 [ 229.170778][ T3471] [ 229.173285][ T3471] Uninit was created at: [ 229.177729][ T3471] __kmalloc_noprof+0xaf2/0x1c20 [ 229.183357][ T3471] ocfs2_recovery_load_quota+0x44a/0x1290 [ 229.189273][ T3471] ocfs2_local_read_info+0x147f/0x2e30 [ 229.195030][ T3471] dquot_load_quota_sb+0x9ef/0xd60 [ 229.200349][ T3471] dquot_load_quota_inode+0x4c5/0x7a0 [ 229.206040][ T3471] ocfs2_enable_quotas+0x1d3/0x730 [ 229.211571][ T3471] ocfs2_fill_super+0xab6d/0xb270 [ 229.221880][ T3471] get_tree_bdev_flags+0x6e6/0x920 [ 229.227219][ T3471] get_tree_bdev+0x38/0x50 [ 229.233633][ T3471] ocfs2_get_tree+0x35/0x40 [ 229.238520][ T3471] vfs_get_tree+0xb3/0x5c0 [ 229.243224][ T3471] do_new_mount+0x879/0x1700 [ 229.248003][ T3471] path_mount+0x749/0x1fb0 [ 229.252682][ T3471] __se_sys_mount+0x6f7/0x7e0 [ 229.257565][ T3471] __x64_sys_mount+0xe4/0x150 [ 229.262580][ T3471] x64_sys_call+0x38cb/0x3e70 [ 229.267435][ T3471] do_syscall_64+0xd9/0xf80 [ 229.272322][ T3471] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.278392][ T3471] [ 229.280839][ T3471] CPU: 1 UID: 0 PID: 3471 Comm: kworker/u8:16 Tainted: G L syzkaller #0 PREEMPT(none) [ 229.292395][ T3471] Tainted: [L]=SOFTLOCKUP [ 229.296815][ T3471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 229.307109][ T3471] Workqueue: ocfs2_wq ocfs2_complete_recovery [ 229.313620][ T3471] ===================================================== [ 229.325754][ T3471] Disabling lock debugging due to kernel taint [ 229.334082][ T3471] Kernel panic - not syncing: kmsan.panic set ... [ 229.340650][ T3471] CPU: 1 UID: 0 PID: 3471 Comm: kworker/u8:16 Tainted: G B L syzkaller #0 PREEMPT(none) [ 229.351972][ T3471] Tainted: [B]=BAD_PAGE, [L]=SOFTLOCKUP [ 229.357627][ T3471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 229.367834][ T3471] Workqueue: ocfs2_wq ocfs2_complete_recovery [ 229.374168][ T3471] Call Trace: [ 229.377552][ T3471] [ 229.380581][ T3471] __dump_stack+0x26/0x30 [ 229.385109][ T3471] dump_stack_lvl+0x53/0x270 [ 229.389879][ T3471] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 229.395901][ T3471] dump_stack+0x1e/0x25 [ 229.400216][ T3471] vpanic+0x435/0xd30 [ 229.404369][ T3471] panic+0x15d/0x160 [ 229.408472][ T3471] kmsan_report+0x31c/0x320 [ 229.413155][ T3471] ? __msan_warning+0x1b/0x30 [ 229.418010][ T3471] ? _find_next_bit+0x129/0x140 [ 229.423037][ T3471] ? ocfs2_finish_quota_recovery+0xa93/0x3ea0 [ 229.429336][ T3471] ? ocfs2_complete_recovery+0x29c1/0x3ad0 [ 229.435357][ T3471] ? process_scheduled_works+0xb91/0x1d80 [ 229.441299][ T3471] ? worker_thread+0xedf/0x1590 [ 229.446310][ T3471] ? kthread+0xd5c/0xf00 [ 229.450689][ T3471] ? ret_from_fork+0x208/0x710 [ 229.455637][ T3471] ? ret_from_fork_asm+0x1a/0x30 [ 229.460742][ T3471] ? ret_from_fork_asm+0x1a/0x30 [ 229.465890][ T3471] ? ocfs2_read_virt_blocks+0xbdf/0xdf0 [ 229.471601][ T3471] ? __pfx_ocfs2_validate_quota_block+0x10/0x10 [ 229.478045][ T3471] ? kmsan_get_metadata+0xfb/0x160 [ 229.483358][ T3471] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 229.489349][ T3471] ? kmsan_get_metadata+0xfb/0x160 [ 229.494658][ T3471] __msan_warning+0x1b/0x30 [ 229.499409][ T3471] _find_next_bit+0x129/0x140 [ 229.504230][ T3471] ocfs2_finish_quota_recovery+0xa93/0x3ea0 [ 229.510362][ T3471] ? kmsan_get_metadata+0xfb/0x160 [ 229.515677][ T3471] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 229.521971][ T3471] ocfs2_complete_recovery+0x29c1/0x3ad0 [ 229.527812][ T3471] ? __pfx_ocfs2_orphan_filldir+0x10/0x10 [ 229.533686][ T3471] ? kmsan_get_metadata+0xfb/0x160 [ 229.539037][ T3471] ? __pfx_ocfs2_complete_recovery+0x10/0x10 [ 229.545251][ T3471] process_scheduled_works+0xb91/0x1d80 [ 229.551076][ T3471] worker_thread+0xedf/0x1590 [ 229.555934][ T3471] kthread+0xd5c/0xf00 [ 229.560144][ T3471] ? __pfx_worker_thread+0x10/0x10 [ 229.565424][ T3471] ? __pfx_kthread+0x10/0x10 [ 229.570161][ T3471] ret_from_fork+0x208/0x710 [ 229.574949][ T3471] ? __switch_to+0x53d/0x790 [ 229.579695][ T3471] ? __pfx_kthread+0x10/0x10 [ 229.584429][ T3471] ret_from_fork_asm+0x1a/0x30 [ 229.589484][ T3471] [ 229.592970][ T3471] Kernel Offset: disabled [ 229.597430][ T3471] Rebooting in 86400 seconds..